Table of contents

Heading 1
Heading 2
Heading 3
Heading 4

Privacy Policy

1. Preamble

With the following privacy policy, we would like to inform you aboutwhich types of your personal data (hereinafter also referred to as"data") we process, for what purposes, and to what extent. Thisprivacy policy applies to all processing of personal data carried out by us,both in the context of providing our services and in particular on ourwebsites, in mobile applications, and within external online presences, such asour social media profiles (hereinafter collectively referred to as "onlineoffering").

The terms used are not gender-specific.

As of: May 21, 2025

2. Person responsible

EcoBeam GmbH

Address: 17 Mönckebergstraße, Hamburg 20095, Germany

Email: info@ecobeam.eu

Director: Leon-Morris Heinrich Nagel

Commercial register: Hamburg District Court

HRB: 173075

Revenue tax number: DE350712738

Email address: admin@ecobeam.eu

3. Relevant legal bases

Relevant legal bases under the GDPR: Below you will find an overview ofthe legal bases under the GDPR on which we process personal data. Please notethat in addition to the provisions of the GDPR, national data protectionregulations may apply in your or our country of residence or domicile. Shouldmore specific legal bases apply in individual cases, we will inform you ofthese in the privacy policy.

  • Consent     (Article 6 (1) (a) GDPR) - The data subject has given his     or her consent to the processing of personal data concerning him or her     for a specific purpose or several specific purposes.
  • Contractual     performance and pre-contractual inquiries (Article 6 (1) (b) GDPR) - Processing     is necessary for the performance of a contract to which the data subject     is party or for the implementation of pre-contractual measures taken at     the request of the data subject.
  • Legal     obligation (Article 6 (1) (c) GDPR) - Processing is necessary to     fulfill a legal obligation to which the controller is subject.
  • Legitimate     interests (Article 6 (1) (f) GDPR) - processing is necessary to     protect the legitimate interests of the controller or a third party,     provided that the interests, fundamental rights and freedoms of the data     subject which require protection of personal data do not prevail.

National data protection regulations in Germany: In addition to thedata protection regulations of the GDPR, national data protection regulationsapply in Germany. This includes, in particular, the Federal Data Protection Act(BDSG). The BDSG contains, in particular, special provisions on the right toinformation, the right to erasure, the right of objection, the processing ofspecial categories of personal data, processing for other purposes, andtransmission, as well as automated decision-making in individual cases,including profiling. Furthermore, state data protection laws of individualfederal states may apply.

Note on the applicability of the GDPR and the Swiss Data Protection Act: This privacy policyserves to provide information in accordance with both the Swiss Data ProtectionAct (DSG) and the General Data Protection Regulation (GDPR). For this reason,we ask you to note that, due to their broader geographical application andclarity, the terms of the GDPR are used. In particular, instead of the terms"processing" of "personal data," "overridinginterest," and "particularly sensitive personal data" used inthe Swiss Data Protection Act, the terms "processing" of"personal data," "legitimate interest," and "specialcategories of data" used in the GDPR are used. However, the legal meaningof the terms will continue to be determined according to the Swiss DataProtection Act within the scope of the Swiss Data Protection Act.

4. Overview of processing

The following overview summarizes the types of data processed and thepurposes of their processing and refers to the data subjects.

Types of data processed

  • Inventory data.
  • Payment     details.
  • Contact     details.
  • Content data.
  • Contract data.
  • Usage data.
  • Meta,     communication and procedural data.
  • Log data.

Categories of data subjects

  • Service     recipient and client.
  • Interested     parties.
  • Communication     partner.
  • Users.
  • Business and     contractual partners.

Purposes of processing

  • Provision of     contractual services and fulfillment of contractual obligations.
  • Communication.
  • Security     measures.
  • Direct     marketing.
  • Reach measurement.
  • Office and     organizational procedures.
  • Organizational     and administrative procedures.
  • Feedback.
  • Marketing.
  • Profiles with     user-related information.
  • Provision of     our online offering and user-friendliness.
  • Information     technology infrastructure.
  • Sales     promotion.
  • Business     processes and business procedures.

