CrisisIQ Logo CrisisIQ

Privacy Policy

Last updated: January 2025

1. Controller and Data Protection Officer

The controller for data processing on this website is:
crisisIQ GmbH i.G.
Friedrichstrasse 155
10117 Berlin, Germany

Phone: 030/ 209675980
E-Mail: lars.bosse@crisisiq.de
VAT ID: -

2. General Information on Data Processing

We process personal data only to the extent necessary and in accordance with the applicable data protection regulations, particularly the General Data Protection Regulation (GDPR). This privacy policy informs you about the type, scope, and purposes of the processing of personal data within our online services and the websites, functions, and content associated with them.

3. Legal Basis for Processing

The processing of personal data is carried out on the basis of the following legal foundations according to Art. 6 GDPR:

  • Art. 6 (1) lit. a GDPR: Consent of the data subject
  • Art. 6 (1) lit. b GDPR: Processing necessary for the performance of a contract or pre-contractual measures
  • Art. 6 (1) lit. f GDPR: Legitimate interests in providing our services and website operation

4. Data Collection and Processing

4.1 Website Usage

When you visit our website, our web server temporarily stores access data for technical and security reasons. This includes:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Transmitted data volume
  • Notification of successful retrieval
  • Browser type and version
  • Operating system of the user
  • Referrer URL

4.2 Contact Forms

When you use our contact forms, we collect the following data:

  • Name and surname
  • Email address
  • Company name (optional)
  • Phone number (optional)
  • Message content
  • Time of inquiry

This data is processed to respond to your inquiry and provide our services. The legal basis is Art. 6 (1) lit. b GDPR (contract performance) and Art. 6 (1) lit. f GDPR (legitimate interest in customer communication).

4.3 Newsletter and Marketing

If you subscribe to our newsletter or agree to receive marketing communications, we process your email address and name for this purpose. The legal basis is your consent according to Art. 6 (1) lit. a GDPR. You can withdraw your consent at any time by clicking the unsubscribe link in our emails or by contacting us directly.

5. Data Recipients and Third Parties

5.1 Formspree (Contact Forms)

We use Formspree Inc., a US-based service, to process contact form submissions. When you submit a contact form, your data is transmitted to Formspree's servers in the United States. Formspree is certified under the Data Privacy Framework (DPF), ensuring an adequate level of data protection. You can find more information in Formspree's privacy policy at: https://formspree.io/legal/privacy-policy

5.2 Service Providers

We may engage external service providers to provide our services, such as hosting providers, email service providers, or analytics services. These processors act exclusively on our behalf and according to our instructions, and are contractually bound to comply with data protection requirements.

6. Data Retention

We store personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law:

  • Contact inquiries: 3 years from the last contact
  • Contract data: In accordance with statutory retention periods (usually 10 years)
  • Newsletter data: Until unsubscription or withdrawal of consent
  • Server log data: Maximum 7 days

7. Your Rights as a Data Subject

You have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR): You can request information about the personal data we process about you
  • Right to rectification (Art. 16 GDPR): You can request the correction of incorrect data
  • Right to erasure (Art. 17 GDPR): You can request the deletion of your data under certain conditions
  • Right to restriction (Art. 18 GDPR): You can request the restriction of data processing
  • Right to data portability (Art. 20 GDPR): You can receive your data in a structured format
  • Right to object (Art. 21 GDPR): You can object to the processing based on legitimate interests
  • Right to withdraw consent: You can withdraw your consent at any time with effect for the future

8. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates data protection law. The competent supervisory authority for our company is:

Lower Saxony State Commissioner for Data Protection
Prinzenstraße 5
30159 Hannover
Phone: +49 (0) 511 120-4500
E-Mail: poststelle@lfd.niedersachsen.de

9. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to improve user experience and analyze website usage. Cookies are small text files that are stored on your device when you visit our website.

9.1 Types of Cookies

  • Technically necessary cookies: These cookies are essential for the basic functions of the website
  • Analytics cookies: These cookies help us understand how visitors interact with our website
  • Marketing cookies: These cookies are used to display relevant advertisements

10. Data Transfers to Third Countries

Some of our service providers are located outside the European Union. Data transfers to third countries only occur if an adequacy decision exists (Art. 45 GDPR), appropriate safeguards are in place (Art. 46 GDPR), or if you have given explicit consent (Art. 49 GDPR). For transfers to the USA, we rely on the EU-US Data Privacy Framework adequacy decision.

11. Data Security

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including encryption of data in transit and at rest, regular security assessments, and access controls. However, no method of transmission over the internet is 100% secure.

12. Changes to this Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by posting the new privacy policy on this page and updating the "Last updated" date.

13. Contact for Data Protection Matters

If you have questions about this privacy policy or the processing of your personal data, please contact us at:

E-Mail: lars.bosse@crisisiq.de
Phone: 030/ 209675980