Privacy Policy of DAYONE GmbH
Version 1.2, as of May 18, 2022

As of May 25, 2018, the provisions of the EU General Data Protection Regulation (hereinafter referred to as GDPR) apply throughout Europe. Below, we would like to inform you about the processing of personal data carried out by DAYONE GmbH in accordance with this new regulation (see Article 13 GDPR). Please read our Privacy Policy carefully. If you have any questions or comments regarding this Privacy Policy, you may contact us at any time using the email address provided in Section 3.

Table of Contents

  1. Summary


  2. Overview


  3. Who is responsible for data processing on this website and how can the Data Protection Officer be contacted?


  4. How, for what purpose, and on what legal basis is your data processed?

4.1. How and on what legal basis do we process your data when you access our website?

4.2. How, to what extent, and on what legal basis do we process your data when concluding, performing, or terminating a contract?

4.3. How, for what purpose, and on what legal basis do we process your data in connection with our online presence and website optimization?

  1. When do we transfer your data to recipients outside the EU?


  2. What rights do you have regarding your data?


  3. How long is your data stored with us?

1. Summary

1.1. Who is responsible for data processing?

DAYONE GmbH
Oudenarder Str. 16
D-13347 Berlin, Germany

1.2. How can the Data Protection Officer be contacted?

Our Data Protection Officer, attorney Mr. Marco Koehler, can be reached at the above address, attention: Data Protection Department, or via email at: datenschutz@dayone.de

1.3. What is the purpose of data processing?
When you access our website, your browser automatically sends information (including your IP address) to our website’s server without any action on your part, and this information is temporarily stored in a so-called log file. The legal basis for processing the IP address is Article 6(1)(f) GDPR. Our legitimate interest arises from ensuring a smooth connection setup, a comfortable user experience on our website, and the evaluation of system security and stability.


In addition, we process the data necessary for the conclusion, execution, or termination of a contract with you in connection with our agency services in the field of digital innovation and design. The legal basis for this is Article 6(1)(b) GDPR, i.e., you provide us with the data on the basis of the contractual relationship between you and us.


We also offer you the opportunity to subscribe to our newsletter via our website. The processing of your electronic contact data in this context is based solely on your consent (Article 6(1)(a) GDPR).


Furthermore, we process your data in connection with our online presence and the optimization of our website.

For this purpose, we use so-called cookies on our website. If these cookies involve personal data, their use is based on your consent in accordance with Article 6(1)(a) GDPR and on the basis of Article 6(1)(f) GDPR. Our interest in optimizing our website is considered legitimate within the meaning of the aforementioned provision.


In addition, we use the following services:
To tailor and continuously optimize our site to meet your needs, we use Google Analytics based on your consent (see Article 6(1)(a) GDPR).


For the purpose of communicating with our users and presenting our public image, we operate pages on various social networks. Currently, our content can be found on Instagram, LinkedIn, Spotify, Vimeo, and Medium. Our website also contains links to our presence on these platforms.

1.4. When do we transfer your data to recipients outside the EU?

In certain cases, we may transfer your data to recipients located outside the EU or the European Economic Area.

1.5. What rights do you have regarding your data?

In addition to the right to withdraw any consent you have given us, you also have the following rights, provided the respective legal requirements are met:


The right to access the personal data concerning you (Art. 15 GDPR), to rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR), to restriction of processing (Art. 18 GDPR), to object to processing (Art. 21 GDPR) and the right to data portability (Art. 20 GDPR)

If you believe that the processing of your personal data violates the GDPR, you also have the right to lodge a complaint with a supervisory authority.

1.6. How long is your data stored with us?

The duration of the storage of personal data generally depends on the specific purpose of the processing and the applicable statutory retention periods (e.g., commercial and tax retention periods). Once the relevant period has expired, the corresponding data is routinely deleted.

2. Overview

The following privacy information informs you about the nature and scope of the processing of so-called personal data by DAYONE GmbH. Personal data refers to information that can be directly or indirectly attributed to you as an individual.


The data processing by DAYONE GmbH can essentially be divided into two categories:


  • For the purpose of contract execution, all data necessary for the fulfillment of a contract with DAYONE GmbH is processed. If external service providers are involved in the execution of the contract (e.g., payment service providers), your data will be shared with them to the extent necessary.

  • When you visit the website of DAYONE GmbH, various pieces of information are exchanged between your device and our server. This may also include personal data. The information collected in this way is used, among other things, to optimize our website or to display advertising in your device’s browser.


