Privacy Policy

As of: May 2026

Thank you for visiting our website. Compliance with data protection regulations is of particular importance to us. The aim of this privacy policy is to inform you as a user of the website about the type, scope and purpose of the processing of personal data and the rights that exist for you, insofar as you are considered a data subject within the meaning of Art. 4 No. 1 of the General Data Protection Regulation.

Responsible Body

This website and the range of services are operated by:

inSyca IT Solutions GmbH
Finsinger Feld 5
85521 Ottobrunn
Germany

Phone: +49 89 2154 6094
Email: contact@insyca.com

General

We have designed the development of the website to collect as little data from you as possible. In doing so, we always take care to process your personal data only in accordance with a legal basis. We comply with the regulations of the General Data Protection Regulation (GDPR), which has been in force since 25.5.2018, and the applicable national regulations, such as the Federal Data Protection Act, the Telecommunications-Digital-Services-Data Protection Act or other more specific laws on data protection.

Purpose of use and legal basis of the processing of personal data

We always process your personal data for a specific purpose.
In summary, we process your personal data for the following purposes:

  1. To be able to process your request with you in the event of contact requests (e.g. e-mail address, first name, last name);
  2. To be able to send you an offer after your request for quotation (quotation form).
  3. For the technical implementation of our website and to be able to provide you with our information on this website (e.g. IP address, cookies, browser information)
  4. To receive and process an application from you for one of our job offers.

With regard to the legal basis for processing your personal data:

We process personal data that is necessary for the establishment, implementation or processing of our range of services (contract processing) on the legal basis of Art. 6 (1) (b) GDPR. Insofar as we obtain consent from you for the processing of your personal data, the consent pursuant to Art. 6 (1) (a) GDPR forms the legal basis for the data processing. Data processing is also permissible if we process your data to protect our legitimate interests and do not outweigh your interests or fundamental rights and freedoms with regard to the processing of personal data. (Art. 6 para. 1 lit. f GDPR).

Collection of personal data when you visit our website

If you use the website for informational purposes only, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you want to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR):

  • IP address
  • Date and time of request
  • Requested page
  • Browser type and version
  • Operating system
  • Referrer URL

This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster's servers.

We use the following hoster:

webgo GmbH
Wandsbeker Zollstraße 95
22041 Hamburg
Germany

Order processing: We have concluded a contract for order processing (DPA) with the aforementioned provider. This is a contract required by data protection law that ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
In addition to the above data, cookies are stored on your computer when you use our website. Further information on this can be found under the item "Cookies" in this privacy policy and in the consent management tool used.

Integration of services from other providers

Our website uses content, services and services from other providers. These are, for example, services for the statistical evaluation of the use and visit of our website. In order for this data to be accessed and displayed in the user's browser, the transmission of the user's IP address to the third-party providers used is necessary.

Even though we try to use only third-party providers who only need the IP address to be able to deliver content or even work with anonymized IP addresses, we have no influence on whether the IP address may be stored. Information on the third-party providers used can be found in this privacy policy below.

Google AdSense

Type and scope of processing

We have integrated Google AdSense on our website. Google AdSense is a service provided by Google Ireland Limited to display personalized ads to users. Google AdSense uses cookies and similar technologies to serve ads based on a user's previous visits to this or other websites.

Google AdSense uses so-called "DoubleClick" cookies, which enable your browser to be recognized when you visit other websites. This involves collecting information about visitor behavior on different websites. This information is used to improve the relevance of advertising.

Furthermore, Google AdSense can play out targeted advertising based on interest profiles and geographical location. In this context, in particular, your IP address, device information, referrer URL and interactions with ads are processed and transmitted to the provider.

If you are registered with a service of Google Ireland Limited, Google AdSense can associate the visit with your account. Even without registration or login, it is possible for the provider to record and store your IP address and other identification features.

