Privacy

We process personal data to provide this website, ensure technical security, and respond to inquiries.

Legal basis is Art. 6(1)(b) GDPR (pre-contractual communication) or Art. 6(1)(f) GDPR (legitimate interests).

The site is delivered via Microsoft Azure Static Web Apps in the West Europe region. Technical connection data is processed on each request (IP address, timestamp, requested URL, user agent). This is necessary for site operation and IT security (Art. 6(1)(f) GDPR).

Any data transfer to third countries occurs only on the basis of the EU Standard Contractual Clauses.

We use Azure Application Insights to understand how this website is used (page views, sessions, broad region, referral source via UTM parameters). Measurement is cookieless and does not access device-stored information that would require consent under the German TTDSG. No personal usage profiles are created.

Your IP address is anonymised before storage and is not used to identify individuals. Geographic data is evaluated at country or region level only.

The legal basis is our legitimate interest in tailoring and improving our website to user needs (Art. 6(1)(f) GDPR).

Data is processed exclusively in the EU West Europe region. Any transfer to Microsoft Corporation (USA) is contractually safeguarded by the EU Standard Contractual Clauses. Data is automatically deleted after the 90-day retention period.

You may object to this processing at any time under Art. 21 GDPR - contact datenschutz@nexusx.digital. You can also restrict data collection by Application Insights through browser settings or extensions that block external tracking scripts.

We use only technically necessary cookies - they store, e.g. your language preference and cookie decision. Without them this site cannot work.

Optional analytics or marketing cookies are only set if you actively enable them via the cookie banner. Consent can be withdrawn at any time through the same banner.

When you use the contact form, your data is delivered via the Microsoft Graph API to our mailbox info@nexusx.digital. We process name, company, email, topic and message. Spam protection uses a honeypot field and per-IP rate limit.

Legal basis is Art. 6(1)(b) GDPR (pre-contractual communication).

We link to our LinkedIn and Instagram profiles. Visiting this site does not transmit any data to LinkedIn or Meta - that only happens after you click a social link.

Once you click, the privacy policy of the respective provider applies.

Your data is shared only when technically required (e.g. with Microsoft Azure as host), with your consent, or as legally mandated.

We retain personal data only as long as necessary for the stated purposes; statutory retention obligations remain unaffected.

You can subscribe to our newsletter. We use the double opt-in procedure: after you sign up you receive an email asking you to confirm your subscription. We only add you to the distribution list after you confirm.

We process your first and last name, email address, optionally your mobile number and optionally your date of birth (for personal birthday greetings) and - as proof of your consent (Art. 7(1) GDPR) - the timestamp and IP address of both the sign-up and the confirmation. You can change or remove all optional details at any time via the management link.

The legal basis is your consent (Art. 6(1)(a) GDPR). You can withdraw it at any time with effect for the future, for example via the unsubscribe link at the end of every newsletter email.

Delivery is handled by Brevo (Sendinblue GmbH, Cologne, Germany) as a processor. Upon confirmation we transmit the data listed above to Brevo. Brevo processes the data solely on our instructions under a data processing agreement. Unconfirmed sign-ups are deleted after seven days at the latest.

You have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20) and objection (Art. 21 GDPR).

Complaints can be lodged with the competent supervisory authority - for us this is the Bavarian State Office for Data Protection Supervision, Promenade 18, 91522 Ansbach, Germany.