Your Privacy Matters to Us

Privacy Policy – Insight Arcs GmbH

This is an English translation of our German privacy policy provided for your convenience.

1. Controller

Company: Insight Arcs GmbH

Address: GSG-HOF Helmholtzstraße 2-9, Building 2, Staircase H, 2nd Floor, H.02.020

ZIP, City, Country: 10587 Berlin, Germany

Commercial Register: HRB 226716 B, Local Court Berlin-Charlottenburg

Managing Director: Andreas Behrens

Phone: +49 (0)30 403 669 757

Email: info@insightarcs.com

2. Data Protection Officer

Due to the company size, no data protection officer is required (§ 38 BDSG). For privacy questions, please contact us at the above details.

3. Types of Data Processed

No special categories of personal data (Art. 9 GDPR) are processed.

4. Legal Bases

We process data under Art. 6 GDPR:

Vital interests (Art. 6(1)(d) GDPR) apply only in exceptional cases.

5. Changes

We may update this policy. Please check regularly for changes.

6. Security Measures

We implement technical and organizational measures under Art. 32 GDPR (e.g. TLS encryption, access controls).

7. Cooperation with Processors and Third Parties

Data may be shared only on the basis of:

Contracts with processors comply with Art. 28 GDPR.

8. Transfers to Third Countries

Transfers outside the EU/EEA occur only:

9. Rights of Data Subjects

You have the right to access, rectification, erasure, restriction, data portability, objection, and withdrawal of consent (Art. 15–21 GDPR).

10. Withdrawal and Objection

You may withdraw consent at any time and object to processing for direct marketing purposes.

11. Cookies & Consent Management

We use cookies only with your consent (§ 25 TTDSG) via our consent management tool.

You can delete cookies anytime in your browser or via the consent settings.

12. Data Deletion

Data is deleted once no longer necessary. Retention obligations under commercial (6 years) and tax law (10 years) remain unaffected.

13. Contact

If you contact us via email or form, we process your data to handle the request (Art. 6(1)(b) GDPR).

14. Logfiles

We collect server logfiles (IP, date, time, browser, OS). Retained max. 7 days, then deleted or anonymized.

15. Social Media Presences

We operate profiles on LinkedIn, Facebook and others. The operators’ privacy policies apply when you visit them.

16. Analytics and Marketing Services

16.1 Google Analytics 4

We use Google Analytics 4 with IP anonymization (provider: Google Ireland Limited). Legal basis: consent (Art. 6(1)(a) GDPR).

Transfers to the U.S. occur only under Standard Contractual Clauses or Data Privacy Framework.

Opt-out: tools.google.com/dlpage/gaoptout

16.2 Google Marketing Services

We use Google remarketing/ads services (incl. Tag Manager) on the basis of consent.

More info: policies.google.com/technologies/ads

16.3 LinkedIn Insight Tag

Used for campaign performance measurement. Provider: LinkedIn Corporation (USA). Transfers under DPF/SCC.

Opt-out: LinkedIn Opt-out

16.4 Facebook / Meta

We use the Meta (Facebook) Pixel for audience targeting. Transfers based on SCC/DPF.

Info: facebook.com/policy

17. Newsletter

18. Third-Party Content

We embed content from Google Fonts, Maps, YouTube. Providers may process IP addresses.

More info: Google LLC, privacy policy: policies.google.com/privacy

19. Retention Periods

Data is deleted when the purpose ends or legal retention periods expire.

20. Effective Date

This privacy policy is effective as of September 2025.