Privacy Policy
Preamble
This Privacy Policy informs you about which personal data we process when you visit this website and use our online services. Personal data means any information relating to an identified or identifiable natural person.
This Privacy Policy applies to this website and to the related contact and communication options. The terms used in this Privacy Policy are gender-neutral.
Last updated: 24 June 2026
Note: This English version is provided for convenience. The German version is the primary reference version for this website.
Controller
The controller responsible for data processing on this website is:
Axel RübenhagenThe Seventy 2 Digital
Unterm Georgenberg 27
72762 Reutlingen
Germany
Email: axel.ruebenhagen@seventy2digital.com
Phone: +49 (0) 171 301 65 21
Legal notice / imprint: https://seventy2digital.com/en/imprint/
Overview of Processing Activities
The following overview summarises the main categories of processed data, affected persons and purposes of processing.
Categories of processed data
- Contact data, for example email address, telephone number or postal address.
- Content data, for example information submitted through contact forms or email messages.
- Usage data, for example visited pages, time spent on pages, click paths and usage interactions.
- Meta, communication and procedural data, for example IP addresses, time stamps, technical identifiers, device and browser information.
- Log data, in particular server log files.
Categories of data subjects
- Visitors to the website.
- Communication partners.
- Users of online presences, in particular on LinkedIn.
Purposes of processing
- Provision of the website and its functions.
- Ensuring stability, security and technical functionality.
- Processing contact requests and communication.
- Reach measurement and statistical analysis of website usage, where consent has been given.
- Management of cookie and analytics consents.
- Public relations and maintenance of business-related online presences.
Relevant Legal Bases
We process personal data on the basis of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) and the applicable rules on privacy protection in digital services. The main legal bases are:
- Art. 6(1)(a) GDPR – Consent: The data subject has given consent for a specific purpose.
- Art. 6(1)(b) GDPR – Contract performance and pre-contractual measures: Processing is necessary for the performance of a contract or for taking pre-contractual steps.
- Art. 6(1)(c) GDPR – Legal obligation: Processing is necessary for compliance with a legal obligation.
- Art. 6(1)(f) GDPR – Legitimate interests: Processing is necessary for the purposes of legitimate interests, unless the interests or fundamental rights and freedoms of the data subject override those interests.
- Section 25 TDDDG: Where information is stored on or accessed from a user's terminal device, this is done in accordance with the statutory requirements. Consent is obtained for non-essential cookies and comparable technologies.
Security Measures
We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk. These measures include, in particular, safeguards for the confidentiality, integrity and availability of the data processed.
This website is provided via an encrypted connection using TLS/SSL technology. An encrypted connection can usually be identified by https:// in the browser's address bar.
Transfer of Personal Data
In the course of processing personal data, it may be necessary to transfer or disclose data to external parties. These may include hosting providers, technical service providers, providers of integrated services and communication or platform providers.
Where service providers process personal data on our behalf, this is done on the basis of a data processing agreement pursuant to Art. 28 GDPR, where such an agreement is required.
International Data Transfers
Where personal data is transferred to or processed in countries outside the European Union (EU) or the European Economic Area (EEA), this is done only in accordance with the applicable legal requirements.
For data transfers to the United States, relevant safeguards may include an adequacy decision by the European Commission, certification under the EU-U.S. Data Privacy Framework, the European Commission's Standard Contractual Clauses or other legally recognised safeguards.
For the individual services, we provide information, where relevant, about providers, recipients and the legal basis for possible transfers to third countries.
General Information on Storage and Deletion
We delete personal data as soon as the purpose of processing no longer applies and there is no statutory retention obligation or other legal basis for further storage.
Longer storage may be necessary, in particular, where retention obligations under commercial or tax law apply or where data is required for the establishment, exercise or defence of legal claims. Under German law, the following retention periods may be relevant in particular:
- 10 years for books, records, annual financial statements, inventories and comparable documents.
- 8 years for accounting documents, in particular invoices and expense records.
- 6 years for received and sent commercial or business letters and other business records relevant for taxation.
- 3 years for data that may be required to take account of potential warranty, damages or other claims.
Where a period does not expressly begin on a specific date and lasts at least one year, it generally starts at the end of the calendar year in which the triggering event occurred.
Rights of Data Subjects
Data subjects have, subject to the statutory requirements, in particular the following rights:
- Right of access to the personal data processed.
- Right to rectification of inaccurate or incomplete data.
- Right to erasure of personal data.
- Right to restriction of processing.
- Right to data portability, where the statutory requirements are met.
- Right to withdraw consent with effect for the future.
- Right to object to processing based on Art. 6(1)(e) or Art. 6(1)(f) GDPR.
- Right to lodge a complaint with a data protection supervisory authority.
An objection to the processing of personal data for direct marketing purposes is possible at any time.
Provision of the Website and Web Hosting
When this website is accessed, technically necessary data is processed in order to deliver the website content to the browser or terminal device of the user. This includes, in particular, the IP address.
Processed data
- IP address.
- Date and time of access.
- Accessed pages and files.
- Amount of data transferred.
- Referrer URL.
- Browser type and browser version.
- Operating system.
- Message indicating successful or failed access.
Purposes of processing
- Provision of the website.
- Ensuring technical functionality.
- Stability and security of systems.
- Detection and prevention of abusive access.
Legal basis
The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure, stable and functional provision of the website.
Server log files
Access to the website may be logged in server log files. Server log files are processed in particular for security purposes, error analysis and ensuring server stability. Log file data is generally stored for a maximum of 30 days and then deleted or anonymised, unless longer retention is required for evidentiary purposes.
