Last Updated: 11/2024
This Privacy Policy details how Intraunit UG (limited liability) processes and protects your personal data. We place high importance on transparency and strictly adhere to legal regulations, particularly the General Data Protection Regulation (GDPR).
In this section, we provide an overview of how your personal data is processed when you visit our website. Personal data includes any information that can personally identify you.
Who is responsible for data collection on this website?
The website operator is responsible for data processing on this website. Contact information can be found in the "Responsible Entity Notice" section of this Privacy Policy.
How do we collect your data?
Some data is collected when you actively provide it to us, such as by filling out a contact form. Other data is collected automatically by our IT systems when you visit the website, including technical information like your browser, operating system, and the time of your visit. This data is collected either automatically or based on your consent.
What do we use your data for?
We primarily use your data to ensure the website’s error-free provision. Additionally, we use it to analyze your user behavior to optimize our content and improve your user experience.
What rights do you have regarding your data?
You have various rights regarding your personal data:
For further information on your rights or any data protection questions, please feel free to contact us.
Your browsing behavior may be analyzed for analytical purposes when you visit our website. This mainly occurs through analytics programs that help us better understand and improve the use of our website. Further details on these analytics programs are provided in the detailed Privacy Policy below.
IF DATA PROCESSING IS BASED ON ARTICLE 6(1)(E) OR (F) OF THE GDPR, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. The specific legal basis for processing can be found in this Privacy Policy. If you object, we will no longer process your affected personal data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or if the processing is for the assertion, exercise, or defense of legal claims (objection according to Article 21(1) GDPR).
If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing; this also applies to profiling, insofar as it is related to such direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (objection according to Article 21(2) GDPR).
Our website content is hosted by an external service provider. This enables us to provide a reliable and professional website experience. Personal data collected on this website is stored on the host's servers, including IP addresses, contact requests, metadata, communication data, contract data, contact data, names, website accesses, and other data generated through the website.
Our website is externally hosted to fulfill contracts with our prospective and existing customers according to Article 6(1)(b) of the GDPR. Additionally, it serves our legitimate interest in secure, fast, and efficient online service provision under Article 6(1)(f) GDPR.
If consent is required for processing, it is based on Article 6(1)(a) GDPR and Section 25(1) of the TTDSG, particularly for cookie storage or access to device-specific information (e.g., device fingerprinting). You can withdraw this consent at any time.
Our host will only process your data to the extent necessary to fulfill its contractual obligations and will strictly follow our instructions regarding this data. Unauthorized processing is excluded.
Our hosting provider is:
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399 USA
To ensure that your personal data is processed in compliance with applicable data protection regulations, we have signed a Data Processing Agreement (DPA) with the host. This agreement ensures that the host only processes your data according to our instructions and in accordance with the GDPR.
The DPA requires the host to take all necessary technical and organizational measures to ensure the security of your data and to prevent unauthorized access and data disclosure.
We collect different types of personal data, depending on the type of interaction:
The collected data is used for the following purposes:
We store personal data only as long as necessary to fulfill the purposes mentioned in this Privacy Policy or as required by law.
The processing of personal data is based on various legal grounds:
We prioritize the security of your data and have implemented comprehensive measures to protect it. This section outlines the various security aspects we apply:
We use SSL and TLS encryption to ensure data security during transmission. For storage, we apply strong encryption standards like AES-256 to protect sensitive information.
Our data centers are secured by extensive physical and digital access controls, including biometric access systems, access restrictions, and video surveillance.
We implement firewalls and intrusion detection and prevention systems (IDS/IPS) to protect our network from unauthorized access and cyber-attacks.
We use MFA to access sensitive systems, adding an extra layer of security to prevent unauthorized access.
We conduct regular internal and external security reviews, including penetration tests and vulnerability assessments, to identify and address potential risks early.
Our employees are continuously trained in IT security and data protection best practices, including social engineering, phishing prevention, and secure handling of sensitive data.
Regular, encrypted backups and data redundancy ensure quick recovery in case of data loss. These backups are regularly tested for integrity.
We strictly adhere to legal requirements like the GDPR and apply best practices, such as Data Protection Impact Assessments (DPIA). Our policies are continuously reviewed and adjusted to current standards.
Continuous monitoring and detailed logging help us detect and respond to security incidents early. Suspicious activities are analyzed to minimize risks.
We invest in modern technologies like AI for threat detection and automated security solutions to proactively identify and close security gaps.
Our goal is to protect your data by continually improving our security measures to meet the highest standards.
Our website uses tools to analyze browsing behavior to improve the user experience and provide personalized content. These include:
You can object to the use of these analytics tools at any time by adjusting the cookie preferences in your browser or device settings.
As a user, you have extensive rights regarding your personal data, including:
To exercise these rights, you may contact us anytime through the contact details provided in this Privacy Policy.
This Privacy Policy is regularly reviewed and updated to meet the latest legal requirements and reflect current changes in our services. The current version is always available on our website. We recommend reading the Privacy Policy regularly to stay informed about our data protection practices.