In this case, your data will be passed on to the operator of Google AdSense, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Purpose and legal basis

The use of Google AdSense is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA takes place in accordance with Art. 45 (1) GDPR on the basis of the adequacy decision of the European Commission. The participating US companies and/or their US subcontractors are certified according to the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

In cases where there is no adequacy decision of the European Commission (including US companies that are not certified according to EU-U.S. DPF), we have agreed with the recipients of the data other appropriate safeguards within the meaning of Art. 44 et seq. GDPR. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of 4 June 2021. A copy of these Standard Contractual Clauses can be viewed here for your information

In addition, before such a transfer to a third country, we obtain your consent in accordance with Art. 49 (1) sentence 1 (a) GDPR, which you give via consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that there may be unknown risks in detail in the case of third-country transfers (e.g. data processing by security authorities of the third country), over which we have no influence and of which you may not become aware.

Retention Period

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google AdSense.

Google Ads

Type and scope of processing

We have integrated Google Ads on our website. Google Ads is a service provided by Google Ireland Limited to display targeted advertising to users. Google Ads uses cookies and other browser technologies to evaluate user behavior and recognize users.

Google Ads collects information about visitor behavior across different websites. This information is used to optimize the relevance of advertising. Furthermore, Google Ads delivers targeted advertising based on behavioral profiles and geographic location. Your IP address and other identification features such as your user agent are transmitted to the provider.

If you are registered with a Google Ireland Limited service, Google Ads may associate the visit with your account. Even if you are not registered with Google Ireland Limited or have not logged in, it is possible that the provider will find out and store your IP address and other identification features.

In this case, your data will be passed on to the operator of Google Ads, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Purpose and legal basis

The use of Google Ads is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA takes place in accordance with Art. 45 (1) GDPR on the basis of the adequacy decision of the European Commission. The participating US companies and/or their US subcontractors are certified according to the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

In cases where there is no adequacy decision from the European Commission (including US companies that are not certified according to EU-U.S. DPF), we have agreed with the recipients of the data other appropriate safeguards within the meaning of Art. 44 et seq. GDPR. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of 4 June 2021. A copy of these Standard Contractual Clauses can be viewed here for your information

In addition, before such a third-country transfer, we obtain your consent in accordance with Art. 49 (1) sentence 1 lit. a. GDPR, which you give via consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that there may be risks that are unknown in detail in the case of third-country transfers (e.g. data processing by security authorities of the third country, the exact scope and consequences of which we do not know for you, over which we have no influence and of which you may not become aware).

Retention Period

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the Google Ads Privacy Policy.

Google Ads Conversion Tracking

Type and scope of processing

We have integrated Google Ads Conversion Tracking on our website. Google Ads Conversion Tracking is a service provided by Google Ireland Limited that allows us to measure the success of our advertising efforts.

If you arrive at our website via an advertisement from Google, Google Ads stores a cookie on your device. These so-called conversion cookies lose their validity after a limited period of time and are not used for personal identification.

If the user visits certain pages of our website and the cookie is still valid, we and Google can see that the user clicked on the ad and was redirected to that page. Each Google Ads customer receives a different cookie, so cookies can't be tracked across Ads customers' websites.

The information collected with the help of the conversion cookie is used to compile conversion statistics. We learn the total number of users who clicked on our ad and were redirected to a page with a conversion tracking tag. However, we do not receive any information that can be used to personally identify users.

As part of the use of Google Ads Conversion Tracking, personal data (e.g. IP address, device information, browser information) may also be transmitted to Google.
In this case, your data will be passed on to the operator of Google Ads Conversion Tracking, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Purpose and legal basis

The use of Google Ads Conversion Tracking is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA takes place in accordance with Art. 45 (1) GDPR on the basis of the adequacy decision of the European Commission. The participating US companies and/or their US subcontractors are certified according to the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

In cases where there is no adequacy decision of the European Commission (including US companies that are not certified according to EU-U.S. DPF), we have agreed with the recipients of the data other appropriate safeguards within the meaning of Art. 44 et seq. GDPR. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of 4 June 2021. A copy of these Standard Contractual Clauses can be viewed here for your information

In addition, before such a transfer to a third country, we obtain your consent in accordance with Art. 49 (1) sentence 1 (a) GDPR, which you give via consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that there may be unknown risks in detail in the case of third-country transfers (e.g. data processing by security authorities of the third country), over which we have no influence and of which you may not become aware.

Retention Period

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Conversion cookies usually expire after 30 days. Further information can be found in the privacy policy of Google.