5. Security measures

In accordance with the legal requirements, taking into account the stateof the art, the implementation costs and the nature, scope, circumstances andpurposes of the processing as well as the different probabilities of occurrenceand the extent of the threat to the rights and freedoms of natural persons, wetake appropriate technical and organisational measures to ensure a level ofprotection appropriate to the risk.

These measures include, in particular, ensuring the confidentiality,integrity, and availability of data by controlling physical and electronicaccess to the data, as well as the access, input, and transfer of data,ensuring its availability, and segregation. Furthermore, we have establishedprocedures that ensure the exercise of data subjects' rights, the deletion ofdata, and responses to data threats. Furthermore, we consider the protection ofpersonal data right from the development and selection of hardware, software,and processes in accordance with the principle of data protection, throughtechnology design, and through data protection-friendly default settings.

6. Transmission of personal data

As part of our processing of personal data, it may happen that this datais transmitted to or disclosed to other bodies, companies, legally independentorganizational units, or individuals. Recipients of this data may include, forexample, service providers commissioned with IT tasks or providers of servicesand content integrated into a website. In such cases, we comply with legalrequirements and, in particular, conclude appropriate contracts or agreementswith the recipients of your data that serve to protect your data.

7. International data transfers

Data processing in third countries: If we transfer data to a thirdcountry (i.e. outside the European Union (EU) or the European Economic Area(EEA)) or if this occurs as part of the use of third-party services or thedisclosure or transmission of data to other persons, bodies or companies (whichcan be identified by the postal address of the respective provider or if thedata transfer to third countries is expressly referred to in the dataprotection declaration), this is always done in accordance with the legalrequirements.

For data transfers to the USA, we primarily rely on the Data PrivacyFramework (DPF), which was recognized as a secure legal framework by anadequacy decision of the EU Commission dated July 10, 2023. In addition, wehave concluded standard contractual clauses with the respective providers thatcomply with the requirements of the EU Commission and establish contractualobligations to protect your data.

This dual safeguard ensures comprehensive protection of your data: TheDPF forms the primary layer of protection, while the standard contractualclauses serve as an additional safeguard. Should changes occur within theframework of the DPF, the standard contractual clauses act as a reliablefallback option. This ensures that your data always remains adequately protected,even in the event of any political or legal changes.

For each service provider, we will inform you whether they are certifiedunder the Data Privacy Framework and whether they have standard contractualclauses in place. Further information on the Data Privacy Framework and a listof certified companies can be found on the U.S. Department of Commerce websiteat https://www.dataprivacyframework.gov/.

Appropriate security measures apply to data transfers to other thirdcountries, in particular standard contractual clauses, explicit consent, orlegally required transfers. Information on third-country transfers andapplicable adequacy decisions can be found in the EU Commission's informationoffering: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_en?prefLang=de.

8. General information on data storage and deletion

We delete personal data that we process in accordance with legalrequirements as soon as the underlying consent is revoked or there are nofurther legal grounds for processing. This applies to cases where the originalprocessing purpose no longer applies or the data is no longer needed.Exceptions to this rule exist if legal obligations or special interests requirelonger retention or archiving of the data.

In particular, data that must be retained for commercial or tax lawreasons or whose storage is necessary for legal proceedings or to protect therights of other natural or legal persons must be archived accordingly.

Our privacy policy contains additional information on the retention anddeletion of data that applies specifically to certain processing operations.

If there are multiple details regarding the retention period or deletionperiod for a given date, the longest period always applies.

If a period does not explicitly begin on a specific date and is at leastone year, it automatically begins at the end of the calendar year in which theevent triggering the period occurred. In the case of ongoing contractualrelationships in which data is stored, the event triggering the period is theeffective date of the termination or other termination of the legalrelationship.

We process data that is no longer stored for the originally intendedpurpose but due to legal requirements or other reasons only for the reasonsthat justify its storage.