In accordance with the requirements of the GDPR, you have various rights that you can assert against us. These include, for example, the right to object to certain types of data processing, particularly data processing for advertising purposes. The option to object is highlighted in print for emphasis.


If you have any questions about our privacy policy, you are welcome to contact our Data Protection Officer at any time. You will find the contact details below.

3. Who is responsible for data processing on this website and how can the Data Protection Officer be contacted?

This privacy notice applies to data processing by
DAYONE GmbH, Oudenarder Str. 16, D-13347 Berlin ("Controller"), and the following website:


http://www.dayone.de


The Data Protection Officer of DAYONE GmbH, Attorney Marco Koehler, can be reached at the above address, Attn: Data Protection Department, or via email at datenschutz@dayone.de.

4. How, for what purpose, and on what legal basis is your data processed?

4.1. How and on what legal basis do we process your data when you access our website?

4.1.1. Accessing our website

When you access our website, your browser automatically sends information to our website server, where it is temporarily stored in a so-called log file. We have no influence over this. The following information is automatically collected and stored until it is automatically deleted:

  • the IP address of the requesting internet-enabled device

  • the date and time of access

  • the name and URL of the requested file

  • the website from which the access was made (referrer URL)

  • the browser you are using, and if applicable, your computer’s operating system and the name of your access provider

Legal basis for processing the IP address: Article 6(1)(f) GDPR
Our legitimate interest arises from the following purposes of data collection. Please note that this data does not allow us to draw direct conclusions about your identity, nor do we attempt to do so.

We use the IP address of your device and the above-listed data for the following purposes:

  • Ensuring a smooth connection to the website

  • Ensuring convenient use of our website/application

  • Evaluating system security and stability

  • Other administrative purposes

The data is stored for a period of 30 days and then automatically deleted. Additionally, we use cookies and tracking tools on our website. Details about these technologies and how your data is used in this context can be found in section 4.3.

If you have enabled geolocation services in your browser, operating system, or other device settings, we may use this function to provide you with location-based services (e.g., showing the nearest office location). Your location data is processed solely for this function and deleted once the function is terminated.

4.1.2. Use of Webflow

We use Webflow in conjunction with our hosting provider. Webflow is provided by Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereafter "Webflow").


We use Webflow as a tool to create and manage our website. When you visit our website, Webflow collects various log files as well as your IP address. Webflow also stores cookies and other recognition technologies that are necessary for the display of the website, to provide certain website functionalities, and to ensure security (so-called essential cookies).


Legal basis for data processing: Article 6(1)(f) GDPR – Our legitimate interest lies in ensuring reliable website presentation.
If we have obtained your consent, data processing is based on your consent under Article 6(1)(a) GDPR and Section 25(1) TTDSG. You may revoke this consent at any time.


Because Webflow is integrated with our hosting provider, this results in a transfer of data to the USA. However, Webflow is certified under the EU-US Data Privacy Framework, a framework that ensures compliance with EU data protection standards for processing in the United States. All companies certified under this framework are obligated to comply with these standards.


We have also signed a data processing agreement with Webflow.


For more information about data protection at Webflow, visit:
https://webflow.com/legal/eu-privacy-policy


For information on Webflow’s certification under the EU-US Data Privacy Framework, visit:
https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000TT9jAAG&status=Active

4.2. How, to what extent, and on what legal basis do we process your data when concluding, executing, or terminating a contract?

4.2.1. Data Processing Upon Contract Conclusion

The business purpose of DAYONE GmbH is to provide agency services in the field of digital innovation and design—particularly shaping mobile and context-driven ideas into pioneering service innovations. In this context, we process the data necessary to conclude, execute, or terminate a contract with you. This includes:

  • Company / Business / Institution

  • First name, last name

  • Billing and delivery address

  • Email address

  • Billing and payment data

  • Date of birth (if applicable)

  • Phone number (if applicable)

Legal basis: Article 6(1)(b) GDPR – You provide us with this data based on the contractual relationship between you and us.
Additionally, we are legally required to process your email address in order to send an electronic order confirmation as mandated by the German Civil Code (BGB) (Article 6(1)(c) GDPR). Unless we use your contact details for advertising purposes, we store the data collected for contract processing until the expiry of statutory or possible contractual warranty and guarantee rights. After this period, we retain the information required by commercial and tax law for the legally specified time periods. For this duration (typically ten years from the conclusion of the contract), the data is processed only in the event of a review by the tax authorities.

