Skip to main content

Data Protection Policy

Data Protection Policy and information duties

We welcome your visit to our website and your interest in our company, our products and our services. Transparency in relation to data protection and data security of visitors to our website, customers and contractual partners is a matter of great importance to us. We take the protection of your personal data very seriously in all of our business processes. On the occasion of your visit to our website we would like to tell you which data we store, when it is stored and how such data is used – always with due regard to the applicable provision of data protection in particular the EU General Data Protections Regulation (GDPR) and the local laws.

1. Name and Contact details of the Controller

Each local operating company of the CREALOGIX Group (we, us) is responsible, under the applicable law, for the processing and security of the data collected on this website. All (mobile) applications that refer to this Data Protection Policy are also subject to data processing by us. An overview of our group´s structure is available under

Generally you will not have to provide any personal data in order to use our website. For some services this may be necessary, however, to allow us to provide our services. In these cases we collect, use and process your personal data. This will, of course, only occur within the statutory framework, only insofar as is necessary and only to the extent that you have consented to. We take great care to adhere to the principles of data reduction and data economy.

2. Which of your data do we store?

2.1 Anonymous data collection

If you access our website, our web server automatically gathers information of a general nature. This includes:

None of the above information can be used to identify who you are. We, or third parties instructed by us, evaluate this data purely for statistical purposes and only in an anonymised form, in order to optimize our website and increase user-friendliness, efficiency and safety.

2.2 Cookies

We use so-called cookies at various points on our website. Cookies are small text files that are stored on your computer or mobile device by the web browser. Cookies do not cause any damage to your computer, do not contain viruses and are automatically deleted after their expiry. Some cookies expire when you terminate your Internet session; others are stored for a certain time.

The cookies on our websites do not collect any personal data. We use cookies to facilitate your visit to our website and to adjust it to your needs. You can, of course, also view our website without cookies. You can prevent cookies from being stored on your computer via the browser settings. Cookies already in place can also be deleted via the browser settings. If this is done, however, the functionality of our website might be limited.

2.3. Where and how do we collect and process your data?

In addition to the data collected automatically we also process data that you make available to us voluntarily. We currently collect the following data with the tools listed (note: not all local websites offer all of the below tools and services):

You disclose all of this data to us on a voluntary basis. We use this data only for the purposes mentioned in this data protection policy. Your data is forwarded by us to the relevant department within the company and deleted in accordance with the applicable statutory retention periods. Item 8 below contains information on your rights: for example, how to object to the processing or how to correct your personal data.

3. For what purposes do we use your data / Purpose and legal basis of the processing of your personal data

Legitimate interests pursued by the controller

4. With whom do we share this data / recipients or categories of recipients of the personal data

The protection of your personal data is of foremost concern to us. We therefore store all the information you enter on our website on our servers in Switzerland or in a Member State of the European Union, mainly Germany. Only the relevant departments and/or people within our company have access to the data in order to process your requests and wishes. We will not sell, lease or otherwise grant access to your data to third parties. Personal data is only transferred to government institutions and agencies to the extent mandatory under national laws. Provided the applicable laws allow this, we are entitled to share the data within the CREALOGIX Group. Our employees are obliged to maintain strict secrecy and confidentiality.

Transferring personal data to a third country

Personal data is transferred between associated companies in Switzerland, EU and Singapore.

5. Which tools do we use to measure audience reach?

5.1 Google Analytics

This website uses Google Analytics and Google Remarketing. These are services provided by Google, Inc. (“Google”). Google uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. In case of activation of the IP anonymization, Google will truncate/anonymize the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. On behalf of the website provider Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of this website. Furthermore you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under

Further information concerning the terms and conditions of use and data privacy can be found at or or Please note that on this website, Google Analytics and Google Remarketing code is supplemented by “gat._anonymizeIp();” to ensure an anonymized collection of IP addresses (so called IP-masking).

If you do not wish Facebook to collect data about you via our website you need to ensure that you log out of Facebook before visiting our website.

5.2 HubSpot

HubSpot is an online marketing and sales tool for collecting and storing data and for lead generation. We use HubSpot forms on each of our product websites (in all countries and in all languages) in particular as first point of contact and for white papers download. From this information leads can be generated and can be used by our sales team. HubSpot is also able to record Customer Journeys with the help of cookies and ip addresses.

The collected data is stored by HubSpot on their servers in the U.S. HubSpot participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss–U.S. Privacy Shield Framework. HubSpot is committed to treat all personal data received from European Union (EU) member countries and Switzerland, in conformance with the Privacy Shield Framework’s applicable Principles.

For further details, please refer to HubSpot Privacy Policy at

5.3 Wordfence

Wordfence is a WordPress security plugin from Defiant Inc. and protects against hacker attacks (e.g. Brute Force and DDoS ). The Wordfence Firewall is supported by the constantly updated Threat Defense Feed in real time and thus prevents attacks on our website. For this reason, the IP addresses of our website visitors are transmitted to Defiant Inc. and stored.

