TRUVENTO

Privacy Policy

At TRUVENTO GmbH, protecting your data is our top priority. It is important to us that you know what personal data we process when you use our website and our TRUVENTO platform (the “Service”). We process personal data only in accordance with the applicable data protection requirements, in particular the European General Data Protection Regulation (hereinafter: “GDPR”) and the Federal Data Protection Act (hereinafter: “BDSG”).

This privacy policy informs you about how we collect, use, share and protect personal data – both when you visit our website and when you use our service.

The service is primarily intended for use by organisations (our “customers”), including their authorised representatives, employees and end users. In the event of a conflict between this privacy policy and the provisions of a written agreement between TRUVENTO and a customer, the provisions of the written agreement shall prevail to the extent of the conflict.

1. Our role in data protection

Our role in the processing of personal data depends on the specific context and the agreements with our customers. The following table shows our role in different scenarios:

Context of data processingDescription of personal dataOur role
In the context of website useData collected when visiting our website or actively transmitted by the visitor (e.g. via the online contact form, cookies).Controller
In the context of service provisionCustomer contact data that we process for billing, payment processing, contractual communication, marketing and newsletter purposes.Controller
Personal data provided to us by our customers exclusively for the purpose of providing the service, in particular for the creation and management of user accounts for authorised employees or end users.Processor

Insofar as we act as the controller in the scenarios described above, you can contact us at any time with questions or to assert your rights as a data subject using the following contact details:

TRUVENTO GmbH

Am Römergut 16

86583 Langerringen

Email: info@truvento.de

You can contact our data protection officer at: 

TRUVENTO GmbH, Attn: Data Protection Officer Am Römergut 16, 86583 Langerringen

Email: data-privacy@truvento.de

2. Processing of personal data when visiting our website

2.1 Hosting

We host the content of our website with the following providers:

Hostinger

The hosting provider is the company HOSTINGER operations, UAB

Švitrigailos str. 34, Vilnius 03230, Lithuania (hereinafter referred to as “Hostinger”).

Further information can be found in Hostinger’s privacy policy: https://www.hostinger.com/legal/privacy-policy

The use of Hostinger as our hosting provider is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in ensuring that our website is displayed as reliably and securely as possible.

If consent has been given, data processing is also carried out on the basis of Art. 6 (1) (a) GDPR and § 25 (1) TTDSG, provided that the consent includes the storage of cookies or access to information on the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

Order processing

We have concluded a contract for order processing (AVV) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that the personal data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.

2.2 Technical provision of the website

For the purpose of the technical provision of the website, it is necessary for us to process certain automatically transmitted information from you so that your browser can display our website and you can use the website. This information is automatically collected each time you visit our website and stored in our server log files. This information relates to the computer system of the accessing computer. The following information is collected:

  • IP address;
  • Browser type/version (e.g. Firefox 59.0.2 (64 bit));
  • Browser language (e.g. German);
  • Operating system used (e.g. Windows 10);
  • Internal resolution of the browser window;
  • Screen resolution;
  • JavaScript activation;
  • Java on/off;
  • Cookies on/off;
  • Colour depth;
  • Time of access.

2.3 Processed data, purposes and legal bases

a) Contact via the online form or by email

When you contact us (e.g. via the contact form on our website or by e-mail), we process the personal data you provide. This includes, in particular, your name, company name, e-mail address, country and the content of your message. You can provide us with further information on a voluntary basis.

We use this data exclusively to respond to your enquiry, to contact you and to ensure the associated technical administration.

The legal basis for processing is:

  • Your consent (Art. 6(1)(a) GDPR), provided you have given it to us voluntarily,
  • our legitimate interest in the efficient processing of your enquiry (Art. 6(1)(f) GDPR),
  • if your enquiry is aimed at concluding or performing a contract: the performance of the contract (Art. 6(1)(b) GDPR).

Your data will be deleted after your enquiry has been processed, provided that there are no legal retention obligations to the contrary. This is the case if it can be inferred from the circumstances that the matter in question has been completely clarified.

b) Links for social networks

Our website contains buttons for social networks (e.g. LinkedIn) that are marked with the logo of the respective provider. These are not the usual social plug-ins, but buttons with stored links.

