sales@beep-technologies.de

+49 1766 1753780

Privacy statement

1. Data protection at a glance

General notes The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. Detailed information on data protection can be found in our privacy policy listed below this text — in particular sections 4 “Data collection on this website”, 5 “Social media”, 6 “Plug-ins and tools” and 7 “Contract data processing via the website”.

Data collection on this website Who is responsible for data collection on this website? Data processing on this website is carried out by the website operator. You can find their contact details in the “Information about the responsible body” section of this privacy policy.

How do we collect your information?

● Your data is collected on the one hand when you provide it to us (e.g. by entering it in a contact form or when booking an appointment).

● Other data is collected automatically or with your consent when you visit the website by our IT systems. This is primarily technical data (e.g. browser type, operating system, time of page access).

What do we use your data for?

● Some of the data is collected to ensure error-free provision of the website.

● Other data can be used to analyze your user behavior (see section 4.4).

● If contracts can be concluded or initiated via the website, the transmitted data will also be processed for contract offers, orders or other order inquiries (see Section 7).

What are your rights with regard to your data? You have the right to receive free information about the origin, recipient and purpose of your stored personal data at any time. You can also request correction, deletion, restriction of processing or data portability. You can withdraw your consent at any time. For more information, see individual sections 4-7 and the “Your Rights” section below.

Analytical tools and tools from third parties When you visit this website, your surfing behavior can be statistically evaluated. This is done primarily with so-called analysis programs (e.g. Google Analytics, Hotjar, Squarespace Analytics) as well as with plug-ins and services for performance optimization and security (e.g. Google Cloud CDN, Cloudflare). Detailed information on the purpose, legal basis and data transfer can be found in

● Section 4.4 “Web Analysis”

● Section 6.2 “Google Cloud CDN”

● Section 6.3 “Cloudflare.”

2nd hosting

We host the content of our website with the following provider:

Webflow The provider is Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter “Webflow”).

● When you visit our website, Webflow collects various log files, including your IP address.

● Webflow is a tool for building and hosting websites. Webflow stores cookies or comparable recognition technologies that are necessary to display the page, to provide certain website functions and to ensure security (necessary cookies).

● For details, see Webflow's privacy policy: https://webflow.com/legal/eu-privacy-policy

Legal basis and data transfer

● Webflow is used on the basis of Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in presenting our website reliably.

● If a corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the terminal device. The consent can be withdrawn at any time.

● Data transmission to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://webflow.com/legal/eu-privacy-policy

● The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European

Union and the USA, which is intended to ensure compliance with European data protection standards when processing data in the USA. Every company certified under the DPF is committed to meeting these standards. For more information, click here: https://www.dataprivacyframework.gov/participant/6365

3. General information and mandatory information

Data protection The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations and this privacy policy. When you use this website, various personal data is collected. Personal data is data that can be used to personally identify you. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done. We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may have security gaps. It is not possible to completely protect data from access by third parties.

Note on the responsible body The responsible body for data processing on this website is: BEEP! Technologies GmbH Gustav-Poensgen-Straße 29, 40215 Düsseldorf Phone: +49 176 61753780 E-mail: support@beep-technologies.de

The responsible body is the natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).

Storage period Unless a specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you make a legitimate request for deletion or withdraw your consent to data processing, your data will be deleted unless we have any other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the deletion will take place after these reasons cease to apply.

General information on the legal basis of data processing on this website If you have consented to data processing, we process your personal data on the basis of Article 6 (1) (a) GDPR or Article 9 (2) (a) GDPR, provided that special categories of data are processed in accordance with Article 9 (1) GDPR

become. In the event of express consent to the transfer of personal data to third countries, data processing is also carried out on the basis of Article 49 (1) (a) GDPR. If you have consented to the storage of cookies or access to information on your device (e.g. via device fingerprinting), data processing is also carried out on the basis of Section 25 (1) TTDSG. The consent can be withdrawn at any time. If your data is necessary to fulfill a contract or to carry out pre-contractual measures, we process your data on the basis of Article 6 (1) (b) GDPR. In addition, we process your data, insofar as it is necessary to fulfill a legal obligation, on the basis of Art. 6 para. 1 lit. c DSGVO. Data processing may also be carried out on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f DSGVO. The following paragraphs of this privacy policy provide information on the relevant legal bases in each individual case.

