1. Controller

Dynaflow Technology GmbH (hereinafter “Dynaflow”)

Address: Jägerstr. 54-55, D-10117 Berlin, Germany

E-mail: datenschutz@dynaflow.de

2. Purposes, legal bases and storage periods

• Provision of the website / server logs:
  Processing of IP address, date/time, URL, referrer, and user agent for technical delivery,
  stability, and security (Art. 6(1)(f) GDPR – legitimate interest).
  Retention: usually 14–30 days.
• Contact requests (form/e-mail/phone):
  Processing of contact details and message content to handle your inquiry
  (Art. 6(1)(b) GDPR – pre-contractual; if applicable also (f)).
  Retention: until the inquiry is completed, then according to statutory retention obligations.
• Newsletter/marketing communication:
  Sending only with consent (double opt-in) (Art. 6(1)(a) GDPR).
  You can withdraw your consent at any time with effect for the future.
  Retention: until withdrawal.
• Service contract / customer account:
  Processing for contract performance, billing, and support (Art. 6(1)(b) GDPR).
  Retention: according to statutory retention periods.
• Statistics, reach measurement, advertising (cookies/pixels):
  Use only after consent via our consent tool (Art. 6(1)(a) GDPR).
  Retention: according to the cookie/tool provider.

3. Cookies & consent management

We use cookies and similar technologies. We set non-essential cookies only after you have given
your consent via our consent tool. You can change your selection at any time using the “Cookie Settings”
button linked in the footer and withdraw consent with effect for the future.

4. Use of Google services (with consent)

• Google Analytics 4: Provider: Google Ireland Limited.
  Purpose: reach measurement and usage analysis. Pseudonymized usage profiles may be created.
  IP anonymization is enabled. Legal basis: Art. 6(1)(a) GDPR.
  More information:
  Google Privacy Policy.
  Opt-out/withdraw consent via cookie settings.
• Google Ads / Remarketing (Google Pixel): Provider: Google Ireland Limited.
  Purpose: interest-based advertising and conversion measurement. Legal basis: Art. 6(1)(a) GDPR.
  More information:
  Google Ads Policies.
  Opt-out/withdraw consent via cookie settings.

5. Use of the Meta (Facebook) Pixel (with consent)

Provider: Meta Platforms Ireland Limited. Purpose: conversion tracking, optimization, and delivery of personalized ads.
Meta may associate website visits with users of Meta services to display targeted advertising.
Legal basis: Art. 6(1)(a) GDPR. More information:
Meta Privacy.
Opt-out/withdraw consent via cookie settings.

6. Transfers to third countries

When using Google/Meta services, data may be transferred to the USA. The basis is appropriate safeguards pursuant to
Art. 46 GDPR (e.g., EU Standard Contractual Clauses) and/or the EU–US Data Privacy Framework, where applicable.
Risks of third-country transfers cannot be completely ruled out. Transfers occur only after your consent
(Art. 49(1)(a) GDPR), which you can withdraw at any time.

7. Recipients / processors

We use service providers (hoster, IT support, newsletter delivery, analytics/marketing) as processors pursuant to
Art. 28 GDPR. We will provide a list of the main categories of recipients upon request.

8. Hosting & content delivery

To deliver and protect this website, we use hosting and, where applicable, CDN services.
The server log data mentioned in section 2 is processed (Art. 6(1)(f) GDPR).

9. Mandatory information & minors

Where fields are marked as mandatory, we require them for processing. Our offering is not directed at persons under 16 years of age.

10. Data subject rights

You have the right to access (Art. 15 GDPR), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18),
data portability (Art. 20), and to object to processing based on Art. 6(1)(f) GDPR (Art. 21).
You can withdraw consent at any time with effect for the future (Art. 7(3)).
To exercise your rights, please contact us using the details above.

11. Right to lodge a complaint

You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence,
your place of work, or the place of the alleged infringement. In Austria:
Austrian Data Protection Authority.

12. Security

We take appropriate technical and organizational measures (TOMs) to protect your data against loss, misuse,
and unauthorized access, and we review these measures regularly.

13. External links

Our website may contain links to external sites. The respective operators are responsible for their content and privacy practices.

14. Updates to this policy

We will update this Privacy Policy whenever changes to our data processing or the legal situation make this necessary.
The current version can be found on this page.

15. Contact

If you have questions about data protection or want to exercise your rights, please contact us using the details above.

Last updated: 15.10.2025