4.2.2. Events

DAYONE occasionally organizes events in various formats. For the preparation and execution of these events, we use the data collected during event registration. For example, the email address is used to send calendar invitations and—depending on the event format—also to validate participants.


Legal basis: Article 6(1)(b) GDPR.

4.2.3. Newsletter Distribution

On our website, you have the option to subscribe to our newsletter. To ensure that no errors occur when entering your email address, we use the so-called double opt-in procedure. After entering your email address in the registration form, we will send you a confirmation link. Only after clicking this link will your email address be added to our distribution list. The processing of your electronic contact data at this point is based solely on your consent (Article 6(1)(a) GDPR). You may revoke your consent at any time with effect for the future. A short notice via email to the address mentioned in Section 3 or by clicking the “Unsubscribe” link at the end of each newsletter is sufficient.

4.3. How, for what purpose, and on what legal basis do we process your data in connection with our online presence and website optimisation?

4.3.1. Cookies – General Information

We use so-called cookies on our website. Insofar as these cookies involve the processing of personal data, the legal basis is Article 6(1)(f) GDPR. Our interest in optimizing our website is deemed legitimate under this provision. Cookies are small files that are automatically created by your browser and stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not harm your device, nor do they contain viruses, trojans, or other malicious software. The cookie stores information that arises in connection with the specific device used. However, this does not mean that we can directly identify you.

The use of cookies serves the following purposes:

  • To make the use of our services more convenient for you. For instance, we use session cookies to recognize that you have already visited individual pages of our website or that you are already logged into your customer account. These are deleted automatically when you leave our site.

  • We also use temporary cookies to enhance user-friendliness. These are stored on your device for a defined period. When you revisit our site, it will recognize that you have visited us before and recall your settings and entries so that you do not have to enter them again.

Additionally, we use cookies to statistically record the use of our website, to analyze it for optimization purposes, and to display tailored information. These cookies allow us to recognize that you have visited our site before. These cookies are automatically deleted after a defined period. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored, or a notification appears before a new cookie is created. Disabling cookies completely may result in not being able to use all features of our website.The storage duration of cookies depends on their specific purpose and may vary.

If personal data is processed by cookies based on your consent, this is done according to Article 6(1)(a) GDPR and § 25(1) TTDSG, insofar as the consent includes the storage of cookies or access to information on your device (e.g., device fingerprinting) as defined by the TTDSG. Otherwise, processing is based on Article 6(1)(f) GDPR to safeguard our legitimate interest in the optimal functionality of the website and a user-friendly, effective experience.

4.3.2. Google Analytics

For the purpose of designing our pages in a needs-based manner and continuously optimizing them, we use Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”), based on your consent (see Article 6(1)(a) GDPR and § 25(1) TTDSG). In addition, the use of Google Analytics to tailor and continuously improve our website constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR.

Google Analytics uses cookies with a validity of 14 months to collect your access data when you visit our website. These access data are compiled by Google on our behalf into pseudonymized user profiles and transmitted to a Google server in the USA. Your IP address is anonymized beforehand. As a result, we are unable to identify which user profiles belong to a specific individual. Based on the data collected by Google, we cannot identify you or determine how you use our website.


The information generated by the cookie about your use of this website includes:


  • Browser type/version

  • Operating system used

  • Referrer URL (the previously visited page)

  • Hostname of the accessing computer (IP address)

  • Time of the server request

This information is transferred to and stored on a server operated by Google in the USA.


If personal data is exceptionally transferred to the USA, Google has incorporated the EU Standard Contractual Clauses into its terms of use, thereby guaranteeing compliance with European data protection principles and levels, even during data processing in the USA.


Google will use the information collected by cookies on our behalf to evaluate your use of the website, compile reports on website activity, and provide other services related to website and internet usage. You can find more information in the Google Analytics Privacy Policy.

Google Analytics sets the following three cookies for the specified purposes and durations:

  • -ga: 2 years (to distinguish website visitors)

  • _gid: 24 hours (to distinguish website visitors)

  • -gat: 1 minute (to limit requests to Google's servers)


You can object to web analysis by Google at any time. You have several options:


  • Configure your browser to block cookies from Google Analytics.

  • Adjust your advertising settings with Google.

  • Set an opt-out cookie by clicking here: Deactivate Google Analytics

  • Install the opt-out browser add-on provided by Google for Firefox, Internet Explorer, or Chrome (note: this does not work on mobile devices): [Browser Add-on link]


More information about Google Analytics can be found in Google's privacy notices.

