Data protection

Our privacy policy

We collect personal data. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

  1. Information on the collection of personal data

(1) Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behavior.

(2) The controller pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR) for data processing is

deepsight GmbH

Albert-Einstein-Str. 1

49076 Osnabrück

Phone: +49 (0)175 5533500



External data protection officer:


Boris Nicolaj Willm

Resilien[i]T GmbH

Monschauer Street 12

40549 Düsseldorf


Phone: +49 (0) 211 695289 92



(3) When you contact us, in particular by e-mail or via a contact form, the data you provide (your e-mail address, if applicable your first name, surname and your telephone number - voluntary information) will be stored by us in order to answer your questions. We delete the data arising in this context after storage is no longer required, or restrict processing if there are statutory retention obligations.

(4) Processing of the data entered in the contact form is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. All you need to do is send us an informal email. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation. We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions - in particular retention periods - remain unaffected.

(5) If we use contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail below about the respective processes. We will also state the specified criteria for the storage period.

(6) Your personal data will be deleted if you have revoked your consent to processing or if the personal data is no longer required to fulfill the purpose for which it was processed. Cookies are deleted after 12 months. Data collected in connection with a contact will be deleted after 12 months.

(7) Your personal data will not be transferred to a third country outside the EU or the EEA. Any other transfer will only take place if we are legally or officially obliged to do so or if the transfer is necessary in the context of your use of the website.

(8) Data transfer to the USA: We would like to point out that we use and have integrated tools from providers in the USA on our website. Your personal data may be transferred to US companies and stored or otherwise processed on US servers. The level of data protection in the USA does not correspond to the standard of the European Union. In particular, there is a risk that US authorities may be able to access and process the transmitted personal data for inspection and monitoring purposes. For data subjects, there is a risk that no (judicial) legal protection options are available in this regard. The legal basis for the transfer of data to the USA is your consent pursuant to Art. 49 para. 1 lit. a GDPR.

  1. Your rights

(1) You have the right with regard to the personal data concerning you

  • in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
  • in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;
  • in accordance with Art. 17 GDPR, to demand the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • in accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR;
  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller(right to data portability)
  • in accordance with Art. 7 para. 3 GDPR, to revoke your consent once given to us at any time. The consequence of this is that we may no longer continue the data processing that was based on this consent in the future and
  • pursuant to Art. 77 GDPR to lodge a complaint with a supervisory authority(right to lodge a complaint). As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link:

(2) Right to object to processing pursuant to Art. 6 para. 1 lit. e or f GDPR:

You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on point (e) or (f) of Article 6(1) GDPR and which is based on the following provisions:

Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

If you wish to exercise your right of revocation or objection, it is sufficient to send us a message, e.g. by e-mail to

  1. Collection of personal data when visiting and using our website

(1) When using the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability, security and convenient use (legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR):

         - IP address

         - Date and time of access

         - Time zone difference to Greenwich Mean Time (GMT)

         - Content of the request (specific page)

         - Access status/HTTP status code

         - Amount of data transferred in each case

         - Website from which the access is made (referrer URL)

         - Browser, browser type and browser version

         - Language and version of the browser software

         - operating system used.

(2) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard disk assigned to the browser you are using and through which certain information flows to the place that sets the cookie (here by us). Cookies cannot execute programs or transfer viruses to your computer. They are used to make the website more user-friendly and effective overall.

(3) Use of cookies:

  1. a) This website uses the following types of cookies, the scope and function of which are explained below:

- Transient cookies

- Persistent cookies.

Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.           

             Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in your browser's security settings.

  1. b) You can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies. We would like to point out that you may not be able to use all functions of this website.
  2. c) These cookies enable us to recognize your browser on your next visit. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted. Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested are stored on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the storage of cookies for the technically error-free and optimized provision of our services. Insofar as other cookies (e.g. cookies to analyze your surfing behavior) are stored, these are treated separately in this privacy policy.

3.1 Web analytics

             Use of Google Analytics

(1) This website uses Google Analytics, a web analysis service of Google Inc ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.

(2) The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

(3) You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link:

(4) This website uses Google Analytics with the extension "_anonymizeIp()". This means that IP addresses are further processed in abbreviated form, so that they cannot be linked to individuals. If the data collected about you is personally identifiable, it will be excluded immediately and the personal data will be deleted immediately.

(5) We use Google Analytics to analyze and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. The legal basis for the use of Google Analytics is Art. 6 para. 1 sentence 1 lit. f GDPR or your consent, if you have given it. You can withdraw your consent at any time.

(6) Information from the third-party provider: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms of use:, overview of data protection:, and the privacy policy:

(7) Reference is made to the transfer of data to the USA and the associated risks (see section 1 above).

