Privacy Policy

Effective as of April 28, 2024

1. Introduction

Data privacy is extremely important to us. That is why we have set ourselves the goal of keeping this privacy policy as simple and transparent as possible.

2. Controller

The controller is Ziya GmbH, Eckardtstraße 10, 44263 Dortmund, Germany. The email address is info@ziya.de.

3. Data Protection Officer

Our data protection officer is Benjamin Müller, Meyerhof 4a, 49078 Osnabrück, Germany.

Email: dpo@ziya.de

4. Processing of Personal Data

4.1 Processing of personal data when visiting the website

When you visit our website, your browser automatically sends information to our server, which is temporarily stored. This information includes your IP address, date and time of access, the page visited, and other data transmitted by your browser.

We collect this data to ensure the smooth functionality of the website and security, as well as for administrative purposes. If further storage of your data is no longer necessary, it will be deleted.

We use SSL or TLS encryption for the encrypted transmission of data.

The legal basis for data processing is Art. 6(1)(f) GDPR. Our legitimate interest arises from the above-mentioned purposes of data collection.

Please refer to section "5. Provider of our web and email servers/services".

4.2 Processing of personal data when contacting us via email

To contact us by email, you must provide us with a valid email address so that we can respond to your message.

The data transmitted to us (e.g., your email address) will be stored to enable a response. If further storage of your data is no longer necessary, it will be deleted.

Security vulnerabilities on end devices or during transmission can never be completely ruled out; consequently, data cannot be fully protected from access by third parties. Please consider this aspect when contacting us.

Data processing is carried out pursuant to Art. 6(1)(a) GDPR on the basis of your voluntarily given consent.

Please refer to section "5. Provider of our web and email servers/services".

4.3 Processing of personal data when subscribing to and using the newsletter

When you subscribe to our newsletter, we collect and process your email address in order to send you regular information about our products, services, and news.

We use a double opt-in procedure for newsletter registration. This means that after registration, you will receive an email asking you to confirm your registration. This confirmation is necessary to prevent anyone from registering with someone else's email address.

Newsletter registrations are logged in order to be able to verify the registration process. This includes storing the registration and confirmation timestamps as well as the IP address.

We analyze the opening and click behavior of newsletter recipients to improve the relevance and effectiveness of the content. Anonymized data on opened emails and clicked links is collected.

Data processing is based on your consent pursuant to Art. 6(1)(a) GDPR. You may revoke your consent at any time by clicking the unsubscribe link at the end of each newsletter or by sending a message to newsletter@ziya.de.

Your email address will be stored as long as you are subscribed to the newsletter. After unsubscribing, your data will be deleted unless you have expressly consented to further use or we have reserved the right to use data beyond this, as permitted by law.

4.4 Additional processing of personal data when sharing with partner companies and external service providers

To process contact inquiries received by email, phone, or calendar services, it may be necessary to share your data in whole or in part with carefully selected partner companies. These are primarily service providers in the field of artificial intelligence (AI) and IT who support us in answering your inquiry and providing our services.

Sharing only takes place when it is necessary to properly answer your inquiry, process it correctly, or prepare or provide a requested service. In individual cases, your inquiry may therefore also be forwarded in full to a partner company if it has the required expertise.

We have concluded joint controllership agreements with these partner companies pursuant to Art. 26 GDPR. This ensures that your data is only processed for the intended purpose and that you can exercise your rights (information, rectification, deletion, restriction, objection, data portability) both with us and with the respective partner company. You can exercise your rights at any time via our central contact address info@ziya.de; if you have provided us with a phone number, we may also contact you by phone. We will gladly provide you with an overview of the partner companies currently engaged upon request.

The processing of your data is based on Art. 6(1)(a) GDPR, provided you have given us your express consent. In addition, the processing is based on Art. 6(1)(b) GDPR when it is necessary for processing your inquiry or carrying out pre-contractual measures. In certain cases, sharing may also be based on our legitimate interest pursuant to Art. 6(1)(f) GDPR – in particular, to ensure efficient and high-quality processing of your inquiry.

No transfer to other third parties or for other purposes takes place.

5. Provider of our web and email servers/services

The provider that makes the servers and services available to us so that we can present our website and send and receive emails is Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany (hereinafter Hetzner).

Hetzner's privacy policy can be found at https://www.hetzner.com/legal/privacy-policy/.

We have concluded a data processing agreement (DPA) with Hetzner.

6. Cookies

We use cookies on this website. Cookies are small text files placed on your device. They can be retrieved to remember user decisions, identify users, and enable further functionalities.

If these cookies are not technically necessary, we will ask for your consent before storing them.

7. Disclosure of your data to third parties

Your data will only be disclosed to third parties if

  • you have given your consent pursuant to Art. 6(1)(a) GDPR,
  • disclosure is necessary for the performance of a contract pursuant to Art. 6(1)(b) GDPR,
  • disclosure is required to comply with a legal obligation pursuant to Art. 6(1)(c) GDPR, or
  • disclosure is necessary to protect our legitimate interests pursuant to Art. 6(1)(f) GDPR.

8. Rights of data subjects

8.1 Right of access

Pursuant to Art. 15 GDPR, you have the right to request information about your personal data processed by us.

8.2 Right to rectification

Pursuant to Art. 16 GDPR, you have the right to request immediate rectification of inaccurate personal data.

8.3 Right to erasure

Pursuant to Art. 17 GDPR, you have the right to request the erasure of your personal data stored by us.

8.4 Right to restriction of processing

Pursuant to Art. 18 GDPR, you have the right to request the restriction of processing.

8.5 Notification obligation

Pursuant to Art. 19 GDPR, you have the right to be informed about the recipients of your data.

8.6 Right to data portability

Pursuant to Art. 20 GDPR, you have the right to receive your data in a machine-readable format.

8.7 Right of withdrawal

Pursuant to Art. 7(3) GDPR, you have the right to withdraw your consent at any time.

8.8 Right to lodge a complaint

Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority.

9. Right to object

You have the right to object to the processing of your data at any time. For contact, please refer to the controller (see section 2).

10. Changes to the privacy policy

The current version can be found on this page.