4.3.3. Paperturn

On our website, we use the online flipbook tool Paperturn provided by Paperturn ApS, Klokkestøbervej 16, 5230 Odense M, Denmark. Paperturn is a PDF reader that allows you to convert PDF pages into an online flipbook. When interacting with Paperturn, personal data is processed to gather information about how Paperturn is used. For this purpose, Paperturn processes the following data:


  • Your IP address

  • Date and time of use,

  • the browser used, and

  • the actions you take within the application.


This information helps to further improve the service. Paperturn processes this personal data exclusively within the European Economic Area.


For more information on data protection at Paperturn, please see here: https://www.paperturn.com/de/rechtsportal/datenschutz-richtlinien

4.3.4. Hubspot

Our website contains tracking technology from HubSpot Inc., 24 First St, 2nd Floor, Cambridge/MA 02141, United States (“HubSpot”). This may include cookies. HubSpot collects and stores usage data in pseudonymous profiles to enable interest-based advertising.


You can revoke your consent to user tracking and the associated recording of your user behaviour by disabling cookies (see 4.3.1).


Please refer to the consent options and ways to change consent described above in 4.3.1. For more information on data processing by HubSpot, please visit the HubSpot website of HubSpot. 

4.3.5. Typeform

We use Typeform for conducting surveys. These services are provided by TYPEFORM SL, C/Bac de Roda, 163 (Local), 08018 Barcelona Spain (Typeform). This enables us to improve our service through surveys.

To this end, we provide the following personal data to Typeform:


[Email address], [First name], [Last name], [Phone number]. Mandatory information is marked with a *.


Additionally, Typeform collects the following personal data via cookies: information about your device (IP address, device information, operating system, browser settings). Furthermore, usage data is collected, such as the date and time when you used the contact form. Typeform needs this data to ensure the display of the form and its functionality. This is in accordance with Typeform's legitimate interest (under Art. 6 para. 1 lit. f GDPR) and serves the performance of the contract (under Art. 6 para. 1 lit. b GDPR). You can find more information at:


https://help.typeform.com/hc/en-us/articles/360029581691-What-happens-to-my-data


For more information on objection and removal options regarding Typeform, please visit:

https://admin.typeform.com/to/dwk6gt


The legal basis for these processes is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can withdraw your consent to the processing of your personal data at any time. The withdrawal can be made through the specified contact options. Your data will be processed as long as corresponding consent is in place. The legitimacy of the previous processing is not affected by the declaration of withdrawal.

4.3.6. Social Media

On our website, there are so-called hyperlinks to our offers on various social networks. When these hyperlinks are activated, you will be redirected directly from our website to the website of the social network. You can recognise this, among other things, by the change in the URL address. We accept no responsibility or liability for the confidential handling of your (personal) data by providers of other websites, as we neither know their data protection provisions nor have any influence on compliance with them.

4.3.6.1 Instagram

We maintain one or more presences on the social network Instagram to communicate with users registered there and to inform them about our company and our services. There is a hyperlink to the social network Instagram on our website, which is provided by Facebook Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. The Instagram hyperlink is marked with an Instagram logo. An overview of the appearance of the Instagram logo can be found at the following link.


If you click on the Instagram hyperlink, you will be redirected directly to our offering on Instagram and can follow us – provided you are logged into your Instagram account – on Instagram. Instagram/Facebook then receives the information that you have visited our website with your IP address. Additionally, it becomes possible for Instagram/Facebook to associate your visit to our website – if you are logged into your Instagram account – with you and your user account. We would like to point out that we have no knowledge of the content of the transmitted (personal) data and its use by Instagram/Facebook.


We process your data that you send us through these networks to communicate with you and to respond to your messages there.
This may also involve storage and further processing by us.


If you have given consent to Instagram for the data processing described above with effect for us, the legal basis is Art. 6 para. 1 lit. a GDPR. In addition, we have a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR in communicating with users as well as in our external representation for the purpose of advertising our company.


The purpose and extent of data collection and the further processing and use of data by Facebook, as well as your related rights and settings options to protect your privacy, can be found in the data protection notices of Instagram/Facebook. If you do not wish Instagram/Facebook to directly associate the information collected about your visit to our website with your Instagram profile, you must log out of Instagram before visiting our website.


For cases where personal data is transferred to the USA, standard contractual clauses apply.

