English

Privacy Policy

1. Data Protection at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can personally identify you. Detailed information on data protection can be found in the privacy policy below.

Data Collection on This Website

Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. Their contact details can be found in the section “Notice concerning the responsible party” in this privacy policy.

How do we collect your data?
Your data is collected when you provide it to us. This can be, for example, data entered in a contact form.

Other data is collected automatically or with your consent when you visit the website through our IT systems. This includes mainly technical data (e.g., internet browser, operating system, or time of the page visit). The collection of this data occurs automatically as soon as you access the website.

What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?
You have the right to receive information about the origin, recipient, and purpose of your stored personal data at any time, free of charge. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you may revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

For further information on data protection, feel free to contact us at any time.

2. Hosting

We host the content of our website with the following provider:

Strato
Provider: Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin, Germany.
When you visit our website, Strato collects various log files including your IP address.

More information is available in Strato’s privacy policy:
https://www.strato.de/datenschutz/

Legal Basis: Art. 6(1)(f) GDPR – legitimate interest in reliable website operation.
If consent is requested (e.g., for cookies), processing is based on Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent can be revoked at any time.

Data Processing Agreement
We have entered into a DPA with Strato to ensure data is processed in accordance with the GDPR.

3. General Notes and Mandatory Information

Data Protection

We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.

Please note that data transmission over the Internet (e.g., via email) may have security vulnerabilities. Complete protection of data from third-party access is not possible.

Responsible Party

HUM Systems GmbH
Choriner Bahnhofstraße 2
16230 Chorin
Phone: +49 30 837 930 06
Email: info@hum-systems.com

Storage Duration
Unless a specific retention period is stated, your data will be retained until the purpose no longer applies. If you request deletion or revoke consent, data will be deleted unless legally required otherwise (e.g., retention for tax purposes).

Legal Bases
Data processing may be based on:

  • Art. 6(1)(a) GDPR (consent),

  • Art. 6(1)(b) GDPR (contract),

  • Art. 6(1)(c) GDPR (legal obligation),

  • Art. 6(1)(f) GDPR (legitimate interest),

  • § 25(1) TTDSG (cookies/device information).

Recipients of Personal Data
We only share personal data when legally allowed (e.g., tax authorities, service providers under DPA agreements, legitimate interest, or joint controllers).

Rights of the Data Subject

  • Right to withdraw consent at any time

  • Right to object to processing under Art. 21 GDPR (esp. for direct marketing)

  • Right to lodge a complaint with a supervisory authority

  • Right to data portability

  • Right to access, rectification, and deletion

  • Right to restriction of processing

  • Right to SSL/TLS protection – encrypted data transfer

  • Right to object to unsolicited advertising emails

4. Data Collection on This Website

Cookies
We use session and permanent cookies (first-party and third-party). Necessary cookies are stored on Art. 6(1)(f) GDPR. Cookies requiring consent are processed based on Art. 6(1)(a) GDPR and § 25(1) TTDSG.

Users can manage cookie preferences via browser settings.

Server Log Files
Collected automatically: browser type/version, OS, referrer URL, hostname, time of request, IP address.
Legal basis: Art. 6(1)(f) GDPR.

Contact Form / Email / Phone / Fax
Data is used to respond to inquiries and stored accordingly. Legal basis: Art. 6(1)(b) or (f) GDPR, or Art. 6(1)(a) GDPR if consent was given.

5. Social Media

Facebook & Instagram (Meta Platforms Ireland Ltd.)
Embedded plugins may transmit data (e.g., IP address) when activated. If you are logged into your account, interaction is linked to your profile.
Joint responsibility under Art. 26 GDPR applies to data collection and transfer to Facebook/Instagram.
Legal basis: Art. 6(1)(a) GDPR and § 25(1) TTDSG (if consent given), otherwise Art. 6(1)(f) GDPR.

Data Transfer to the USA is based on EU Standard Contractual Clauses and DPF certification.

More:

6. HubSpot

We use HubSpot for customer management and marketing (e.g., forms, landing pages, analytics). Data such as IP address, browser type, location, page views, and session duration may be collected.

Storage: 13 months typical cookie lifespan.
Legal basis: Art. 6(1)(a) GDPR. Consent can be revoked.
Data transfer to the US: Based on Art. 49(1)(a) GDPR and DPF.

More: https://legal.hubspot.com/privacy-policy

7. Plugins and Tools

YouTube (Enhanced Privacy Mode)
Operator: Google Ireland Ltd.
Only stores data when video is played. Cookies and tracking may still be used.
Legal basis: Art. 6(1)(f) GDPR or Art. 6(1)(a) GDPR and § 25(1) TTDSG if consent given.

More: https://policies.google.com/privacy?hl=en

Google Fonts (Local Hosting)
No data is transferred to Google.
More: https://developers.google.com/fonts/faq

Google reCAPTCHA
Used to distinguish humans from bots. Collects data like IP, mouse movements, dwell time.
Legal basis: Art. 6(1)(f) GDPR or Art. 6(1)(a) GDPR and § 25(1) TTDSG (if consent given).
More: https://policies.google.com/privacy