Privacy policy

September 2022

We, Zebralution GmbH, Pfuelstraße 5, 10997 Berlin, Germany (hereinafter referred to as "we") operate the websites under the top-level domain (hereinafter referred to as "websites") and the following social media channels:;,

Responsible for the content of the subpage as well as the associated social media channels: Facebook:; Instagram:; Twitter:; LinkedIn: (all social media channels hereinafter collectively referred to as "social media channels") is the company belonging to Zebralution GmbH GmbH & Co. KG, Pfuelstraße 5, 10997 Berlin, Germany.

We take the protection of your personal data very seriously. When collecting, processing and using personal data, we therefore strictly adhere to the data protection regulations applicable in the Federal Republic of Germany, in particular the German Data Protection Regulation (DSGVO), the German Federal Data Protection Act (BDSG) and the provisions of the Telemedia Act (TMG) and the Telecommunications Telemedia Data Protection Act (TTDSG).

1. person in charge, personal data

Responsible in the sense of Art. 4 No. 7 DSGVO for the collection, processing and use of your personal data is:

Zebralution GmbH
Pfuelstraße 5
10997 Berlin
Phone: +49 (0)30 488 2888 80
Fax: +49 (0)30 488 2888 887

Managing Directors:
Kurt Thielen, Sascha Lazimbat, Kaspar Kunisch

Commercial register: Charlottenburg Local Court HRB 186604 B
Sales tax ID: DE 234321649

Personal data means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (Article 4(1) GDPR).

2. data protection officer

The data protection officer within the meaning of Art. 37 DSGVO of the controller for the processing and use of your personal data is:

Dr. Sebastian Kraska
Attorney at Law, Dipl.-Kfm.
External data protection officer

IITR Data Protection GmbH
Marienplatz 2
80331 Munich

Tel.: +49 89 1891 7360

3. what data is collected?

a) Websites
The use of our websites is generally possible at any time without providing personal data. Insofar as special services of our company are used, the collection and processing of personal data may be necessary. We will inform you about this separately within the framework of this data protection notice.

When you access our websites, the browser used on your terminal device automatically sends information to the server of our websites, which is provided by our web hoster (see section 3. e) below). This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automatic deletion after 12 months:

- IP address of the requesting computer (stored anonymously after collection);
- Date and time of the server request;
- Website from which the access is made (referrer URL);
- Browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

The aforementioned information is only statistically evaluated and used to improve the functionality of our websites and the attractiveness of our offer. The legal basis for this is Art. 6 para. 1 p.1 lit. f) DSGVO ("legitimate interests"). Our legitimate interest arises from the guarantee of a smooth connection setup, the design of the most comfortable and effective use of our websites as well as for reasons of system security. In no case do we use the collected data for the purpose of drawing conclusions about your person.

b) Contact

We offer visitors to our websites the opportunity to contact us via e-mail or an encrypted contact form. You alone decide whether and what information you want to transmit to us when contacting us. In this context, we expressly point out that the electronic transmission of information can have security gaps. Complete protection of data against access by unauthorized third parties is technically not possible.

We collect the following personal data, if provided by you:
- First and last name;
- Company;
- e-mail address;
- address;
- telephone number;
- the request you have communicated.

The data generated in this context is currently stored in the Salesforce Sales Cloud, a service of Germany GmbH, Erika-Mann-Str. 31, 80636 Munich, Germany (hereinafter referred to as "Salesforce") on servers in Germany and France (or generally in the EU). Salesforce is a customer relationship management service and is used by us for the purpose of contact management and quotation generation.
Please note that Salesforce may also process and store your data in third countries outside the European Union (in particular in the USA). For the transfer of data to recipients located in third countries, Salesforce uses the standard contractual clauses of the European Commission to ensure a level of protection adequate to European data protection regulations (Article 46(2) DSGVO).
We have also concluded a Data Processing Addendum with Salesforce.
Your data will be deleted as soon as storage is no longer necessary or - if relevant - upon expiry of the statutory retention periods (6 years for business correspondence), in which case we will restrict data processing as soon as it is no longer necessary.
The legal basis for the processing and storage of the personal data provided by you in the context of contacting us is Art. 6 para. 1 p. 1 lit. b) DSGVO ("Necessity for the performance of the contract").
The legal basis for the transfer of the data provided by you to Salesforce and the storage of the data by Salesforce is Art. 6 para. 1 p. 1 lit. b) DSGVO ("Necessity for the performance of the contract") and Art. 28 para. 3 p. 1 DSGVO ("Order processing agreement").
For more information about Salesforce's terms of use and privacy policy, see or under

