Privacy Policy
Welcome to the website of GoodIP GmbH (“we” or “us”) as controller of
personal information (Art 4 Nr. 7 GDPR):
GoodIP GmbH
Otto-Heilmann-Str. 18a
82031 Grünwald
Germany
Email: info@goodip.de
Tel: +49 89 3078 1244
Represented by:
Dr. Bastian July & Dr. Tillmann Stieger (managing directors)
Commercial Register:
Amtsgericht München, HRB 234688
Your privacy is of great importance to us. This Privacy Policy provides
information on how we collect, use, and protect your personal
information.
We care about the security of the personal data collected on our website
and as provided by you in use of our Services (“Services”), e.g., our
web-based Service GoodIP GO as well as about the protection of privacy
of our authorized users, their guests and any other data subject that
uses our Services or visits our website. We continually take steps to
protect your information against loss, misuse, unauthorized access,
unauthorized disclosure, unauthorized adaptation, manipulation, or
destruction. If you access our website or tools
(i) from a Member State of the European Union, the European Data
Protection Regulation 2016/679 (GDPR) applies.
(ii) from Switzerland, the Swiss Federal Data Protection Act (FADP)
applies in addition.
(iii) from the UK, the UK GDPR applies.
(iv) from the State of California, USA, the California Consumer Privacy
Act of 2018 (CCPA) may also apply to the processing of personal
information.
1. Information we may collect on our website
You may generally visit our website without identifying yourself. Please
note that identifying you is not possible for us without any additional
information you provide over our forms or services or you consent to use
your information by a third party.
You may provide personal information to us as follows:
1.1. Contact us and Case study page
Over our website you have several options to contact us directly: When
you use our 'Contact Us' or 'Case Study' pages, we collect your full
name, email address, and company name (if provided) by an online form.
This information is used to communicate with you and respond to your
inquiries or to provide access to our case studies. Any personal data
provided over the respective forms is therefore processed based on Art.
6 (1) b GDPR as necessary for a contract or in order to take steps prior
to entering into a contract and is solely happening on your request as
the data subject. We will therefore use any personal data provided to us
solely to get in touch with and to respond to your request as well as to
provide access to detailed case studies and follow up with information
about our products and services.
1.2. Use of Calendly to schedule a meeting with us
For scheduling meetings, we use Calendly, a third-party service provided
by Calendly Inc. 115 E. Main St. Ste A1B, Buford, GA 30518, USA.
Calendly may collect your name and email address for scheduling
purposes. Calendly's use of information is subject to their own privacy
policy and cookie usage. We have concluded a data processing contract as
in Art. 28 GDPR with Calendly to ensure that our customers personal data
is processed in compliance with applicable data protection regulation.
This data processing contract is including EU Model Clauses to ensure
that all personal data will be processed under EU data protection
standards even if it shall be transferred to the USA as a country where
there is not an adequate data protection standard as seen from an EU
perspective. Calendly Inc. has obtained self-certification under the EU
- U.S. Data Privacy Framework, which provides adequate data protection
standards within Calendly. You may find the self-certification of
Calendly under this link:
We are processing respective personal data provided by you based on Art.
6 (1) b GDPR as necessary for a contract or in order to take steps prior
to entering into a contract and is solely happening on your request as
the data subject. We regard the use of this service as essential to
schedule meetings effectively, what will assumably be in your interest
as well.
1.3. Use of Cookies
Our website uses cookies, pixels, local storage objects, and similar
devices (collectively, "cookies" unless otherwise noted) to distinguish
you from other users of the website, but not to identify you. You do not
need to allow all cookies to visit our website. However, enabling
cookies may allow for a more tailored browsing experience and is
required for certain parts of the website to work.
A cookie is a small file of letters and numbers that we store on your
browser or the hard drive of your computer. When you visit our site,
strictly necessary cookies will be automatically placed on your device.
