Zurück zum Start

Existantrag.de (hereinafter referred to as "Existantrag") is pleased that you are visiting our platform under the following domain: https://existantrag.de/ (hereinafter referred to as "Platform").

Data protection and data security are very important to us when you use our Platform. We would therefore like to inform you at this point about which of your personal data we collect when you visit our Platform and for what purposes this data is used. This Privacy Policy explains which personal data Existantrag, as the operator of the Platform, processes and for which Existantrag is responsible.

This Privacy Policy does not refer to the data managed and stored within Existantrag, i.e., it does not concern the personal data processed by users (e.g. founders or future founders) within Existantrag. Founders or future founders, which use the Platform, are the data controller for this data.

If you have any questions about the processing of personal data within Existantrag, please contact the controller.

Existantrag as Data Controller
Existantrag is responsible for the data processing necessary to ensure the technical operation and functionality of the Platform. This specifically includes:

Collection and processing of usage data (e.g., IP addresses, browser information) to ensure the security and functionality of the Platform.

Processing of request data to receive product improvement suggestions and respond to customer support inquiries.

For these processing activities, Existantrag determines the means and purposes of the data processing and is therefore the Data Controller within the meaning of the GDPR.

Founders or future founders as Data Controller
Once the user uses the Platform to manage or process his data the respective person acts as the Data Controller within the meaning of the GDPR. Existantrag acts as a Data Processor under Article 28 GDPR, as the processing of user data is carried out exclusively on the instructions of the practice.

User as Data Controller: The user decides on the purposes and means of the data processing of his data.

Existantrag as Data Processor: Existantrag provides the Platform and processes the personal data on behalf of and following the instructions of the user.

Contact Information

The party responsible under the EU General Data Protection Regulation (hereinafter "GDPR") for the processing of personal data according to the terms above is:

Existantrag.de
Bildungscampus 1
74076 Heilbronn
Germany
Email: contact@existantrag.de

What is personal data?

Personal data is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, email address or IP address. Information for which we cannot (or can only with disproportionate effort) establish a link to your person, e.g. by anonymising the information, is not personal data. The processing of personal data (e.g. the collection, retrieval, use, storage or transmission) always requires a legal basis such as your consent.

We collect and use our users' personal data only insofar as this is technically necessary to provide a functional Platform and our content and services or information.

When you access and use our Platform, we collect the personal data that your browser automatically transmits to our server. This information is temporarily stored in a so-called log file.

The following information is collected without any action on your part and stored until it is automatically deleted:

IP address of the requesting computer, Date and time of access, Name and URL of the retrieved file, Platform from which the access is made (referrer URL), the browser used and, if applicable, the operating system of your computer and the name of your access provider.

We process the aforementioned data for the following purposes:

Ensuring a smooth connection to the Platform Ensuring the convenient use of our Platform For IT-Security purposes

Art. 6 para. 1 lit. f GDPR serves as the legal basis. The processing of the aforementioned data is necessary for the provision of a Platform and to enable secure and convenient use and thus serves to safeguard a legitimate interest of our company.

As soon as the aforementioned data is no longer required to display the Platform, it is deleted (latest within 30 days). The collection of data for the provision of the Platform and the storage of data in log files is absolutely necessary for the operation of the Platform. Consequently, the user has no option to object. Further storage will take place in individual cases if this is required by law.

For the hosting of the Platform, we use an external service provider, Google Inc. (Google) and Vercel. Your personal data will be passed on to Google in order to provide the services. Google's and Vercel`s servers are located in various regions, including the European Economic Area (EEA). However, it is possible that personal data may be transferred to regions outside the EEA, including the United States.

Google and Vercel are certified under the EU-U.S. Data Privacy Framework (DPF), ensuring an adequate level of data protection in accordance with Article 45 GDPR. Additionally, Google and Vercel implements Standard Contractual Clauses (SCCs) as a supplementary safeguard under Article 46 GDPR, where applicable.

For more information, please refer to Google’s Privacy Policy (https://policies.google.com/privacy) and Vercel`s Privacy Policy (https://vercel.com/legal/privacy-policy) or contact us to request details about the Data Processing Agreement (DPA) that has been concluded.

To identify and fix errors, error logs are created. These logs include general data such as the IP address, browser type and version, and the time the error occurred.

The processing of error logs is based on Article 6(1)(f) GDPR, as it is necessary to ensure the Platform's functionality.

Error logs are stored for 30 days and then deleted.

When you submit support inquiries via the Platform, we collect the following data:

• Name,
• E-Mail Address
• Content of the Inquiry

Processing is based on Article 6(1)(f) GDPR (legitimate interest in responding to inquiries) and Article 6(1)(b) GDPR (fulfillment of contractual or pre-contractual obligations).

Data is deleted after your inquiry has been fully addressed unless there are legal retention requirements.

We use cookies on our Platform.

Cookies are small text files that are stored on your computer when you visit our Platform and enable your browser to be reassigned. Cookies store information such as your language settings, the duration of your visit to our Platform or the entries you make there.

