Privacy Policy
As of: July 2026 · This English version is a convenience translation; the German version is legally binding.
1. The essentials at a glance
This website is built to be strictly data-minimising:
- No cookies: This website itself sets no cookies and uses no comparable tracking technologies. A consent banner is therefore not required.
- No US services: Fonts, icons and all other resources are served from our own servers. The only exception is the booking calendar of our German scheduling provider meetergo (see section 6).
- Hosting in Germany: All systems are operated in Germany. We do not transfer personal data to third countries.
- End-to-end encryption in transit: All connections to this website are TLS-encrypted.
2. Controller
The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection provisions is:
endless webservices GmbHHermann-Ritter-Straße 112
28197 Bremen, Germany
Represented by the managing directors: Marco Paetschke & Sascha Dirbach
Email: info@endless-webservices.de
Phone: +49 (0) 421 989 604 20
We have appointed an external data protection officer (Art. 37 GDPR). You can contact him directly at any time with all questions concerning data protection and the exercise of your rights:
External data protection officerNils Oehmichen
frag.hugo Informationssicherheit GmbH
Spaldingstraße 64-68, 20097 Hamburg, Germany
Email: datenschutz@endless-webservices.de
3. Hosting and server log files
This website is operated by STRATO AG, Otto-Ostrowski-Straße 7, 10249 Berlin, in a data centre in Germany. A data processing agreement pursuant to Art. 28 GDPR is in place with STRATO AG.
When the website is accessed, the web server automatically processes the following data in so-called server log files:
- IP address of the requesting device,
- date and time of access,
- requested resource (URL) and HTTP status code,
- amount of data transferred,
- browser type and version as well as operating system (user agent),
- previously visited page (referrer URL).
Processing takes place to provide the website, to ensure stability and system security, and to prevent and investigate attacks and misuse. The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in secure and stable operation).
Retention: Log files are stored for a maximum of 7 days and then deleted automatically. Longer retention only takes place where required to investigate specific security incidents.
4. Cookies
This website itself does not use cookies – neither its own nor third-party cookies – and does not store comparable identifiers on your device. Within the embedded meetergo booking calendar, technically required storage access may occur (see section 6).
Should further technically essential cookies be used in the future, this will be based on § 25 (2) no. 2 of the German TDDDG; this privacy policy will be updated accordingly.
5. Web analytics (Umami)
For reach measurement we use the analytics software Umami, which we operate ourselves on our own servers in Germany. No data is transferred to third parties.
Umami works without cookies and without cross-device recognition. Page views and interactions (e.g. button clicks) are analysed exclusively in anonymised and aggregated form; IP addresses are not stored. No merging with other data and no user profiling takes place.
The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in statistical analysis and optimisation of our offering). You may object to this processing at any time with effect for the future (see section 10).
6. Appointment booking (meetergo)
To book intro calls we use the scheduling service of meetergo GmbH, Hauptstraße 44, 40789 Monheim am Rhein, Germany ("meetergo"). meetergo is a German provider; processing takes place on servers in the EU. A data processing agreement pursuant to Art. 28 GDPR is in place with meetergo.
The booking calendar is embedded into this website as meetergo content. So that it opens without waiting time, it is loaded in the background when you visit the page; for technical reasons your IP address is transmitted to meetergo in the process. Within the embedded calendar, technically required storage access on your device may occur (§ 25 (2) no. 2 TDDDG).
When you book an appointment via the calendar, we process the data you enter (e.g. name, email address, company, preferred time and optional details about your request) to arrange and conduct the call.
The legal basis is Art. 6 (1) (b) GDPR (pre-contractual measures at your request); for the technical embedding of the calendar, Art. 6 (1) (f) GDPR (legitimate interest in functional, fast appointment booking).
Retention: We delete appointment data as soon as it is no longer required to conduct and follow up on the call, at the latest three years after the last contact, unless statutory retention obligations apply.
7. Contact
When you contact us via the contact form on this website, by email or by phone, we process the data you provide (name, email address, optionally company, and the content of your message) exclusively to handle your enquiry. Form data is transmitted TLS-encrypted; processing takes place exclusively on systems in Germany.
The legal basis is Art. 6 (1) (b) GDPR where your enquiry relates to the initiation or performance of a contract, otherwise Art. 6 (1) (f) GDPR (legitimate interest in answering enquiries).
Retention: We delete enquiries after final processing, at the latest three years after the last contact, unless statutory retention obligations apply.
8. Recipients; no third-country transfers
Your data is only passed on:
- to IT service providers acting for us as processors pursuant to Art. 28 GDPR whose servers are located in Germany or the EU (in particular hosting and appointment booking, see sections 3 and 6),
- to authorities or other bodies where we are legally obliged to do so.
Personal data is not transferred to countries outside the EU or the EEA ("third countries"). We deliberately do not use services from providers that require processing in third countries.
9. Retention
Unless a more specific retention period is stated in this privacy policy, we process personal data only for as long as necessary for the respective purpose. Once the purpose no longer applies, the data is deleted unless statutory retention obligations (in particular under commercial and tax law) prevent deletion; in that case processing is restricted accordingly.
10. Your rights
As a data subject you have the following rights under the GDPR:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to withdraw consent (Art. 7 (3) GDPR)
Right to object (Art. 21 GDPR): Where we process your data on the basis of legitimate interests (Art. 6 (1) (f) GDPR), you have the right to object to the processing at any time on grounds relating to your particular situation. We will then no longer process the data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.
To exercise these rights, an informal message to the controller named in section 2 or to our data protection officer is sufficient.
You also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). The supervisory authority responsible for us is:
Die Landesbeauftragte für Datenschutz und Informationsfreiheit der Freien Hansestadt BremenArndtstraße 1, 27570 Bremerhaven, Germany
www.datenschutz.bremen.de
11. Data security
We take technical and organisational measures pursuant to Art. 32 GDPR to protect your data against loss, manipulation and unauthorised access. These include in particular TLS encryption of all connections, operation of all systems in data centres in Germany, and restricting access to personal data to the necessary minimum.
12. Changes to this privacy policy
We adapt this privacy policy whenever the legal situation or our processing activities change – for example when new functions or services are introduced. The version published on this page applies in each case.