Contact

Privacy Policy

1. Introduction

We process personal data when operating our digital services and websites. We naturally treat this data confidentially and process it in accordance with the applicable laws. In this privacy policy, we inform you about what personal data we collect from you, for what purposes and on what legal basis we process it and to whom we disclose it. We also explain what data protection rights you are entitled to. This privacy policy applies to the websites and digital services via which it is provided.

2. Data Processing Controller

The controller responsible for data processing under the GDPR is:

Impact Implementations GmbH (“we”)


Mitgaustraße 17


38106 Braunschweig

3. Processing Scope: Website

As part of operating our website, we process the personal data outlined below in more detail. We only process data that you actively provide on our website (e.g., by filling out forms) or that you automatically make available when using our services.

We do not share your personal data with third parties unless this is necessary to fulfill our contractual obligations to you, to address your request, or for other technical or legally required reasons.

Data transfers to third countries generally do not occur and are not planned. We will inform you of any exceptions to this principle in the processing activities described below.

4. Provision of the Website and Server Log Files

Each time the website is accessed, we automatically collect information that your browser transmits to our server. This information is also stored in the so-called log files of our system. The following data is collected:

– Your IP address
– The browser software you use, including its version and language
– The operating system you use
– The subpages of our website that you access
– The date and time you access our website
– Your Internet service provider

The temporary storage of your IP address by the system is necessary to deliver our website to the user’s device. For this purpose, the user’s IP address must remain stored for the duration of the session. However, your IP address is not recorded in our log files.

The data is processed to enable access to the website and to ensure its stability and security. Additionally, the data is used for statistical evaluation and improvement of our online offerings. These purposes represent our overriding legitimate interest within the meaning of the legal basis under Article 6(1)(f) GDPR.

The data is deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For data collected to provide the website, this occurs when the respective session ends. Log files are deleted after 30 days.

5. Contact and Communication

You can contact us using the email addresses provided on the website or through other contact methods (e.g., a form). In such cases, the personal data you transmit to us will be processed in line with the purpose of your message, such as responding to your inquiry or providing the requested information and content. Additionally, this data may be used to document, maintain, improve, and expand our business relationships.

These purposes also represent our overriding legitimate interest within the meaning of the legal basis under Article 6(1)(f) GDPR. If the email contact aims to conclude or fulfill a contract, the data processing is carried out for contractual purposes (Article 6(1)(b) GDPR). Furthermore, we may be required to store messages and content to fulfill legal obligations, such as retention requirements, under Article 6(1)(c) GDPR. If we have obtained your consent for processing, Article 6(1)(a) GDPR serves as the legal basis.

We delete the data as soon as it is no longer necessary for the purpose for which it was collected. Typically, this is when communication with you has concluded, and no other purposes require a longer retention period. Communication is considered concluded when it can be inferred from the circumstances that your concern has been fully resolved. If legal retention periods prevent deletion, the data will be deleted immediately after the expiration of the statutory retention period.

6. Use of Google Fonts

Our website uses fonts provided by Google Fonts. These fonts are integrated locally, meaning they are loaded directly from our server and not from Google’s servers. As a result, no personal data is transmitted to Google.

Google Fonts is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The use of Google Fonts is based on our legitimate interest in providing a consistent and appealing design for our website, in accordance with Article 6(1)(f) GDPR.

By embedding the fonts locally, no information about website visitors is transmitted to Google. For more information about Google Fonts and Google’s privacy policy, please visit [https://developers.google.com/fonts/faq](https://developers.google.com/fonts/faq) and [https://policies.google.com/privacy](https://policies.google.com/privacy).

7. Storage Period and Deletion

Unless specific storage periods or data deletion details are provided in the descriptions of individual services and functions, the following applies: We store your personal data only as long as necessary to fulfill the intended purposes or – in the case of consent – until you revoke your consent. If you object to the processing, we delete your personal data unless its continued processing is permitted under the applicable legal provisions. We also delete your personal data if we are legally required to do so. Under these general principles, we typically delete your personal data:

– Immediately after the legal basis ceases to exist, provided no other legal basis (e.g., commercial or tax law retention obligations) applies. If such obligations apply, the data will be deleted once the additional legal basis ceases to exist.
– When it is no longer necessary for the purposes of preparing or executing a contract or for legitimate interests, and no other legal basis (e.g., commercial or tax law retention obligations) applies. If such obligations apply, the data will be deleted once the additional legal basis ceases to exist.
– When the purpose for which the data was collected no longer applies, and no other legal basis (e.g., commercial or tax law retention obligations) applies. If such obligations apply, the data will be deleted once the additional legal basis ceases to exist.

8. Your Rights

You have the right at any time to:

– Withdraw any consent you have given us for processing your personal data or object to the processing of your data.
– Request information about the data we have stored about you.
– Request the correction of inaccurate data about you.
– Request the deletion of data about you that is no longer necessary.
– Request that the processing of your data be restricted under certain conditions; for example, if deletion is not possible, but the data must no longer be processed.
– Request that your data be portable; this right applies particularly when you have given consent for data processing or when the data processing is necessary to fulfill a contract. The right to data portability does not apply if your data is not processed automatically.

To exercise your rights, please contact the following email address: **dorian.bruns@impact-implementations.com**

If you believe that the processing of your data violates legal regulations, you can also file a complaint with the supervisory authority responsible for us.

Please note that in certain cases we may need to request additional information to verify your identity. This ensures, for example, that we do not provide information to unauthorized individuals when responding to a request.

9. Changes to This Privacy Policy

We reserve the right to amend this privacy policy to ensure it complies with current legal requirements or to reflect changes to our services within the privacy policy.

Date of Last Update: 07/24