Privacy Policy

Your privacy is important to us.

We take the protection of your personal data very seriously. We treat your personal data confidentially and following the legal rules of the relevant data protection laws, particularly the European General Data Protection Regulation (GDPR) and this privacy policy.

This privacy policy covers the use of our digital content, including our social media profiles, via PC, smartphones, tablets, and all other internet-enabled mobile devices.

The digital content may contain links to other websites of third-party service providers to which this data protection declaration does not apply.

Controller / Responsible party

The controller / responsible party for processing your personal data is

Katulu GmbH
An der Alster 6
20099 Hamburg
hello@katulu.io.

If you have any questions regarding data protection at our company, please write to us at the postal address above, with the subject of “Data Protection” or at the provided e-mail address.

Purpose of Personal Data Processing

Data Processing for the Provision of Contractual Services

You can send us inquiries about commissioning contractual services via our website and the contact details stored there. Provided that personal data is transmitted to us by you in this way or by other means when inquiring about commissions, we process your data to answer your inquiries, for the execution of the order/contract as well as for invoicing. For this, we require your (company) name, your address data, as well as your e-mail address. Without this data, we cannot execute the contract with you. Additionally, we collect further data within the scope of the contract initiation or contract execution, which is not absolutely necessary for the contract execution, but which serves the purpose and is beneficial for it.

In the case of suppliers/service providers, we process the personal data provided by them this way or in another manner for the purpose of ordering and commissioning services on our part, as well as to pay for the services provided. For this, we require the name, address data, and account data. Depending on the service/contract, we may also require additional data, which we will then inform you about on a case-by-case basis. If you provide further data, we will also use this for the aforementioned purposes, but such data is not required for the conclusion of the contract.

The legal basis for data processing is Art. 6 (1) p. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

Data Processing for Communication with You

In addition to the contractual data, we process the communication data provided by you (names of contact persons, telephone number, fax number, e-mail address) to contact and communicate with you. Personal data that you provide to us by e-mail, post, or telephone will only be processed for correspondence with you or only for the purpose for which you provided us with the data.

The basis for data processing is Art. 6 (1) p. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures

Cookies

We may use cookies on some of our web pages to offer you website-specific services, to recognize you if you visit our website again, and/or to adapt our services to your personal preferences among other things.

Cookies are small text files that are stored on a visitor’s computer and contain data about the respective user to provide access to various functions. Session cookies are used on our website. A session cookie is temporarily stored on the computer you are using while you navigate through the website. A session cookie is deleted as soon as you close your Internet browser or as soon as your session has expired after a certain period. Storing a cookie ensures that you do not have to repeatedly enter your personal settings and preferences each time you visit. This saves you time and makes the use of our website more comfortable for you. The cookie is only used to improve usability.

Most browsers accept cookies automatically – so if you wish to suppress the use of cookies, you may need to actively delete or block cookies, or prevent the storage of cookies through a setting in your browser software. Please note, however, that if you refuse the use of cookies, you may continue to visit our website, but some features may be impaired in their operation.

We may work with third parties on some of our websites, which means that when you visit such a website, cookies from partner companies may also be stored on your hard drive (third-party cookies). We provide the information below about the use of such cookies and the scope of the data collected in each case.

We use cookies that are required to enable the provision of the services owed by us or to ensure the functionality of our services. The data processing in this regard is then carried out based on Art. 6 (1) p. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures, or according to Art. 6 (1) p. 1 lit. f GDPR, which permits data processing to protect the legitimate interests of the controller, unless the interests or the fundamental rights and freedoms of the data subject outweigh the interest of the controller in the data processing. Our interest then lies in ensuring the functionality of our website.

For the use of other, non-essential cookies, we may obtain your consent. The data processing is then based on your consent according to Art. 6 (1) p. 1 lit. a GDPR. You can revoke or change your consent at any time. The legality of the data processing already performed remains unaffected by the revocation.

Use of SalesViewer® technology

This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes.

In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally

The data stored by Salesviewer will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.

The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out in order to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.

Tracking using Umami

Some of our websites use the web analytics service Umami of the software company Umami Software Inc., 1362 42nd Ave, San Francisco, CA 94122, USA ("Umami"). Umami uses "cookies" to analyze your use of the website, which allow us to optimize our online offering and evaluate usage. For this purpose, the information generated by the cookie about the use of this website is stored on Umami's server.

According to Umami, the IP address is only recorded and stored in anonymized form. Visitors to the website are not personally identified. Umami cookies remain on your terminal device until you delete them.

