Note: This English version is provided as a courtesy translation. The legally binding version is the German version.
Last updated: June 2026
Privacy Policy of MyCRM GmbH for the website mycrm.eu.com
MyCRM GmbH provides comprehensive information to partners, customers and prospects via the website mycrm.eu.com. We attach particular importance to the confidential and secure handling of your personal data and the data of your company.
The following privacy policy is the basis of our actions and an integral part of our business relationship with interested customers and third parties. We adapt this privacy policy as required in response to legal and technical changes. The version most recently published on the website applies in each case.
Scope of this privacy policy: This privacy policy describes the processing of personal data in connection with our presence on the website mycrm.eu.com and our pre-contractual and post-contractual communication with prospects and customers. For this purpose, MyCRM GmbH is the controller within the meaning of Art. 4 No. 7 GDPR.
By contrast, for the processing of personal data arising in the course of our CRM consulting and implementation projects at the customer’s premises – in particular data held in the CRM systems we set up or maintain for customers – MyCRM GmbH acts as a processor within the meaning of Art. 28 GDPR. The details of this processing, including the sub-processors used, are governed by the data processing agreement (DPA) concluded with the respective customer and are not the subject of this privacy policy.
The controller within the meaning of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and other data protection provisions is:
MyCRM GmbH
Ritterstraße 5
73728 Esslingen am Neckar
Germany
represented by the Managing Director Clemens von Dincklage
Phone: +49 711 508878270
Email: info@mycrm.de
Website: https://mycrm.eu.com
Register court: Stuttgart Local Court (Amtsgericht Stuttgart), HRB 727784
VAT ID No.: DE262466144
The controller’s data protection officer is:
Markus Achatz
Qualitätsmanagementakademie
Raiffeisenstr. 14
86447 Aindling
Germany
Phone: +49 8237 6277
Email: markusachatz@qma-akademie.de
We process personal data on the basis of the GDPR, the German Federal Data Protection Act (BDSG), the German Telecommunications Digital Services Data Protection Act (TDDDG) and other applicable provisions.
Where we obtain consent for the processing of personal data, Art. 6(1)(a) GDPR or – for the storage of and access to information in terminal equipment – Section 25(1) TDDDG serves as the legal basis.
Where processing is necessary for the performance of a contract or for the implementation of pre-contractual measures, Art. 6(1)(b) GDPR serves as the legal basis. Where processing is necessary to fulfil a legal obligation, Art. 6(1)(c) GDPR serves as the legal basis. Where processing is necessary to safeguard a legitimate interest of our company or a third party, and the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6(1)(f) GDPR serves as the legal basis.
We host the contents of our website with Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. When you visit our website, Hetzner records various log files including your IP addresses. For details, please refer to Hetzner’s privacy policy: https://www.hetzner.com/de/rechtliches/datenschutz
We have concluded a data processing agreement pursuant to Art. 28 GDPR with Hetzner. Processing takes place exclusively on servers within the European Union.
The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure, reliable and efficient provision of our website by a professional provider.
Each time our website is accessed, an automated system collects data and information that is stored in the server’s log files. The following data may be collected:
The processing of this data serves to deliver the contents of our website, to ensure the functionality of our information technology systems, to investigate possible abusive page requests (DoS/DDoS attacks or similar) and to optimise our website. The log file data is always stored separately from other personal data of users.
The legal basis for the data processing is Art. 6(1)(f) GDPR. Our legitimate interest follows from the purposes for data collection listed above. As a rule, log files are deleted after seven days, unless longer storage is required in individual cases to investigate and pursue abusive page requests.
For security reasons and to protect the transmission of confidential content – such as the enquiries you send to us as the site operator – this website uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the browser’s address line changes from “http://” to “https://” and by the lock symbol in your browser line.
When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
We use cookies and comparable technologies (e.g. local storage, pixels, web beacons) on our website. Cookies are small data packets that are stored on your terminal device and may be read again on a subsequent visit.
We distinguish between technically necessary cookies, which are indispensable for the operation of the website (legal basis: Section 25(2) No. 2 TDDDG and Art. 6(1)(f) GDPR), and non-necessary cookies (e.g. for statistical, convenience or marketing purposes), which we only set with your express consent (legal basis: Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR).
To obtain, manage and document your consent to the setting of non-necessary cookies, we use the WordPress plugin Complianz (Complianz B.V. / iubenda). We operate Complianz ourselves on our server (see Section 4) (“self-hosted”). Your consent decision is stored via cookies or your browser’s local storage and logged in the database of our WordPress installation on our servers at Hetzner Online GmbH. With this mode of operation, no transfer of your consent data to servers of the plugin provider or other third parties takes place.