c) Newsletter
With our newsletter we inform you about us, our products and news concerning our company (hereinafter referred to as "newsletter"). By subscribing to our newsletter, you agree to receive it until revoked.
To subscribe to our newsletter, it is sufficient to provide your e-mail address. Your registration to receive our newsletter is done in a double opt-in process. After your registration, you will receive a confirmation e-mail with a link that you must click to enable receipt of the newsletter. We log your subscription to the newsletter in order to be able to keep a record of your subscription to the newsletter. The processing of your e-mail address is based exclusively on your consent (Art. 6 para. 1 p. 1 lit. a) DSGVO).
Our newsletter is sent via "MailChimp", a newsletter sending platform of Rocket Science Group, LLC, located at 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA (hereinafter referred to as "MailChimp").
MailChimp is used on the basis of our legitimate interests pursuant to Art. 6 (1) p. 1 lit. f) DSGVO and a contract processing agreement pursuant to Art. 28 (3) p. 1 DSGVO.
The following information from you will be stored by MailChimp on their servers in the USA:
- The email address you provide
- as well as information about the retrieval and use of the newsletter (see below).

The data transfer by MailChimp from the European Union to the USA is based on the standard contractual clauses of the European Commission (Art. 46 para. 2 DSGVO). You can view the privacy policy of MailChimp here:
MailChimp uses the above information to send and evaluate the newsletters on our behalf. Furthermore, MailChimp uses this data (in anonymized form) to optimize or improve its own offers, e.g. to technically optimize the dispatch and display of the newsletters or to determine from which countries the newsletter recipients come. MailChimp does not, however, pass this data on to third parties.
We would like to point out that the newsletters contain a web beacon, i.e. a small file that is retrieved from MailChimp's server when our newsletter is opened. As part of the retrieval, technical information (e.g. type of browser used) as well as your IP address and the time of the retrieval are collected. This information is used for the technical improvement of the services.
We also conduct statistical surveys using MailChimp, which include the following evaluations: a.) determining whether a newsletter was opened, b.) when it was opened, c.) which links are clicked and d.) top locations, i.e. those locations where our newsletter was opened most frequently (but without reference to personal data). This information can be assigned to you for technical reasons. However, it is not our intention to observe you. The evaluation of the information only serves us to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
The legal basis for processing the data for statistical purposes, to ensure proper processing of the newsletter subscription and to combat misuse of the recordings provided under the links is, if you have given your consent, Art. 6 para. 1 sentence 1 lit. a) DSGVO, otherwise Art. 6 para. 1 sentence 1 lit. b) DSGVO ("necessity for the performance of the contract") and Art. 6 para. 1 sentence 1 lit. f) DSGVO ("legitimate interests").
You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. At the same time, your consent to the sending of the newsletter via MailChimp and the statistical analyses will expire. You will find a link to cancel the newsletter at the end of each newsletter.

d) Data security
On our websites, we use the widespread SSL (Secure Socket Layer) procedure in conjunction with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit technology instead. You can tell whether a single page of our website is encrypted by the closed display of the key or lock symbol in the browser line and by the fact that the browser address line changes from "http://" to "https://".
If SSL encryption is activated, the data that you transmit to us cannot be read by third parties.

e) IT and hosting services
For our websites, we use IT and hosting services provided by the agency buntebrause GmbH & Co. KG, Maybachstr. 155-159, 50670 Cologne, Germany (hereinafter referred to as "buntebrause").
The services are used by us for the design, construction, technical implementation, programming, administration and maintenance of our websites.
For hosting, buntebrause uses the services of the provider webaix GmbH, Dürener Straße 340, 52249 Eschweiler, Germany (hereinafter referred to as "webaix").
The following data is collected and processed in this process:
- The IP address of the requesting end device,
- date and time of the call to our websites,
- indication of the time difference between the requesting host and the web server,
- the content of the request or the file that was transmitted to the user,
- the access status (successful transmission, error, etc.),
- the amount of data transferred in each case in bytes
- the website from which the access was made,
- the browser used, the operating system, the interface, the language of the browser and the version of the browser software.

