This Privacy Policy is entered into between you (“you” or “user”) and hyOffice UG (haftungsbeschränkt) (“hyOffice”, “we”, “us”) and governs your use of the hyOffice website (www.hyoffice.io).

We take data protection seriously and are committed to complying with the General Data Protection Regulation (GDPR) and applicable privacy laws. This Privacy Policy describes how we collect, use, and safeguard your personal data. The responsible party within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws is:

hyOffice UG (haftungsbeschränkt)
Karwinskistr. 40
81247 Munich
Germany

Data Protection Officer:

Phone: +49 89 200 055 74
Email: contact@hyoffice.io

I. Scope of this Policy

This Privacy Policy covers the hyOffice website (www.hyoffice.io). By visiting this website, you confirm your acceptance of this Privacy Policy.

II. EU Standard Contractual Clauses

To the extent applicable, hyOffice will abide by the requirements of European Economic Area and Swiss data protection law regarding the collection, use, transfer, retention, and other processing of Personal Data from the European Economic Area and Switzerland. All transfers of Customer Data out of the European Union, European Economic Area, and Switzerland will be governed by the Standard Contractual Clauses, as designated by the European Commission.

III. Legal Basis for Processing

To the extent that we have obtained the data subject's consent for the processing of personal data, Article 6(1)(1a) of the GDPR shall serve as the legal basis.

If the processing of personal data is necessary for the performance of a contract with the data subject or for pre-contractual measures initiated by the data subject, Article 6(1)(1b) GDPR shall serve as the legal basis.

If the processing of data is the result of a legal obligation to which we are subject, we invoke Article 6(1)(1c) GDPR.

If the processing of personal data is carried out to protect the vital interests of the data subject or another natural person, we rely on Article 6(1)(1d) GDPR.

If the processing of data serves a task carried out in the public interest or in the exercise of official authority, we rely on Article 6(1)(1e) GDPR.

Insofar as the processing of personal data is necessary to protect the legitimate interests of the controller or a third party—without jeopardizing the interests, fundamental rights or freedoms of the data subject—Article 6(1)(1f) GDPR is the legal basis.

IV. Collected Data

(1) Roles. We process certain personal data as the Controller (Art. 4 (7) GDPR), meaning we determine the purposes and means of processing.

(2) Technical data (server logs). When you visit our website, our web server processes technical data that may be necessary to deliver the website, ensure stability and security, and troubleshoot issues. This may include: (a) IP address, (b) date and time of access, (c) requested URL and status code, (d) referrer URL, (e) browser and operating system information (user agent), and (f) language settings.

(3) Website analytics (Matomo). We use Matomo, a self-hosted web analytics tool, to analyze website usage and improve our website. Matomo is operated exclusively on our own infrastructure and we do not share analytics data with third parties. IP addresses are anonymized before storage.

IX. Subcontractors

We use ionos.com (web hosting) as a subcontractor to provide the technical operation of this website.

X. Links To External Sites

Our service may contain links to external sites not operated by us. We advise reviewing the privacy policies of every site you visit. We have no control over and assume no responsibility for third-party content or practices.

XI. Cookies and Web Storage

Technically necessary. Our website may use cookies and web storage that are required to provide basic website functionality and to remember preferences. Users who do not wish to allow technically necessary cookies can configure their browsers accordingly; however, some features may not function properly.

Analytics purposes (Matomo). We use Matomo for statistical analysis of website usage. For users located in the European Union or European Economic Area, analytics cookies are set only after explicit consent via the cookie consent banner. Users may withdraw or change their cookie preferences at any time with effect for the future.

XIII. Privacy Policy Changes

Although most changes are likely minor, hyOffice may change this Privacy Policy at its sole discretion. When we do, we revise the “Last updated” date. Modifications are effective when you use the website after publication. Continued use constitutes acceptance.

XIV. Data Subject Rights

You have the following rights under GDPR: (a) Access (Art. 15), (b) Rectification (Art. 16), (c) Erasure (Art. 17), (d) Restrict Processing (Art. 18), (e) Data Portability (Art. 20), (f) Object (Art. 21), (g) Withdraw Consent (Art. 7(3)). To exercise these rights, contact us. You may also lodge a complaint with a supervisory authority. A list of German authorities: bfdi.bund.de.

If you have any questions about this Privacy Policy, please contact us.