Privacy Policy

Data Privacy Policy Website

Last change: February 18, 2022

Derdack GmbH (in the following also “Derdack” or “we”) appreciates your interest in our website (in the following also “Derdack website” or “website”). We attach great importance to protecting your privacy. In the following we provide detailed information on how your data is handled.

1. Controller

The data controller is:

Derdack GmbH
Konrad-Zuse-Ring 12b, 14469 Potsdam, Germany
Managing director: Matthes Derdack
Email address:

2. Contact details data protection officer

Our data protection officer can be contacted at the email address

3. Purposes of the data processing, legal Basis and legitimate interests pursued by us or a third party, as well as categories of recipients

3.1 Visiting to our website, contact requests

As a rule, you can visit our website without telling us who you are. When our website is visited, however, information is automatically sent to our website’s server by the browser used on your end device and stored temporarily in log files. We have no influence on this. During this process, the following information is collected even without any action on your part and stored until it is automatically erased or deleted:

  • the IP address of the requesting internet-enabled device,
  • the date and time of access,
  • the name and URL of the accessed file,
  • the website from which access is made (referrer URL),
  • the browser used, your computer’s operating system if applicable, and the name of your access provider.

The legal basis for the processing of the IP address is Article 6(1)(f) EU General Data Protection Regulation (“GDPR”). The collected data does not make it possible to draw any inferences regarding your identity, and we also do not draw any inferences from the data. Our legitimate interest in the collection of the data can be seen in the following purposes:

  • to warrant a smooth connection,
  • to warrant a convenient use of our website,
  • to analyse the security and stability of the system and
  • other administrative purposes.

If you wish to send us a message via the contact page on our website, for example, by using our feedback form, we collect your name, your email address and your company’s name. The provision of your telephone number is voluntary. We use your data only to reply to your message. The legal basis for this data processing is Article 6(1)(f) GDPR. Our legitimate interest is in processing your enquiry. We store your personal data as long as this is necessary for the processing of your enquiry.

3.2 Data processing for advertising purposes

If you have given us your consent to send you our email newsletter, we will use your email address to send the newsletter to you. The legal basis for this data processing is Article 6(1)(f) GDPR.

You can withdraw your consent at any time with effect for the future (by sending a message to the contact details provided in (1)). To withdraw your consent to the newsletter, you can click on the link provided in each newsletter email.

We process your data for the purpose of sending you our newsletter only until you withdraw your consent. After that, your data are no longer used for the purpose of sending you the newsletter.

If you have concluded a contract with us concerning the use of the app, we consider you a regular customer. In this case, we process your name and your email address for the purpose of providing you with information about new products and services by email without your specific consent. The legal basis for this is Article 6(1)(f) GDPR in conjunction with § 7 (3) German Act Against Unfair Competition (UWG). The processing of the data of regular customers for one’s own advertising purposes is to be considered a legitimate interest.

You can object to the processing of your personal data for advertising purposes at any time (“objection to advertising”).

3.3 Cookies

We use cookies on our website on the basis of Article 6(1)(f) GDPR. Our interest in optimising the website is to be considered legitimate in terms of the above-mentioned regulation.

“Cookies” are small pieces of data that enable us to store specific information related to you, the user, on your computer while you are visiting our website. Cookies help us to determine how often our website is used and by how many users, and they also make it as convenient and efficient as possible for you to use our website.

We use session cookies, which are stored only temporarily while you use one of our internet pages. We also use permanent cookies to store information about computers that repeatedly access our website. This enables us to provide you with optimum user guidance and to “recognise” you when you return to our website so that we can offer you maximum variety and new content. The content of a permanent cookie is limited to an identification number. Your name, IP address or other information regarding your true identity are not stored, and we do not set up any individual profiles regarding your user behaviour.

You can also use our services without cookies. In your browser settings, you can deactivate the storage of cookies by selecting “Options/Internet Options”, limit them to certain websites or set up your browser so that it informs you when a cookie is sent. You can delete cookies from your computer’s hard disk at any time (e.g. Firefox: Options > Preferences > Privacy > Show Cookies > Remove Cookie / Delete All Cookies; Internet Explorer: Options > Internet Options > General > Delete Browsing History / Cookies). Please note, however, that disabling cookie storage means that you will have limited presentation of our website and limited user guidance.

4. External service providers

We use external service providers that are in some cases domiciled in countries outside the European Union/the European Economic Area (“third countries”) for the processing of your data. We have selected and instructed these service providers with care, and they are bound to follow our instructions and are regularly monitored.

4.1 Recipient categories

The external service providers can be divided into the following categories, in particular:

  • providers of delivery services (email newsletter).
4.2 Recipients outside the EU/EEA

In the following cases, we transfer your data to recipients in “third countries”, specifically, in the United States of America:

  • newsletter registration and mailing: MailChimp Inc.

“MailChimp” is a newsletter mailing platform belonging to the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave. NE #5000, Atlanta, GA 30308, USA. Our newsletter recipients’ email addresses are stored on MailChimp’s servers in the United States. MailChimp uses this information for mailing and analysing the newsletter on our behalf. You can find MailChimp’s data privacy policy here:

MailChimp has committed to complying with data privacy principles based on “Standard Contractual Clauses” of the EU. We would be pleased to provide further information on the suitable and appropriate safeguards for compliance with an adequate level of data protection at your request; our contact details can be found below (1).

5. Consents given

You may withdraw your consent to the processing of your data at any time with effect for the future. This does not affect the legitimacy of the processing of your personal data prior to the date of withdrawal.

6. Right to object

Under the conditions set out in Article 21(1) GDPR, data subjects may object to the processing of data on grounds relating to their particular situation.

This general right to object applies to all purposes for all purposes for which data are processed on the basis of Article 6(1)(f) GDPR described in this data privacy statement. We are required to implement such a general right to object only if you are able to present reasons of overriding importance (e.g. a possible risk to life or health).

7. Your other rights

You have the following rights with respect to your personal data:

  • right of access (Articles 15(1) and 15(2) GDPR),
  • right to rectification (Article 16(1) GDPR),
  • right to erasure (Article 17 GDPR),
  • right to restriction of processing (Article 18 GDPR),
  • right to data portability (Article 20 GDPR).

8. Right to lodge a complaint with the supervisory authority

You also have the right to lodge a complaint with the supervisory authority regarding our processing of your personal data.

9. Data security

To guarantee data security and protect your personal data, Derdack implements technical protective measures to prevent third parties from accessing your data, in particular. Derdack adapts these technical protective measures to state-of-the-art technology.