🇩🇪 Diese Seite gibt es auch auf Deutsch

Zur deutschen Version

Privacy Policy

Note: This is a translation of the German privacy policy for your convenience. Only the German version is legally binding.

1. Who we are

Tenschert Software GmbH
Ludwig-Erhard-Ring 32
92348 Berg b. Neumarkt i. d. OPf.
Germany

Contact:
Phone: +49 9181 52496-0 (Mon–Fri, 9am–5pm CET)
E-Mail: [email protected]

No Data Protection Officer is required.

2. What data we process – at a glance

#ProcessingTypical dataPurposeLegal Basis (GDPR)Retention Period
2.1Server log files (Cloudflare)IP address, browser, timestamp, referrerWebsite operation & IT securityLegitimate interests (Art. 6 (1) f)7 days
2.2Contact form / E-mailName, e-mail, message, metadataHandling your inquiryPre-contractual measures (Art. 6 (1) b)6 years (Commercial Code, HGB §257)
2.3Job applicationsApplication documents, correspondenceHiring process§26 BDSG + Art. 6 (1) b6 months after hiring decision
2.4Web analytics (Plausible)Shortened IP, browser info, eventsCookie-free audience measurementLegitimate interests (Art. 6 (1) f)Up to 24 months*
2.5Error monitoring (Sentry)Stack trace, shortened IP, URLError diagnosisLegitimate interests (Art. 6 (1) f)90 days
2.6Vimeo videos (two-click solution)IP, usage data, cookies set after clickVideo playbackConsent (Art. 6 (1) a)Until revoked / session

*Data will subsequently be deleted or anonymized.
**Exception: Job applications (2.3) are deleted after 6 months.

3. Hosting & Technology

Our static website is hosted on Cloudflare Pages and uses Cloudflare CDN, WAF, and DDoS protection.
Cloudflare processes log data as a data processor based on EU Standard Contractual Clauses (SCC Module 2) and is certified under the EU-US Data Privacy Framework.
We process this data based on our legitimate interests in operating and securing our website (Art. 6 (1) f GDPR).
All data transfers are encrypted (TLS 1.3).

4. Cookies & analytics without banners

We do not use marketing or tracking cookies.
Only technically necessary Cloudflare cookies for bot protection/captcha:

  • __cf_bm
  • cf_clearance

For analytics, we use Plausible Analytics (EU-hosted, cookie-free), without storing complete IP addresses. Hence, no cookie banner is needed.

5. Embedded Vimeo videos (two-click solution)

Videos remain blocked until you actively click “Load Video”.
Only then does your browser connect to Vimeo Inc. (USA), and cookies and usage data may be transmitted.
Legal basis is your consent (Art. 6 (1) a GDPR).
Vimeo secures transfers through Controller-to-Controller SCC and additional measures (IP masking, referrer policy).

6. Recipients of your data

  • Cloudflare Inc. (USA/EU) → hosting, CDN, DNS
  • Hetzner Online GmbH (Germany) → mail server, Zammad, Sentry
  • Vimeo Inc. (USA) → only after clicking videos

No other recipients.

7. Data transfers outside the EEA

ServiceCountrySafeguardsLegal justification
CloudflareUSAEU-US Data Privacy Framework + SCC (Module 2)Adequacy decision + SCC
VimeoUSAController-to-Controller SCC + IP masking, Referrer policyArt. 46 (2) c GDPR

8. How long we store your data

See table under section 2.

9. Your rights

You have the right at any time to request:

  • Access, correction, deletion of your data
  • Restriction of data processing
  • Data portability
  • Objection to processing based on legitimate interests
  • Withdrawal of given consents

To exercise these rights, just send an informal e-mail to [email protected].
We will need to verify your identity briefly to prevent misuse.

10. Right to lodge a complaint

If you believe we are not processing your data according to the GDPR, you can contact the responsible authority:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach
Germany

11. Security in brief

We protect your data through state-of-the-art encryption, strict access controls, and regular updates.

Stand: Juli 2025