Privacy Policy
Who we are
The controller within the meaning of the General Data Protection Regulation (GDPR) and other applicable data-protection laws is:
prognostica GmbH
Prymstr. 3
97070 Würzburg
Germany
Tel.: +49 931 4973860
Email: info@prognostica.de
Website: www.prognostica.de
Contact details of the Data Protection Officer
The controller’s data-protection officer is:
DataCo GmbH
Nymphenburger Str. 86
80636 Munich
Germany
Tel.: +49 89 7400 45840
Website: www.dataguard.de
General Information on Data Processing
On this page we inform you about the processing of your personal data on this website.
How we collect and use your personal data depends on how you interact with us or which services you use. We only collect, use or share your personal data when we have a legitimate purpose and a lawful basis for doing so.
Further information on the handling of personal data outside of this website can be found in our Privacy Notice.
What do we mean by a lawful basis?
Consent (Art. 6 (1) sentence 1 lit. a GDPR) – You have given us your consent to process your personal data for the specific purpose we have explained to you. You may withdraw that consent at any time. For details on how to withdraw consent, see the “Exercising your rights” subsections later in this privacy notice.
Contract (Art. 6 (1) sentence 1 lit. b GDPR) – We need to use your data to perform a contract we have with you, or because you have asked us to take certain steps before entering into a contract.
Legal obligation (Art. 6 (1) sentence 1 lit. c GDPR) – We must use your data to comply with the law.
Vital interests (Art. 6 (1) sentence 1 lit. d GDPR) – Processing your data is necessary to protect your vital interests or those of another person, for example to prevent serious physical harm.
Public task (Art. 6 (1) sentence 1 lit. e GDPR) – Processing your data is required for a task carried out in the public interest or under official authority, e.g. a statutory function.
Legitimate interests (Art. 6 (1) sentence 1 lit. f GDPR) – Processing your data is necessary to pursue a legitimate interest of ours or of a third party, provided your own interests do not override it.
Please note that we may be unable to provide our website services if data that are required for contractual performance or legal compliance are not supplied.
Sharing of Data and International Transfers
As explained in this privacy notice, we use various service providers who help us deliver our services and safeguard your data. When we engage such providers, it is necessary to share your personal data with them.
We have concluded agreements with all providers to whom we disclose data that oblige them to protect your information.
Where personal data are transferred outside the EU, we ensure an equivalent level of protection, either because the destination country has been deemed “adequate” by the European Commission or by applying another safeguard such as the Standard Contractual Clauses (SCCs) adopted by the Commission.
For example, when we use US-based providers we rely, depending on the provider, either on SCCs or on the EU–US Data Privacy Framework. You may request a copy of the SCCs we have concluded with our providers by emailing the address given in this privacy notice.
Your Rights
If we process personal data about you, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:
1. Right of Access (Art. 15 GDPR)
You have the right to obtain confirmation as to whether personal data concerning you are processed. Where that is the case, you have the right to access such data and to receive the following information:
- purposes of the processing
- categories of personal data
- recipients or categories of recipient
- envisaged period of storage or the criteria used to determine that period
- existence of the rights to rectification, erasure, restriction or objection
- right to lodge a complaint with the competent supervisory authority
- where the data are not collected from you, any available information about their source
- existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and envisaged consequences
- where applicable, transfer of personal data to a third country or international organisation
2. Right to Rectification (Art. 16 GDPR)
If your personal data are inaccurate or incomplete, you have the right to have them corrected or completed without undue delay.
3. Right to Restriction of Processing (Art. 18 GDPR)
You have the right to obtain restriction of processing where one of the following applies:
- you contest the accuracy of your personal data, for a period enabling us to verify accuracy;
- processing is unlawful and you oppose erasure and request restriction instead;
- we no longer need the data for processing purposes, but you require them for the establishment, exercise or defence of legal claims; or
- you have objected to processing and verification of overriding legitimate grounds is pending.
4. Right to Erasure (“Right to Be Forgotten”) (Art. 17 GDPR)
You have the right to obtain erasure of your personal data without undue delay where one of the following grounds applies:
- the data are no longer necessary for the purposes for which they were collected;
- you withdraw consent and there is no other legal ground;
- you object to processing and there are no overriding legitimate grounds, or you object under Art. 21 (2) GDPR;
- the data have been unlawfully processed;
- erasure is required to comply with EU or Member-State law; or
- the data were collected in relation to information-society services offered under Art. 8 (1) GDPR.
These grounds do not apply where processing is necessary:
- for exercising the right of freedom of expression and information;
- for compliance with a legal obligation or public-interest task to which we are subject;
- for reasons of public interest in the area of public health;
- for archiving purposes in the public interest, scientific or historical research, or statistics; or
- for the establishment, exercise or defence of legal claims.