Further information on processing procedures, methods and services:

  • Retention and     deletion of data: The following general periods apply to retention and archiving     under German law:
       
    • 10 years -      retention period for books and records, annual financial statements, inventories,      management reports, opening balance sheets as well as the work      instructions and other organizational documents necessary for their      understanding (Section 147 (1) No. 1 in conjunction with Section 3 AO,      Section 14b (1) UStG, Section 257 (1) No. 1 in conjunction with Section 4      HGB).
      •  
    • 8 years -      accounting documents, such as invoices and cost receipts (Section 147      Paragraph 1 No. 4 and 4a in conjunction with Paragraph 3 Sentence 1 AO      and Section 257 Paragraph 1 No. 4 in conjunction with Paragraph 4 HGB).
      •  
    • 6 years -      Other business documents: received commercial or business letters,      reproductions of sent commercial or business letters, other documents      insofar as they are relevant for taxation, e.g. hourly wage slips,      operating statements, calculation documents, price labels, but also      payroll documents insofar as they are not already accounting documents      and cash register slips (Section 147 (1) Nos. 2, 3, 5 in conjunction with      Section 3 AO, Section 257 (1) Nos. 2 and 3 in conjunction with Section 4      HGB).
      •  
    • 3 years - Data      required to consider potential warranty and compensation claims or      similar contractual claims and rights, as well as to process related      inquiries, based on previous business experience and common industry      practices, will be stored for the duration of the regular statutory      limitation period of three years (§§ 195, 199 BGB).

9. Rights of data subjects

Rights of data subjects under the GDPR: As a data subject, you areentitled to various rights under the GDPR, which arise in particular fromArticles 15 to 21 GDPR:

  • Right of     objection: You have the right to object at any time to the processing of     personal data concerning you based on Art. 6 (1) (e) or (f) GDPR, for     reasons related to your particular situation; this also applies to     profiling based on these provisions. If the personal data concerning you     is processed for direct marketing purposes, you have the right to object     at any time to the processing of personal data concerning you for the     purposes of such advertising; this also applies to profiling insofar as it     is related to such direct marketing.
  • Right to     withdraw consent: You have the right to withdraw consent at any time.
  • Right to     information: You have the right to request confirmation as to whether the data     in question is being processed and to request information about this data     as well as further information and a copy of the data in accordance with     the legal requirements.
  • Right to     rectification: You have the right, in accordance with the statutory provisions, to     request that the data concerning you be completed or that inaccurate data     concerning you be corrected.
  • Right to     erasure and restriction of processing: You have the right, in     accordance with the statutory provisions, to demand that data concerning     you be erased immediately or, alternatively, to demand that the processing     of the data be restricted in accordance with the statutory provisions.
  • Right to data     portability: You have the right to receive the data concerning you that you have     provided to us in a structured, common and machine-readable format in     accordance with the legal requirements or to request that it be     transmitted to another controller.
  • Complaint to a     supervisory authority: Without prejudice to any other administrative or judicial remedy,     you have the right to lodge a complaint with a supervisory authority, in     particular in the Member State of your habitual residence, place of work     or place of the alleged infringement, if you consider that the processing     of personal data concerning you violates the provisions of the GDPR.

10. Business services

We process data of our contractual and business partners, e.g. customersand interested parties (collectively referred to as "contractualpartners"), within the framework of contractual and comparable legalrelationships as well as related measures and with regard to communication withthe contractual partners (or pre-contractually), for example to answerinquiries.

We use this data to fulfill our contractual obligations. This includes,in particular, the obligation to provide the agreed services, any updateobligations, and remedy in the event of warranty and other service disruptions.Furthermore, we use the data to protect our rights and for the purposes of theadministrative tasks associated with these obligations, as well as forcorporate organization. Furthermore, we process the data based on ourlegitimate interests in proper and efficient business management and insecurity measures to protect our contractual partners and our businessoperations from misuse and the endangerment of their data, secrets,information, and rights (e.g., the involvement of telecommunications,transport, and other auxiliary services, as well as subcontractors, banks, taxand legal advisors, payment service providers, or tax authorities). Within theframework of applicable law, we only pass on contractual partners' data tothird parties to the extent necessary for the aforementioned purposes or tofulfill legal obligations. Contractual partners will be informed of other formsof processing, such as for marketing purposes, in this privacy policy.