Google Analytics

Type and scope of processing

We use Google Analytics from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an analysis service for the statistical evaluation of our online offer. This includes, for example, the number of calls to our online offer, subpages visited and the length of stay of visitors.
Google Analytics uses cookies and other browser technologies to evaluate user behavior and recognize users. This information is used, among other things, to compile reports on the activity of the website.

Purpose and legal basis

The use of Google Analytics is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA takes place in accordance with Art. 45 (1) GDPR on the basis of the adequacy decision of the European Commission. The participating US companies and/or their US subcontractors are certified according to the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

In cases where there is no adequacy decision from the European Commission (including US companies that are not certified according to EU-U.S. DPF), we have agreed with the recipients of the data other appropriate safeguards within the meaning of Art. 44 et seq. GDPR. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of 4 June 2021. A copy of these Standard Contractual Clauses can be viewed here for your information

In addition, before such a third-country transfer, we obtain your consent in accordance with Art. 49 (1) sentence 1 lit. a. GDPR, which you give via consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that there may be risks that are unknown in detail in the case of third-country transfers (e.g. data processing by security authorities of the third country, the exact scope and consequences of which we do not know for you, over which we have no influence and of which you may not become aware).

Retention Period

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Analytics.

Google Ads Remarketing

Type and scope of processing

We have integrated Google Ads Remarketing on our website. Google Ads Remarketing is a service provided by Google Ireland Limited that allows us to display targeted advertising to users who have already visited our website on other websites within the Google advertising network.

Google Ads Remarketing uses cookies and similar technologies to recognize users and show them interest-based advertising. In the process, information about user behaviour on our website (e.g. pages visited, interactions) is collected and stored in pseudonymous user profiles.

This data may be combined with other information from other Google sources. This makes it possible to recognize users across different devices (cross-device tracking).

As part of the use of Google Ads Remarketing, in particular your IP address, device and browser information as well as information about your usage behavior are processed and transmitted to the provider.

If you are registered with a Google Ireland Limited service, Google may associate the visit with your account. Even without registration or login, it is possible for Google to collect and store your IP address and other identification features.

In this case, your data will be passed on to the operator of Google Ads Remarketing, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Purpose and legal basis

The use of Google Ads Remarketing is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA takes place in accordance with Art. 45 (1) GDPR on the basis of the adequacy decision of the European Commission. The participating US companies and/or their US subcontractors are certified according to the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

In cases where there is no adequacy decision of the European Commission (including US companies that are not certified according to EU-U.S. DPF), we have agreed with the recipients of the data other appropriate safeguards within the meaning of Art. 44 et seq. GDPR. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of 4 June 2021. A copy of these Standard Contractual Clauses can be viewed here for your information

In addition, before such a transfer to a third country, we obtain your consent in accordance with Art. 49 (1) sentence 1 (a) GDPR, which you give via consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that there may be unknown risks in detail in the case of third-country transfers (e.g. data processing by security authorities of the third country), over which we have no influence and of which you may not become aware.

Retention Period

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Remarketing cookies can be stored for different lengths of time depending on how they are configured. Further information can be found in the privacy policy of Google.

Google Tag Manager

Type and scope of processing

We use the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags through an interface and allows us to control the precise integration of services on our website.

Purpose and legal basis

The use of Google Tag Manager is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA takes place in accordance with Art. 45 (1) GDPR on the basis of the adequacy decision of the European Commission. The participating US companies and/or their US subcontractors are certified according to the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

In cases where there is no adequacy decision from the European Commission (including US companies that are not certified according to EU-U.S. DPF), we have agreed with the recipients of the data other appropriate safeguards within the meaning of Art. 44 et seq. GDPR. Unless otherwise stated, these are standard contractual clauses of the EU Commission in accordance with Implementing Decision (EU) 2021/914 of 4 June 2021. A copy of these Standard Contractual Clauses can be viewed here for your information

In addition, before such a third-country transfer, we obtain your consent in accordance with Art. 49 (1) sentence 1 lit. a. GDPR, which you give via consent in the Consent Manager (or other forms, registrations, etc.). We would like to point out that there may be risks that are unknown in detail in the case of third-country transfers (e.g. data processing by security authorities of the third country, the exact scope and consequences of which we do not know for you, over which we have no influence and of which you may not become aware).