You must activate (click) the buttons separately. As long as these buttons are not clicked, no data is transferred to the social networks. Only when you click the buttons and thereby declare your consent to communication with the social network servers do the buttons become active and the connection is established.

After clicking, the button corresponds to a so-called share plug-in. Information about the page you have visited is made available to the social network, which you can share with your contacts in your social network. If you want to “share” the information, you must be logged in. If you are not logged in, you will be taken to the login page of the social network you clicked on and you will no longer be on the TRUVENTO website. If you are logged in, the information that you want to recommend the respective article will be transmitted.

By activating the button, the social networks will also receive information about when you visited the relevant page of our website, as well as your IP address, details of the browser you are using and your language settings. When you click on the button, your click is transmitted to the social network and used in accordance with its data usage guidelines.

When you activate the button, we have no influence on the data collected and data processing operations and are not responsible for this data processing and are also not responsible in this regard within the meaning of the GDPR. We are also not aware of the full scope of data collection, its legal basis, the purposes and the storage periods. Therefore, the information provided here is not necessarily complete.

The data is transmitted regardless of whether you actually have an account with the provider or are logged in there. If you are logged in with the provider, your data will be directly assigned to your account. The providers may also use cookies on your computer to track you.

To our knowledge, the provider stores this data in usage profiles, which it uses for advertising, market research and/or the needs-based design of its website. Such evaluation is carried out in particular (even for users who are not logged in) to display needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles. To exercise this right of objection, please contact the respective provider.

For the purpose and scope of data collection and the further processing and use of the data by the respective social network, as well as your rights in this regard and setting options for protecting your privacy, please refer to the information

If you do not want the social network to receive data about you, do not click the button.

c) Online presence on social networks

TRUVENTO maintains online presences within social networks and platforms, such as LinkedIn, in order to be able to communicate with active users there and inform them about our service portfolio. TRUVENTO uses the technical platforms and services offered by the operators for this purpose. Both TRUVENTO and the respective operators of the platforms process your personal data on the platforms. TRUVENTO and the respective operators of the platforms are joint controllers for the data processing in accordance with Art. 26 GDPR.

We would like to expressly point out that the operators process your personal data outside the scope of TRUVENTO’s responsibility. Consequently, we inform you independently about the data processing in each case, so that the respective operators’ own data protection regulations apply on social networks and other external platforms, even if we disseminate information and maintain a presence there. The operators of social networks do not conclusively and clearly state how they use the data from visits to their respective sites for their own purposes, to what extent activities on the sites are assigned to individual users, how long this data is stored and whether data from a visit to the respective site is passed on to third parties, and we are not aware of this.

The respective privacy policies describe in general terms what information the operators receive and how it is used. On the individual platforms, you will also find information about how to contact the operators and about the settings for advertisements:

We would also like to point out that only the operators of the respective platforms have full access to user data and recommend that you contact the operators directly with any requests for information or other questions regarding your rights as a user (e.g. right to deletion):

  • LinkedIn, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

If you no longer wish to have your data processed as described here, you can disconnect your user profile from our page by using the “Unlike” function.

We inform you about TRUVENTO’s data processing on the respective platforms in this privacy policy.

Our online presence on LinkedIn serves to publish company-related news. In this context, users’ personal data may be processed:

  • Publication of news: In addition to text, we publish photos and, where applicable, names in our posts. In such cases, processing is based on the consent of the persons concerned.

2.4 Use of cookies

A cookie is a small file (text file) that your browser stores on your device on the instructions of a website you visit in order to “remember” information about you, such as your language settings or login information. These cookies are set by us and are referred to as first-party cookies. Depending on which of our websites you visit, we also use third-party cookies – these are cookies from a domain other than the domain of the website you are visiting – for our advertising and marketing activities and to understand your surfing behaviour on the website (e.g. which pages you visit or how long you stay on each page).

We use a cookie consent tool to manage our cookies, your cookie consents and their documentation. Below you will find a list of the cookie categories used on our websites (a detailed list can be found in our cookie notice).