We will inform our contractual partners which data is required for theaforementioned purposes before or during data collection, e.g. in online forms,by special marking (e.g. colors) or symbols (e.g. asterisks or similar), or inperson.

We delete data after the expiration of statutory warranty and similarobligations, i.e., generally after four years, unless the data is stored in acustomer account, e.g., for as long as it must be retained for legal archivingreasons (e.g., for tax purposes, usually ten years). We delete data disclosedto us by the contractual partner as part of an order in accordance with thespecifications and generally after the end of the order.

  • Types of data     processed: Inventory data (e.g., full name, residential address, contact     information, customer number, etc.); payment data (e.g., bank details,     invoices, payment history); contact data (e.g., postal and email addresses     or telephone numbers); contract data (e.g., contract subject matter, term,     customer category).
  • Data subjects: Service     recipients and clients; interested parties; business and contractual     partners.
  • Purposes of     processing: Provision of contractual services and fulfillment of contractual     obligations; communication; office and organizational procedures;     organizational and administrative procedures. Business processes and     operational procedures.
  • Storage and     deletion: Deletion in accordance with the information in the section     "General information on data storage and deletion".
  • Legal basis: Contractual     performance and pre-contractual inquiries (Art. 6 (1) (b) GDPR); Legal     obligation (Art. 6 (1) (c) GDPR); Legitimate interests (Art. 6 (1) (f)     GDPR).

Further information on processing procedures, methods and services:

  • Agency     services: We process our clients' data within the scope of our contractual     services, which may include, for example, conceptual and strategic     consulting, campaign planning, software and design development/consulting     or maintenance, implementation of campaigns and processes, handling,     server administration, data analysis/consulting services, and training     services. Legal basis: Contractual fulfillment and pre-contractual     inquiries (Art. 6 (1) (b) GDPR).

11. Provision of the online service and web hosting

We process user data to provide them with our online services. For thispurpose, we process the user's IP address, which is necessary to transmit thecontent and functions of our online services to the user's browser or device.

  • Types of data     processed: Usage data (e.g., page views and length of stay, click paths,     intensity and frequency of use, device types and operating systems used,     interactions with content and functions); meta, communication, and     procedural data (e.g., IP addresses, time information, identification     numbers, persons involved); protocol data (e.g., log files regarding     logins or the retrieval of data or access times).
  • Data subjects: Users (e.g.     website visitors, users of online services).
  • Purposes of     processing: Provision of our online services and user-friendliness; information     technology infrastructure (operation and provision of information systems     and technical devices (computers, servers, etc.)). Security measures.
  • Storage and     deletion: Deletion in accordance with the information in the section     "General information on data storage and deletion".
  • Legal basis: Legitimate     interests (Art. 6 (1) (f) GDPR).

Further information on processing procedures, methods and services:

  • Provision of     online services on rented storage space: To provide our online services,     we use storage space, computing capacity, and software that we rent from a     corresponding server provider (also called a "web host") or     obtain from other sources; legal basis: legitimate interests (Art.     6 (1) (f) GDPR).
  • Collection of     access data and log files: Access to our online offering is     logged in the form of so-called "server log files." Server log     files may include the address and name of the accessed web pages and     files, the date and time of access, the amount of data transferred,     notification of successful access, browser type and version, the user's     operating system, the referrer URL (the previously visited page), and, as     a rule, IP addresses and the requesting provider. Server log files can be     used for security purposes, e.g., to prevent server overload (particularly     in the case of abusive attacks, so-called DDoS attacks), and to ensure     server utilization and stability. Legal basis: Legitimate interests     (Art. 6 (1) (f) GDPR). Deletion of data: Log file information is     stored for a maximum of 30 days and then deleted or anonymized. Data that     needs to be retained for evidentiary purposes will not be deleted until     the incident in question has been finally resolved.
  • Checkdomain: Services in     the field of providing information technology infrastructure and related     services (e.g., storage space and/or computing capacity); Service     provider: checkdomain GmbH, a dogado group company, Große Burgstraße     27/29, 23552 Lübeck, Germany; Legal basis: Legitimate interests     (Art. 6 (1) (f) GDPR); Website: https://www.checkdomain.de/ ; Privacy     policy: https://www.checkdomain.de/agb/datenschutz/     . Data processing agreement: Provided by the service provider.