4.3.6.2 LinkedIn

Our company operates a social media channel on the LinkedIn platform. There is a hyperlink to the LinkedIn platform on our website. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. The LinkedIn hyperlink is marked with a LinkedIn logo. An overview of the appearance of LinkedIn logos can be found behind the following link.


When you click the LinkedIn hyperlink, you will be redirected directly to our offer on LinkedIn and can follow us on LinkedIn – provided you are logged into your LinkedIn account. LinkedIn receives the information that you have visited our website with your IP address. Additionally, LinkedIn can then assign your visit to our website – provided you are logged into your LinkedIn account – to you and your user account. We would like to point out that we have no knowledge of the content of the transmitted (personal) data or their use by LinkedIn.

We process your data only when you contact our HR department through the LinkedIn platform or apply for a posted position via LinkedIn for these purposes. In this case, LinkedIn collects your data and makes it available to us. If you have given consent to the provider of the social network for the aforementioned data processing with effect for us, the legal basis is Article 6(1)(a) GDPR. This may also involve storage and further processing by us. Furthermore, we have a legitimate interest under Article 6(1)(f) GDPR in communicating with users and in our external representation for the purpose of advertising our company.


The purpose and scope of data collection and the further processing and use of data by LinkedIn, as well as your related rights and options for protecting your privacy, can be found in LinkedIn's privacy notices. If you do not wish LinkedIn to directly associate the information collected about your visit to our website with your LinkedIn profile, you must log out of LinkedIn before visiting our website.


For cases where personal data is transferred to the USA, the standard contractual clauses concluded with LinkedIn apply.

4.3.6.3 Vimeo

We operate one or more corporate websites on the social media network Vimeo, which is operated by Vimeo Inc., 555 West 18th Street, 10011 New York, primarily for self-presentation but also for recruiting. On our website, you will find a hyperlink to our offering on Vimeo, which is marked by the Vimeo logo. An overview of the appearance of the Vimeo logo can be found behind the following link.


Once you click on the hyperlink from Vimeo, you will be directed to our offering on Vimeo and can follow us – provided you are logged into your user account on Vimeo. This allows Vimeo to receive information that you visited our website with your IP address. Furthermore, in this case, Vimeo can link your visit to our website – if you are logged into your user account on Vimeo – to you and your user account. We would like to point out that we have no knowledge of the content of the transmitted (personal) data or their use by Vimeo.

We only process your data if you contact us via the Vimeo platform. In this case, Vimeo collects your data and provides it to us. There may also be storage and further processing by us. If you have given consent to Vimeo regarding the aforementioned data processing with effect for us, the legal basis is Article 6(1)(a) GDPR. Additionally, we have a legitimate interest pursuant to Article 6(1)(f) GDPR in the form of communication with our users as well as in our external representation for advertising purposes for our company.


The purpose and extent of data collection and the further processing and use of data by Vimeo as well as your related rights and settings for protecting your privacy can be found in Vimeo's privacy policy. If you do not wish for Vimeo to directly associate the information collected during your visit to our website with your Vimeo user account, you must log out of Vimeo before visiting our website.


For cases where personal data is transferred to the USA, the standard contractual clauses concluded with Vimeo shall apply.

4.3.6.4 Spotify

On our pages, you will find a hyperlink to the music service Spotify. The provider is Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm, Sweden. You can recognise the hyperlink by the green Spotify logo on our website. An overview of the appearance of the Spotify logo can be found behind the following link.


As soon as you click on the Spotify hyperlink, you will be redirected directly to our offering on Spotify and can follow us there – provided you are logged into your user account on Spotify. In this case, Spotify receives the information that you have visited our website with your IP address. Furthermore, it is possible for Spotify to associate your visit to our website with you and your user account – provided you are logged into your user account on Spotify. We would like to point out that we have no knowledge of the contents of the transmitted (personal) data and their use by Spotify.


We only process your data when you contact us via the music service Spotify. In this case, Spotify collects your data and makes it available to us. This may involve storage and further processing by us. If you have given consent to Spotify for the aforementioned data processing, which is effective for us, the legal basis is Article 6(1)(a) GDPR. In addition, we have a legitimate interest as per Article 6(1)(f) GDPR in communicating with our users and in our public representation for the purpose of promoting our company.


The purpose and scope of data collection and the further processing and use of the data by Spotify, as well as your related rights and options to protect your privacy, can be found in Spotify's privacy policy. If you do not wish for Spotify to immediately associate the information collected about your visit to our website with your Spotify account, you must log out of your Spotify account before visiting our website.

