Privacy

1. Controller and Data Protection Officer

Controller pursuant to Art. 4 No. 7 GDPR for data processing within the scope of the website www.zootsolutions.eu:

2. Collection and processing of your personal data

Below you will find an overview of what personal data we process from you, for what purpose and on what legal basis. If you do not allow us to process your personal data when we need to do so in order to perform a contract with you or to process an enquiry from you, or when we are required to do so by law, we may not be able to fulfil our contractual obligations to you or respond to your enquiry.

Please note that if you choose not to provide certain personal data when it is necessary for us to:

we may be unable to provide the requested services or respond to your request appropriately.

3. HubSpot utilisation

We use HubSpot, a customer relationship management (CRM) and marketing automation platform provided by HubSpot, Inc. (25 First Street, Cambridge, MA 02141 USA), to manage website analytics, marketing campaigns, forms, contact management, and email communications.

HubSpot places cookies on our website to track visitor behavior, measure engagement, and improve the user experience. When you submit data through a form, this information is stored and processed in HubSpot systems, which may involve data transfers to the United States. These transfers are safeguarded via Standard Contractual Clauses approved by the European Commission.

HubSpot allows us to analyze user interactions and personalize communications based on your consent or legitimate interest, depending on the context.

Data is stored on HubSpot’s secure servers, located primarily in the United States, operating under EU standard contractual clauses (SCCs) as per European regulations.

We do not use your personal data to make automated decisions that produce legal effects or similarly significant consequences.

Some analytics and marketing tools (e.g., HubSpot) may be used for limited profiling purposes (e.g., lead scoring, behavioral segmentation) to help us tailor communications based on user behavior. These do not involve fully automated decision-making.

You can read more about HubSpot’s privacy practices at: https://legal.hubspot.com/privacy-policy

4. Cookies

In addition to the data processing described above, we use technical tools for various functions when you use our website, in particular cookies, which may be stored on your end device. When you first access our website, and at any time thereafter, you can manage the use of cookies.

4.1. What are Cookies?

Cookies are used for our website – as on many websites. Cookies are small text files which are stored on your computer, and which store certain settings and data for exchange with our website via your browser. A cookie usually contains the name of the domain from which the cookie file was sent, as well as information about the age of the cookie and an alphanumeric identifier.

Cookies allow us to recognise your computer and to make all your settings and preferences instantly available. Wherever possible, the cookies we use are session cookies, which are automatically deleted at the end of your browser session. Occasionally, we may use longer-lasting cookies to remember your preferences the next time you visit our site.

4.2. How to manage cookies?

Most browsers are set to accept cookies automatically. However, you can deactivate the storage of cookies or set your browser to notify you when cookies are sent. It is also possible to manually delete cookies that have already been saved via the browser settings. Please note that if you refuse to accept cookies or delete necessary cookies, you may not be able to use our website to the full extent or at all.

Once you have made your choice, you can change it at any time by going back to the cookie settings by clicking on the “Consent Preferences”-button in the bottom left corner of our website.

4.3. What is the legal basis for the use of cookies?

We use both cookies that are strictly necessary and cookies which require your consent.

If cookies are not strictly necessary for our online services, we will ask you to consent to the use of cookies when you access our online services for the first time. With regard to non-essential cookies from third parties, you will find a more detailed description of the services we use from these third parties below. The legal basis for the associated data processing, including any data transfer, is your consent (Art. 6 para. 1 lit. a) GDPR). Once you have given your consent, you can withdraw it at any time with effect for the future, in particular by changing the selected settings.

The legal basis for the use of necessary cookies is our legitimate interest in providing a functional website (Art. 6 para. 1 lit. f) GDPR) and – insofar as contracts are concluded or fulfilled via our website – the performance of the contract (Art. 6 para. 1 lit. b) GDPR).

4.4 Detailed overview of the cookies we use

On our website we use the following cookie-based tools/plug-ins:

4.5. Third-party cookies

5. Other Third-Party Tracking Technology

In addition to cookies, in order to help us understand how visitors use our website, improve its performance, and deliver more relevant content, we use other third-party technologies, such as pixels, scripts, and tag management systems. These tools enable us to measure website traffic, analyze user interactions, and support interest-based advertising.

Some of these tools are provided by third-party companies who process data on our behalf or, in certain cases, as independent controllers. The information collected may include:

• Technical details – IP address, browser type and version, operating system, device type, screen resolution, language settings, and time zone.
• Usage patterns – Pages visited, navigation paths, time spent on each page, clicks, downloads, and referring websites.
• Interaction data – Form submissions, button clicks, and engagement with specific features.

We manage these tools centrally via Google Tag Manager, which allows us to deploy and control tracking scripts without altering website code.

5.1 Third-party services currently in use

5.2. International Transfers

Some of our third-party providers are based outside the European Economic Area (EEA). Where this occurs, we ensure that your data is transferred under appropriate safeguards, such as the European Commission’s Standard Contractual Clauses, to ensure a level of protection equivalent to that in the EEA.

6. Data transfer to third countries

We will process your personal data within the European Economic Area (EEA) or countries that have been recognized by the European Commission as providing for an adequate level of data protection law, unless otherwise stated herein (i.e., section 3, section 5 hereof).If data is transferred to entities whose registered office or place of data processing is outside the EEA or outside a country for which an adequate level of data protection has been established by a decision of the European Commission, we will ensure before the transfer that the data transfer is covered by a legal authorisation and that there are guarantees for an adequate level of data protection with regard to the data transfer (e.g. through the agreement of contractual guarantees, officially recognised regulations or binding internal data protection regulations at the recipient) or that you have given your consent to the data transfer.

In these cases, we will inform you of the transfer in this privacy policy.

7. Retention period

We will retain your personal data for as long as necessary to fulfil our contractual and legal obligations. We will retain your personal data in HubSpot as long as you remain our contact or until you request deletion.

If your personal data is no longer required for the fulfilment of contractual or legal obligations, it will be deleted, unless its (temporary) further processing is necessary for the preservation of evidence within the framework of statutory limitation periods. According to Sections 195 et seq. of the German Civil Code (BGB), these limitation periods can be up to 30 years, with the regular limitation period being 3 years.

8. Your rights as a data subject

You have the right at any time, within the framework provided by law

• in accordance with Art. 7 para. 3 GDPR, to revoke your consent once given;
• in accordance with Art. 15 GDPR, to access information about the personal data processed concerning you;
• in accordance with Art. 16 GDPR, to request the correction of inaccurate or incomplete personal data stored about you;
• in accordance with Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary to exercise your right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
• in accordance with Art. 18 GDPR, to request the restriction of the processing of personal data;
• in accordance with Art. 20 GDPR, to receive the personal data provided by you to us in a structured, commonly used and machine-readable format or to request its transmission to another controller (right to data portability);

in accordance with Art. 77 GDPR, to lodge a complaint with a supervisory authority. As a general rule, you can contact the supervisory authority of your usual place of residence or our registered office.

9. Changes to This Policy

We may update this policy occasionally. Updates will be posted here with a new “Last updated” date and, where significant, you may receive notice by email.

Datenschutzbeauftragter der Zoot Deutschland GmbH

Hanauer Landstraße 291B
60314 Frankfurt am Main
Germany