Recipients of personal data As part of our business activities, we work with various external agencies. In some cases, this also requires the transfer of personal data to these external bodies. We only transfer personal data to external parties if this is necessary as part of contract performance, if we are legally obliged to do so (e.g. transfer of data to tax authorities), if we have a legitimate interest in the transfer of data in accordance with Article 6 (1) (f) GDPR, or if another legal basis allows the transfer of data. When using contract processors, we only share our customers' personal data on the basis of a valid contract for order processing. In the case of joint processing, a joint processing contract is concluded.

Withdrawal of your consent to data processing Many data processing processes are only possible with your express consent. You can withdraw consent that you have already given at any time. The legality of the data processing carried out up to the time of revocation remains unaffected by the revocation.

Right to object to data collection in special cases and against direct marketing (Art. 21 GDPR) IF DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6 PARA. 1 LIT. E OR F DSGVO, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU FILE AN OBJECTION, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA CONCERNED, UNLESS WE CAN PROVE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS (OBJECTION UNDER ARTICLE 21 (1) GDPR). IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF DATA CONCERNING YOU AT ANY TIME

TO USE PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING; THIS ALSO APPLIES TO PROFILING, INSOFAR AS IT IS ASSOCIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL THEN NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION IN ACCORDANCE WITH ARTICLE 21 (2) GDPR).

Right to lodge a complaint with the competent supervisory authority In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged infringement. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.

Right to data portability You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to yourself or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done insofar as it is technically feasible.

Information, correction and deletion Within the framework of the applicable legal provisions, you have the right to receive information free of charge about your stored personal data, its origin and recipients and the purpose of data processing and, if applicable, a right to correct or delete this data. You can contact us at any time for this and for further questions on the subject of personal data.

Right to restrict processing You have the right to request that the processing of your personal data be restricted. You can contact us for this at any time. The right to restrict processing exists in the following cases:

● If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the audit, you have the right to request that the processing of your personal data be restricted.

● If the processing of your personal data was/happens unlawfully, you can request the restriction of data processing instead of deletion.

● If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request that the processing of your personal data be restricted instead of deletion.

● If you have filed an objection in accordance with Article 21 (1) GDPR, a balance must be made between your interests and ours. As long as it is not yet clear whose interests prevail, you have the right

to request that the processing of your personal data be restricted.

● If you have restricted the processing of your personal data, this data — apart from storage — may only be processed with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.

SSL or TLS encryption This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection when the browser's address line changes from “http://” to “https://” and by the lock icon in your browser line. If SSL or TLS encryption is activated, the data that you submit to us cannot be read by third parties.

4. Data collection on this website

4.1 Cookies

Our websites use so-called cookies. Cookies are small data packets and do not cause any damage to your device.

Session cookies: are only stored for the duration of a session and automatically deleted at the end of your visit.

Persistent cookies: remain until you delete them manually or until they are automatically deleted by your browser.

Cookies can be:

First-party cookies (set by us)

Third party cookies (from third-party companies), e.g. for payment service providers or analysis tools

Many cookies are technically necessary (Art. 6 para. 1 lit. f DSGVO) to provide basic functions such as shopping cart or video player. We only use others with your consent (Art. 6 para. 1 lit. a DSGVO & § 25 TTDSG), e.g. to evaluate your usage behavior or for marketing purposes. You can withdraw any consent at any time via our cookie settings or your browser.

An overview of all cookies used can be found in the section “Analytical tools and tools from third parties” and in the table at the end of this privacy statement.

4.2 Contact form & direct communication

4.2.1 Classic contact form

If you contact us via the contact form, the following data is stored:

● Name

● Email address

● Message text

● IP address

● When the request was made

usage

● Processing your request

● Any follow-up questions

legal bases

● Art. 6 para. 1 lit. b DSGVO (performance of contract/pre-contractual measures)

● otherwise Art. 6 para. 1 lit. f DSGVO (legitimate interest)

● Where applicable, Art. 6 para. 1 lit. a GDPR (with consent)

Storage period Until full processing or withdrawal of consent, then only as long as required by legal retention periods.