12. Contact and inquiry management

When you contact us (e.g. by post, contact form, email, telephone or viasocial media) as well as within the framework of existing user and businessrelationships, the information provided by the person making the inquiry willbe processed to the extent necessary to answer the contact inquiries and anyrequested measures.

  • Types of data     processed: Inventory data (e.g., full name, home address, contact information,     customer number, etc.); contact data (e.g., postal and email addresses or     telephone numbers); content data (e.g., textual or visual messages and     contributions as well as related information, such as authorship or time     of creation); usage data (e.g., page views and length of stay, click     paths, intensity and frequency of use, device types and operating systems     used, interactions with content and functions); meta, communication, and     procedural data (e.g., IP addresses, time information, identification     numbers, persons involved).
  • Data subjects: communication     partners.
  • Purposes of     processing: Communication; organizational and administrative procedures;     feedback (e.g., collecting feedback via online form). Provision of our     online offering and user-friendliness.
  • Storage and     deletion: Deletion in accordance with the information in the section     "General information on data storage and deletion".
  • Legal basis: Legitimate     interests (Art. 6 (1) (f) GDPR). Contractual performance and     pre-contractual inquiries (Art. 6 (1) (b) GDPR).

Further information on processing procedures, methods and services:

  • Contact form: When you     contact us via our contact form, by email, or other communication     channels, we process the personal data you provide to answer and process     your request. This generally includes information such as your name,     contact information, and, if applicable, other information that is     provided to us and is necessary for appropriate processing. We use this     data exclusively for the stated purpose of contact and communication; legal     bases: contract fulfillment and pre-contractual inquiries (Art. 6 (1)     (b) GDPR), legitimate interests (Art. 6 (1) (f) GDPR).

13. Newsletters and electronic notifications

We send newsletters, emails, and other electronic notifications(hereinafter "newsletters") exclusively with the consent of therecipients or based on a legal basis. If the newsletter content is mentionedwhen registering for the newsletter, this content is decisive for the user'sconsent. Providing your email address is normally sufficient to register forour newsletter. However, in order to offer you a personalized service, we mayask you to provide your name so that we can address you personally in thenewsletter or for further information if this is necessary for the purpose ofthe newsletter.

Deletion and restriction of processing: We may store unsubscribed emailaddresses for up to three years based on our legitimate interests beforedeleting them in order to be able to prove previously given consent. Theprocessing of this data is limited to the purpose of potentially defendingagainst claims. An individual request for deletion is possible at any time,provided that the previous consent is confirmed at the same time. In the caseof obligations to permanently observe objections, we reserve the right to storethe email address on a block list (so-called "block list") for thispurpose alone.

The registration process is logged based on our legitimate interests forthe purpose of demonstrating its proper execution. If we commission a serviceprovider to send emails, this is done based on our legitimate interests in anefficient and secure delivery system.

Contents:

Information about us, our services, promotions and offers.

  • Types of data     processed: Inventory data (e.g., full name, home address, contact information,     customer number, etc.); contact data (e.g., postal and email addresses or     telephone numbers); meta, communication, and procedural data (e.g., IP     addresses, time information, identification numbers, persons involved);     usage data (e.g., page views and length of stay, click paths, usage     intensity and frequency, device types and operating systems used,     interactions with content and functions).
  • Data subjects: communication     partners.
  • Purposes of     processing: Direct marketing (e.g. by email or post).
  • Legal basis: Consent (Art.     6 para. 1 sentence 1 lit. a) GDPR).
  • Opt-out: You can     unsubscribe from our newsletter at any time, i.e., revoke your consent or     object to further receipt. You will find a link to unsubscribe from the     newsletter either at the end of each newsletter or by using one of the     contact options listed above, preferably email.