Categories of cookies we use

a) Necessary and functional cookies

These cookies are necessary to provide the basic functions of the website and to store your cookie settings. Without these cookies, our website cannot function properly.

  • Provider: consentmanager AB, Håltegelvägen 1b, 72348 Västerås, SE

Our website uses ConsentManager’s consent technology to obtain your consent to store certain cookies on your device or to use certain technologies and to document this in accordance with data protection regulations. The provider of this technology is Jaohawi AB, Håltegelvägen 1b, 72348 Västerås, Sweden, website:

https://www.consentmanager.de (hereinafter referred to as “ConsentManager”).

When you visit our website, a connection is established to the ConsentManager servers in order to obtain your consent and other declarations regarding the use of cookies. ConsentManager then stores a cookie in your browser in order to be able to assign the consents you have given or their revocation. The data collected in this way is stored until you request us to delete it, delete the ConsentManager provider cookie yourself or the purpose for data storage no longer applies. Mandatory legal retention obligations remain unaffected.

ConsentManager is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 (1) lit. c GDPR.

  • Provider: Truvento, Am Römergut 16, 86853 Langerringen, DE

Truvento provides basic services to ensure website functionality. Truvento does not currently set any cookies.

Processing is based on our legitimate interest (Art. 6 (1) (f) GDPR), as it is technically necessary for the operation and security of the website. Opting out is not possible here.

b) Analysis and statistics cookies

These cookies help us understand how visitors interact with our website. The data is collected in anonymised form.

Processing is based solely on your consent (Art. 6(1)(a) GDPR), which you give via the cookie banner. Once you have given your consent, you can revoke it at any time with effect for the future.

  • Provider: Google Analytics, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, IE

This website uses Google Analytics for web analysis. This is a service provided by Google Ireland Limited (“Google”), a company registered and operated under Irish law (registration number: 368047) with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses “cookies”. The information generated by the cookie about your use of our website (including your IP address) is transmitted to and stored by Google on servers in the United States. If you consent to the use of cookies (cf. Art. 6(1)(a) GDPR), Google will anonymise the information obtained from the cookies. Anonymisation constitutes processing of your data, but this only takes place on the basis of your consent. It cannot be ruled out that data processing may take place outside the scope of EU law.

However, if IP anonymisation is activated on this website, your IP address will be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser software; however, please note that if you do this, you may not be able to use the full functionality of this website.

Further information on terms of use and data protection can be found at http://www.google.com/analytics/terms/de.html or at https://www.google.de/intl/de/policies/. We would like to point out that on this website, Google Analytics has been extended by the code “anonymizeIP” to ensure anonymous collection of IP addresses (so-called IP masking).

The use of this service is based on your consent in accordance with Art. 6 (1) lit. a GDPR and § 25 (1) TDDDG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission and the EU-U.S. Data Privacy Framework.

Details can be found here:

https://policies.google.com/privacy/frameworkshttps://privacy.google.com/businesses/controllerterms/mccs/https://www.dataprivacyframework.gov/s/

  • Provider: Google Tag Manager, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, IE

This website uses Google Tag Manager. Google Tag Manager is a solution that allows TRUVENTO to manage website tags via an interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not collect any personal data. The tool triggers other tags, which may collect data. Google Tag Manager does not access this data. If deactivation has been carried out at domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.

c) Other cookies

These cookies are used to provide additional functions. Processing is carried out – where necessary – on the basis of your consent (Art. 6(1)(a) GDPR). Here, too, you can revoke your consent at any time.

  • Provider: Amazon.com, Inc., 38, avenue John F. Kennedy, L-1855, LU

Amazon is an e-commerce platform for consumers, merchants and content creators.

You can reject each of these cookie categories as a whole (with the exception of technically necessary cookies). To do so, click on the “Advanced Settings” button in the cookie banner on the relevant website.

