Privacy Policy

1. Controller

2. Accessing the website and hosting

When this website is accessed, technically necessary connection data is processed so that the site can be delivered, secured, and operated reliably. This may include in particular the IP address, the date and time of access, the address accessed, the referrer URL, browser and system information, the amount of data transferred, and status codes.

The processing is carried out on the basis of Art. 6 (1) (f) GDPR. Our legitimate interest lies in the secure, performant, and error-free provision of the website. For the operation, delivery, and protection of the website, technical service providers, in particular hosting and CDN providers such as Cloudflare, may be used. The necessary agreements are concluded with service providers that process personal data on our behalf.

3. Contacting us by email

If you contact us by email, we process the information you provide in order to handle the inquiry and any follow-up questions. The legal basis is Art. 6 (1) (b) GDPR insofar as the inquiry is directed at a contract or pre-contractual measures, otherwise Art. 6 (1) (f) GDPR. Our legitimate interest lies in handling incoming inquiries.

The data is deleted once the inquiry has been conclusively dealt with and no statutory retention obligations or legitimate interests in further storage stand in the way.

4. Local settings

The website may store a technical display setting in your browser, for example your preferred theme setting. This storage serves solely to display the website on your device and is not used for user profiles, tracking, or marketing analysis.

5. Analytics, tracking, and cookies

Beyond the cookieless reach measurement described below, we do not use any analytics or marketing cookies and no embedded third-party trackers such as Google Analytics, Meta Pixel, or comparable services on this website. External links only lead to the offerings of the respective providers after you click on them; the respective providers are responsible for their processing.

For the statistical analysis of accesses to our website, we use Cloudflare Web Analytics, a service provided by Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA. Cloudflare Web Analytics works without cookies and without fingerprinting: no cookies are set and no cross-device identifiers are created. Only aggregated metrics are recorded, such as the number of page views, pages accessed, referrers, the approximate country of origin, and the browser and device types used. It is therefore not possible to identify individual visitors. The legal basis is our legitimate interest in reach measurement (Art. 6 (1) (f) GDPR); since no information is stored on or read from your end device, no consent under § 25 TDDDG is required for this. When using Cloudflare, data may be transferred to the USA. Cloudflare is certified under the EU-US Data Privacy Framework; in addition, the standard contractual clauses of the EU Commission are used.

For the anonymous analysis of the use of our website, we also use PostHog in the EU-hosted variant (PostHog EU Cloud, data center in Frankfurt am Main; provider: PostHog, Inc., 2261 Market Street #4008, San Francisco, CA 94114, USA). The analytics data is processed exclusively on servers within the EU. We operate PostHog in anonymous mode: no cookies are set, no cross-device identifiers and no personal user profiles are created, and IP addresses are not stored. Only aggregated, anonymous usage data is recorded, such as page views, events, the approximate country of origin, and the browser and device types used. The legal basis is our legitimate interest in reach measurement (Art. 6 (1) (f) GDPR); since no information is stored on or read from your end device, no consent under § 25 TDDDG is required for this. No transfer to a third country outside the EU takes place in this context.

6. Recipients and disclosure

Personal data is only disclosed where this is necessary for the operation of the website, the handling of your inquiry, the fulfillment of legal obligations, or the safeguarding of legitimate interests. No disclosure for advertising purposes or sale of personal data takes place.

7. Project-related systems

Depending on the client project, Contentoren develops and maintains websites, automations, CRM flows, chatbots, or reporting setups. The systems used for this depend on the specific assignment and are not automatically part of this website. Insofar as we process personal data on behalf of our clients in this context, this is reflected in the respective contract, in data processing agreements, and in the project-related data protection information.

8. Your rights

In accordance with the GDPR, you have the right to access, rectification, erasure, restriction of processing, data portability, and objection to processing based on Art. 6 (1) (f) GDPR. Insofar as processing is based on consent, you may withdraw this consent with effect for the future. In addition, you have the right to lodge a complaint with a data protection supervisory authority.

9. Updates to this policy

We adapt this privacy policy when the website, the services used, or legal requirements change. The version published on this page at any given time applies.