Further information on processing procedures, methods and services:

  • Measuring     opening and click rates: The newsletters contain     so-called "web beacons," i.e., a pixel-sized file that is     retrieved from our server or, if we use a mailing service provider, its     server when the newsletter is opened. During this retrieval, technical     information, such as details about the browser and your system, as well as     your IP address and the time of retrieval, are initially collected. This     information is used to technically improve our newsletter based on the     technical data or the target groups and their reading behavior based on     their retrieval locations (which can be determined using the IP address)     or the access times. This analysis also includes determining whether and     when the newsletters are opened and which links are clicked. The     information is assigned to the individual newsletter recipients and stored     in their profiles until deletion. The evaluations serve to recognize the     reading habits of our users and adapt our content to them or to send     different content according to the interests of our users. The measurement     of opening and click rates as well as the storage of the measurement     results in the user profiles. Legal basis: Consent (Art. 6 (1) (a)     GDPR).

14. Advertising communication via email, post, fax ortelephone

We process personal data for the purposes of advertising communication,which can be carried out via various channels, such as email, telephone, mailor fax, in accordance with legal requirements.

Recipients have the right to revoke consent given at any time or toobject to advertising communication at any time.

After revocation or objection, we will store the data required to proveprevious authorization for contacting or sending for up to three years afterthe end of the year of revocation or objection based on our legitimateinterests. The processing of this data is limited to the purpose of a possibledefense against claims. Based on our legitimate interest in permanentlyrespecting the user's revocation or objection, we also store the data necessaryto avoid further contact (e.g., depending on the communication channel, theemail address, telephone number, name).

  • Types of data     processed: Inventory data (e.g., full name, home address, contact information,     customer number, etc.); contact data (e.g., postal and email addresses or     telephone numbers); content data (e.g., textual or visual messages and     posts as well as related information, such as authorship or time of     creation).
  • Data subjects: communication     partners.
  • Purposes of     processing: Direct marketing (e.g., by email or post); marketing. Sales     promotion.
  • Storage and     deletion: Deletion in accordance with the information in the section     "General information on data storage and deletion".
  • Legal basis: Consent (Art.     6 (1) (a) GDPR). Legitimate interests (Art. 6 (1) (f) GDPR).

15. Web analysis, monitoring and optimization

Web analytics (also known as "reach measurement") is used toevaluate visitor traffic to our online offering and may include behavior,interests, or demographic information about visitors, such as age or gender, aspseudonymous values. Using reach analysis, we can, for example, identify whenour online offering or its features or content are most frequently used, orencourage reuse. It also enables us to understand which areas requireoptimization.

In addition to web analysis, we can also use testing procedures to testand optimize different versions of our online offering or its components.

Unless otherwise stated below, profiles, i.e., data summarized for ausage process, may be created for these purposes, and information may be storedin a browser or on a device and then read out. The data collected includes, inparticular, websites visited and the elements used there, as well as technicalinformation such as the browser used, the computer system used, and informationon usage times. If users have consented to the collection of their locationdata by us or by the providers of the services we use, the processing oflocation data is also possible.

In addition, users' IP addresses are stored. However, we use an IPmasking process (i.e., pseudonymization by shortening the IP address) toprotect users. Generally, no real user data (such as email addresses or names)is stored for web analysis, A/B testing, and optimization; instead, pseudonymsare used. This means that neither we nor the providers of the software usedknow the actual identity of the users, but only the information stored in theirprofiles for the purpose of the respective processes.

Notes on legal bases: If we ask users for their consent to the use ofthird-party providers, the legal basis for data processing is consent.Otherwise, user data is processed based on our legitimate interests (i.e.,interest in efficient, economical, and user-friendly services). In thiscontext, we would also like to draw your attention to the information on theuse of cookies in this privacy policy.

