Privacy Policy
Last updated: 21.03.2025
I. General Part of the Privacy Policy
1. Scope
This privacy policy informs you about the nature, scope and purposes of the collection and use of personal data on our website www.koiotech.com. It applies to all online services accessible under this domain.
2. Principles and Terms
The processing of personal data is carried out in accordance with the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and the Telecommunications Digital Services Data Protection Act (TDDDG).
Provider: Koiotech GmbH
User: Any natural person who uses our website.
Online Service: The website available at www.koiotech.com.
Provider: Koiotech GmbH
User: Any natural person who uses our website.
Online Service: The website available at www.koiotech.com.
3. Name and Contact Details of the Provider
Koiotech GmbH
Weender Landstraße 3-7
37073 Göttingen
Phone: + 49 176 29914160
Email: info@koiotech.de
Weender Landstraße 3-7
37073 Göttingen
Phone: + 49 176 29914160
Email: info@koiotech.de
4. Rights of Data Subjects
According to the General Data Protection Regulation (GDPR), you have the following rights:
Right to Information (Art. 15 GDPR)
You have the right to request confirmation from us as to whether we are processing personal data about you. If this is the case, you have the right to information about this data as well as further information, e.g. the purposes of processing, the categories of processed data and the recipients of the data.
Right to Rectification (Art. 16 GDPR)
You have the right to request the correction of inaccurate data or the completion of incomplete personal data.
Right to Deletion (Art. 17 GDPR)
You have the right to request the deletion of your personal data, provided that the processing is no longer necessary or has been carried out unlawfully.
Right to Restriction of Processing (Art. 18 GDPR)
You have the right to request the restriction of the processing of your personal data, e.g. if you dispute the accuracy of the data or the processing is unlawful.
Right to Data Portability (Art. 20 GDPR)
You have the right to receive your personal data in a structured, commonly used and machine-readable format and to transmit this data to another controller.
Right to Object (Art. 21 GDPR)
You have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data. In the event of an objection, we will no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests.
Right to Withdraw Consent
If you have given us consent to process your personal data, you can withdraw this consent at any time with effect for the future.
Right to Lodge a Complaint with a Supervisory Authority (Art. 77 GDPR)
You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates the GDPR.
The supervisory authority responsible for us is:
Der Landesbeauftragte für den Datenschutz Niedersachsen
Prinzenstraße 5
30159 Hannover
Phone: 0511-120 4500
Fax: 0511-120 4599
Email: poststelle@lfd.niedersachsen.de
How to Exercise Your Rights
To exercise your rights, please contact us at: info@koiotech.de
Right to Information (Art. 15 GDPR)
You have the right to request confirmation from us as to whether we are processing personal data about you. If this is the case, you have the right to information about this data as well as further information, e.g. the purposes of processing, the categories of processed data and the recipients of the data.
Right to Rectification (Art. 16 GDPR)
You have the right to request the correction of inaccurate data or the completion of incomplete personal data.
Right to Deletion (Art. 17 GDPR)
You have the right to request the deletion of your personal data, provided that the processing is no longer necessary or has been carried out unlawfully.
Right to Restriction of Processing (Art. 18 GDPR)
You have the right to request the restriction of the processing of your personal data, e.g. if you dispute the accuracy of the data or the processing is unlawful.
Right to Data Portability (Art. 20 GDPR)
You have the right to receive your personal data in a structured, commonly used and machine-readable format and to transmit this data to another controller.
Right to Object (Art. 21 GDPR)
You have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data. In the event of an objection, we will no longer process your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests.
Right to Withdraw Consent
If you have given us consent to process your personal data, you can withdraw this consent at any time with effect for the future.
Right to Lodge a Complaint with a Supervisory Authority (Art. 77 GDPR)
You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates the GDPR.
