Our Commitment to Data Protection
At Softaar Technologies UG (haftungsbeschränkt), we take the protection of your personal data very seriously. We process your data in accordance with applicable data protection regulations, in particular the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
Data Processing Principles
We adhere to the following principles when processing personal data:
- Lawfulness, Fairness, and Transparency: We process data lawfully, fairly, and in a transparent manner.
- Purpose Limitation: Data is collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.
- Data Minimization: We only collect data that is adequate, relevant, and limited to what is necessary.
- Accuracy: We ensure that data is accurate and kept up to date.
- Storage Limitation: We keep data only for as long as necessary for the purposes for which it was collected.
- Integrity and Confidentiality: We process data securely, protecting it against unauthorized or unlawful processing and accidental loss, destruction, or damage.
Types of Data We Collect
Contact Information
- Name and contact details (email address, phone number)
- Company name and position
- Communication preferences
Technical Data
- IP address
- Browser type and version
- Operating system
- Referral source
- Date and time of access
- Pages visited on our website
Project-Related Data
- Project requirements and specifications
- Communication history
- Contract and billing information
Legal Basis for Data Processing
We process your personal data based on the following legal grounds:
- Consent (Art. 6(1)(a) GDPR): When you have given explicit consent for processing your data for specific purposes.
- Contract Performance (Art. 6(1)(b) GDPR): When processing is necessary for the performance of a contract or pre-contractual measures.
- Legal Obligation (Art. 6(1)(c) GDPR): When processing is necessary to comply with legal obligations.
- Legitimate Interests (Art. 6(1)(f) GDPR): When processing is necessary for purposes of our legitimate interests, except where such interests are overridden by your fundamental rights and freedoms.
Data Security Measures
We implement appropriate technical and organizational measures to protect your personal data, including:
- Encryption of data in transit and at rest
- Regular security assessments and updates
- Access controls and authentication mechanisms
- Employee training on data protection
- Secure backup and recovery procedures
- Incident response and breach notification procedures
Data Sharing and Third Parties
We do not sell your personal data to third parties. We may share your data with the following categories of recipients:
- Hosting & Infrastructure: Hostinger International Ltd. (European servers) for web hosting; Namecheap, Inc. for domain registration.
- Backend & Database: Firebase (Google Ireland Limited) for authentication, data storage, and backend functions.
- Payment Processing: Stripe Payments Europe, Ltd. for secure payment transactions.
- Analytics: Google Ireland Limited (Google Analytics) and Microsoft Corporation (Microsoft Clarity) to analyze website usage and improve user experience.
- Advertising & Marketing: Meta Platforms Ireland Ltd. (Facebook/Instagram Pixel), Google Ireland Limited (Google Ads, Google Tag Manager), LinkedIn Ireland Unlimited Company (LinkedIn Insight Tag), and other ad platform providers (e.g., TikTok, Pinterest, X/Twitter, Snapchat) — only with your consent.
- Legal Authorities: When required by law or to protect our rights and the rights of others.
- Business Partners: With your explicit consent, for specific purposes clearly communicated to you.
All third parties are required to maintain the confidentiality and security of your personal data and to use it only for the purposes for which it was disclosed. Where applicable, we have concluded data processing agreements (DPAs) with these providers.
International Data Transfers
If we transfer your data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as:
- Standard Contractual Clauses approved by the European Commission
- Adequacy decisions by the European Commission
- Binding Corporate Rules
- Your explicit consent
Your Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right of Access: You can request information about the personal data we hold about you.
- Right to Rectification: You can request correction of inaccurate or incomplete data.
- Right to Erasure: You can request deletion of your data under certain conditions.
- Right to Restriction: You can request restriction of processing under certain conditions.
- Right to Data Portability: You can request transfer of your data to another controller.
- Right to Object: You can object to processing based on legitimate interests or direct marketing.
- Right to Withdraw Consent: You can withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal.
- Right to Lodge a Complaint: You can lodge a complaint with a supervisory authority.
To exercise these rights, please contact us at: service@softaar.de
Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
- Duration of our business relationship
- Compliance with legal retention obligations (e.g., tax, commercial law)
- Statute of limitations for potential legal claims
After the retention period expires, we will securely delete or anonymize your data.
Contact Information
If you have any questions or concerns about our data protection practices, please contact us:
Softaar Technologies UG (haftungsbeschränkt)
ABAKUS Business-Center
Blasewitzer Straße 41
01307 Dresden
Germany
Email: service@softaar.de
Supervisory Authority
You have the right to lodge a complaint with the competent data protection supervisory authority. In Saxony, Germany, this is:
Sächsischer Datenschutzbeauftragter
Devrientstraße 1
01067 Dresden
Germany
Website: www.saechsdsb.de
Updates to This Policy
We may update this Data Protection Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date below.