Privacy Policy
Last updated: June 24, 2025
1. Introduction and Contact Details of the Data Controller
1.1 Data Controller
We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about how we handle your personal data when you use our website. Personal data is any data that can be used to personally identify you.
Data Controller under the General Data Protection Regulation (GDPR):
Nexuswelt UG (Limited Liability)
Represented by: Anna Lackner (Managing Director)
Holzstraße 15
82256 Fürstenfeldbruck
Germany
Email: sales@nexuswelt.com
Commercial Register: Munich Local Court HRB 300704
1.2 Data Protection Contact
For data protection inquiries, you can contact us at:
– Email: sales@nexuswelt.com
– Phone: +49 162 986 4264
– Address: Holzstraße 15, 82256 Fürstenfeldbruck, Germany
2. Data Collection When Visiting Our Website
2.1 Server Log Files
During informational use of our website (when you do not register or otherwise transmit information to us), we only collect data that your browser transmits to our server (so-called “server log files”).
The following data is automatically collected:
– Visited website pages
– Date and time of access
– Amount of data transferred in bytes
– Referrer URL (source from which you reached our page)
– Browser type and version
– Operating system used
– IP address (anonymized when possible)
– Browser language settings
– Device information (screen resolution, device type)
Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in improving website stability and functionality)
Storage duration: Data is automatically deleted after 30 days unless required for investigating legal violations.
2.2 SSL/TLS Encryption
This website uses SSL/TLS encryption for security reasons and to protect the transmission of personal data and other confidential content. You can recognize an encrypted connection by the “https://” protocol and the lock symbol in your browser’s address bar.
3. Cookies and Tracking Technologies
3.1 What are Cookies?
Cookies are small text files stored on your device to make our website more user-friendly. Some cookies are automatically deleted when you close your browser (session cookies), while others remain on your device and enable recognition of your browser (persistent cookies).
3.2 Cookie Categories
Strictly Necessary Cookies (§ 25 TTDSG)
These cookies are essential for website operation:
– Session management and security
– Load balancing and performance
– Basic website functionality
– Shopping cart functionality
– Login authentication
Legal basis: § 25 para. 2 no. 2 TTDSG (technical necessity)
Storage duration: Session end or up to 30 days
Functional Cookies
These cookies enhance user experience:
– Language preferences
– Design settings
– User interface customizations
– Remember login status
Legal basis: Art. 6 para. 1 lit. a GDPR (consent)
Storage duration: Up to 12 months
Analytical Cookies
For website usage analysis and optimization:
– Visitor numbers and behavior patterns
– Performance measurements
– Page load times and errors
– A/B testing functionality
Legal basis: Art. 6 para. 1 lit. a GDPR (consent)
Storage duration:Up to 26 months
Marketing/Advertising Cookies
For personalized advertising and remarketing:
– Audience segmentation
– Conversion tracking
– Personalized content delivery
– Cross-site tracking
Legal basis: Art. 6 para. 1 lit. a GDPR (consent)
Storage duration: Up to 24 months
3.3 Cookie Management
You can manage your cookie preferences through our Cookie Consent Tool or your browser settings. Please note that disabling cookies may limit website functionality.
Cookie Settings: You can modify your preferences at any time through the cookie banner that appears on first visit or via our privacy center.
3.4 Consent Management Platform
We use a Cookie Consent Management Platform that:
– Displays cookie information clearly
– Allows granular consent choices
– Stores your preferences
– Provides easy withdrawal options
– Ensures compliance with TTDSG and GDPR
4. Third-Party Services and International Data Transfers
4.1 Google Web Fonts
Provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
Purpose: Uniform display of fonts across our website
Data transmitted:IP address, browser information, font requests
Legal basis: Art. 6 para. 1 lit. a GDPR (consent) or Art. 6 para. 1 lit. f GDPR (legitimate interest)
Data transfer: EU-US Data Privacy Framework provides adequate protection
4.2 Content Delivery Networks (CDN)
We may use CDN services to improve website performance:
Data processed:IP address, browser information, requested files
Purpose: Faster content delivery and improved user experience
Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)
4.3 Social Media Integration
Our website may include social media plugins from:
– LinkedIn:LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
– Facebook/Meta Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
– Twitter/X: Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland
Data sharing occurs only with your explicit consent through our consent management system.**
4.4 International Data Transfers
Data transfers to third countries only occur when:
– EU Commission adequacy decision exists
– Appropriate safeguards are in place (Standard Contractual Clauses)
– Your explicit consent has been obtained
– Transfer is necessary for contract performance
We regularly review and update our data transfer mechanisms to ensure ongoing compliance.
5. Contact and Communication
5.1 Contact Form
When you contact us via our contact form, we collect:
– Name and email address
– Phone number (optional)
– Message content
– Technical data (IP address, timestamp)
Purpose: Responding to your inquiry and related technical administration
Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest) or Art. 6 para. 1 lit. b GDPR (contract initiation)
Storage duration: Until your inquiry is resolved and statutory retention periods expire
5.2 Email Communication
Direct email communication data is processed for:
– Responding to inquiries
– Contract fulfillment
– Business communication
– Technical support
Retention:Emails are retained according to business necessity and legal requirements, typically 3-7 years for business correspondence.