The data collected is secured by Defiant Inc. on its servers in the USA. Defiant Inc. participates in and is certified to comply with the EU-US Privacy Shield and Swiss-US Privacy Shield agreements. Defiant Inc. is committed to treating all personal information obtained from European Union (EU) member states and Switzerland in accordance with the applicable principles of the Privacy Shield Agreement.

For more information, please see Defiant’s Privacy Policy at

6. How do we protect your data?

To ensure the safety of your data on our website and our systems we use appropriate technical and organisational measures to protect your data from loss, destruction, unauthorized access and manipulation. The measures we use are subject to continuous development in accordance with technological progress.

If you visit this website your data will be transported via an open, publicly accessible network. The data might therefore be transmitted across national borders even if you and CREALOGIX are located in the same country. This involves notably the following risks: The data may be intercepted and read by third parties which, in turn, may allow such third parties to infer an already existing or future business relationship between you and CREALOGIX.

Furthermore, you are put notified that information you transmit or allow to be transmitted to you by CREALOGIX via an electronic medium, in particular via email, SMS, contact forms etc., are usually unencrypted. Even in the event of an encrypted transmission, sender and recipient remain unencrypted in each case. Third parties may therefore be able to infer an already existing or future business relationship between you and CREALOGIX.

Please note that, for technical reasons, email communication is neither confidential nor secure. Please do not send us any confidential information via email.

In addition, CREALOGIX explicitly points out the risk of viruses and the possibility of targeted attacks by hackers. To combat viruses, the use of up-to-date browser versions as well as the installation of continually updated anti-virus software is recommended. As a basic rule, you should refrain from opening emails of unknown origin and unexpected email attachments of an unknown origin.

7. External Links

On our websites we use links to external sites which are specially marked and whose contents are not on our server. The external contents of these links were checked when the links were set. However, it cannot be ruled out that the contents have been subsequently changed by the respective providers. Should you notice that the content of external providers violates applicable law, please let us know.

This data protection declaration only applies to content on our servers.

8. Which supervisory authority is responsible for us? / Right to lodge a complaint with a supervisory authority

You can exercise your right of appeal by the competent authority in each country or federal state, where our offices are located.

9. Right to request access to information, rectification of information, erasure of personal data, restrictions of processing, object to processing and the right to data portability

You have at any time the right to request access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing as well as the right to data portability. In order to exercise these rights, please contact to the controller using the contact data specified.

On request, we are happy to notify you in writing whether and which personal data we have stored about you. If, despite our continuing efforts to ensure that your data is up-to-date and correct, incorrect information should have been stored we are happy to correct your data. Under certain conditions you also have the right to have your personal data that is stored by us blocked and deleted, as well as the right to data portability of your stored personal data.

If you no longer wish to receive newsletters from us you can unsubscribe at any time by clicking the unsubscribe link included in every newsletter or by sending us an email to

If you do not wish us to collect and analyse information about your movements on our website or (mobile) applications by way of tools to measure audience reach, you can proceed as described under item 5 above.

If you wish to delete your account, please send an email to

If you generally do not wish to receive advertisements and promotions, either by post, email, SMS, fax or telephone, or if you want to repeal your consent, you can write to us at any time or send us an email. Should we have any doubts as to your identity we may ask you to send information confirming this (e.g. blacked-out copy of identity card/passport showing first and last name, address and date of birth). For all questions concerning the processing of your personal data within our company, any suggestions or complaints you are welcome to contact or (CREALOGIX Advisory GmbH & Co.KG and CREALOGIX (Deutschland) AG) or (CREALOGIX BaaS GmbH & Co.KG) by email or send a letter to the local CREALOGIX group company.

Right to object

Insofar as the processing of your data takes place in order to safeguard legitimate interests, you have the right to object to this processing at any time using the contact data specified, if your particular situation gives rise to reasons that prevent such data processing. We will then no longer process your data, unless it is based predominantly in our own legitimate interest.

10. When does the Data Protection Policy change?

Our Data Protection Policy is regularly revised and updated to comply with the statutory data protection and privacy laws from time to time in force. From time to time we will publish updates on our website. These allow you to obtain instant information regarding the current policy.

Name and Contact Details of our internal Data Protection Coordinator

You may direct any inquiries or complaints related to the processing of your personal data to our Data Protections Coordinator to

In Germany please contact –

  • for CREALOGIX Advisory GmbH & Co.KG and CREALOGIX (Deutschland) AG directly our Data Protection Officer: ENSECUR GmbH, Julian Häcker, Email:
  • for CREALOGIX BaaS GmbH & Co.KG directly our Data Protection Officer:
    DZ CompliancePartner GmbH, Frau Chantal Pfeffer, Email:

Latest Update: March 10, 2020