Hosting provider
For hosting this website, we use services provided by:
DomainFactory GmbHc/o WeWork
Neuturmstraße 5
80331 Munich
Germany
Website: https://www.df.eu
Privacy information: https://www.df.eu/de/datenschutz/
Data processing agreement: https://www.df.eu/de/support/formulare/
Cookies and Comparable Technologies
This website uses cookies and comparable technologies. Cookies are small text files that may be stored on a terminal device. Comparable technologies may store information on, or read information from, the terminal device.
Cookies and comparable technologies may be technically necessary to provide the website, store settings or enable security functions. Other cookies and technologies, in particular for statistics and analytics, are used only where consent has been given.
Legal bases
- Technically necessary cookies and comparable technologies: Art. 6(1)(f) GDPR and Section 25(2) TDDDG.
- Non-essential cookies and comparable technologies, in particular analytics cookies: Art. 6(1)(a) GDPR and Section 25(1) TDDDG.
Cookie consent management
We use a locally integrated consent management solution based on CookieConsent on this website in order to obtain, manage and document consents for the use of cookies and comparable technologies.
It is stored whether users have consented to or rejected specific categories of cookies and comparable technologies. This storage is used to technically implement the selected choice, enable a later withdrawal of consent and avoid asking again on every page view.
For this purpose, a technically necessary cookie may be set. This cookie may store, in particular, the consent status, selected categories, the time of the selection and technical information for assigning the selection. This cookie is used exclusively to manage cookie settings.
The legal basis for managing cookie settings is Art. 6(1)(f) GDPR. Where consent is obtained for non-essential cookies or comparable technologies, this is done on the basis of Art. 6(1)(a) GDPR and Section 25(1) TDDDG.
Overview of cookies used
| Name | Provider | Purpose | Category | Storage period |
|---|---|---|---|---|
cc_cookie | Own website | Storage of cookie and consent settings | Necessary | Up to 182 days, unless configured differently |
_ga | Google Analytics | Distinguishing users for reach measurement | Statistics / Analytics | Up to 2 years, depending on the GA4 configuration |
_ga_* | Google Analytics | Storage of session-related and property-related analytics information | Statistics / Analytics | Up to 2 years, depending on the GA4 configuration |
Users may withdraw or change their consent at any time via the .
Contact and Request Management
If you contact us by email, telephone, contact form or other communication channels, we process the personal data you provide in order to handle your request.
Processed data
- Name, if provided.
- Email address.
- Telephone number, if provided.
- Content of the message.
- Time of contact.
- Additional information transmitted as part of the request.
Purposes of processing
- Responding to contact requests.
- Communication with interested parties, clients and business partners.
- Conducting pre-contractual measures.
- Managing and documenting communication.
Legal bases
The legal bases are Art. 6(1)(b) GDPR, where the contact relates to a contract or pre-contractual measures, and Art. 6(1)(f) GDPR for general communication and administrative interests.
Web Analytics with Google Analytics 4
We use Google Analytics 4 (GA4), a web analytics service provided by Google, to statistically analyse the use of this website and improve the website in a user-oriented manner. The provider for users in the European Economic Area is:
Google Ireland LimitedGordon House
Barrow Street
Dublin 4
Ireland
Google Analytics may process information about the use of the website, in particular page views, usage interactions, technical device and browser information, approximate location information and time data. Cookies and comparable technologies may be used for this purpose.
We use Google Analytics only where users have previously consented to analytics processing. Without consent, no analytics cookies are set and no GA4 analytics processing is activated.
Legal basis
The legal basis for the use of Google Analytics is consent pursuant to Art. 6(1)(a) GDPR and Section 25(1) TDDDG.
IP addresses and location data
According to Google, Google Analytics 4 does not log or store individual IP addresses of users from the EU. IP addresses may, however, be used briefly to derive approximate geographical information before being discarded.
Third-country transfer
When using Google services, a transfer of personal data to third countries, in particular to the United States, cannot be excluded. For this purpose, Google may rely, among other things, on the EU-U.S. Data Privacy Framework, Standard Contractual Clauses and other legally recognised safeguards.
Further information:
- Google Analytics: marketingplatform.google.com
- Google Privacy & Terms: business.safety.google/privacy
- Data processing terms: business.safety.google/adsprocessorterms
- Browser add-on to deactivate Google Analytics: tools.google.com/dlpage/gaoptout
Presences in Social Networks
We maintain online presences in social networks, in particular on LinkedIn, in order to provide information about our services and communicate with users there.
When visiting our social media profiles, personal data may be processed by the respective platform operators. This may include, in particular, usage data, communication data, device information, IP addresses and information about interactions with content.
Processing by the platform operators may also take place outside the EU or the EEA. The privacy notices of the respective platform operators apply to processing carried out by them.
The provider is:
LinkedIn Ireland Unlimited CompanyWilton Plaza
Dublin 2
Ireland
LinkedIn may process usage data and use it in particular for statistics, analytics, communication and advertising purposes. We may receive statistical information on the use of our LinkedIn presence through so-called Page Insights.
LinkedIn Privacy Policy: linkedin.com/legal/privacy-policy
Page Insights Joint Controller Addendum: legal.linkedin.com/pages-joint-controller-addendum
Opt-out: linkedin.com/psettings/guest-controls/retargeting-opt-out
The legal basis for our processing in connection with social media presences is Art. 6(1)(f) GDPR. Our legitimate interest lies in public relations, communication and presentation of our services.
Locally Hosted Fonts and Media
Where fonts, images or other media are provided locally through this website, the mere retrieval of these contents does not establish a direct connection to external providers of those contents. Delivery takes place through our website or our hosting provider.
Changes and Updates to this Privacy Policy
We update this Privacy Policy where changes to the website, the services used or legal requirements make this necessary. The current version is available on this website.