3. Processing of personal data in connection with our service

In connection with the provision of our service, we process personal data in various contexts:

3.1 Customer contact data that we process as the controller

a) Contract processing and invoicing

Within the framework of our business relationship with our customers, we process the personal data of the respective contact persons to the extent necessary for billing, the performance of contractual services or ongoing communication. This includes, in particular, name, contact details (e.g. e-mail address) and billing-related information.
This data is processed for the following purposes:

  • to initiate and fulfil contracts and to process payments (Art. 6(1)(b) GDPR),
  • to fulfil statutory retention and documentation obligations (Art. 6(1)(c) GDPR).

b) Marketing and Newsletter

In addition, we process our customers’ contact details (e.g. name, email address) in order to inform them about our products, services or offers.
The legal basis for this processing is your consent (Art. 6(1)(a) GDPR), which you can give us voluntarily. You can revoke your consent at any time with effect for the future.

3.2 Data that we process exclusively on behalf of our customers (processor)

We process all personal data provided to us by our customers for the purpose of providing the service exclusively in accordance with their instructions and on the basis of a data processing agreement in accordance with Art. 28 GDPR. This includes, in particular, the creation and administration of user accounts for authorised employees or end users, system logging and monitoring, the processing of support requests, backups and archiving, the management of security incidents and the provision of test and development environments.

In these cases, our customers remain responsible for data processing. We act exclusively as a technical service provider (processor) who processes the data only within the scope of the instructions and protects it by means of appropriate technical and organisational measures.

In addition, we may anonymise personal data provided to us under the data processing agreement and carry out the necessary processing steps for this purpose. The anonymised data can be used for our own purposes without any personal reference, in particular to improve and further develop our products. This includes, among other things:

  • optimising usage paths and user-friendliness (funnel optimisation, UX checks),
  • prioritising resources,
  • the analysis of navigation and result quality,
  • evaluating the usefulness and value of generated results,
  • assessing the relationship between trust and the necessity of review steps,
  • the examination of result quality in the context of research,
  • identifying and fixing errors and recurring problems (bugs and pain points),
  • and the measurement and analysis of full value paths.

The original personal data remains unaffected by this anonymisation.

4. Transfer to third countries

Our website is hosted on servers in Lithuania. As a rule, this means that no personal data is transferred to so-called third countries (outside the EEA).

However, please note that we use third-party cookies and tools on our website. If you agree to the use of these cookies, personal data may be transferred to recipients in third countries (e.g. the USA) in this context. We would like to point out that some third countries do not have a level of data protection comparable to that of EU law.

Our TRUVENTO platform is operated on Amazon Web Services (AWS) servers in Frankfurt am Main (Germany). We do not transfer personal data to third countries. However, in exceptional cases, AWS may transfer personal data to third countries if this is necessary to provide the services initiated by the customer or if AWS is obliged to do so due to legal regulations or binding official orders.

If data is transferred to third countries, we ensure that appropriate safeguards within the meaning of Art. 44 ff. GDPR (e.g. EU standard contractual clauses or adequacy decisions of the EU Commission) are in place to ensure an adequate level of data protection.

5. Other uses of data, automated decision-making, profiling

Further processing of your personal data will generally only take place if permitted by law or if you have consented to the data processing. In the event of further processing for purposes other than those for which the data was originally collected, we will inform you of these other purposes prior to further processing and provide you with further relevant information. In such cases, you are not legally or contractually obliged to disclose data.

No automated decision-making, including profiling, takes place within the scope of your use of our website and services in accordance with Article 22(1) and (4) of the GDPR.

6. Other recipients or categories of recipients of personal data

Your personal data will be forwarded to law enforcement authorities if this is necessary to investigate illegal use of our services or for legal prosecution. However, this will only happen if there are concrete indications of illegal or abusive behaviour. Data may also be disclosed if this serves to enforce terms of use or other agreements. We are also legally obliged to provide information to certain public authorities upon request. These include law enforcement agencies, authorities that prosecute administrative offences punishable by fines, and the tax authorities.

7. Rights regarding the processing of personal data

You can find the full scope of your rights under the GDPR at the following link: http://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32016R0679

7.1 Right to information

As a data subject, you have a right to information under the conditions of Art. 15 GDPR.

