Privacy Policy
Zauber Technology GmbH – Privacy Policy
Last updated: 22.07.2025
1. Introduction
At Zauber Technology GmbH (“Zauber,” “we,” “our,” “us”), we take the protection of your data seriously. This privacy policy informs you about how we collect, use, and process personal data when you visit our website (www.gozauber.com), interact with us, or use our services per the EU General Data Protection Regulation (GDPR), the German Telecommunication-Telemedia Data Protection Act (TTDSG), and ISO/IEC 27001 security standards.
2. Controller and Contact
Zauber Technology GmbH
Brunnenstraße 196
10119 Berlin, Germany
Contact:
Email: privacy@gozauber.com
3. Purposes and Legal Bases of Processing
We process personal data for the following purposes and based on the legal grounds outlined in the GDPR:
Additionally, we process the following categories of personal data depending on your interaction with our website or services:
- Contact data (e.g., name, email address)
- Communication data (e.g., emails, form messages)
- Technical data (e.g., IP address, browser type)
- Application data (e.g., resume, cover letter)
4. Analytics and Tracking Technologies
Zauber does not use cookies or similar technologies to track user behavior across websites. We have deliberately chosen Plausible Analytics, a privacy-friendly, open-source web analytics tool, to understand website usage in a strictly GDPR-compliant manner.
Key points:
- No cookies are set
- No personal data is collected
- All data is aggregated and anonymized
- The tool is self-hosted in the EU or operated under a DPA
We use Plausible under the legal basis of our legitimate interest in analyzing and improving our website (Art. 6(1)(f) GDPR). Since no information is stored on or read from your device, §25 TTDSG does not apply, and no cookie banner is required.
For further transparency, you can learn more about Plausible's privacy approach here: https://plausible.io/data-policy
5. Hosting and Third-Party Services
We work with selected service providers to deliver and improve our services.
When data is transferred outside the EEA (e.g., to the USA), this is done under:
- EU Commission adequacy decisions (Art. 45 GDPR)
- Standard Contractual Clauses (Art. 46 GDPR)
6. Data Retention
We retain personal data only as long as necessary to fulfill the purposes stated in this policy or as required by legal obligations.
Examples:
- Contact requests: deleted after 12 months
- Application documents: deleted 6 months after rejection (unless consent given)
- Log files: stored for 14 days
- Legal/contractual documents: stored per statutory retention (e.g. 6 or 10 years)
If data is no longer needed, it is deleted or restricted from further processing.
7. Your Rights under the GDPR
You have the following rights:
- Access to your personal data (Art. 15 GDPR)
- Rectification of inaccurate or incomplete data (Art. 16 GDPR)
- Erasure ("right to be forgotten") (Art. 17 GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Objection to processing (Art. 21 GDPR)
- Withdrawal of consent at any time (Art. 7(3) GDPR)
- Complaining with a supervisory authority (Art. 77 GDPR)
To exercise your rights, please contact us at: privacy@gozauber.com or reach out to the supervisory authority.
Supervisory Authority Contact:
If you believe that your data is being processed unlawfully, you have the right to lodge a complaint with the competent supervisory authority:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59–61
10555 Berlin
Germany
Website: www.datenschutz-berlin.de
8. Information Security
Zauber implements technical and organizational measures (TOMs) according to ISO/IEC 27001, including:
- TLS encryption for secure communication
- Access controls and role-based permissions
- Logging, monitoring, and audit trails
- Secure data hosting and backups
- Vendor risk assessments and due diligence processes