  • Types of data     processed: Usage data (e.g., page views and length of stay, click paths,     intensity and frequency of use, device types and operating systems used,     interactions with content and functions). Meta, communication, and     procedural data (e.g., IP addresses, time information, identification     numbers, persons involved).
  • Data subjects: Users (e.g.     website visitors, users of online services).
  • Purposes of     processing: Reach measurement (e.g., access statistics, recognition of     recurring visitors); profiles with user-related information (creation of     user profiles). Provision of our online offering and user-friendliness.
  • Retention and     Deletion: Deletion as described in the "General Information on Data     Retention and Deletion" section. Cookies are stored for up to two     years (unless otherwise stated, cookies and similar storage methods may be     stored on users' devices for a period of two years).
  • Security     measures: IP masking (pseudonymization of the IP address).
  • Legal basis: Consent (Art.     6 (1) (a) GDPR). Legitimate interests (Art. 6 (1) (f) GDPR).

Further information on processing procedures, methods and services:

  • Google     Analytics: We use Google Analytics to measure and analyze the use of our     online offering based on a pseudonymous user identification number. This     identification number does not contain any unique data, such as names or     email addresses. It is used to assign analysis information to a device in     order to recognize which content users have accessed within one or more     usage processes, which search terms they used, accessed these again, or     interacted with our online offering. The time and duration of use are also     stored, as are the sources of users who refer to our online offering and     technical aspects of their devices and browsers.
        Pseudonymous profiles of users are created with information from the use     of various devices, and cookies may be used for this purpose. Google     Analytics does not log or store individual IP addresses for EU users.     However, Analytics does provide rough geographic location data by deriving     the following metadata from IP addresses: city (and the derived latitude     and longitude of the city), continent, country, region, subcontinent (and     ID-based counterparts). For EU data traffic, the IP address data is used     exclusively for this derivation of geolocation data before being     immediately deleted. It is not logged, is not accessible, and is not used     for any other purposes. When Google Analytics collects measurement data,     all IP queries are performed on EU-based servers before the traffic is     forwarded to Analytics servers for processing; Service provider:     Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal     basis: Consent (Art. 6 (1) (a) GDPR); Website: https://marketingplatform.google.com/intl/de/about/analytics/     ; Security measures: IP masking (pseudonymization of the IP     address); Privacy policy: https://policies.google.com/privacy     ; Data processing agreement: https://business.safety.google/adsprocessorterms/     ; Basis for third country transfers: Data Privacy Framework (DPF),     standard contractual clauses ( https://business.safety.google/adsprocessorterms     ), Data Privacy Framework (DPF) standard contractual clauses ( https://business.safety.google/adsprocessorterms     ); Possibility of objection (opt-out): Opt-out plug-in: https://tools.google.com/dlpage/gaoptout?hl=de     , Settings for the display of advertisements: https://myadcenter.google.com/personalizationoff     .Further information: https://business.safety.google/adsservices/     (types of processing and data processed).
  • Google Tag     Manager: We use Google Tag Manager, a software from Google that allows us to     centrally manage so-called website tags via a user interface. Tags are     small code elements on our website that are used to record and analyze     visitor activity. This technology helps us improve our website and the     content offered on it. Google Tag Manager itself does not create user     profiles, does not store cookies with user profiles, and does not perform     any independent analyses. Its function is limited to simplifying and     making the integration and management of tools and services that we use on     our website more efficient. Nevertheless, when Google Tag Manager is used,     the user's IP address is transmitted to Google, which is necessary for     technical reasons in order to implement the services we use. Cookies may     also be set in the process. However, this data processing only occurs if     services are integrated via Tag Manager. For more detailed information     about these services and their data processing, please refer to the     further sections of this privacy policy; Service provider: Google     Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal     basis: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR); Website: https://marketingplatform.google.com     ; Privacy Policy: https://policies.google.com/privacy     ; Data processing agreement:
        https://business.safety.google/adsprocessorterms     . Basis for third country transfers: Data Privacy Framework (DPF),     Standard Contractual Clauses ( https://business.safety.google/adsprocessorterms     ), Data Privacy Framework (DPF) Standard Contractual Clauses ( https://business.safety.google/adsprocessorterms     ).
Privacy PolicyImprint
©2025 by EcoBeam. All rights reserved.

Contact Us

Get in touch to see how we can protect your business from today and beyound.
Phone Number
+49 141-141-141
General Inquires
info@ecobeam.eu
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.