4.2.2 Request by e-mail, telephone, fax

When you contact us by e-mail, telephone or fax, we save:

● Name

● Contact details

● Content of the request

● Timing and method of contact

legal basis and Storage period as described in 4.2.1.

4.3 Appointment booking & calendar

4.3.1 Calendly

We use Calendly (Calendly LLC, USA) for online appointment booking. Data collected:

● Name

● Email address

● Requested date

● IP address

legal bases

● Art. 6 para. 1 lit. b GDPR (preparation and completion of services)

● If applicable, Art. 6 para. 1 lit. a GDPR (with consent)

Data transfer to the USA is based on the standard contractual clauses of the EU Commission.

4.3.2 Google Calendar

To manage and remind your appointments, we use Google Calendar (Google LLC, USA). Here, the data collected under 4.3.1 (name, email, appointment) and any other entries can be processed and linked to other Google services.

legal basis

● Art. 6 para. 1 lit. b DSGVO (contract fulfillment)

Data transfer to the USA: standard contractual clauses.

4.4 Web analysis

4.4.1 Google Analytics (GA4)

We set Google Analytics 4 (Google LLC, USA) with activated IP anonymization to analyze and improve the use of our website.

Collected data: anonymized IP, pages visited, length of stay, bounce rate

legal basis: Art. 6 para. 1 lit. f DSGVO (legitimate interest) or, with consent, Art. 6 para. 1 lit. a GDPR

data transfer: Standard contractual clauses in the USA

Storage period: 14 months (configurable)

Opt-out: Browser add-on available

4.4.2 Hotjar

For qualitative analyses (heat maps, session replays, surveys), we use Hotjar (Hotjar Ltd., EU server).

Collected data: clicks, mouse movements, scrolling behavior, survey responses

legal basis: Art. 6 para. 1 lit. f DSGVO or, with consent, Art. 6 para. 1 lit. a GDPR

Opt-out: https://www.hotjar.com/legal/compliance/opt-out

Storage period: up to 365 days (per session)

4.4.3 Squarespace Analytics

As part of our hosting, we Squarespace Analytics (Squarespace, Inc., USA) Basic metrics about page views, traffic sources, and visitor segments.

Collected data: page views, device/browser type, traffic sources

legal basis: Art. 6 para. 1 lit. f GDPR

data transfer: Standard contractual clauses in the USA

Storage period: 13 months

Note: All tools mentioned in 4.3 and 4.4 are already briefly listed in Section 1 “Analysis tools and tools from third parties.” Detailed information on the purpose, type of data and legal bases can be found here in Section 4.

5. Social media

5.1 Facebook

Provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland

Involvement: social plug-ins (e.g. like button, share button)

● When you access a page with an activated plugin, your browser creates a direct connection to the Facebook servers.

● Facebook receives your IP address and information about which of our pages you have visited.

● If you are logged into your Facebook account and perform an action (e.g. Like), Facebook can associate the visit with your profile.

● We do not receive any information about the content of the transmitted data or its use by Facebook.

Legal basis & consent:

● Art. 6 para. 1 lit. a DSGVO (consent) & § 25 TTDSG

● Withdrawal is possible at any time via our cookie settings or directly on Facebook.

Data transfer & responsibility:

● Transfer to the USA and other third countries based on EU standard contractual clauses

● Joint responsibility under Art. 26 GDPR (limited to data collection and transfer to Facebook)

● Facebook then processes on its own responsibility

More information & opt-out:

● Facebook privacy policy: https://de-de.facebook.com/privacy/explanation

● EU data transfer: https://www.facebook.com/legal/EU_data_transfer_addendum

● Controller addendum: https://www.facebook.com/legal/controller_addendum

● DPF certification: https://www.dataprivacyframework.gov/participant/4452

5.2 X (formerly Twitter)

Provider:

● X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, United States

● Responsible outside the USA: Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland

Involvement: Tweet and retweet widgets, follow button

● Your browser connects to the X servers and transmits your IP address and the pages you have visited.