Umami stores this information in a pseudonymized user profile. The information is neither used by Umami nor by us to identify individual users nor is it merged with other data about individual users.

For more information, please refer to the Terms of Use and Privacy Policy of Umami Software Inc. accordingly at https://umami.is/terms and at https://umami.is/privacy.

The processing of personal data on the basis of your consent pursuant to Art. 6 para. 1 p. 1 lit. a DSGVO in conjunction with. Art. 49 para. 1. p. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future. You can declare the revocation by a corresponding setting in our Consent Management Tool or by sending a message to the contact data mentioned under point 1 (e.g. e-mail, fax, letter). The legality of the data processing operations already carried out remains unaffected by the revocation.

Tracking using Arcade

Some of our websites use the product demo analytics service Arcade of the software company Arcade Software Inc., 

500 Chelmsford Ave., Hillsborough, CA 94010, USA ("Arcade"). Arcade uses "cookies" to analyze your use of the website, which allow us to optimize our online offering and evaluate usage. For this purpose, the information generated by the cookie about the use of this website is stored on Arcade's server.

According to Arcade, the IP address is only recorded and stored in anonymized form. Visitors to the website are not personally identified. Arcade cookies remain on your terminal device until you delete them.

Arcade stores this information in a pseudonymized user profile. The information is neither used by Arcade nor by us to identify individual users nor is it merged with other data about individual users.

For more information, please refer to the Terms of Use and Privacy Policy of Arcade Software Inc. accordingly at https://www.arcade.software/terms-of-service and at https://www.arcade.software/privacy.

The processing of personal data on the basis of your consent pursuant to Art. 6 para. 1 p. 1 lit. a DSGVO in conjunction with. Art. 49 para. 1. p. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future. You can declare the revocation by a corresponding setting in our Consent Management Tool or by sending a message to the contact data mentioned under point 1 (e.g. e-mail, fax, letter). The legality of the data processing operations already carried out remains unaffected by the revocation.

Tracking using Framer

Some of our websites use the web hosting and analytics service Framer of the software company Framer located at Framer, Inc. 251 Little Falls Drive, Wilmington, Delaware 19808, USA and Framer B.V:, Rozengracht 207B, 1016 LZ Amsterdam, Netherlands ("Framer"). Framer uses "cookies" to analyze your use of the website, which allow us to optimize our online offering and evaluate usage. For this purpose, the information generated by the cookie about the use of this website is stored on Framer's server.

According to Framer, the IP address is only recorded and stored in anonymized form. Visitors to the website are not personally identified. Framer cookies remain on your terminal device until you delete them.

Framer stores this information in a pseudonymized user profile. The information is neither used by Umami nor by us to identify individual users nor is it merged with other data about individual users.

For more information, please refer to the Terms of Use and Privacy Policy of Framer Software Inc. accordingly at https://www.framer.com/legal/terms-of-service/ and at https://www.framer.com/legal/privacy-statement/.

The processing of personal data on the basis of your consent pursuant to Art. 6 para. 1 p. 1 lit. a DSGVO in conjunction with. Art. 49 para. 1. p. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future. You can declare the revocation by a corresponding setting in our Consent Management Tool or by sending a message to the contact data mentioned under point 1 (e.g. e-mail, fax, letter). The legality of the data processing operations already carried out remains unaffected by the revocation.

Data Processing to Protect Legitimate Interests

We also process your data if it is necessary to protect legitimate interests of ours or of third parties. This may be the case, in particular, to ensure IT security and IT operations, especially in the case of support requests, to be able to trace and prove facts in the event of legal disputes, for market and opinion surveys, to statistically evaluate the use of our website, for advertising other products from us or our cooperation partners.

The basis for the data processing is Art. 6 (1) p. 1 lit. f GDPR. We have a legitimate interest in the data processing listed above. Our interest is optionally in IT security, in ensuring support for better usability of our website or in our legal interest or in our evaluation and advertising interest.

Data Processing for Advertising Purposes

We use the data you provide to send you recommendations and information about our products and services by mail.

Additionally, we use your e-mail address to send you information about our company’s products and services by e-mail if you have already purchased products or services from us. You will receive these recommendations from us regardless of whether you have subscribed to a newsletter. We want to send you information in this way about similar products and services from our range that might interest you based on your most recent purchases/orders from us. We strictly comply with the legal requirements in this regard.

If you no longer wish to receive recommendations on products or services or to receive advertising from us in general, you can revoke your consent at any time. A notification in text form to the contact data mentioned under point 1 (e.g. e-mail, fax, letter) is sufficient for this purpose.