There are different types of cookies. Session cookies are temporary cookies that are stored in the user's Internet browser until the browser window is closed and the session cookies are deleted. Permanent or persistent cookies are used for repeated visits and are stored in the user's browser for a predefined period of time. First-party cookies are set by the Platform that the user visits. Only this Platform is authorised to read information from the cookies. Third-party cookies are set by organisations that do not operate the Platform that the user is visiting.

A distinction can also be made between technically necessary, functional and advertising cookies. The former are necessary to ensure basic Platform functions (such as saving the language setting). Functional cookies collect information about the user's behaviour and whether they receive any error messages. Advertising cookies, on the other hand, are used to offer the user customised advertising.

Third-party cookies are set by organisations that do not operate the Platform that the user is visiting. For example, cookies from YouTube (Google LLC) are only placed when you play or load an embedded YouTube video on our Platform.

Due to the purposes of use described, the legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f GDPR, as we have an interest in the user-friendly presentation of our Platform. If you have given us your consent to the use of functional and advertising cookies on the basis of a notice ("cookie banner") provided by us on the Platform, the legality of the use is also governed by Art. 6 para. 1 sentence 1 lit. a GDPR.

As soon as the data transmitted to us via the cookies is no longer required to fulfil the purposes described above, this information is deleted. Further storage will take place in individual cases if this is required by law.

Most browsers are set to accept cookies by default. However, you can configure your browser so that it only accepts certain cookies or no cookies at all. However, we would like to point out that you may no longer be able to use all the functions of our Platform if cookies are deactivated by your browser settings on our Platform. You can also use your browser settings to delete cookies already stored in your browser or to display the storage period. It is also possible to set your browser to notify you before cookies are stored. As the various browsers may differ in their respective functions, we ask you to use the respective help menu of your browser for the configuration options.

Within our company, only those persons have access to your personal data who need it for the purposes stated in each case. Your personal data will only be passed on to external recipients if we are legally authorized to do so or if we have your consent. Below you will find an overview of the relevant recipients:

Processors: Group companies or external service providers, for example in the areas of technical infrastructure and processing maintenancee processing, which are carefully selected and checked. The processors may only use the data in accordance with our instructions.

Public authorities: Authorities and state institutions, such as tax authorities, public prosecutors or courts, to which we (have to) transfer personal data, e.g. to fulfil legal obligations or to protect legitimate interests

We process your data mainly within the European Union (EU) and the European Economic Area (EEA). However, some of our service providers may be based outside the EEA in so-called "third countries". The General Data Protection Regulation places high demands on the transfer of personal data to third countries. All our data recipients must fulfil these requirements. Before we transfer your data to a service provider in a third country, each service provider is first checked for its level of data protection. A service provider is only selected if it can demonstrate an adequate level of data protection outside the EEA. Regardless of whether our service providers are based within the EEA or in third countries, each service provider must conclude an order processing agreement with us. Service providers outside the EEA must fulfil additional requirements. In accordance with Art. 44 ff. GDPR, personal data may be transferred to service providers who fulfil at least one of the following requirements:

The European Commission has decided that the third country guarantees an adequate level of protection (e.g. Israel and Canada).
Standard contractual clauses have been included in our contract with the data recipient (including any additional measures if necessary).

Further appropriate safeguards pursuant to Art. 46 GDPR provided (e.g. Binding Corporate Rules).

In special exceptional cases in accordance with Art. 49 GDPR

We undertake to treat your personal data confidentially. In order to prevent manipulation, loss or misuse of your data stored by us, we take extensive technical and organizational security precautions, which are regularly reviewed and adapted to technological progress.

However, we would like to point out that due to the structure of the Internet, it is possible that the rules of data protection and the above-mentioned security measures may not be observed by other persons or institutions outside our area of responsibility. In particular, unencrypted data - e.g. when sent by e-mail - may be read by third parties. We have no technical influence on this. It is your responsibility as a user to protect the data you provide against misuse by means of encryption or in any other way.

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or erased if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

You have the following legal rights vis-à-vis us with regard to your personal data:

Right of access

You have the right to request confirmation as to whether we are processing personal data concerning you. If this is the case, you have the right to information about this personal data and to further information, e.g. the processing purposes, the recipients and the planned duration of storage or the criteria for determining the duration.

Right to rectification

You have the right to request the rectification of inaccurate data without undue delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete data.

Right to erasure ("right to be forgotten")

You have the right to erasure if the processing is not necessary. This is the case, for example, if your data is no longer required for the original purposes, if you have revoked your declaration of consent under data protection law or if the data has been processed unlawfully.

Right to restriction of processing

You have the right to restrict processing, e.g. if you believe that the personal data is incorrect.

Right to data portability

You have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format.

Right to object

You have the right to object at any time, on grounds relating to your particular situation, to the processing of certain personal data concerning you. In the case of direct advertising, you as the data subject have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.

Right to withdraw your consent under data protection law

You can revoke your consent to the processing of your personal data at any time with effect for the future. However, this does not affect the legality of the processing carried out up to the point of revocation.

Without prejudice to these rights, you have the right to lodge a complaint with a supervisory authority at any time if you believe that the processing of your personal data violates data protection regulations.

Zurück zum Start