Legal

Privacy Policy

Information on how we process personal data on rydbit.com in line with Art. 13 and Art. 14 GDPR (DSGVO in Germany).

Last updated: 2026-04-22

1. Scope

This Privacy Policy applies to the website rydbit.com and all related communication channels (e.g. the contact form and email). It describes which personal data we collect when you visit the site or contact us, the purposes for which we process that data, and the rights you have under the General Data Protection Regulation (GDPR).

2. Controller

The controller responsible for the processing of personal data on this website within the meaning of Art. 4 (7) GDPR is:

RydBit
[Street + No.]
[Postal Code + City]
Germany
Email: privacy@rydbit.com

3. Data Protection Officer

We have not currently appointed a Data Protection Officer because the statutory thresholds of Art. 37 GDPR in conjunction with §38 BDSG do not apply. For all privacy-related questions you can reach us directly at the contact address below.

Contact for privacy questions: privacy@rydbit.com

4. Categories of data we process

We process personal data only to the extent necessary for each purpose. In routine operation of this website, the following categories may be processed:

Server log files when you visit the site

IP address (where possible in truncated form)
Date and time of access
Requested page / URL
Referrer URL (previously visited page)
Browser type and version
Operating system

When you contact us

If you contact us via the contact form or email, we process the information you provide (e.g. name, email address, company, message) solely to respond to your request.

Cookies and similar technologies

We use strictly necessary cookies to operate the site. Any further cookies are set only with your prior consent. Details are available in our Cookie Policy. Cookie Policy.

Storing information on, or reading information from, your device takes place exclusively on the basis of §25 TTDSG — either because the respective storage is strictly necessary to provide the service you have expressly requested (§25 (2) No. 2 TTDSG) or on the basis of your consent (§25 (1) TTDSG).

5. Legal bases for processing

Depending on the purpose, we rely on one or more of the following legal bases to process your personal data:

Consent (Art. 6 (1)(a) GDPR)Where we ask for your consent to process data (for example optional cookies or newsletter-style communication), that consent is the legal basis. Consent is voluntary and can be withdrawn at any time with effect for the future.
Contract / pre-contractual measures (Art. 6 (1)(b) GDPR)To perform a contract with you, or to take steps at your request before entering into a contract — for example handling project enquiries submitted via the contact form.
Legal obligation (Art. 6 (1)(c) GDPR)Where processing is required to comply with a legal obligation to which we are subject, e.g. commercial or tax-related retention duties under German law.
Legitimate interests (Art. 6 (1)(f) GDPR)To pursue our legitimate interests, provided your interests, fundamental rights and freedoms do not override them. Legitimate interests include, in particular, the secure and stable operation of the website, abuse prevention, and responding to non-contractual enquiries.

6. Recipients and processors

We engage carefully selected service providers who process personal data on our behalf (processors under Art. 28 GDPR). Today this covers the following categories:

Website hosting and delivery

The technical operation of the website is performed by a hosting provider ([hosting provider]). Server location is within the EU/EEA.
[Hosting provider name] · Germany / EU

Analytics / audience measurement

Any audience measurement is carried out solely with your consent. Details (the specific service, cookie lifetimes, recipients) are documented in the Cookie Policy and the consent banner as soon as a respective tool is active. Until then, no analytics tools are loaded. [Analytics provider: to be specified once a tool is deployed.]

Email delivery and support communication

For email communication we use an established email provider ([email provider]). Data processed there is limited to delivery and, where applicable, spam prevention.

We have entered into — or will enter into, before productive use — a Data Processing Agreement under Art. 28 GDPR with every processor.

7. Storage duration

We store personal data only for as long as necessary for the respective purpose or as required by statutory retention periods. In detail:

Server log files are deleted or anonymized after a maximum of 14 days in regular operation. Longer storage takes place only where required to defend against a specific attack or to investigate technical incidents.
The content of enquiries is retained for as long as required to handle the request and any follow-up communication. It is then deleted unless statutory retention obligations apply.
Statutory retention periods (e.g. §257 HGB, §147 AO) of up to ten years remain unaffected.

8. Transfers to third countries

We aim to process your personal data exclusively within the EU and the EEA. Where an individual processor transfers data to a third country (e.g. the United States), this takes place only on a basis permitted by Art. 44 et seq. GDPR.

Appropriate safeguards are provided in particular through EU Standard Contractual Clauses (Art. 46 (2)(c) GDPR) and supplementary technical and organizational measures. Where an adequacy decision by the EU Commission (Art. 45 GDPR) is available for the country in question, we rely on that.

9. Your rights as a data subject

As a data subject under the GDPR, you have the following rights with respect to us:

Right of access (Art. 15 GDPR)You may request confirmation of whether, and which, personal data we process about you.
Right to rectification (Art. 16 GDPR)You may request that inaccurate data be corrected or that incomplete data be completed.
Right to erasure (Art. 17 GDPR)You may request the deletion of your data where the statutory conditions are met.
Right to restriction of processing (Art. 18 GDPR)You may ask us to restrict the processing of your data under the circumstances set out in Art. 18 GDPR.
Right to data portability (Art. 20 GDPR)You may receive the data you provided to us in a structured, commonly used and machine-readable format, or request that we transmit it to another controller.
Right to object (Art. 21 GDPR)You may object, on grounds relating to your particular situation, to processing that is based on Art. 6 (1)(f) GDPR.
Right to withdraw consent (Art. 7 (3) GDPR)You may withdraw any consent you have given at any time with effect for the future. The lawfulness of processing carried out on the basis of consent before its withdrawal is not affected.
Right to lodge a complaint (Art. 77 GDPR)You have the right to lodge a complaint with a data protection supervisory authority — in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement.

To exercise your rights, an informal message to the address listed in the Imprint or under "Contact for privacy matters" is sufficient. We respond within the statutory time limits.

The competent supervisory authority is, as a rule, the data protection authority of the German federal state in which the controller is based. An overview is available on the website of the Datenschutzkonferenz (www.datenschutzkonferenz-online.de).

10. Automated decision-making and profiling

We do not carry out decisions based solely on automated processing — including profiling — within the meaning of Art. 22 GDPR on this website.

11. Changes to this Privacy Policy

We reserve the right to update this Privacy Policy to reflect changes in the legal framework or in our services and processing activities. The current version is always available at this URL.

12. Contact for privacy matters

For any privacy-related enquiry — including exercising your rights under Art. 15 to 22 GDPR — you can reach us at:

Email: privacy@rydbit.com