Privacy Policy
Information on the collection and processing of personal data pursuant to the General Data Protection Regulation (GDPR) and TTDSG.
The protection of your personal data is important to Zirkel Technologies GmbH. This Privacy Policy explains what personal data we collect when you visit our website, how we use it, on what legal basis we do so, and what rights you have. We process personal data exclusively in accordance with the General Data Protection Regulation (GDPR), the German Telecommunications-Telemedia Data Protection Act (TTDSG), and all other applicable data protection laws.
Controller
The controller responsible for data processing on this website within the meaning of Art. 4(7) GDPR is:
Zirkel Technologies GmbH
Taunustor 1
60310 Frankfurt am Main
Germany
Phone: +49 69 50 50 60 4529
Email: info@zirkeltech.com
Website: https://www.zirkeltech.com
Managing Director: Kapil Gupta
Data Protection Contact
For questions regarding the processing of your personal data, please contact our data protection contact:
Data Protection Contact - Zirkel Technologies GmbH
Taunustor 1, 60310 Frankfurt am Main, Germany
Scope
This Privacy Policy applies to the website https://www.zirkeltech.com (including all language routes such as /en/ and /de/) and the blog at https://blogs.zirkeltech.com.
It does not apply to third-party websites linked from our site. Please refer to the respective privacy policies of those websites.
Legal Bases for Processing
All personal data processing on this website is based on one of the following legal grounds under Article 6 GDPR:
| Legal Basis | Article | When Applied |
|---|---|---|
| Consent | Art. 6(1)(a) GDPR | Non-essential cookies - only after explicit acceptance via consent banner |
| Pre-contractual / Contract | Art. 6(1)(b) GDPR | Processing an enquiry that constitutes a request for a specific service or quotation |
| Legal obligation | Art. 6(1)(c) GDPR | Statutory retention of commercial correspondence |
| Legitimate interests | Art. 6(1)(f) GDPR | Secure website operation, server log files, general business enquiries |
Server Log Files
When you visit our website, your browser automatically transmits information that is recorded in server log files. The following data may be collected:
- Browser type and version
- Operating system
- Referring URL
- Hostname or IP address of the accessing device
- Date and time of the server request
- HTTP status code and data volume transferred
These data are not merged with other data sources and are not used to identify individual users.
Legal basis: Art. 6(1)(f) GDPR - legitimate interest in secure, stable website operation.
Retention: Up to 30 days, unless longer retention is required for security investigations.
SSL/TLS Encryption
This website uses SSL/TLS encryption. All data you transmit to us is protected from third-party access during transmission.
Hosting
Our website is hosted by:
Vercel Inc.
440 N Barranca Ave #4133, Covina, CA 91723, USA
Privacy Policy: vercel.com/legal/privacy-policy
Personal data collected on this website - including IP addresses and server log data - is stored on Vercel's infrastructure. Vercel operates edge nodes within the European Economic Area.
Legal basis: Art. 6(1)(f) GDPR - legitimate interest in reliable, professional website provision.
DPA: A Data Processing Agreement pursuant to Art. 28 GDPR has been concluded with Vercel.
Third country: Vercel is headquartered in the USA. Transfers are protected by Standard Contractual Clauses (SCCs) pursuant to Art. 46(2)(c) GDPR. Documentation: vercel.com/legal/dpa.
Cookies & Consent Management
Our website uses cookies and similar technologies. We use our internal Content Management System & Consent Management Platform to obtain and manage user consent in accordance with GDPR and §25 TTDSG. Non-essential cookies are only set after you have given explicit consent. You may withdraw or adjust your consent at any time via the cookie settings icon.
| Cookie | Provider | Purpose | Expiry |
|---|---|---|---|
| zt_consent | zirkeltech.com | Stores your cookie consent choices | 12 months |
| zt_session | zirkeltech.com (Vercel) | Session management for secure operation | Session |
| zt_lang | zirkeltech.com | Stores your preferred language selection (DE/EN) | 12 months |
Contact Forms and Enquiries
If you contact us via a contact form or by email, we process the personal data you provide in order to respond to your request.
Data collected: Name, email address, company name (optional), message content.
Purpose: Responding to your enquiry and any follow-up communication.
Legal basis: Art. 6(1)(f) GDPR - legitimate interest in responding to business enquiries. Where your enquiry constitutes a request for a specific service or quotation, processing is additionally based on Art. 6(1)(b) GDPR.
Retention: Within 3 months of conclusion of the enquiry, unless the correspondence is subject to statutory retention: 6 years under §257 HGB (commercial correspondence); 10 years under §147 AO (tax-relevant records).