Retention Period

The specific storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the Google Tag Manager Privacy Policy.

Real Cookie Banner

Type and scope of processing

On our website, we use the consent management tool Real Cookie Banner from devowl.io GmbH Tannet 12, 94539 Grafling, Germany, to obtain and manage consent to the storage of cookies and the use of certain technologies.

Real Cookie Banner stores the consents you have given as well as their revocation. In particular, the following data is processed: consent status, time stamp, consent ID, device information (e.g. browser, operating system) and your IP address.

The tool uses technically necessary cookies to store your consent decision and to take it into account for future page visits. As a rule, the processing takes place locally on our web server, so that it is not passed on to third parties, provided that no external services (e.g. CDN) are integrated.

Purpose and legal basis

The use of Real Cookie Banner is carried out to fulfil our legal obligations in accordance with Art. 6 (1) (c) GDPR in conjunction with § 25 (2) TDDDG.
In addition, the processing is carried out for the purpose of documenting consents in accordance with Art. 6 (1) (f) GDPR. Our legitimate interest lies in the legally secure verifiability of consents given.

Retention Period

The collected consent data will be stored for as long as is necessary to comply with the statutory obligations to provide evidence. As a rule, the storage period is up to 3 years. After that, the data will be deleted, provided that there are no statutory retention obligations to the contrary.

Cookies

Cookies are small text files that are stored on your data carrier and store certain settings and data for exchange with our system via your browser. A cookie usually contains the name of the domain from which the cookie data was sent, as well as information about the age of the cookie and an alphanumeric identifier.

Cookies enable our systems to recognize the user's device and make any presets immediately available. As soon as a user accesses the platform, a cookie is transferred to the hard drive of the user's computer. Cookies help us to improve our website and provide you with a better and more tailored service. They enable us to use your computer or Recognise your (mobile) device when you return to our website and thus:

  • Store information about your preferred activities on the website in order to tailor our website to your individual interests.
  • To speed up the speed of processing your requests.

We work with third-party services that help us to make the Internet offer and the website more interesting for you. Therefore, when you visit the website, cookies from these partner companies (third-party providers) are also stored on your hard drive. These are cookies that are automatically deleted after the specified time.

If you do not wish browser cookies to be used, you can set your browser so that it does not accept the storage of cookies. Please note that in this case you may only be able to use our website to a limited extent or not at all. If you only want to accept our own cookies, but not the cookies of our service providers and partners, you can select the "Block third-party cookies" setting in your browser. We are not responsible for the use of third-party cookies.

Contacting us (contact forms, offer forms, etc.)

You can contact us by e-mail or via our contact form. In this case, we will store the personal data you provide in order to process your request and to contact you to process your request. If we request information via our contact form, we have marked the mandatory fields required for contacting us accordingly (asterisk). The voluntary information is used by us to substantiate your request and to improve the processing of your request. The requested data will be transmitted to us by you on a purely voluntary basis.

Depending on the nature of the request, the legal basis for this processing is Art. 6 (1) (b) GDPR for inquiries that you make yourself as part of a pre-contractual measure or Art. 6 (1) sentence 1 (f) GDPR if your request is of a different nature. The legitimate interest follows from the conditions set out in No. 3 a.) purposes. If personal data is requested that we do not need for the performance of a contract or to safeguard legitimate interests, the transfer to us takes place on the basis of your consent in accordance with Art. 6 (1) (a) GDPR.

Application procedure

We publish job offers on our website, for which you can apply by e-mail. If you decide to apply for a vacancy, we will process the personal data you provide there and transmit to us exclusively for the purpose of carrying out the application process.

The legal basis for the processing of your personal data in the context of the application process is Art. 6 para. 1 lit. B and § 26 para. 1 in conjunction with para. 2 BDSG.

In the event of a rejection we will delete your data as soon as a retention period of 6 months required by employment law has expired. The period begins with the dispatch of the rejection. If you have expressly consented to the further use of your data for a later approach regarding positions that may be of interest to you, we will continue to store your data in accordance with the consent.

If an employment relationship is established following the application process, the data will initially continue to be stored to the extent necessary and permissible and then transferred to the personnel file.

