top of page
WSXX_Logo_SCHWARZtransparent.png

1. Data Controller

Protecting your personal data is important to us. This privacy policy explains how we collect and process personal data when you visit our website.

Controller pursuant to the GDPR:

Brainstoxx GmbH
Otto-Lindenmeyer-Strasse 40
86153 Augsburg
Germany

E-mail: datenschutz@wallstoxx.com

2. General Information on Data Processing

We process personal data only insofar as necessary to provide a functional website and our services. Processing is based on legal permission or the consent of the data subject.

Important notes:

  • Our website does not operate an online shop, blog, forum, or payment processing.

  • We do not store complete IP addresses or other log files.

  • No automated decision-making or profiling takes place.

3. Hosting and Data Processing Agreement

Our website is hosted by Wix.com Ltd., Nemal St. 40, 6350671 Tel Aviv, Israel.
 

We have concluded a Data Processing Agreement (DPA) with Wix pursuant to Art. 28 GDPR to ensure your data is protected. Wix may use servers located outside the EU, such as in the USA. For these cases, Wix relies on Standard Contractual Clauses (SCCs) pursuant to Art. 46 GDPR.

More information: https://de.wix.com/about/privacy

4. Provision of the Website

When you access our website, certain data is automatically transmitted to the web server for technical reasons.

These data are used exclusively to deliver the content and ensure website security. We do not store log files ourselves.

The following data may be processed temporarily:

  • Date and time of access

  • Browser type and version

  • User’s operating system

  • Referrer URL

  • IP address (shortened or anonymized, where possible)

 

Legal basis:

Art. 6 (1) lit. f GDPR – our legitimate interest in secure and error-free operation of the website.

5. Contact via E-mail

If you contact us by e-mail, the personal data you provide will only be processed to handle your request.

Legal basis:

Art. 6 (1) lit. b GDPR – processing necessary for the performance of a contract or pre-contractual measures.

Data will be deleted once your request is completed, unless legal retention obligations apply.

6. Contact Form

When you send us a request via the contact form, the data you provide, including your contact details, will be stored to process your inquiry and for possible follow-up questions. We will not share this data without your consent.

Legal basis:

Processing is based exclusively on your consent (Art. 6 (1) lit. a GDPR).

You may revoke this consent at any time by sending us an informal e-mail.

The legality of data processing prior to withdrawal remains unaffected.

The data entered into the contact form will remain with us until you request deletion, revoke your consent, or the purpose of the storage no longer applies (e.g., after your inquiry has been fully processed).

Mandatory legal retention periods remain unaffected.

7. Cookies and Consent Management

Our website uses cookies to enable certain functions and to analyze usage.

Cookie categories:

Category Purpose Legal Basis Example

Essential Basic website functions Art. 6 (1) lit. f GDPR Session cookies

Analytics Analyze user behavior (e.g., Google Analytics) Art. 6 (1) lit. a GDPR _ga, _gid

Category Purpose Legal Basis Example

Marketing Display external content (e.g., YouTube videos) Art. 6 (1) lit. a GDPR YSC, VISITOR_INFO1_LIVE

When you first visit our website, you will be informed via a cookie banner. You can manage or revoke your consent at any time through this banner.

8. Google Analytics

We use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Google Analytics uses cookies to analyze website usage.

The information generated is usually transmitted to a Google server in the USA and stored there. On this website, IP anonymization is enabled so that your IP address is truncated within the EU or EEA.

Purpose of processing:

To analyze user behavior and improve our website and services.

Legal basis:

Art. 6 (1) lit. a GDPR – based on your consent.

Data transfer to third countries:

Data processing by Google in the USA cannot be excluded.

For the USA, there is no adequacy decision by the EU Commission.

Google relies on Standard Contractual Clauses (SCCs) pursuant to Art. 46 GDPR.

More information: https://policies.google.com/privacy/frameworks

Further information:

Opt-out:

Browser add-on to deactivate Google Analytics:

https://tools.google.com/dlpage/gaoptout

9. Google Fonts

Our website uses Google Fonts for a consistent and visually appealing presentation.

Local integration

Google Fonts are hosted locally on our own server.

No personal data is transferred to Google when you visit our website.

Legal basis:

Art. 6 (1) lit. f GDPR – our legitimate interest in consistent and visually appealing presentation.

If we integrate Google Fonts via Google servers in the future, this will only happen with your prior consent via the cookie banner.

 

Further information:

10. Social Media Links

Our website contains links to our social media profiles:

  • Facebook

  • Instagram

  • LinkedIn

  • YouTube

These are static links, meaning no data is transferred automatically when visiting our site. Data transfer only occurs once you actively click on a link. From that point on, the respective platform’s privacy policy applies.

More information: ·

Facebook: https://www.facebook.com/privacy/policy

Instagram: https://privacycenter.instagram.com/policy

LinkedIn: https://www.linkedin.com/legal/privacy-policy

YouTube / Google: https://policies.google.com/privacy

11. Overview of Legal Bases

Processing Activity              Legal Basis

Website provision (hosting)    Art. 6 (1) lit. f GDPR

E-mail inquiries                        Art. 6 (1) lit. b GDPR

Contact form                            Art. 6 (1) lit. a GDPR

Google Analytics                     Art. 6 (1) lit. a GDPR

Google Fonts (local)                Art. 6 (1) lit. f GDPR

Social media links                   Art. 6 (1) lit. f GDPR

Cookies / Consent banner     Art. 6 (1) lit. a GDPR

12. Your Rights

You have the following rights concerning your personal data:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to object (Art. 21 GDPR)

  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

Supervisory authority for us:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)

Promenade 18, 91522 Ansbach, Germany

https://www.lda.bayern.de

13. Data Security

We implement technical and organizational measures to protect your data from manipulation, loss, destruction, or unauthorized access.

Our security measures are regularly updated according to the latest technological standards.

14. Updates or Changes

We reserve the right to update this privacy policy as needed to reflect legal requirements or changes to our services.

The most current version is always available on our website.

15. Contact for Data Protection

Brainstoxx GmbH

Otto-Lindenmeyer-Strasse 40

86153 Augsburg

Germany

E-mail: datenschutz@wallstoxx.com

bottom of page