Data Protection

Privacy Policy

Last updated: May 2026

It is important to us that we use your personal data only in accordance with applicable data protection laws and that we act transparently towards you. This privacy policy explains what data we collect on our website, why we collect it, how we use it, and what rights you have regarding the processing of your personal data.

I. Data Processing

1.1 Website

We provide information about us and our services through www.velopad.com. We use log files and cookies for this purpose. The processed data is not merged with other personal data or evaluated for marketing purposes.

1.1.1 Provision of website and creation of log files

Upon every visit to our website, our web server automatically collects data and information from the computer system used to access the website. The following data is collected:

Information about the browser type and version used
Operating system of the user
IP address of the user
Date and time of access
Websites from which the user's system accessed our website

This data is also stored in our web server log files and is not stored together with other personal data of the user.

Legal basis: It is our legitimate interest to provide information about Velopad GmbH on the internet (Art. 6(1)(f) GDPR).

Storage duration: Data on the web server is deleted at the end of the session; log files are deleted after seven days at the latest. It is possible to save data beyond that period, in which case the IP addresses are anonymised.

1.1.2 Cookies

Cookies are text files stored in the internet browser or on the user's computer system by the internet browser. We use the following categories of cookies:

Cookies required for website operation

Some cookies are required to use the website and its functions. These are used to transmit and store requests for data sheets or similar resources.
Legal basis: Your consent to necessary cookies (Art. 6(1)(a) GDPR).
Storage duration: Deleted at the end of the browser session.

Cookies for statistical evaluations

Some cookies enable us to track website usage in order to optimise the user experience. The IP address is anonymised. Data collected includes: IP address (anonymised), date and time of visit, click path, usage data (views, clicks), browser and device information, visited pages, referrer URL.
Legal basis: Your consent to statistics cookies (Art. 6(1)(a) GDPR).
Third-country transfer: United States of America.
Opt-out: Deactivate or delete cookies via your browser settings.

1.2 Contact form, E-mail, Telephone

To serve customers and interested parties, we collect the following data through contact forms, email, telephone or app input forms:

Name & Company
Email address and/or telephone number
Reason for contact
Date and time of contact

Legal basis: Your consent (Art. 6(1)(a) GDPR); where contact aims at a contract, additionally Art. 6(1)(b) GDPR.
Storage duration: Until the conclusion of the conversation. Telephone numbers are cyclically overwritten by subsequent calls.
Recipient: Velopad GmbH and its subsidiaries.

1.3 Newsletter

We offer a free newsletter via double opt-in. The following data is collected upon registration: email address, IP address of the registering computer, date and time of registration. Newsletter reading habits are tracked (newsletter tracking) via a web beacon.

Service providers: Tilda Publishing Ltd., 2 Volgogradsky Ave, Suite 31, Moscow, 109316, Russia; and The Rocket Science Group, LLC (Mailchimp), 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
Legal basis: Your consent (Art. 6(1)(a) GDPR).
Opt-out: Unsubscribe at any time via the cancellation link in each newsletter.

1.4 Services provided

Within the scope of maintenance contracts or service orders, we process your service requests. Your name and contact details are stored for this purpose.
Legal basis: Contract (Art. 6(1)(b) GDPR).
Storage duration: Until the statutory archiving period expires (in Germany: 10 years).

II. Your Rights

If your personal data is processed, you are a data subject within the meaning of the GDPR and are entitled to the following rights vis-à-vis the controller:

2.1 Right of access to information (Art. 15 GDPR)

You can request confirmation as to whether personal data concerning you is being processed by us. If so, you can request information on the purposes, categories of data, recipients, storage duration, and the existence of your other rights.

2.2 Right of rectification (Art. 16 GDPR)

You have the right to request the correction and/or completion of any personal data concerning you that is inaccurate or incomplete.

2.3 Right to restrict processing (Art. 18 GDPR)

You may request the restriction of processing of personal data concerning you if you dispute its accuracy, the processing is unlawful, we no longer need it but you require it for legal claims, or you have objected to processing pursuant to Art. 21(1) GDPR.

2.4 Right of deletion (Art. 17 GDPR)

You may request deletion of personal data concerning you if it is no longer necessary for the purposes it was collected, you withdraw consent, you object to processing and there are no overriding legitimate grounds, or it has been processed unlawfully.

2.5 Right of data portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used and machine-readable format, and to transmit it to another controller where processing is based on consent or contract and carried out by automated means.

2.6 Right of objection (Art. 21 GDPR)

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you carried out on the basis of Art. 6(1)(e) or (f) GDPR.

2.7 Right to revoke consent

You have the right to revoke your data protection declaration of consent at any time without affecting the lawfulness of processing carried out on the basis of consent before its revocation. Please address your revocation to our data protection officer.

2.8 Right to lodge a complaint (Art. 77 GDPR)

Without prejudice to any other administrative or judicial remedy, you have the right to complain to a supervisory authority, in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement.

Your competent supervisory authority for Bavaria (Germany):
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
For a list of all EU supervisory authorities, see: European Data Protection Authorities

V. Web Analytics by Google Analytics

Scope of processing

On our website, we use Google Analytics to analyse our users' browsing behaviour. The software places a cookie on the user's computer. When a user visits our website, the following data is stored:

The first two bytes of the IP address of the user's system (the last two bytes are masked, e.g. 192.168.xxx.xxx)
The webpage visited
The website from which the user arrived (referrer)
The sub-pages visited
The duration of the visit
The frequency with which the webpage is visited

Legal basis

Art. 6(1)(f) GDPR — our legitimate interest in optimising and improving this website.

Purpose

The processing of users' personal data allows us to analyse browsing behaviour and compile information on how individual components of our website are used. This helps us to continually improve our website and its user-friendliness.

Storage duration & opt-out

Cookies are stored on the user's computer and transmitted to our site. You have full control over the use of cookies:

Disable or restrict the transfer of cookies via your browser settings
Delete previously stored cookies at any time via your browser settings
Prevent collection by Google Analytics by setting a Google opt-out cookie

Further information on Google's terms of use and privacy:
google.com/analytics/terms | policies.google.com/privacy