The supervisory authority responsible for us is:
Der Landesbeauftragte für den Datenschutz Niedersachsen
Prinzenstraße 5
30159 Hannover
Phone: 0511-120 4500
Fax: 0511-120 4599
Email: poststelle@lfd.niedersachsen.de
How to Exercise Your Rights
To exercise your rights, please contact us at: info@koiotech.de
5. Protection of Personal Data
We implement technical and organizational measures in accordance with Art. 32 GDPR to protect your data. Data transmission is encrypted using HTTPS.
6. Changes to the Privacy Policy
We reserve the right to adapt this privacy policy. Changes will be published on our website.
II. Special Part of the Privacy Policy
7. Purposes and Legal Basis for the Processing of Personal Data
7.1 Information Transmitted by the Browser
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
• Browser type and browser version
• Operating system used
• Referrer URL
• Hostname of the accessing computer
• Time of the server request
• IP address
A merging of this data with other data sources is not carried out. The collection of this data is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this purpose, the server log files must be recorded.
• Browser type and browser version
• Operating system used
• Referrer URL
• Hostname of the accessing computer
• Time of the server request
• IP address
A merging of this data with other data sources is not carried out. The collection of this data is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this purpose, the server log files must be recorded.
7.2 Contact Form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.
The processing of this data is based on Art. 6 para. 1 lit. b GDPR, if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of requests addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested.
The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions - especially retention periods - remain unaffected.
The processing of this data is based on Art. 6 para. 1 lit. b GDPR, if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of requests addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested.
The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions - especially retention periods - remain unaffected.
7.3 Use of Cookies
Our Internet pages use so-called cookies in some cases. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offerings more user-friendly, more effective, and safer. Cookies are small text files that are stored on your computer and that your browser saves.
Most of the cookies we use are so-called "session cookies". They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser the next time you visit.
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.
Most of the cookies we use are so-called "session cookies". They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser the next time you visit.
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.
7.4 Cookie Consent with Usercentrics
Our website uses the consent technology from Usercentrics to obtain your consent to store certain cookies on your device or to use specific technologies and to document this in a data protection compliant manner. The provider of this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, Website: https://usercentrics.com/de/
When you visit our website, the following personal data is transferred to Usercentrics:
• Your consent(s) or withdrawal of your consent(s)
• Your IP address
• Information about your browser
• Information about your device
• Time of your visit to the website
Furthermore, Usercentrics stores a cookie in your browser to be able to assign the granted consents or their revocation to you. The data collected in this way is stored until you request us to delete it, delete the Usercentrics cookie yourself, or the purpose for data storage no longer applies. Mandatory legal retention obligations remain unaffected.
The use of Usercentrics is done to obtain the legally required consents for the use of certain technologies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.
When you visit our website, the following personal data is transferred to Usercentrics:
• Your consent(s) or withdrawal of your consent(s)
• Your IP address
• Information about your browser
• Information about your device
• Time of your visit to the website
Furthermore, Usercentrics stores a cookie in your browser to be able to assign the granted consents or their revocation to you. The data collected in this way is stored until you request us to delete it, delete the Usercentrics cookie yourself, or the purpose for data storage no longer applies. Mandatory legal retention obligations remain unaffected.
The use of Usercentrics is done to obtain the legally required consents for the use of certain technologies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.
7.5 Services Used
Google Analytics
This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.
The storage of Google Analytics cookies and the use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising. If corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
Cal.com
For our appointment scheduling, we use the Cal.com service. The provider is Cal.com, Inc., San Francisco, USA.
When you use our booking calendar, various data is transferred to Cal.com, including:
• Your IP address
• Browser information
• Booking data you provided (name, email, phone)
• Selected appointment dates
Data processing is based on your consent according to Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time by adjusting the corresponding settings in our cookie banner.
Please note that Cal.com is located in the USA. The USA is currently considered a country with an inadequate level of data protection under EU law. However, Cal.com uses additional measures such as standard contractual clauses to ensure adequate protection of your data.
For more information, please see Cal.com's privacy policy at: https://cal.com/privacy
Google Fonts
This site uses so-called Google Fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. A connection to Google servers does not take place.