You can change the cookie settings that will be placed when you visit
our website by changing the settings on your browser or by visiting the
Cookie Preference Centre by clicking on the Cookie button at the bottom
of this website. Strictly necessary cookies do not require your consent.
However, the use of Google Analytics is not strictly necessary why we
ask for consent over the cookie banner before the respective Google
Analytics Cookie is saved to your device.
1.4. Use of Google Analytics
Our website uses Google Analytics 4 to track and report website traffic,
helping us understand visitor interactions and improve our website's
user experience. Google Analytics 4 is a service provided by Google Inc.
that is providing their services to EU customers by Google Ireland
Limited, Gordon House, Barrow Street 4, Ireland. We may track your
website visit if you provide us with your consent over our cookie
banner. If you provide your consent, legal basis to process potentially
personal data within Google Analytics is Art. 6 (1) a GDPR as well as
Art. 25 Telecommunications-Telemedia Data Protection Act (TTDSG).
If you provide your consent, the following cookies will be set to your
device:
| Tool | Cookie | Type | Purpose | Duration |
|---|---|---|---|---|
| Google Analytics | _ga | Permanent | Contains a randomly generated user ID. Google Analytics can use this ID to recognize returning users on this website and merge the data from previous visits. | 7 days |
| Google Analytic | _ga_ JZJ5TNGGVK | Permanent | Contains a randomly generated user ID. Google Analytics can use this ID to recognize returning users on this website and merge the data from previous visits. | 7 days |
Please note that it is at any time possible to revoke your respective
consent regarding the use of Google Analytics. You may use our Cookie
tool itself to revoke the option. In addition, you may also use the
following links to opt-out any processing by Google Analytics:
Any data provided to us by Google in statistics is fully anonymized, so
it will not be possible for us to link any website visit to an
identified individual. We analyse our users’ behaviour to enhance the
website experience of our website visitors as in Art. 6 (1) f GDPR and
believe that your interests as a data subject will not exceed this
interest as you have provided your consent to being tracked by Google
over our cookie banner.
We have concluded a data processing contract as in Art. 28 GDPR with
Google to ensure that our customers personal data is processed in
compliance with applicable data protection regulation. This data
processing contract is including EU Model Clauses to ensure that all
personal data will be processed under EU data protection standards even
if it shall be transferred to the USA as a country where there is not an
adequate data protection standard as seen from an EU perspective. Google
LLC has obtained self-certification under the EU-U.S. Data Privacy
Framework, which provides adequate data protection standards within
Google. You may find the self-certification of Google under this link:
1.5. Hosting of our website
Our website is hosted on Netlify, which may also support our email
communications through serverless functions. Netlify is a service
provided by Netlify Inc., 512 2nd Street, Floor 2, San Francisco, CA
94107, USA. We have concluded a data processing contract as in Art. 28
GDPR with Netlify to ensure that our customers personal data is
processed in compliance with applicable data protection regulation. This
data processing contract is including EU Model Clauses to ensure that
all personal data will be processed under EU data protection standards
even if it shall be transferred to the USA as a country where there is
not an adequate data protection standard as seen from an EU perspective.
Netlify Inc. has obtained self-certification under the EU-U.S. Data
Privacy Framework, which provides adequate data protection standards
within Netlify. You may find the self-certification of Netlify Inc.
under this link:
Netlify will process personal information as described in their privacy
policy, available under:
We use Netlify to provide a quick website loading and enhanced the user
experience when visiting our website. The hosting provider will have to
pass through personal information as gathered on the website to us. In
this function Netlify will only process personal data on our behalf but
not for their own use. We process any personal information in connection
with Netlify by Art 6 (1) f GDPR as we have a legitimate interest to
provide the best experience for our users. As the website user visits
our website on a voluntary basis, we have reason to believe that their
interest of privacy protection is not exceeding our interests,
especially because Netlify is obligated to process personal data in a
GDPR compliant manner.
