Privacy Policy

We process your personal data on the following legal grounds:

• Consent (Art. 6(1)(a) GDPR): Where you have given explicit consent for specific processing activities
• Contract Performance (Art. 6(1)(b) GDPR): Processing necessary to fulfill our contractual obligations to you
• Legal Obligation (Art. 6(1)(c) GDPR): Processing required to comply with legal obligations (e.g., tax laws, accounting requirements)
• Legitimate Interests (Art. 6(1)(f) GDPR): Processing necessary for our legitimate business interests, provided your rights do not override these interests

1. Account Registration Data

When you create an account, we collect:

• Email address (required)
• Name and contact information
• Company name and details
• Country and preferred language
• Password (stored in encrypted form)

2. Company Search Data

To provide personalized customer matching, we may collect:

• Company description and core products/services
• Industry sectors and specializations
• Target customer profiles
• Company size and capacity
• Geographic regions of interest
• Sales and business development preferences

3. Usage Data

We automatically collect information about your interaction with our platform:

• IP address and device information
• Browser type and version
• Pages visited and features used
• Search queries and filters applied
• Companies viewed and saved
• Time and date of access
• Referring website addresses

4. Communication Data

When you contact us or subscribe to notifications:

• Email correspondence
• Support requests and responses
• Notification preferences
• Feedback and survey responses

5. Payment Information

For premium services, we collect payment details. However, sensitive payment information (credit card numbers, banking details) is processed by our secure third-party payment providers. We do not store complete payment card details on our servers.

We use your personal data for the following purposes:

Service Provision

• Creating and managing your account
• Providing access to company information and our platform
• Personalizing customer matching based on your company profile
• Processing your search queries and filter preferences
• Generating knowledge graph-powered analyses and recommendations
• Sending customer match notifications and alerts

Communication

• Responding to your inquiries and support requests
• Sending service-related announcements and updates
• Providing customer support
• Sending marketing communications (with your consent)

Service Improvement

• Analyzing usage patterns to improve our platform
• Training and improving our knowledge graph matching algorithms
• Conducting research and analytics
• Debugging and fixing technical issues

Legal and Security

• Complying with legal obligations
• Protecting against fraud and abuse
• Enforcing our Terms of Service
• Protecting our rights and property

We do not sell your personal data. We may share your data in the following limited circumstances:

Service Providers

We use third-party service providers to operate our platform and provide services on our behalf, including:

• Cloud hosting providers (servers located in the European Union)
• Payment processing services
• Email service providers
• Analytics and monitoring tools
• Customer support platforms

These providers are contractually obligated to protect your data and may only use it for the purposes we specify.

Legal Requirements

We may disclose your data if required by law, legal process, or government request, or if we believe disclosure is necessary to:

• Comply with legal obligations
• Protect our rights or property
• Prevent fraud or security issues
• Protect the safety of users or the public

Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity. We will notify you of any such change and your rights regarding your data.

We retain your personal data only as long as necessary for the purposes set out in this Privacy Policy:

• Active accounts: Data retained while your account is active
• Inactive accounts: Account data deleted after 12 months of inactivity (you will receive warnings at 9 and 11 months)
• Deleted accounts: Personal data erased within 30 days of account deletion, except where retention is required by law
• Usage logs: Aggregated analytics data retained for up to 24 months
• Financial records: Retained for 10 years to comply with German tax and accounting laws
• Support communications: Retained for up to 3 years for quality assurance

We implement appropriate technical and organizational security measures to protect your personal data:

Technical Measures

• Encryption of data in transit (TLS/SSL)
• Encryption of sensitive data at rest
• Secure password hashing (bcrypt or similar)
• Regular security updates and patches
• Firewall and intrusion detection systems
• Secure backup procedures

Organizational Measures

• Access controls and authentication requirements
• Employee training on data protection
• Confidentiality agreements with staff and contractors
• Regular security audits and assessments
• Incident response procedures

Despite our security measures, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

Under the GDPR, you have the following rights regarding your personal data:

Right of Access (Art. 15 GDPR)

You have the right to obtain confirmation of whether we process your personal data and, if so, to access that data and receive information about the processing.

Right to Rectification (Art. 16 GDPR)

You have the right to have inaccurate personal data corrected and incomplete data completed.

Right to Erasure (Art. 17 GDPR)

You have the right to request deletion of your personal data in certain circumstances, such as when the data is no longer necessary or when you withdraw consent.

Right to Restriction (Art. 18 GDPR)

You have the right to request restriction of processing in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.

Right to Object (Art. 21 GDPR)

You have the right to object to processing based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw that consent at any time.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your habitual residence, place of work, or place of alleged infringement.

We use cookies and similar tracking technologies to enhance your experience and analyze platform usage:

Essential Cookies

These cookies are necessary for the platform to function properly and cannot be disabled. They include session cookies, authentication tokens, and security cookies.

Functional Cookies

These cookies remember your preferences and settings to provide a personalized experience.

Analytics Cookies

These cookies help us understand how users interact with our platform, allowing us to improve our services. We use anonymized or pseudonymized data where possible.

You can control cookie preferences through your browser settings. However, disabling certain cookies may limit your ability to use some features of our platform.

Your personal data is primarily stored and processed within the European Union. If we transfer data outside the EU, we ensure adequate protection through:

• EU Commission adequacy decisions
• Standard Contractual Clauses (SCCs)
• Other legally approved transfer mechanisms

Our service is not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us, and we will take steps to delete such information.

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by:

• Posting the updated policy on our platform
• Updating the "Last Updated" date
• Sending you an email notification (for significant changes)

Your continued use of the platform after changes are posted constitutes acceptance of the updated Privacy Policy.