The provision of personal data in the context of application processes is neither legally nor contractually required. You are therefore not obliged to provide the personal data. However, the provision of personal data is necessary for the decision on an application or a contract for an employment relationship with us.

However, you should only provide such personal data as is necessary for the admission and implementation of the application as part of your application. If you do not provide us with personal data when applying, we cannot make a decision about the establishment of an employment relationship.

Please note that applications that you send to us by e-mail will be transmitted unencrypted. In this respect, there is a risk that unauthorized persons can intercept and use this data.

Social Icons

Social plugins with Shariff solution

Auf unserem Webauftritt gelangen Social Plugins („Plugins“) folgender sozialen Netzwerkes zum Einsatz:

  • Facebook: Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland -> Meta Privacy Policy
  • Instagram: Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland -> Meta Privacy Policy
  • LinkedIn: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland -> LinkedIn Privacy Policy
  • Youtube: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland -> Google Privacy Policy
  • Microsoft Marketplace One Microsoft Way Redmond, WA 98052-6399, United States -> Microsoft Privacy Policy
  • GitHub: GitHub, Inc. 88 Colin P. Kelly Jr. St. San Francisco, CA 94107 United States -> GitHub Privacy Policy

For improved protection of your data when you visit our website, these buttons are not fully integrated as plugins, but in the form of HTML links. This type of integration ensures that when a page of our website is called up on which such buttons are available, no connection is established with the servers of providers. When such a button is clicked, the page opens in a new browser window. There you can interact with the plugins there (if necessary after logging in beforehand).

Social media presence

In order to be able to present our company in the best possible way and to communicate with you as a user, customer or interested party and to be able to inform you about the services we offer, we rely on our presence in social networks. When using social networks, data is processed outside the European Union (EU) and the European Economic Area (EEA). An equivalent level of data protection to that in the EU cannot be guaranteed in all countries outside the EU. In this context, it can lead to risks for you as a user if the transmitted data is processed in so-called third countries with an inadequate level of data protection.

This makes it more difficult to enforce known user rights. In addition, your data may not be processed in your interest by the provider in the third country. We only transfer personal data to third countries for which an adequate level of protection has been confirmed or where the transfer of personal data can be ensured by contractual agreements or other appropriate safeguards.

In addition to the respective provider of a social network, we also collect and process personal user data on so-called "fan pages". With this notice, we inform you about what data we collect from you on our social media presences, how we use it and how you can object to the use of data. The respective data processing purposes and data categories can be found in the respective offer, which is listed in more detail below. The social media activities operated by us and described in more detail below are carried out on the basis of a balancing of interests in accordance with Art. 6 (1) (f) GDPR.

In order to achieve this, cookies are used to record user behaviour and enable the user to be profiled. A specific list of the processing purposes of user data can be found in the data protection notices of the respective providers. By making appropriate settings in your user account, your profile formation can be restricted, at least to a certain extent. For the exact procedure, please read the corresponding data protection information of the respective provider.

The relevant platforms are:

  • Facebook: Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland -> Meta Privacy Policy
  • Instagram: Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland -> Meta Privacy Policy
  • LinkedIn: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland -> LinkedIn Privacy Policy
  • Youtube: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland -> Google Privacy Policy
  • Microsoft Marketplace One Microsoft Way Redmond, WA 98052-6399, United States -> Microsoft Privacy Policy
  • GitHub: GitHub, Inc. 88 Colin P. Kelly Jr. St. San Francisco, CA 94107 United States -> GitHub Privacy Policy

We operate profiles on the listed platforms in order to draw attention to products and services and to interact with customers, interested parties and other users of the platform.

In this context, the platform operators also use certain data that they have collected from users of the platform (e.g. whether a photo on a profile has been "liked" or commented on) to create aggregated usage statistics and make them available to the respective operators of the profile (so-called "insights" or "analytics"). As a profile operator, we also receive such usage statistics. The information we receive as a profile operator does not allow any conclusions to be drawn about individual users. The Profile Operator itself has no access to personal data that the Platform Operator processes for the purpose of compiling the usage statistics. Only the respective platform operator determines which data is processed for these purposes and in what way. As the profile operator, inSyca IT Solutions GmbH cannot exert any legal or factual influence on the processing by the platform operators.