1.6. Use of Typeform
We create surveys with Typeform. Typeform is a service provided by
TYPEFORM S.L., c/Pallars 108, 08018 Barcelona, Spain. Categories of
(personal) data processed: technical connection data of the server
access (IP address, date, time, requested page, browser information) and
information about your request. Our purpose of processing is the
delivery of forms over our website. We process this data in accordance
with Art. 6 (1) f GDPR, as we have a legitimate interest in efficiently
retrieving data voluntarily provided by you in order to be able to
process your request quickly and accurately. Since data is only
processed to the extent that you voluntarily provide it to us within a
form, we assume that your interests do not outweigh our legitimate
interest. We have concluded an order processing contract with Typeform
S.L. Further information on data protection at Typeform can be found
here:
1.7. Connection to social media platforms
On our website, social media platforms are integrated under a simple
link. A data transfer to the following social media platforms only takes
place if you click on the corresponding link. We have currently included
links to the offerings of the following companies on my website:
Clicking on the LinkedIn icon establishes a direct connection to the
services of LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Pl,
Grand Canal Dock, Dublin 2, Ireland. For information on which data is
collected and how it is used, please refer to the provider’s privacy
policy:
Clicking on the YouTube icon or on a video on our website establishes a
direct connection to the services of Google Ireland Limited ("Google"),
Gordon House, Barrow Street, Dublin 4, Ireland. For information on which
data is collected and how it is used, please refer to the provider’s
privacy policy:
2. Use of GoodIP GO
You may use our Service “GoodIP GO” to analyze the first step whether
GoodIP is the right fit for your company’s request. To use GoodIP GO we
ask you to enter your email-address as well as company name and website,
that you may provide on a voluntary basis. Processing of personal data
is based on Art 6 I b GDPR to enable you to get in touch with us
regarding the project you would like to conduct, potentially with us. We
believe processing of the limited personal data you enter is therefore
also in your interest.
We host our service GoodIP GO on Amazon Web Services. Supplier of Amazon
Webs Services is Amazon EU S.á.r.l, 38 Av. John F. Kennedy, 1855
Neudorf- Weimershog, Luxembourg, Luxemburg. When you use GoodIP GO, your
personal data is processed on the servers of AWS. Personal data may also
be transferred to the parent company of AWS in the USA. We have a data
processing agreement with AWS in place, which includes EU standard
contractual clauses for any potential data transfer to the USA. Details
can be found here:
Further information can be found in the AWS privacy policy:
Amazon Web Services Inc. has obtained self-certification under the
EU-U.S. Data Privacy Framework, which provides adequate data protection
standards within Amazon. You may find the self-certification of Amazon
Web Services Inc. under this link:
2.1. Transfer of personal data to third countries, especially the USA
We do not sell or rent your personal information to third parties.
However, we may share your information with our data processors as
trusted third-party services like Typeform, Calendly, Netlify and Google
for operational purposes as described above. In these cases, personal
data might be transferred abroad, especially to the USA.
Aside from the use of processors as described above we do not intend to
transfer personal information. If this should be required as according
to our Services we may provide to you this will only happen regarding
the regulations of Art. 44 ff GDPR.
3. Retention period
We will only keep your personal data if required for providing our
Services and website to you and after this period ends as long as legal
obligations exist that obligate us to save and archive your data. For
visitors to our website, we will retain relevant personal information
for at least three years from the date of our last interaction with you
and in compliance with our obligations under the EU General or for
longer if we are required to do so according to our regulatory
obligations or professional indemnity obligations. Regarding Services to
our clients, we will retain relevant personal information for at least
six years from the date of our last interaction with that client and in
compliance with our obligations under the EU General Data Protection
Regulation or other legislation that is applying to client’s case, or
for longer as we are required to do so according to our regulatory
obligations or professional indemnity obligations. We may then destroy
such files without further notice or liability.
If personal information is only useful for a short period, e.g., for
specific marketing campaigns we may delete it.