5.3 Newsletter and Marketing Communications
If you subscribe to our newsletter:
Data collected: Email address, name (optional), preferences
Purpose: Sending marketing information about our services
Legal basis: Art. 6 para. 1 lit. a GDPR (consent)
Withdrawal: You can unsubscribe at any time via the unsubscribe link in emails or by contacting us directly
6. Business Services and Client Data Processing
6.1 EU Project Management Services
For our EU project management and consulting services, we process:
– Client contact information
– Project-related documentation
– Communication records
– Performance data and reports
Legal basis:Art. 6 para. 1 lit. b GDPR (contract performance)
Data retention: As required by EU project regulations and German commercial law (typically 10 years)
6.2 Digital Marketing Services
When providing digital marketing services:
– Campaign performance data
– Target audience analytics
– Conversion tracking data
– ROI and effectiveness metrics
We ensure all client data processing complies with applicable data protection laws and maintain strict confidentiality.
6.3 Client Data Security
We implement appropriate technical and organizational measures including:
– Encryption of data in transit and at rest
– Access controls and authentication
– Regular security assessments
– Staff training on data protection
– Incident response procedures
7. Data Subject Rights Under GDPR
7.1 Your Rights
You have the following rights regarding your personal data:
Right to Information (Art. 15 GDPR): Request information about processed data
Right to Rectification (Art. 16 GDPR): Correct inaccurate personal data
Right to Erasure (Art. 17 GDPR): Request deletion of personal data
Right to Restriction (Art. 18 GDPR): Limit processing under certain conditions
Right to Data Portability (Art. 20 GDPR): Receive data in structured format
Right to Object (Art. 21 GDPR):Object to processing based on legitimate interests
Right to Withdraw Consent (Art. 7 para. 3 GDPR): Withdraw consent at any time
7.2 How to Exercise Your Rights
To exercise any of these rights:
– Email: sales@nexuswelt.com
– Phone: +49 162 986 4264
– Mail: Nexuswelt UG, Holzstraße 15, 82256 Fürstenfeldbruck, Germany
We will respond to your request within one month and may request identity verification.
7.3 Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority:
Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18, 91522 Ansbach, Germany
Phone: +49 981 180093-0
Email: poststelle@lda.bayern.de
8. Data Retention and Deletion
8.1 General Retention Principles
Personal data is retained only as long as necessary for:
– The purposes for which it was collected
– Legal compliance requirements
– Legitimate business interests
8.2 Specific Retention Periods
Website data 30 days (server logs)
Contact inquiries: 3 years after resolution
Business correspondence: 6-10 years (commercial and tax law requirements)
Marketing data: Until consent withdrawal or 3 years of inactivity
EU project data: As required by funding regulations (typically 5-10 years)
8.3 Automated Deletion
We have implemented automated deletion processes to ensure data is removed when retention periods expire, unless legal obligations require longer storage.
9. Data Security Measures
9.1 Technical Measures
– Encryption: AES-256 encryption for data at rest, TLS 1.3 for data in transit
– Access Controls: Multi-factor authentication and role-based access
– Network Security: Firewalls, intrusion detection, and monitoring
– Backup Systems: Encrypted, geographically distributed backups
9.2 Organizational Measures
– Regular staff training on data protection
– Data protection impact assessments
– Incident response procedures
– Regular security audits and penetration testing
– Vendor management and due diligence
9.3 Data Breach Procedures
In case of a data breach, we will:
– Contain the breach within 24 hours
– Notify supervisory authorities within 72 hours if required
– Inform affected individuals if high risk to rights and freedoms
– Document and analyze the incident for prevention
10. Automated Decision-Making and Profiling
10.1 No Automated Decision-Making
We do not engage in automated decision-making or profiling that produces legal effects or significantly affects individuals without human intervention.
10.2 Analytics and Insights
Any automated analysis is used solely for:
– Website optimization
– Service improvement
– Aggregate statistical analysis
– General business insights
No individual decisions affecting your rights are made automatically.
11. Children’s Privacy
11.1 Age Restrictions
Our services are not directed at children under 16 years of age. We do not knowingly collect personal data from children under 16 without parental consent.
11.2 Parental Rights
If you believe we have collected data from a child under 16, please contact us immediately for removal.
12. Updates to This Privacy Policy
12.1 Policy Changes
We may update this privacy policy to reflect:
– Changes in our data processing practices
– Legal or regulatory requirements
– New services or features
– Enhanced privacy protections
12.2 Notification of Changes
Significant changes will be communicated through:
– Email notification to registered users
– Prominent website notice
– Updated effective date
You are encouraged to review this policy regularly.
13. Compliance with German Law
13.1 TTDSG Compliance
We comply with the German Telecommunications-Telemedia Data Protection Act (TTDSG), particularly regarding:
– Cookie consent requirements (§ 25 TTDSG)
– Terminal equipment privacy
– Technical and organizational measures
13.2 German Commercial Law
We maintain records in accordance with German commercial and tax law requirements (HGB, AO).
13.3 Industry Standards
We adhere to relevant industry standards and best practices for data protection in:
– Digital marketing
– EU project management
– Technology services
– International business operations
14. Contact Information
14.1 General Inquiries
Nexuswelt UG (haftungsbeschränkt)
Holzstraße 15
82256 Fürstenfeldbruck, Germany
Email: sales@nexuswelt.com
Phone: +49 162 986 4264
14.2 Data Protection Officer
For specific data protection matters:
Email: sales@nexuswelt.com
Subject Line: Data Protection Inquiry