As part of consent management, the following data is generally processed:
The consent data is stored to fulfil our obligations of proof under Art. 7(1) GDPR and the accountability obligation under Art. 5(2) GDPR. The legal basis in this respect is Art. 6(1)(c) GDPR.
You can withdraw or change your consent at any time with effect for the future by calling up the cookie settings panel on our website again.
This website uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally on our server. No connection to Google’s servers is established when our pages are accessed.
For more information on Google Fonts, please see https://developers.google.com/fonts/faq and Google’s privacy policy: https://policies.google.com/privacy
We use Google Analytics (GA4) on our website, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses cookies and comparable technologies that enable an analysis of your use of the website. The information generated about your use of this website is generally transmitted to and stored on a Google server.
In doing so, Google Analytics collects information such as the pages accessed, the time spent, the approximate geographical area (based on a truncated IP address), the device used, the browser type and the source of the access. In GA4, IP addresses are processed exclusively in truncated, anonymised form; Google Analytics does not store the full IP address. We use this information to evaluate the use of our website, to compile reports on website activity and to improve our online offering.
Legal basis: Google Analytics is used exclusively on the basis of your consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR. The associated cookies and tracking technologies are only set, and Google Analytics is only loaded, after you have actively consented via our consent banner (see Section 7). You can withdraw your consent at any time with effect for the future by calling up the cookie settings panel on our website again and adjusting your selection.
Processing on our behalf and third-country reference: We have concluded a data processing agreement pursuant to Art. 28 GDPR with Google. In the course of using Google Analytics, data may be transferred to Google LLC in the USA; for the safeguards applicable to this third-country transfer, see Section 14.
For more information on how Google Analytics handles user data, please see Google’s privacy policy: https://policies.google.com/privacy and https://support.google.com/analytics/answer/6004245
We use the service Apollo.io provided by ZenLeads Inc. (d/b/a Apollo.io), 440 N Barranca Ave #4750, Covina, CA 91723-1722, USA (“Apollo”) on our website to analyse and identify website visitors. For this purpose, Apollo uses a script as well as cookies and comparable technologies that collect information about your terminal device and your usage behaviour when you visit our website.
In doing so, Apollo may process your IP address, information on the pages accessed and your navigation behaviour, and match this information against Apollo’s own database. In this way, a company and, under certain circumstances, individual persons can be associated with the website visit. We use this information to understand which companies are interested in our services and to improve our outreach to prospects.
The provider Apollo is a provider of B2B contact data (data broker) registered in several US states. Apollo processes the data collected in the course of the service on servers in the USA.
Legal basis: Apollo is used exclusively on the basis of your consent pursuant to Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR. The Apollo script and the associated cookies and tracking technologies are only loaded or set after you have actively consented via our consent banner (see Section 7). You can withdraw your consent at any time with effect for the future by calling up the cookie settings panel on our website again and adjusting your selection.
Enrichment of business contact data: Apollo can match information on website visitors and business contacts against its own database and supplement it with further business information (such as professional position, employer or business contact details). This enrichment is carried out by Apollo within the Apollo platform; Apollo (ZenLeads Inc.) is responsible as the provider for this processing. In the course of our use, we have access to this business data enriched in Apollo. Insofar as we transfer such supplementary data into our own systems and link it to a specific person, we process data that was not collected directly from you; the legal basis for this is our legitimate interest in efficient and needs-based outreach to business contacts in the B2B context pursuant to Art. 6(1)(f) GDPR. In this case, we inform you about the processing in accordance with Art. 14 GDPR; the categories of data (business contact and function data), the source (Apollo.io / ZenLeads Inc.) and your rights follow from this privacy policy. You have the right to object to this processing at any time pursuant to Art. 21 GDPR (see Section 16).
Third-country reference: In the course of using Apollo, data is transferred to ZenLeads Inc. in the USA. For the safeguards applicable to this third-country transfer, see Section 14.
For more information on data protection at Apollo and on your data subject rights – including the option to object to the processing of your data by Apollo – please see Apollo’s privacy policy at https://www.apollo.io/privacy-policy and via Apollo’s Privacy Center at https://www.apollo.io/company/privacy-center
Our website contains a contact form through which you can reach us electronically. Alternatively, you can contact us via the email address provided. If you contact us via one of these channels, the personal data you transmit (in particular name, email address, telephone number and the content of your message) is stored automatically.
The data is stored exclusively for the purpose of handling the enquiry or contacting you. The data is not disclosed to third parties outside of processing-on-behalf relationships.
The legal basis for the processing is Art. 6(1)(a) GDPR (your consent) or Art. 6(1)(b) GDPR, insofar as your enquiry is aimed at the conclusion or performance of a contract.