The data is stored locally on the webaix server in Aachen (Germany) and deleted as soon as storage is no longer required or - if relevant - the legal retention periods have expired. The IP address is deleted when it can be ruled out that an attack on the Internet infrastructure of webaix has occurred from it. This regularly occurs after eight days.
The use of IT and hosting services is based on our legitimate interests in the efficient and secure provision of our offer in accordance with Art. 6 (1) p. 1 lit. f) DSGVO and on the basis of an order processing agreement concluded by us with buntebrause (Art. 28 (3) p. 1 DSGVO).

f) Cookies
We use so-called "cookies" on our websites. Cookies are small text files that are stored on your terminal device and through which we or the service provider used by us receive certain information.
Cookies are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your terminal device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser.
Cookies have various functions. Many cookies are technically necessary, as certain website elements would not function without them. We may place these cookies without your consent.
Other cookies are used to evaluate user behavior or display advertising (analytical cookies). For the use of such cookies, we may need to ask for your consent.
If cookies are used by third-party companies, we will inform you about this separately within the scope of this privacy policy and may request your consent.
Cookies are used by us for the purpose of a demand-oriented design, the security of our websites, the business evaluation as well as the optimization of the websites. The legal basis for this is Art. 6 para. 1 p. 1 lit. f) DSGVO ("legitimate interests").
If we have requested your consent to the use and storage of cookies, the use and storage of the cookies in question is based exclusively on this consent (Art. 6 para. 1 p. 1 lit. a) DSGVO); consent can be revoked at any time.
To request consent, we will show you a pop-up window with an explanation about cookies ("cookie banner") when you first visit our websites. There you can select and give your consent to which categories of cookies and plugins we may use. You can find detailed information about the type and use of cookies in our Cookie Policy: [please insert link to Cookie Policy].
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, as well as activate the automatic deletion of cookies when closing the browser. We would like to point out that if you completely deactivate cookies, you may not be able to use all functions of our websites to their full extent.

g) Social-Media-Kanäle
We maintain online presences within social networks in order to be able to communicate with you and inform you about our services there. On our websites you will find links to our social media channels, marked by the link with the respective logo of the service provider. By clicking on the logo, you will be taken directly to the corresponding social media channel.
The terms and conditions and data processing policies of the respective operators apply. We have no influence on the data processing by the respective service providers.
If you use the option to mark our posts in our social media channels (e.g. with the Like button) and/or leave comments, these are publicly visible with your name and, if applicable, your profile picture. You can remove your tags and posts at any time, provided that the respective providers allow this. If you send us messages via social media channels, in addition to your name and your profile picture, we also record and process the information that you voluntarily provide to us.
The processing of your personal data is based on our legitimate interests in comprehensive information and communication with you pursuant to Art. 6 para. 1 p. 1 lit. f) DSGVO. If you are asked by the respective providers of the platforms for consent to data processing, the legal basis of the processing is Art. 6 para. 1 p. 1 lit. a) DSGVO.
You can find the provider identifications and data protection provisions (including objection options) of the providers of the social media services we use here:
• Facebook (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland):;
• Instagram (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland):;
• Twitter (Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Irland):;
• YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland):;
• LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland):;

h) Google-Analytics
We use Google Analytics, a web analytics service of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, which is provided for the European Economic Area and Switzerland by Google Ireland Limited (hereinafter referred to as "Google"), Gordon House, 4 Barrow Street, Dublin 4, Ireland, to ensure a demand-oriented design and the continuous optimization of our websites, as well as to statistically record the use of our websites and to evaluate them for the purpose of optimizing our websites for you. The legal basis for this is Art. 6 (1) p. 1 lit. f) DSGVO ("legitimate interests") and Art. 6 (1) p. 1 lit. a) DSGVO ("your consent"), which we request via the cookie banner when you use our websites.
Google Analytics uses cookies that enable an analysis of your use of our websites. The information generated by the cookie about your use of our websites is usually transmitted to a Google server and stored there. However, personal data may also be transmitted by Google to the servers of Google LLC in the USA, over which we have no control. We have activated the IP anonymization offered by Google on the websites and in the app, which means that your IP address will generally be truncated beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On our behalf, Google will use this information for the purpose of evaluating your use of our websites, compiling reports on website activity and providing other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
For the transfer of data from the European Union to third countries (such as the USA), Google previously invoked the EU-US data protection agreement "Privacy Shield". After this was declared invalid by a ruling of the ECJ of July 16, 2020, Case No. C-311/18, Google now uses the standard contractual clauses of the European Commission to ensure a level of protection adequate to European data protection regulations (Art. 46 (2) DSGVO).
You can prevent the collection and transfer of the data generated by the cookie and related to your use of our websites (including your IP address) to Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link:
You can find more information about terms of use and privacy at or under