External Links and Social Networks
Our website contains links to external websites including LinkedIn. When you click such a link, you leave our website and the respective operator becomes responsible for processing your data. We have no influence over external websites.
| Platform | Privacy Policy | Integration |
|---|---|---|
| linkedin.com/legal/privacy-policy | Hyperlink only - no tracking tag installed. Data transfer to LinkedIn occurs only upon clicking the link. |
Processors and Data Processing Agreements
We have concluded Data Processing Agreements (DPAs) pursuant to Art. 28 GDPR with all service providers that process personal data on our behalf. These processors are contractually bound to process personal data only according to our instructions and in compliance with applicable data protection law.
| Processor | Location | Purpose | Safeguard |
|---|---|---|---|
| Vercel Inc. | USA (EU edge nodes) | Website hosting and delivery | SCCs + DPA |
| Hetzner Online GmbH | Germany (EU) | Self-hosted CMS infrastructure | DPA |
Transfers of Data to Third Countries
Some service providers are based outside the European Economic Area (EEA). Where personal data is transferred to third countries, we ensure appropriate safeguards pursuant to Chapter V GDPR:
| Safeguard | GDPR Basis | Applies To |
|---|---|---|
| Standard Contractual Clauses (SCCs) | Art. 46(2)(c) GDPR | Vercel Inc. (USA) |
In addition, Zirkel Technologies GmbH has team members in multiple countries. Where staff access personal data as part of their work, the following safeguards apply:
| Country | Safeguard | Basis |
|---|---|---|
| Canada (Oakville, ON) | Adequacy decision | Art. 45 GDPR - Canada recognised as providing adequate protection |
| India (Gurgaon) | Standard Contractual Clauses | Art. 46(2)(c) GDPR - SCCs in staff/contractor agreements |
| UAE (Dubai) | Standard Contractual Clauses | Art. 46(2)(c) GDPR - SCCs in staff/contractor agreements |
| Austria (Vienna) | EEA - no transfer | EU member state - no third-country transfer applies |
| UK (London) | UK Adequacy Regulations | EU-UK adequacy decision under Art. 45 GDPR |
Automated Decision-Making and Profiling
Website visitors: We do not carry out automated decision-making or profiling of website visitors that produces legal effects or significantly affects individuals (Art. 22 GDPR).
Analytics: Where consented, analytics cookies produce aggregate statistical reports. This does not constitute profiling within the meaning of Art. 22 GDPR.
AI services: Zirkel Technologies GmbH provides AI and machine learning services to business clients. Any automated processing forming part of client-specific solutions is governed by the data processing terms agreed with those clients and does not affect visitors to this website.
Data Security
We implement appropriate technical and organisational measures to protect personal data pursuant to Art. 32 GDPR, including:
- SSL/TLS encryption for all data transmitted to and from this website
- Secure hosting infrastructure with access controls and monitoring
- Regular security updates and patching
- Restricted access to personal data on a need-to-know basis
- Data Processing Agreements with all processors
Retention Periods
Personal data is stored only as long as necessary for the purposes described or as required by law.
| Data Category | Retention Period | Legal Basis |
|---|---|---|
| Server log files | Up to 30 days | Art. 6(1)(f) GDPR |
| Contact form submissions | Up to 3 months after final reply | Art. 6(1)(f) GDPR |
| Commercial correspondence (§257 HGB) | 6 years from end of calendar year | Art. 6(1)(c) GDPR |
| Tax-relevant records (§147 AO) | 10 years from end of calendar year | Art. 6(1)(c) GDPR |
| Cookie consent records (zt_consent) | Until consent withdrawn or cookie deleted | Art. 6(1)(f) GDPR |
Your Rights as a Data Subject
To exercise any of the following rights, contact: datenschutzerklaerung@zirkeltech.com
| Right | Article | Description |
|---|---|---|
| Right of access | Art. 15 GDPR | Obtain confirmation whether your data is processed and receive a copy |
| Right to rectification | Art. 16 GDPR | Have inaccurate or incomplete data corrected |
| Right to erasure | Art. 17 GDPR | Request deletion where data is no longer necessary |
| Right to restriction | Art. 18 GDPR | Request limited processing in certain circumstances |
| Right to data portability | Art. 20 GDPR | Receive your data in a structured, machine-readable format |
| Right to withdraw consent | Art. 7(3) GDPR | Withdraw consent at any time without affecting prior lawful processing |
Right to Object - Important Notice
Right to Object (Art. 21 GDPR): You have the right to object at any time to the processing of your personal data where that processing is based on Art. 6(1)(f) GDPR (legitimate interests). Upon objection, we will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defence of legal claims.
You also have the right to object at any time to processing for direct marketing purposes. We will immediately cease such processing upon objection.
To exercise your right to object: datenschutzerklaerung@zirkeltech.com
Right to Lodge a Complaint
You have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).
Competent Authority (Hesse)
Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Postfach 3163, 65021 Wiesbaden, Germany
Phone: +49 611 1408-0
Federal Authority
Bundesbeauftragter für den Datenschutz und die Informationsfreiheit (BfDI)
Graurheindorfer Straße 153, 53117 Bonn, Germany
UK residents: Information Commissioner's Office (ICO), Wycliffe House, Water Lane, Wilmslow SK9 5AF - ico.org.uk
Canadian residents: Processing of personal data of Canadian residents through our Oakville, Ontario office is subject to PIPEDA and, where applicable, Quebec's Law 25. Contact: datenschutzerklaerung@zirkeltech.com
Amendments
We reserve the right to update this Privacy Policy to reflect changes in legal requirements or our services. The current version is always available at https://www.zirkeltech.com/en/privacy-policy. Material changes will be indicated by updating the 'Last updated' date.
Let's shape the future together!
Write us an email at info@zirkeltech.com or complete the form.