4.3.6.5 Medium

We also operate a page on the "Medium" portal, where we provide articles. The operator of this portal is A Medium Corporation, c/o Legal Department, P.O. Box 602, San Francisco, CA 94104–0602. The hyperlink placed on our page to our offerings on Medium is recognisable by the Medium logo. An overview of how the Medium logo looks can be found at the following link.


As soon as you click the Medium hyperlink, you will be redirected directly to our offerings on Medium and can follow us – provided you are logged into your user account at Medium. In this way, Medium receives the information that you visited our website with your IP address. Moreover, it is possible for Medium in this case to associate your visit to our website – provided you are logged into your user account at Medium – with you and your user account. We point out that we have no knowledge of the content of the transmitted (personal) data or their use by Medium.


We only process your data when you comment on our articles, follow us, or "like" the post; on Medium, this is the applause ("claps"). All this data is also processed by Medium. There may be storage and further processing by us as well. For the comments and "claps" you make, the legal basis is your implied consent under Art. 6 para. 1 lit. a GDPR. Additionally, we have a legitimate interest under Art. 6 para. 1 lit. f GDPR in the form of communication with our users and our external representation for the purpose of advertising our company.

The purpose and scope of the data collection and the further processing and use of the data by Medium as well as your related rights and options for protecting your privacy can be found in the privacy policy of Medium. If you do not wish for Medium to directly associate the information gathered from your visit to our website with your Medium account, you must log out of your Medium account before visiting our website.

  1. When do we share your data with recipients outside the EU?

Except for the processing described in 4.3, we do not pass your data to recipients based outside the European Union or the European Economic Area. The processing referred to in 4.3 involves the transfer of data to the servers of the providers of tracking technologies commissioned by us. These servers are located in the USA. The data transfer is based on so-called standard contractual clauses of the EU Commission.  


We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are required to disclose personal data to security authorities without you as the affected party being able to take legal action against it. It cannot therefore be ruled out that US authorities (e.g., intelligence services) may process, evaluate and permanently store your data located on US servers for surveillance purposes. We have no influence over these processing activities.

6. What rights do you have regarding your data?

6.1.     Overview

In addition to the right to revoke your consents granted to us, you have the following additional rights where the respective legal requirements are met:


  • Right to information about your personal data stored with us according to Art. 15 GDPR; in particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the intended storage duration, the origin of your data, if they were not collected directly from you,

  • Right to correction of inaccurate or completion of correct data according to Art. 16 GDPR,

  •  Right to deletion of your data stored with us according to Art. 17 GDPR, provided there are no legal or contractual retention periods or other legal obligations or rights to further storage,

  • Right to restriction of the processing of your data according to Art. 18 GDPR, provided that the accuracy of the data is contested by you, the processing is unlawful, but you refuse deletion; the controller no longer needs the data, but you require it for the assertion, exercise, or defense of legal claims, or you have objected to the processing according to Art. 21 GDPR,

  • Right to data portability according to Art. 20 GDPR, i.e., the right to receive selected data stored about you with us in a commonly used, machine-readable format, or to request transmission to another controller

  • Right to complain to a supervisory authority. As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at our company's registered office for this purpose.

6.2.     Right of objection
Under the conditions of Article 21, Paragraph 1 of the GDPR, data processing may be objected to for reasons arising from the particular situation of the data subject.


The aforementioned general right of objection applies to all processing purposes described in this data protection information that are processed on the basis of Article 6, Paragraph 1, Letter f) of the GDPR. Unlike the specific right of objection aimed at data processing for advertising purposes, we are only obliged under the GDPR to implement such a general objection if you provide us with reasons of overriding significance (e.g. a possible threat to life or health). Furthermore, there is the possibility to contact the relevant supervisory authority, the Berlin Commissioner for Data Protection and Freedom of Information, at DAYONE GmbH.

7.     How long will your data be stored with us?

The duration of storage of personal data is based on the respective legal retention periods (e.g. commercial and tax retention periods). Typically, this period is 3 years (e.g. in the case of the regular limitation period for contractual claims) or 10 years (e.g. in the case of tax retention periods). After the expiry of the period, the corresponding data will be routinely deleted, unless they are no longer necessary for the fulfilment of the contract or for initiating a contract and/or we have no legitimate interest in continuing to store them.

Current status: 18 May 2022