AYE DigitalAYE Digital
Strategy Call

Privacy

Privacy Policy

1. Data Protection at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally.

Data Collection on This Website

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator: AYE Digital UG (haftungsbeschränkt), represented by Sascha Merczak.

How do we collect your data?
Some data is collected when you provide it to us — for example by sending an email enquiry. Other data is collected automatically or with your consent when you visit the website by our IT systems (in particular technical data such as browser and operating system).

2. Controller

AYE Digital UG (haftungsbeschränkt)
Willstätterstraße 7
40549 Düsseldorf
Email: •••@•••.•••

3. Hosting

For operating this website, we distinguish between hosting infrastructure and domain/DNS services:

Hosting and technical runtime processing:

Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Deutschland

This website is operated on infrastructure provided by Hetzner Online GmbH. In this context, personal data may be processed on our behalf, in particular IP addresses, access data, and server logs. Processing is based on Art. 6(1)(f) GDPR (legitimate interest in secure and reliable operation of the service). A data processing agreement pursuant to Art. 28 GDPR has been concluded with Hetzner.

Domain registration and DNS management:

INWX GmbH & Co. KG
Rathausstraße 4
54516 Wittlich
Deutschland

Domain registration and DNS provisioning for this website are handled via INWX. In this context, technically required registration and DNS metadata are processed. Processing is based on Art. 6(1)(f) GDPR (legitimate interest in secure and stable operation of domain infrastructure).

4. General Information and Mandatory Disclosures

Data Protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with applicable data protection regulations and this privacy policy.

SSL and TLS Encryption

For security reasons and to protect the transmission of confidential content, this website uses SSL or TLS encryption. You can recognise an encrypted connection by the address bar of your browser changing from “http://” to “https://” and the lock icon in your browser bar.

5. Data Collection on This Website

Server Log Files

The provider of these pages automatically collects and stores information in server log files, which your browser automatically transmits to us. These are:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources.

Contact Form

When you use our contact form, the data you enter (name, email address, company, enquiry type, team size and a process description) is processed to generate a prepared email for you. This data is only briefly processed on our server infrastructure to create the email draft and is not permanently stored. The final transmission only occurs when you send the generated email draft from your own email programme.

The legal basis is Art. 6(1)(b) GDPR (performance of pre-contractual measures) and Art. 6(1)(f) GDPR (legitimate interest in receiving business enquiries). Retention periods: server logs up to 14 days, technical interim processing in the contact form only until the email draft is generated, and email/WhatsApp correspondence up to 6 months after final processing unless statutory retention duties apply.

Contact enquiries by email and WhatsApp Business

If you contact us by email, your details including the contact data you provide will be stored for the purpose of processing your enquiry and in the event of follow-up questions. We do not pass on this data without your consent. Processing is based on Art. 6(1)(b) GDPR, provided your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. If you use our WhatsApp Business channel, communication is handled via WhatsApp Ireland Limited (Meta group). A transfer of personal data to third countries, in particular the United States, cannot be excluded. Such transfer is based on Art. 46 GDPR (EU Standard Contractual Clauses) and supplementary safeguards according to current provider documentation. A residual risk of governmental access in third countries remains. For confidential documents, we recommend using email or the contact form.

Map Display

By default, this website uses an embedded map from OpenStreetMap to show our location. This is the default standard view.

Optionally, with your explicit consent, you can switch to a Google Maps view. Google Maps is only loaded when you actively select this view. In this case, personal data such as IP address, usage and device data may be transmitted to Google and processed in third countries, in particular the United States. Use in this case is based on your consent in accordance with Art. 6(1)(a) GDPR. Transfers are based on Art. 46 GDPR (EU Standard Contractual Clauses) or other legally recognised transfer mechanisms.

Transparency notice on AI usage

This website uses AI-generated images and illustrations in parts. Our AI applications are designed for GDPR requirements and oriented toward EU AI Act requirements.

Cookies and Cookie-Free Analytics

This website uses privacy-friendly analytics tools and does not set cookies for tracking purposes. Umami Analytics (self-hosted) and optionally Plausible operate cookie-free and process strongly reduced, aggregated usage data without advertising-related profiling.

6. Website Analytics

Umami Analytics (self-hosted)

This website uses Umami, a privacy-friendly analytics tool operated on our own server infrastructure. Umami does not set cookies and collects only aggregated usage statistics (e.g. page views, entry pages, referral sources). No advertising-related profiling takes place. Processing is based on Art. 6(1)(f) GDPR (legitimate interest in analysing this usage data to improve our offering).

Plausible Analytics

This website may additionally use Plausible Analytics, provided by Plausible Insights OÜ, Västriku tn 2, 50403 Tartu, Estonia. Plausible does not set cookies and processes aggregated access data (e.g. page views, referral sources, browser type) for reach measurement without advertising-related profiling. Processing is based on Art. 6(1)(f) GDPR (legitimate interest in analysing user behaviour in aggregated form).

7. Your Rights

You have the right at any time to:

  • receive free information about the origin, recipient and purpose of your stored personal data (Art. 15 GDPR)
  • request the correction of inaccurate personal data (Art. 16 GDPR)
  • request the deletion of your personal data stored with us (Art. 17 GDPR)
  • request the restriction of the processing of your personal data (Art. 18 GDPR)
  • object to the processing of your personal data (Art. 21 GDPR)
  • request the portability of your data (Art. 20 GDPR)

For this and other questions on the subject of data protection, you can contact us at any time at the address given in the imprint. All requests regarding data subject rights will be answered within 30 days.

Withdrawal and Objection

You may withdraw your consent to data processing at any time (e.g. for the optional Google Maps view). You also have the right to object to the processing of your data for the purposes of our legitimate interests (Art. 21 GDPR). Withdrawal and objection apply to future processing; processing already carried out remains lawful.

You also have the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for North Rhine-Westphalia is the State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia (LDI NRW), reachable at https://www.ldi.nrw.de/.