● Actions (such as retweet) are linked to your X account if you are logged in.

Legal basis & consent:

● Art. 6 para. 1 lit. a DSGVO (consent) & § 25 TTDSG

● Withdrawal at any time via our cookie settings or at https://x.com/settings/account

Data transfer & responsibility:

● Transfer to the USA based on EU standard contractual clauses: https://gdpr.x.com/en/controller-to-controller-transfers.html

● X processes independently — no joint responsibility

● DPF certification: https://www.dataprivacyframework.gov/participant/2710

More information:

● X privacy policy: https://x.com/de/privacy

5.3 Instagram

Provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland

Involvement: Instagram plugins (e.g. follow button, embedded posts)

● Connection to Instagram servers via your browser; Instagram receives an IP address and pages visited.

● Clicking on a plugin links the visit to your Instagram profile when you are logged in.

Legal basis & consent:

● Art. 6 para. 1 lit. a DSGVO (consent) & § 25 TTDSG

● Withdrawal via our cookie settings or directly on Instagram

Data transfer & responsibility:

● Transfer to the USA and other third countries based on EU standard contractual clauses

● Joint responsibility under Art. 26 GDPR (data collection and transfer)

● Controller addendum: https://www.facebook.com/legal/controller_addendum

● DPF certification: https://www.dataprivacyframework.gov/participant/4452

More information:

● Instagram privacy policy: https://privacycenter.instagram.com/policy/

5.4 TikTok

Provider: ByteDance Ltd., Liyuan Road, Beijing, China

Involvement: TikTok videos and widgets

● When you load a page with embedded video, your browser connects to TikTok servers.

● TikTok receives your IP address, information about the device you are using, and usage data.

● Interactions (Play, Like, Share) can be associated with your TikTok account when you're logged in.

Legal basis & consent:

● Art. 6 para. 1 lit. a DSGVO (consent) & § 25 TTDSG

● Withdrawal at any time via our cookie settings

Data transfer & responsibility:

● Transfer to third countries (in particular China, USA) based on your consent and, if applicable, additional measures (e.g. standard contractual clauses, Art. 49 para. 1 lit. a GDPR)

● TikTok processes on its own responsibility; we have no influence on further processing steps

More information & opt-out:

● TikTok privacy policy: https://privacy.tiktok.com/de

● Opt-out and privacy settings in your TikTok account under “Privacy and Security”

6. Plug-ins and tools

6.1 YouTube This website includes videos from the YouTube platform. The operator is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When you visit a page with an embedded YouTube video, your browser connects to the YouTube servers and transmits which of our pages you have visited. YouTube can store various cookies or comparable recognition technologies (such as device fingerprinting) on your device to collect video statistics, improve usability and prevent fraud attempts. If you are logged into your YouTube account, YouTube can associate your surfing behavior with your personal profile. To prevent this, please log out of your YouTube account before visiting our pages.

legal basis: Art. 6 para. 1 lit. f DSGVO (legitimate interest in appealing content presentation). Insofar as consent is required (e.g. for cookies), processing is based on Art. 6 para. 1 lit. a DSGVO and § 25 TTDSG. Consent can be withdrawn at any time.

Data transfer: Transfer to the USA in accordance with EU standard contractual clauses.

DPF certification: YouTube (Google Ireland Limited) is certified according to the EU-US Data Privacy Framework. More information: https://www.dataprivacyframework.gov/participant/5780

Details: https://policies.google.com/privacy?hl=de

6.2 Google Cloud CDN To quickly deliver static content (images, scripts, style sheets), we use the Google Cloud Content Delivery Network (CDN). This network distributes your requests to geographically distributed servers to optimize the loading times of our website.

data processing: Your browser sends requests including your IP address to the CDN; this data is temporarily cached on Google servers.

purpose: Optimize performance and reduce latency

legal basis: Art. 6 para. 1 lit. f DSGVO (legitimate interest in rapid page delivery).

Data transfer: Transfer to the USA and other countries on the basis of EU standard contractual clauses.