Alternatively, we also load Google Fonts from Google servers in the USA. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. In this case, when you access our website, data such as your IP address and which page you visited on our site is transmitted to Google. This data transfer only occurs if you have agreed to the "Functional" category in our cookie banner.
The use of Google Fonts is in the interest of a uniform and appealing presentation of our online offerings. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
CrispChat
We use CrispChat for our customer support. The provider is Crisp IM SARL, 2 Boulevard de Launay, 44100 Nantes, France.
CrispChat enables us to communicate directly with visitors to our website. When you use the chat, various data is transferred to Crisp, including:
• Your IP address
• Browser information
• Time of the chat visit
• Chat contents
Data processing is based on your consent according to Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time by adjusting the corresponding settings in our cookie banner.
For more information, please see the Crisp privacy policy at: https://crisp.chat/en/privacy/
hCaptcha
To protect our website from misuse by bots and to ensure security, we use the hCaptcha service. This involves processing your IP address and possibly other data to ensure the security and integrity of our website. The processing of your data is based on our legitimate interest pursuant to Art. 6 Para. 1 lit. f GDPR. The purpose of data processing is to ensure the integrity and security of our website by preventing bot-controlled interactions. For more information on data processing by hCaptcha, please refer to hCaptcha's privacy policy at: https://www.hcaptcha.com/privacy
Netlify
We use the services of Netlify Inc., 2325 3rd Street, Suite 215, San Francisco, CA 94107, USA (hereinafter "Netlify") as a hosting platform for our website.
When you visit our website, various data is transmitted to Netlify, including:
• Your IP address
• Browser information
• Date and time of access
• Access duration
• Pages accessed
• Amount of data transferred
This processing is necessary for the operation of the website and is based on Art. 6(1)(f) GDPR (legitimate interest). Our legitimate interest is to ensure secure and efficient provision of our online services.
Netlify is based in the USA. For the transfer of data to the USA, Netlify has implemented standard contractual clauses in accordance with Art. 46(2)(c) GDPR to ensure an adequate level of data protection.
For more information about data processing by Netlify, please see Netlify's privacy policy at: https://www.netlify.com/privacy/
This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.
The storage of Google Analytics cookies and the use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising. If corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
Cal.com
For our appointment scheduling, we use the Cal.com service. The provider is Cal.com, Inc., San Francisco, USA.
When you use our booking calendar, various data is transferred to Cal.com, including:
• Your IP address
• Browser information
• Booking data you provided (name, email, phone)
• Selected appointment dates
Data processing is based on your consent according to Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time by adjusting the corresponding settings in our cookie banner.
Please note that Cal.com is located in the USA. The USA is currently considered a country with an inadequate level of data protection under EU law. However, Cal.com uses additional measures such as standard contractual clauses to ensure adequate protection of your data.
For more information, please see Cal.com's privacy policy at: https://cal.com/privacy
Google Fonts
This site uses so-called Google Fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. A connection to Google servers does not take place.
Alternatively, we also load Google Fonts from Google servers in the USA. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. In this case, when you access our website, data such as your IP address and which page you visited on our site is transmitted to Google. This data transfer only occurs if you have agreed to the "Functional" category in our cookie banner.
The use of Google Fonts is in the interest of a uniform and appealing presentation of our online offerings. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
CrispChat
We use CrispChat for our customer support. The provider is Crisp IM SARL, 2 Boulevard de Launay, 44100 Nantes, France.
CrispChat enables us to communicate directly with visitors to our website. When you use the chat, various data is transferred to Crisp, including:
• Your IP address
• Browser information
• Time of the chat visit
• Chat contents
Data processing is based on your consent according to Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time by adjusting the corresponding settings in our cookie banner.
