Privacy Policy

General Information on Data Processing and Legal Basis

The data controller for data processing is Cykero Holding GmbH, located at Schillstraße 9, 10785 Berlin, Germany, Email: csr@cykero.eu

This privacy policy informs about the nature, scope, and purpose of processing personal data within our online offerings, including websites, functions, and content associated with it. The policy applies across all domains, systems, platforms, and devices (e.g., desktop or mobile) on which the online offering operates.

For terms such as “personal data” or “processing,” we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

Personal data processed within this online offering include profile data (e.g., names, addresses, email addresses, user behavior, contract data, and payment information). “Users” includes all individuals who interact with our online offerings, including customers.

Data processing complies with relevant data protection regulations, meaning data is processed with legal permission, particularly when necessary for our contractual services, legally required, consented to by users, or based on our legitimate interests in analyzing, optimizing, and ensuring the security of our online offering.

Security Measures

We implement organizational, contractual, and technical security measures according to modern technological standards to ensure compliance with data protection laws and to protect the data processed against accidental or intentional manipulations, loss, destruction, or access by unauthorized persons.

Part of the security measures is the encrypted transfer of data between your browser and our server.

Disclosure of Data to Third Parties

We only share users’ data with third parties when it is necessary for contractual purposes or based on legitimate interests in the efficient and effective operation of our business.

When subcontractors are used to provide our offerings, we take appropriate legal precautions and technical and organizational measures to ensure the protection of personal data in accordance with relevant legal regulations.

Partnerships and Data Transfer

For specific services such as logistics and customer service, we collaborate with subsidiary and partner companies. These collaborations may require access to personal data needed for order processing and customer service delivery.

We also work with various payment and delivery service providers to facilitate purchases and logistics. Necessary customer data (e.g., delivery addresses and payment details) is transferred to these providers based on contractual needs and legal frameworks.

Your Rights as a User

Users have the right to request information about the personal data we hold about them at no charge. Additionally, users have rights to correct inaccurate data, restrict processing, delete their personal data, claim their rights to data portability, and, in the case of assumed unlawful data processing, file a complaint with the appropriate regulatory authority.

Users may also revoke consent, generally with effect for the future.

Data Retention and Deletion

Data stored by us is deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory storage obligations. If user data is not deleted because it is needed for other legally permissible purposes, its processing is restricted. This means the data is blocked and not processed for other purposes.

Policy Changes

We reserve the right to modify this privacy policy to adapt it to changed legal situations or changes in the service and data processing. However, this only applies to declarations regarding data processing. If users’ consents are required or components of the privacy policy contain regulations of the contractual relationship with the users, the changes will only be made with the users’ consent.

Users are requested to inform themselves regularly about the content of the privacy policy.