3.2 Social media plug-ins / buttons

             We currently use the following social media plug-ins on our website: LinkedIn, XING, Skype.

(1) You can usually recognize the plug-ins by the respective social media logos. We use the so-called two-click solution. This means that when you visit our website, no personal data is initially passed on to the providers of the plug-ins. You can recognize the provider of the plug-in by the marking on the box above its initial letter or the logo. We give you the option of communicating directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it will the plug-in provider receive the information that you have accessed the corresponding website of our online offering. In addition, the data mentioned under point 3 will be transmitted.

(2) We have no influence on the data collected and data processing procedures, nor are we aware of the full scope of data collection, the purposes of processing or the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.

(3) The plug-in provider stores the data collected about you as usage profiles and uses these for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to display needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. We offer you the opportunity to interact with the social networks and other users via the plug-ins so that we can improve our offering and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 para. 1 sentence 1 lit. f GDPR or your consent, if you have given it. Consent can be revoked at any time.

      (4) Data is transferred regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected by us will be assigned directly to your existing account with the plug-in provider. If you click the activated button and, for example, link the page, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this way you can avoid being assigned to your profile with the plug-in provider.

      (5) Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the data protection declarations of these providers provided below. There you will also find further information on your rights in this regard and setting options to protect your privacy.

      (6) The host of our website is Webflow, Inc. Web hosting refers to the provision of web space and the hosting of websites on the web server of an Internet service provider.

      (7) Information on the respective providers with their data protection notices:

  1. a) LinkedIn:

                   LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

                   Data protection regulations:


  1. b) XING

                   New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany

                   Data protection regulations:


  1. c) Skype

                   Skype Communications SARL, 23-29 Rives de Clausen, L-2165 Luxembourg

                   Data protection regulations:


  1. d) Webflow

             Webflow, Inc. 398 11th Street, San Francisco, CA 94103

             Data protection regulations:


  1. Collection of personal data in the context of our services and business relationship

      (1) We collect the following personal data as part of our services/commissioning and business relationship with you:

  • First names and surnames together with title (Mr./Mrs.)
  • Address
  • Telephone number (landline and/or mobile)
  • E-mail address and any other communication data
  • Contract master data (contractual relationship, product or contract interest)
  • Customer history
  • Contract billing and payment data
  • other additional data that you provide when placing an order or registering for our service
  • All information, insofar as it is necessary for the execution of the contract, advice and our

services are necessary

                This data is collected for the following purposes:

  • For communication with you in the context of contract initiation and contract execution
  • Invoicing
  • In order to be able to process any liability claims on your part against us;
  • In order to be able to pursue and enforce any (payment) claims on our part against you.

The data processing takes place on the basis of our commissioning by you or on the basis of your request. It is necessary for the purposes mentioned for the appropriate processing and for the mutual fulfillment of obligations arising from the contract (Art. 6 para. 1 sentence 1 lit. b GDPR).

Your data will be stored or collected both digitally and, where applicable, in paper form.

                The personal data collected by us will be stored or retained during the term of the contract and after termination of our contractual relationship until the expiry of the statutory retention period and then deleted or destroyed. Anything else only applies if we are obliged to store/retain data for a longer period due to other legal provisions (e.g. the German Fiscal Code, the Money Laundering Act, etc.) (Art. 6 para. 1 sentence 1 lit. c GDPR.

                At the end of the retention period, we will have your personal data in paper form destroyed while maintaining all confidentiality.

(2) We offer a web-based dashboard (graphical user interface) through which you as the client can enter and transmit data. The dashboard is hosted by Azure, a cloud computing platform from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. The data servers are located in the Federal Republic of Germany and must comply with German and European data protection and security regulations. Microsoft has a so-called Microsoft Azure Trust Center, about which you can find more information at

(3) As part of the use of the dashboard and provision of the order/ we use the tool DeepL of the provider DeepL GmbH, Maarweg 165, 50825 Cologne, Germany for language translations. Personal data within a text to be translated is transferred to the servers of DeepL. You can view the data protection provisions of DeepL at:

(4) As a payment service, we use PAYONE from the provider Payone GmbH, Lyoner Straße 9, 60528 Frankfurt am Main, Germany, to which card and payment data are transmitted. You can view PAYONE's privacy policy at:

      (5) For e-mail communication we use Siteground, the provider SiteGround Spain S.L., C/ Serrano 1, 5º 28001 Madrid. You can view Siteground's privacy policy at:

      (6) If you instruct us to process personal data of third parties, we will conclude a separate agreement with you on commissioned processing in accordance with Art. 28 GDPR.

Scroll up