4. Your rights as a data subject
We want to make sure you are aware of your data protection rights. To
execute any of those rights, please contact us under info@goodip.de.
Every data subject is entitled to the following rights:
The right to access (Art. 15 GDPR):
You have the right to ask us for copies of your personal data collected
and processed by us as well as the right to obtain confirmation from us
as to whether personal data concerning you is being processed and, if
so, access to the personal data and certain information about its
processing. Please note that this right is subject to certain legal
restrictions (in particular under Section 34 BDSG).
The right to rectification (Art 16 GDPR):
You have the right to request that we correct any information you
reasonably believe is inaccurate if conditions of Art 16 GDPR are met.
You also have the right to request us to complete information you
reasonably believe is incomplete.
The right to erasure (Art 18 GDPR):
You have the right to request that we erase your personal data unless
there is a legal justification to still store and retain and/or
otherwise process the data, e.g. to execute an agreement in place.
The right to data portability (Art 20 GDPR):
You have the right to request that we transfer the data that we have
collected to another organization, or directly to you, under certain
conditions.
The right to object to processing (Art 21 GDPR):
Under the conditions set out in Art. 21 GDPR, you have the right to
object to certain processing operations concerning your personal data on
grounds relating to your particular situation. In such a case, we cannot
comply with your objection if there are compelling legitimate grounds
for the processing which override your interests or if the processing is
necessary for the establishment, exercise or defence of legal claims.
Right to object to direct marketing (Art. 21(2) GDPR):
You may object at any time to further processing of personal data
relating to you for direct marketing purposes, with the consequence that
we no longer process such data for this purpose; this also applies to
profiling insofar as it is related to such direct marketing.
Automated decisions (Art. 22 GDPR):
We will not, without your consent, make any decision which produces
legal effects concerning you or similarly significantly affects you and
which is based solely on automated processing (including profiling).
Revoke of consents:
Where you give consent for processing, unless we inform you otherwise in
advance, this will be voluntary and there will be no sanction for
refusing consent. You have the right to revoke consent once given at any
time. In the event of such a revocation, the lawfulness of the
processing carried out on the basis of the consent until the revocation
is not affected. Processing on a legal basis other than your consent
also remains unaffected by the revocation. In this respect, however, you
may additionally exercise the aforementioned statutory rights. In
particular, you may at any time revoke any consent you may have given
for the use of your e-mail address or telephone number for direct
marketing and object to the further use of your e-mail address or
telephone number for this purpose at any time without incurring any
costs other than the transmission costs of my provider in accordance
with the prime rates.
Right of complaint:
You have the right to complain to a supervisory authority. This may be,
among others, the supervisory authority responsible for your place of
residence or the supervisory authority generally responsible for us.
The data protection supervisory authority responsible for us is:
Bavarian Data Protection Supervisory Authority
House address
Promenade 27 (Castle)
91522 Ansbach
Germany
Postal address
P.O. Box 606
91511 Ansbach
Germany
How to reach the Data Protection Supervisory Authority
Tel: +49 (0) 981 53 1300
Fax: +49 (0) 981 53 98 1300
Email: poststelle@lda.bayern.de
If you wish to submit a complaint, you can also use the complaint form
provided at
You may contact us in any form to exercise your rights, in particular to
revoke any consent you may have given, via the contact details provided
in the imprint. In order to exercise your rights, it may be necessary
for you to identify yourself to us.
5. Changes to our privacy policy
We may update this Privacy Policy to reflect changes to our information
practices. Any changes will be posted on this page, and we encourage you
to periodically review this page for the latest information on our
privacy practices.
6. Contact us
For questions or concerns regarding this Privacy Policy, or to privacy
at GoodIP in general, please contact us at info@goodip.de.
GoodIP GmbH
Otto-Heilmann-Str. 18a
82031 Grünwald
Germany
©2025 GoodIP. All rights reserved.