i) Adobe Typekit Web Fonts
We use so-called web fonts from Adobe Typekit for the uniform display of certain fonts on our websites. The provider is Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (hereinafter referred to as "Adobe").
When you visit our websites, your browser loads the required fonts directly from Adobe so that they can be displayed correctly on your terminal device. In the process, your browser establishes a connection to Adobe's servers in the USA. This enables Adobe to know that your IP address has been used to access our websites. According to Adobe, no cookies are stored when providing the fonts.
For the transfer of data from the European Union to third countries (such as the USA), Adobe previously invoked the EU-US Privacy Shield. After this was declared invalid by the ECJ ruling of July 16, 2020, Case No. C-311/18, Adobe now uses the European Commission's standard contractual clauses to ensure a level of protection adequate to European data protection regulations (Art. 46 (2) GDPR). For more information, please visit:
The use of Adobe Typekit Web Fonts is necessary to ensure a consistent typeface on our websites. This constitutes a legitimate interest within the meaning of Art. 6 (1) p. 1 lit. f) DSGVO.
You can find more information about Adobe Typekit Web Fonts at:
You can find Adobe's privacy policy at:

3. what happens to information you share with us?

The information you provide voluntarily via our websites will only be used to process your request. If no contractual relationship is established between you and us, the information provided by you will be deleted as soon as your request is completed. If a contractual relationship is established, your personal data will be stored for the duration of the contractual relationship and beyond that for the duration of legal retention periods, warranty and guarantee rights and/or obligations to provide proof and then deleted.
If the purpose of storage no longer applies or if a legally prescribed storage period expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.
The legal basis for the processing of your data by us is Art. 6 para. 1 sentence 1 lit. a) DSGVO ("your consent"), if your request relates to the establishment of a contractual relationship Art. 6 para. 1 sentence 1 lit. b) DSGVO ("necessity for the performance of the contract") and Art. 6 para. 1 sentence 1 lit. f) DSGVO ("legitimate interests").
Unless otherwise stated in this privacy policy, we will not pass on any of your data to third parties, in particular not for advertising or marketing purposes. We will only forward your data to third parties if you have consented to this or if there is a legal reason for permission. This is the case, for example, if we are required to hand over the data by lawful authorities or law enforcement agencies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c) DSGVO.

4. you have the following rights:

Provided that the respective legal requirements are met, you as a user of our websites have the following rights at any time:

a) Right to information according to Art. 15 DSGVO;
b) Right to correct incorrect data or to complete data according to Art. 16 DSGVO;
c) Right to erasure according to Art. 17 DSGVO;
d) Right to restriction according to Art. 18 DSGVO;
e) Right to data portability according to Art. 20 DSGVO;
f) Right to object according to Art. 21 DSGVO;
g) Right to withdraw consent according to Art. 7 (3) DSGVO.

If you wish to assert your rights in this respect, you can contact the responsible body (see point 1.) at any time. In order to be able to process an inquiry, we are required to verify the identity of the inquirer. This measure serves to protect your data from unauthorized access by third parties.
In addition, you have the right to lodge a complaint with a supervisory authority pursuant to Art. 77 DSGVO. The Berlin Commissioner for Data Protection and Freedom of Information is responsible for us

5. data protection for minors

If a person who has not yet reached the age of 16 submits personal data via our websites, we will delete this data and not process it further as soon as we become aware of the minor.

Status: September 20, 2022

Zebralution privacy policy as Download



Thank you for your interest in cooperation. Please send us information via the contact form. We will get back to you as soon as possible.



Contact us as...
Contact us as...
Contact us as...



Thank You
for your request!

We will get back to you as soon as possible.
Your Zebralution Team!