The personal data collected in the course of your enquiry will be deleted once the enquiry has been dealt with, unless statutory retention obligations apply. Please do not transmit any particularly sensitive data (e.g. bank details) via the contact form.
We offer our customers and prospects the opportunity to subscribe to an email newsletter through which we provide information about our products, services and campaigns. For sending the newsletter, we use CleverReach provided by CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (“CleverReach”).
Registration procedure (double opt-in): For newsletter registration, we use the so-called double opt-in procedure. After your registration, we send you an email to the email address provided, asking you to confirm that you wish to receive the newsletter. If you do not confirm your registration within a reasonable period, your data will be blocked and automatically deleted after one month.
Data we process: The mandatory detail is your email address. Providing further data (e.g. name) is voluntary and serves the purpose of personal address. In addition, we store the IP address used for registration as well as the times of registration and confirmation, in order to be able to demonstrate the registration process in accordance with statutory requirements.
Performance measurement: Performance measurement may take place in the course of sending the newsletter via CleverReach. Here we may record, for example, whether and when an email was opened and which links were clicked. This information is used for the statistical evaluation of newsletter success and the optimisation of our content. You can object to the performance measurement at any time, for example by unsubscribing from the newsletter.
Legal basis: The processing of your data for newsletter purposes is carried out on the basis of your express consent (Art. 6(1)(a) GDPR in conjunction with Section 7(2) of the German Act Against Unfair Competition (UWG)). You can withdraw your consent at any time with effect for the future, for example via the unsubscribe link at the end of each newsletter or by message to info@mycrm.de.
Storage period: The data stored for newsletter dispatch is stored until you unsubscribe and is deleted from our distribution lists after you unsubscribe – except in the case of statutory retention obligations. We reserve the right to add your email address to an internal blocking list in order to prevent future unsolicited mailings.
Processing on our behalf and storage location: We have concluded a data processing agreement pursuant to Art. 28 GDPR with CleverReach. CleverReach processes the data exclusively on servers within the European Union.
For more information, please see CleverReach’s privacy policy: https://www.cleverreach.com/de/datenschutz/
We operate our own company page on LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland), accessible at https://www.linkedin.com/company/mycrmgmbh, to provide information about us and our services.
No automated link or data transfer takes place between our website mycrm.eu.com and LinkedIn. In particular, we do not use any LinkedIn plugins, LinkedIn Insight Tags or comparable tracking elements on our website.
If you visit our LinkedIn page or interact with us, LinkedIn processes your personal data under its own responsibility or – insofar as insights data is concerned – jointly with us. We are not responsible for the processing of your data by LinkedIn on the LinkedIn platform itself; LinkedIn’s privacy policy is authoritative in this respect: https://www.linkedin.com/legal/privacy-policy
Some of the service providers we use are based outside the European Union or the European Economic Area, or process data there, in particular in the United States of America (USA). This concerns in particular the services Google Analytics and Apollo.io referred to in Sections 9 and 10.
Insofar as personal data is transferred to the USA, we base this transfer on one of the following safeguards:
A list of US companies certified under the EU-U.S. Data Privacy Framework can be found at: https://www.dataprivacyframework.gov/
On request, we will provide you with information on the specific safeguards for a particular third-country transfer.
On the website you will find links to offerings of third parties. MyCRM GmbH cannot accept any liability for these sites and the respective handling of personal data. Please observe the data protection information available on these sites regarding the respective data processing.
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller. You can assert all rights vis-à-vis the company using the contact details in Section 1, or vis-à-vis our data protection officer using the contact details in Section 2.
You have the right at any time:
Insofar as we process personal data on the basis of your consent, you may withdraw the consent you have given at any time pursuant to Art. 7(3) GDPR. We may then no longer continue the data processing based on this consent in the future. The lawfulness of the processing carried out on the basis of the consent until withdrawal remains unaffected by the withdrawal.
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6(1)(f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, insofar as there are grounds for doing so arising from your particular situation, or the objection is directed against direct marketing. In the latter case, you have a general right to object, which we will implement without the need to state any particular situation.
You have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you, unless one of the exceptions in Art. 22(2) GDPR applies.
As a matter of principle, your data is not disclosed; possible exceptions are governed by the preceding sections. In particular, no disclosure takes place for commercial purposes (address trading).
Furthermore, you have the right to lodge a complaint with the competent supervisory authority pursuant to Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or our company headquarters. The following supervisory authority is competent for us as the responsible company:
State Commissioner for Data Protection and Freedom of Information Baden-Württemberg (Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg)
Lautenschlagerstraße 20
70173 Stuttgart
Germany
Phone: +49 711 615541-0
Email: poststelle@lfdi.bwl.de
Website: https://www.baden-wuerttemberg.datenschutz.de
If you have any questions or suggestions, please feel free to send us an email at info@mycrm.de.