For more information, please see the Crisp privacy policy at: https://crisp.chat/en/privacy/
hCaptcha
To protect our website from misuse by bots and to ensure security, we use the hCaptcha service. This involves processing your IP address and possibly other data to ensure the security and integrity of our website. The processing of your data is based on our legitimate interest pursuant to Art. 6 Para. 1 lit. f GDPR. The purpose of data processing is to ensure the integrity and security of our website by preventing bot-controlled interactions. For more information on data processing by hCaptcha, please refer to hCaptcha's privacy policy at: https://www.hcaptcha.com/privacy
Netlify
We use the services of Netlify Inc., 2325 3rd Street, Suite 215, San Francisco, CA 94107, USA (hereinafter "Netlify") as a hosting platform for our website.
When you visit our website, various data is transmitted to Netlify, including:
• Your IP address
• Browser information
• Date and time of access
• Access duration
• Pages accessed
• Amount of data transferred
This processing is necessary for the operation of the website and is based on Art. 6(1)(f) GDPR (legitimate interest). Our legitimate interest is to ensure secure and efficient provision of our online services.
Netlify is based in the USA. For the transfer of data to the USA, Netlify has implemented standard contractual clauses in accordance with Art. 46(2)(c) GDPR to ensure an adequate level of data protection.
For more information about data processing by Netlify, please see Netlify's privacy policy at: https://www.netlify.com/privacy/
8. Online Presence in Social Media
We maintain online presences in social networks to communicate with users and inform them about our services. On our website, we use social media plugins (e.g., links to social networks). These only establish a connection to the respective networks when the user actively clicks on the link. No personal data is transmitted to social networks when the page is loaded. For more information about data processing by the respective social networks, please refer to their privacy policies.
9. Recipients of Personal Data
Personal data is only passed on to third parties insofar as this is necessary for contract fulfillment or due to legal requirements. External service providers (e.g., Google, Crisp, Cal.com) act as processors and are subject to contractual obligations to comply with data protection.
10. Transfer of Personal Data to Third Countries
Data may be transferred to third countries (e.g., USA), especially in connection with Google Analytics, Crisp Chat and Cal.com. The transfer takes place on the basis of standard contractual clauses pursuant to Art. 46 GDPR or within the framework of the EU-US Data Privacy Framework.
11. Duration of Storage
Unless a more specific storage period has been mentioned within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke consent for data processing, your data will be deleted, provided that we have no other legally permissible reasons for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, the deletion takes place after these reasons no longer apply.
12. User's Obligation to Provide Personal Data
The provision of personal data is necessary to use certain services on our website (e.g., appointment booking via Cal.com or the use of live chat). If you do not provide this data, we cannot offer you the desired services. The legal basis for this is Art. 6 Para. 1 lit. b GDPR (contract fulfillment).
13. No Automated Decision-Making
We do not use automated decision-making that has legal effect or significantly affects you.
14. Processing of Personal Data on Behalf
We use external service providers (processors) who process personal data on our behalf. These service providers process the data exclusively according to our instructions and are contractually obligated to comply with data protection regulations. Processors are:
• Google LLC (Google Analytics)
• CrispChat (Live Chat)
• Cal.com (Appointment Scheduling)
• Netlify Inc. (Website Hosting)
Appropriate data processing contracts in accordance with the requirements of Art. 28 GDPR have been concluded.
• Google LLC (Google Analytics)
• CrispChat (Live Chat)
• Cal.com (Appointment Scheduling)
• Netlify Inc. (Website Hosting)
Appropriate data processing contracts in accordance with the requirements of Art. 28 GDPR have been concluded.
III. Right to Object According to Art. 21 GDPR
You have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data. Please send your objection to: info@koiotech.de. The lawfulness of the data processing carried out until the revocation remains unaffected by the revocation.
Last updated: 21.03.2025
Koiotech GmbH
Weender Landstraße 3-7, 37073 Göttingen
Amtsgericht Göttingen HRB 206048
Last updated: 21.03.2025
Koiotech GmbH
Weender Landstraße 3-7, 37073 Göttingen
Amtsgericht Göttingen HRB 206048