Data Privacy Statement

Data protection is important to us

The protection of your privacy when processing personal data is an important concern for us. The use of our website is generally possible without providing any personal data. However, if a data subject wishes to use specific services on our website, the processing of personal data may be required. Below, we inform you about the nature, scope, and purpose of the collection and use of personal data by the operator of this website.

As new technologies and the continuous development of this website may lead to changes in this privacy policy, we recommend that you read the data privacy statement again at regular intervals.

With the following checkbox, you can prevent our website from aggregating and analyzing your activities:

Data is being aggregated and analyzed. Uncheck the box to disable data collection.

Responsible
nTwig Consulting GmbH
Röntgenstr. 14
95478 Kemnath
Phone: +49 155 6807 7125
E-mail: contact@ntwig.de

Server Logs

When the data subject uses this website, the access is recorded on our servers.

The following data is collected:

• Complete IP address of the requester
• Date and time of the request
• Name of the requested file
• Access status (request successful, request failed, etc.)
• Amount of data transferred
• User agent of the browser

The recording of this data is necessary for security purposes, particularly to defend against attempted attacks on our web servers. There is no option to opt-out. However, this data will never be used for other purposes or shared with third parties. As the legal basis, we refer to Article 6(1)(f) GDPR.

The data will be deleted from our servers after a maximum of 90 days.

Contacting us

When contacting us via the contact or application form, the information provided by the data subject is stored to enable subsequent processing and response to the inquiry.

The data entered by the data subject will remain with us until they request its deletion, withdraw their consent for storage, or the purpose for data storage no longer applies. For data submitted via the contact form, this is usually the case once the inquiry has been fully processed.

Application data is stored on a legal basis for up to six months after the completion of the application process, unless a longer storage period is legally required or explicitly requested by the data subject.

For customers, we store personal data in accordance with data protection laws for up to ten years after the end of a contractual or business relationship. Data of prospects without a contractual or business relationship will not be kept longer than three years after the last contact.

We refer to Article 6(1)(b) GDPR and Article 6(1)(f) GDPR in this regard.

The data entered by the data subject will remain with us until they request its deletion, withdraw their consent for storage, or the purpose for data storage no longer applies. This is the case once the inquiry has been fully processed. Mandatory legal retention periods remain unaffected.

We refer to Article 6(1)(b) GDPR and Article 6(1)(f) GDPR in this regard.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content (e.g., in contact inquiries or applications), this page uses SSL or TLS encryption. An encrypted connection can be recognized by the fact that the browser’s address bar changes from "http://" to "https://" and by the padlock symbol in the browser bar.

When SSL or TLS encryption is enabled, the data transmitted to us cannot be read by third parties.

Links to external sites

Our website contains links to external websites of third parties, over whose content we have no control. Therefore, we cannot assume any responsibility for these external contents. The provider or operator of the linked pages is always responsible for the content of the linked sites.

When visiting external links, data of the data subject may be transmitted to the respective websites. This may include, in particular, the IP address, browser information, or similar technical data. The handling of personal data on these websites is governed by the respective privacy policies of the operators. Therefore, we recommend that the data subject review the privacy policies of the external sites.

External links on our website are marked with this symbol:

Matomo

This website uses Matomo, an open source, self-hosted software to collect anonymous usage data for this website.

Visitor behavior data is collected to identify potential issues such as missing or unpopular pages and to improve the user experience. Once the data is processed, Matomo generates reports that help us make layout adjustments or optimize our content. We rely on Article 6(1)(f) GDPR for the use of this software.

Matomo processes the following information for this purpose:

• Anonymized IP addresses (the last two bytes of the address are removed)
• Pseudo-anonymized location (based on the anonymized IP address)
• Date and time
• Title of the page accessed
• URL of the page accessed
• URL of the previous page (if allowed)
• Screen resolution
• Local time
• Files that were clicked and downloaded
• External links
• Duration of the page load
• Country, region, city (with low accuracy due to anonymized IP address)
• Primary browser language
• User agent of the browser
• Interactions with forms (but not their content)

Matomo uses cookies that are stored on the user's computer and allow an analysis of website usage. We deliberately refrain from storing cookies that contain personal data. Only a cookie used to identify a session during a single visit to our website is set. This cookie is technically necessary and valid only for the duration of the current session, meaning until the browser is closed. It is then deleted.

With the following checkbox, you can prevent our website from aggregating and analyzing your activities:

Data is being aggregated and analyzed. Uncheck the box to disable data collection.

hCaptcha

We use the hCaptcha security service on our website. This service is provided by Intuition Machines, Inc., a company based in Delaware, USA ("IMI"). hCaptcha is used to verify whether user actions on our website (e.g., submitting a contact or application form) meet our security requirements. To do this, hCaptcha analyzes the behavior of the data subject based on various characteristics. This analysis starts automatically as soon as a visitor enters an area of the website or app where hCaptcha is enabled. For the analysis, hCaptcha evaluates various information (e.g., IP address, how long the visitor stays on the website or app, or the user's mouse movements). When using our contact or application form, our website must ensure that it is interacting with a human and not a bot and that the user's activities are not associated with fraud or abuse.

Furthermore, processing may be based on Article 6(1)(f) GDPR: Our online service has a legitimate interest in protecting the service from abusive automated crawling, spam, and other forms of misuse that could harm our service or other users. IMI acts as a "data processor" under the GDPR and as a "service provider" under the California Consumer Privacy Act (CCPA). For more information about hCaptcha's privacy policy and terms of use, please visit the following links: https://www.hcaptcha.com/privacy und https://www.hcaptcha.com/terms .

Rights of the Data Subject

In any case, the data subject has the right to access their personal data. They may also request the correction or deletion of their personal data. The data subject also has the right to object to the processing of their personal data or to request its restriction. Furthermore, they have the right to receive their personal data in a structured and standardized format. Additionally, the data subject has the right to file a complaint with the competent data protection authority if they believe that the processing of their personal data violates the GDPR.