For the processing in connection with the compilation of usage statistics, inSyca IT Solutions GmbH and the respective platform operator are considered joint controllers within the meaning of Art. 26 GDPR.

Where possible, joint responsibility agreements exist with the respective platform operators.

In addition, data processing by inSyca IT Solutions GmbH as the profile operator only takes place to a very limited extent:

  • Processing of usernames and comments that are deleted due to violation of netiquette. These will be retained for any necessary proof in the event of legal disputes within the limitation period.
  • Processing of usernames and individual messages when you contact us via messenger services
  • Processing of usernames and postings in the context of inquiries and, if necessary, obtaining consent to the re-posting of images

For these purposes, we usually only process your name, message content, comment content and the profile information you provide "publicly".

Rights of data subjects

You have the right to:

  • • Request information about your personal data processed by us in accordance with Art. 15 GDPR . In particular, you can obtain information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data, if it has not been collected by us, and the existence of automated decision-making including profiling and, where applicable, meaningful information on its details;
  • in accordance with Art. 16 GDPR, to request the rectification of incorrect or complete your personal data stored by us without undue delay;
  • to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR , unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
  • to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR , insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you reject its deletion and we no longer need the data, but you need it to assert, exercise or defend legal claims, or you have objected to the processing in accordance with Art. 21 GDPR;
  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller (data portability);
  • in accordance with Art. 7 para. 3 GDPR to revoke your consent at any time vis-à-vis us. As a result, we may no longer continue the data processing based on this consent for the future and
  • to complain to a supervisory authority in accordance with Art. 77 GDPR . As a rule, you can contact the supervisory authority of your usual place of residence or place of work or our company headquarters.
  • Right to object

If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, insofar as there are reasons for this arising from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right of objection, which we will implement without specifying a special situation.

If you would like to exercise your right to object, an e-mail to info@insyca.com

Disclosure of your personal data

Your personal data will be shared as described below.
Disclosure also takes place if we are entitled or obliged to pass on data on the basis of legal provisions and/or official or court orders. In particular, this may involve the provision of information for the purposes of criminal prosecution, to avert danger or to enforce intellectual property rights.

Insofar as your data is passed on to service providers to the extent necessary, they will only have access to your personal data to the extent necessary for the performance of their tasks. These service providers are obliged to treat your personal data in accordance with the applicable data protection laws, in particular the GDPR. Insofar as your personal data is processed on our behalf on the basis of order processing agreements in accordance with Art. 28 GDPR, we ensure that the processing of personal data is carried out in accordance with the General Data Protection Regulation.

We attach great importance to processing your data within the EU/EEA. However, it may happen that we use service providers who process data outside the EU / EEA. In these cases, we ensure that an adequate level of data protection comparable to the standards within the EU is established at the recipient before the transfer of your personal data. This can be achieved, for example, through EU standard contractual clauses or binding corporate rules or special agreements to which the company can submit.

Data security

We use technical and organisational measures to protect our website against loss, destruction, access, modification or dissemination of your data by unauthorised persons.

In particular, your personal data will be transmitted by us in encrypted form. We use the SSL/TLS (Secure Sockets Layer/ Transport Layer Security) coding system. Please note that unencrypted data transmission (by e-mail or via other web forms) may be read by unauthorized persons outside our sphere of influence. Our security measures are continuously improved in line with technological developments.

Storage period for personal data

With regard to the storage period, we delete personal data as soon as their storage is no longer necessary for the fulfilment of the original purpose and there are no longer any statutory retention periods. The statutory retention periods are the criterion for the final period of storage of personal data. After the deadline, the corresponding data is routinely deleted. If retention periods exist, processing is restricted in the form of blocking the data.

References and links

When accessing websites to which reference is made as part of our website, information such as name, address, e-mail address, browser characteristics, etc. may be asked again. This privacy policy does not govern the collection, disclosure or handling of personal data by third parties.

Third-party service providers may have different and separate provisions in the handling of the collection, processing and use of personal data. It is therefore advisable to inform yourself on the websites of third parties about their practice of handling personal data before entering personal data.