This means, in particular, that you have the right to request confirmation from us as to whether we are processing personal data concerning you. If this is the case, you also have the right to obtain information about this personal data and the information listed in Art. 15 (1) GDPR. This includes, for example, information about the purposes of processing, the categories of personal data being processed, and the recipients or categories of recipients to whom the personal data has been or will be disclosed (Art. 15(1)(a), (b) and (c) GDPR).

You can submit a request for this by post or email to the contact address given above.

7.2 Right to rectification of inaccurate data

As a data subject, you have a right to rectification under the conditions set out in Art. 16 GDPR.

This means in particular that you have the right to request that we immediately correct inaccurate personal data concerning you and complete incomplete personal data.

To do so, please contact us at the addresses given above.

7.3 Right to erasure

As a data subject, you have the right to erasure (“right to be forgotten”) under the conditions of Art. 17 GDPR.

This means that you have the right to request that we erase personal data concerning you without undue delay, and we are obliged to erase personal data without undue delay if one of the reasons listed in Art. 17(1) GDPR applies. This may be the case, for example, if personal data is no longer necessary for the purposes for which it was collected or otherwise processed.

If we have made your personal data public and we are obliged to delete it, we are also obliged to take reasonable measures, including technical measures, taking into account the available technology and implementation costs, to inform other controllers who process the personal data that a data subject has requested them to delete all links to this personal data or copies or replications of this personal data (Art. 17 (2) GDPR).

The right to erasure (“right to be forgotten”) does not apply in exceptional cases where processing is necessary for the reasons listed in Art. 17(3) GDPR.

To exercise your above right, please contact us at the above contact addresses.

7.4 Right to restriction of processing

As a data subject, you have the right to restriction of processing under the conditions set out in Art. 18 GDPR.

This means that you have the right to request that we restrict processing if one of the conditions listed in Art. 18(1) GDPR is met.

To exercise your above right, please contact us at the contact addresses provided above.

7.5 Right to data portability

As a data subject, you have the right to data portability under the conditions set out in Art. 20 GDPR.

This means that you have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit this data to another controller without hindrance from us, provided that the processing is based on consent pursuant to Article 6(1) (a) or Article 9(2)(a) GDPR or on a contract pursuant to Art. 6(1)(b) GDPR and the processing is carried out using automated means (Art. 20(1) GDPR).
To exercise your above right, please contact us at the contact addresses provided above.

7.6 Right to object 

As a data subject, you have a right to object under the conditions set out in Art. 21 GDPR.

We will expressly inform you of your right to object as a data subject at the latest at the time of the first communication with you.

As a data subject, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) or (f) GDPR.

In the event of an objection on grounds relating to your particular situation, we will no longer process the personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

To exercise your above right, please contact us at the contact addresses provided above.

7.7 Right to withdraw consent

If the processing is based on consent pursuant to Art. 6(1)(a) or Art. 9(2)(a) GDPR, you as the data subject have the right to withdraw your consent at any time pursuant to Art. 7(3) GDPR. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. We will inform you of this before you give your consent.

To exercise your above right, please contact us at the addresses given above.

7.8 Right to lodge a complaint with a supervisory authority

As a data subject, you have the right to lodge a complaint with a supervisory authority under the conditions of Art. 77 GDPR.

The supervisory authority responsible for us is:

Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18
91522 Ansbach

Tel.: +49 (0) 981 180093-0
Fax:
Email:poststelle@lda.bayern.de

 https://www.lda.bayern.de/de/kontakt.html

You can contact our data protection officer at: 

TRUVENTO GmbH Attn: Data Protection Officer Am Römergut 16, 86583 Langerringen

Email: data-privacy@truvento.de

8. Security

Personal data that you transmit via our website and the Internet is encrypted using Transport Layer Security (TLS) encryption technology. TLS technology encrypts and protects your personal data when it is transmitted via our website and the Internet.

9. Changes to this privacy policy

This privacy policy is currently valid and was last updated in October 2025.

Due to the further development of our website and offers or due to changes in legal or regulatory requirements, it may be necessary to amend this privacy policy. You can access and print out the current privacy policy at any time on the website under “Data Privacy – TRUVENTO“.

EN
DE EN