DPF certification: Google LLC is certified according to the EU-US Data Privacy Framework. More information: https://www.dataprivacyframework.gov/participant/6365

More notes: Google provides detailed information about data processing in the CDN in the Google Cloud Privacy Center.

6.3 Cloudflare We set Cloudflare (Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA) for DDoS protection, SSL termination, and performance caching. Cloudflare acts as a proxy between your device and our web server.

data processing: Cloudflare collects your IP address, the requested URL path, browser and device information, and geolocation data.

purpose: Protection against DDoS attacks, bot management, TLS encryption, and static content caching to improve performance.

legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in security and performance). An order processing contract concluded by us (Art. 28 GDPR) regulates data processing and deletion.

Data transfer: Transfer to the USA on the basis of EU standard contractual clauses.

DPF certification: Cloudflare is certified according to the EU-US Data Privacy Framework. More information: https://www.dataprivacyframework.gov/participant/3045

More notes: Cloudflare passages in their EU privacy center: https://www.cloudflare.com/privacypolicy/

Note: The one under 4.2 Contact form, 4.3 Appointment booking (Typeform & Calendly) and 4.4 Web analysis The tools used are described in detail in Section 4 and are not listed here again.

7. Contract data processing via the website (for corporate customers)

If you, as a company or merchant, conclude or negotiate a contract via our website, we collect and process the necessary personal and business-related data for this purpose. The following are the details of the processing steps, legal bases and storage periods.

7.1 Collection and storage of customer and contract data

Elevated categories

● Business data ○ Company name, legal form, company registration number, VAT ID, if applicable

● Contact and contact person data ○ Name, position, email address, telephone number

○ Role in the contract process (e.g. authorized signatory, technical contact person)

● Contract data ○ Scope of services, start and end of contract

● Payment information ○ bank details, bill recipient, payment status

● Communication data ○ Email correspondence, telephone notes, chat history as part of contract processing

purposes

● Conclusion, administration and billing of B2B service contracts

● Fulfilment of pre-contractual measures (e.g. preparation of offers for corporate customers)

● Customer care and support for your business

legal bases

● Art. 6 para. 1 lit. b GDPR (contract performance and pre-contractual measures)

● Art. 6 para. 1 lit. c DSGVO (legal storage obligations)

7.2 Electronic contract conclusion

Our automated closing process for corporate customers:

1. Selection & shopping cart Add desired services to the virtual shopping cart module for corporate customers.

2nd order form Collection of your company data, contact details and payment method.

3rd Payment processing Forwarding your payment data to our payment service provider (e.g. Payabl.) — on the basis of an AV contract in accordance with Art. 28 GDPR.

4th Declaration of contract By clicking on “Bindly agree to the contract” You submit a binding offer through the authorized contact person.

5th PDF creation & audit trail Automated generation ○ one Contract ID (UUID)

○ one PDF contract copy with all options selected

○ one SHA-256 hashes and UTC timestamp as well as logging of IP address, user agent and checkbox status in an unalterable audit trail.

6th resourcing Instant download link for the contract PDF and email it to your company and us.

legal basis

● Art. 6 para. 1 lit. b DSGVO (contract fulfillment)

7.3 Purpose and storage period

earmarking

● Use of the collected data exclusively to process your company contract, fulfill legal obligations and protect our legitimate interests (e.g. claims management).

Storage period

Contract PDFs & audit trail: 8 years (WORM archiving in accordance with § 257 HGB, § 147 AO)

Billing data: 10 years (tax storage obligation)

communication data: until the end of the business relationship plus 3 years, unless required by law

Data after revocation/deletion: Immediate deletion, insofar as there are no legal storage obligations to the contrary

7.4 Recipients and processors

As part of B2B contract processing, we pass on your data to:

Payment service provider (e.g. Payabl.) — AV contract in accordance with Art. 28 GDPR

Accounting and tax advisors — AV contract in accordance with Art. 28 GDPR

IT service provider for hosting and maintenance of the contract platform — AV contract in accordance with Art. 28 GDPR

Any further transfer to third parties will only take place with your express consent or due to a legal obligation.

With from Düsseldorf, Germany

Quick Links

industriesAbout uspartnersSales partnercontact

Legal

imprintPrivacy statementTerms and conditions