The basis for data processing is Art. 6 (1) p. 1 lit. f GDPR, which permits the processing of data to protect the legitimate interests of the controller, provided that the interests or fundamental rights and freedoms of the data subject are not overridden. Our interest is commercial and lies in the promotion and sale of our products and services.

Log Files

Each time our websites are accessed, usage data is transmitted by the respective Internet browser and stored in log files, the so-called server log files. The data records stored in this process contain the following data: Date and time of access, name of the page accessed, IP address, referrer URL (origin URL from which you came to the web pages), the amount of data transferred, as well as product and version information of the browser used and the operating system of your PC. The IP addresses of the users are deleted or anonymized after the termination of use. Any other evaluation of the data, except for statistical purposes and then basically in anonymized form, does not take place. Neither any personal “surfing profiles” nor the like are created or processed.

The basis for data processing is Art. 6 (1) p. 1 lit. f GDPR, which permits the processing of data to protect the legitimate interests of the controller, provided that the interests or fundamental rights and freedoms of the data subject are not overridden. We have an interest in the prosecution, prevention, and punishment of unlawful use of our offer.

Data Processing for the Fulfillment of Legal Obligations

Furthermore, we process your data for the fulfillment of legal obligations (e.g. regulatory requirements, commercial and tax law retention, and verification obligations).

The basis for the data processing is Art. 6 (1) p. 1 lit. c GDPR, which permits the processing for the fulfillment of a legal obligation.

Categories of Recipients of Personal Data

Your personal data will only be disclosed or otherwise transferred to third parties if this is necessary for the purpose of contract processing or billing, or if you have previously consented, or if there is a legal basis for the disclosure.

Your contractual and communication data will be forwarded to the responsible office and the responsible employees within our company in each case to answer your inquiries, for communication or for the execution of the order, or for the fulfillment of contractual obligations. The basis for this is again Art. 6 (1) p. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

If it is necessary for the purpose of contract processing or for the provision of our services, data is forwarded to partner companies that have been commissioned to support contract processing. Our partners are obliged to comply with and observe the provisions of data protection law. Our partners are not permitted to use the data for any other purpose than the processing of the contract. The basis for this is Art. 6 (1) p. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

Your personal data will otherwise only be disclosed or transferred to third parties outside our company if this is necessary for the purpose of contract processing or billing, or if you have given your prior consent, or if there is a legal basis for the disclosure.

Whenever we use the services of third parties for the execution and handling of processing operations, we will comply with the provisions of the General Data Protection Regulation. Service providers that support us in providing our service to you are hosting providers, email service providers, IT service providers, software (SaaS) providers.

Period of Data Storage

In principle, we delete your data as soon as it is no longer required for the above-mentioned purposes unless temporary storage is still necessary. For example, we store your data based on legal obligations to provide proof and to retain data, which result, among other things, from the German Commercial Code and the German Fiscal Code. The storage periods are then up to ten full years. Additionally, we retain your data for the period during which claims can be asserted against our company (statutory limitation period of three or up to thirty years).

Data Security

Your personal data is transmitted securely on our website using encryption. We use the encryption protocol TLS (Transport Layer Security) for secure data transmission on the Internet. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. Furthermore, we secure our websites and other systems by technical and organizational measures against loss, destruction, access, modification, or distribution of your data by unauthorized persons. Our security measures are continuously improved in line with technological developments. However, we would like to point out that data transmission on the Internet may have security gaps and cannot be completely protected against access by third parties, which applies in particular and especially when communicating by e-mail. We are therefore happy to offer you the option of using PGP encryption for e-mail communication; please feel free to contact us in this regard.

Data Subject Rights

Within the framework of the applicable legal provisions, you have the right at any time to receive information free of charge about your personal data stored by us, its origin and recipients, and the purpose of data processing and, if applicable, the right to have this data corrected or deleted. To this end, as well as for further questions on the subject of personal data, you can contact us at any time using the contact details listed in section 1. You may also be entitled to a right to restrict the processing of your data and a right to receive the data you have provided in a structured, common, and machine-readable format. If you have given us consent to process personal data for specific purposes, you may revoke your consent at any time with effect for the future. If we process your data to protect legitimate interests, you may object to this processing on grounds relating to your particular situation. Additionally, you have the option of contacting a data protection supervisory authority (Right of Complaint).

Turn Red Tape into Green Lights — AI from Prototype to Production, with Speed, Security and Confidence.

Turn Red Tape into Green Lights — AI from Prototype to Production, with Speed, Security and Confidence.