5. Right to Data Portability (Art. 20 GDPR)
You have the right to receive your personal data in a structured, commonly used and machine-readable format or to have those data transmitted to another controller.
6. Right to Object to Certain Processing (Art. 21 GDPR)
You have the right to object at any time, on grounds relating to your particular situation, to processing based on Art. 6 (1) e or f GDPR, including profiling.
Where personal data are processed for direct marketing, you may object at any time to such processing; this applies equally to profiling in connection with direct marketing.
7. Right to Lodge a Complaint with a Supervisory Authority
Without prejudice to any other administrative or judicial remedy, you have the right to complain to a supervisory authority if you believe that processing of your personal data infringes the GDPR.
The authority with which the complaint is lodged will inform you of the status and outcome of the complaint, including the possibility of judicial remedy under Art. 78 GDPR.
A list of supervisory authorities competent in Germany is available at: https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html
Provision of the Website and Creation of Log Files
1. Description and Scope of Data Processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing device.
The following data are collected:
- information about the browser type and version used
- the user’s operating system
- date and time of access
- websites from which the user’s system reaches our website
- websites that are accessed by the user’s system via our website
These data are stored temporarily in our system’s memory and in the log files of our system.
These data are not stored together with other personal data of the user.
2. Purpose of Data Processing
The temporary storage of the IP address by the system is necessary to deliver the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.
Storage in log files is carried out to ensure the functionality of the website. In addition, the data serve to optimise the website and to ensure the security of our information-technology systems. The data are not evaluated for marketing purposes in this context.
3. Legal Basis for Data Processing
The legal basis for the temporary storage of the data and the log files is Art. 6 (1) sentence 1 lit. f GDPR.
4. Duration of Storage
The data are deleted as soon as they are no longer necessary for the purpose for which they were collected. For data collected to provide the website, this is the case when the respective session has ended.
For data stored in log files, deletion occurs after no more than seven days. Storage beyond this period is possible. In that case the users’ IP addresses are deleted or anonymised so that an assignment of the accessing client is no longer possible.
5. Exercising Your Rights
The collection of data for the provision of the website and the storage of data in log files are absolutely necessary for the operation of the site. The user may object, but whether the objection is successful must be determined as part of a balancing of interests.
IV. Use of Cookies and Similar Storage Mechanisms
1. Description and Scope of Data Processing
When you visit our website, we use technical aids for various functions, in particular cookies that may be stored on your device. When you access our site—and at any time thereafter—you can choose whether to allow cookies in general or which individual additional functions you would like to enable. You can make changes in your browser settings or via our consent manager.
Cookies are text files or information in a database that are stored on your hard drive and associated with the browser you are using, so that the entity that sets the cookie can receive certain information. Below we describe which types of cookies we use:
Name
_forward_auth_csrf
Lifetime
8 hours
Description
Security cookie that stores a CSRF token for the forward-auth proxy. Protects against cross-site request forgery attacks during authentication. Contains no personal data and is automatically deleted after 8 hours.
Provider
prognostica GmbH
Name
cookiePreferences
Lifetime
persistent (until deleted by browser)
Description
Stores the user's selected cookie settings in the browser's LocalStorage (not a cookie). These settings are also transmitted once to our server for documentation of consent or withdrawal.
Provider
prognostica GmbH
Name
multi_tab.*
Lifetime
persistent (until deleted by browser)
Description
Coordinates multiple simultaneously opened tabs of the Odoo frontend. Contains a periodic heartbeat timestamp, the identifier of the main tab, and the last activity per tab. Prevents background tabs from unnecessarily keeping real-time connections open. Remains exclusively in the browser and is not transmitted to third parties.
Provider
prognostica GmbH
Name
presence.*
Lifetime
persistent (until deleted by browser)
Description
Stores the current focus or presence status of the user so that Odoo live features (e.g., chat badges) respond correctly. Contains no personal data and is not sent to the server.
Provider
prognostica GmbH
Name
__cf_bm
Lifetime
30 minutes
Description
Necessary cookie for Cloudflare bot management; contains encrypted heuristics for bot detection and is set separately for each subdomain.
Provider
Cloudflare Inc.
Name
_cfuvid
Lifetime
session
Description
Used by Cloudflare rate limiting to distinguish individual visitors behind the same IP address.
Provider
Cloudflare Inc.
Name
__cfruid
Lifetime
session
Description
Technical cookie that assists Cloudflare rate limiting with routing and traffic management.
Provider
Cloudflare Inc.
Name
hubspotutk
Lifetime
6 months
Description
Tracks the identity of a visitor; is submitted to HubSpot when a form is submitted and is used for identifying and de-duplicating contacts.
Provider
HubSpot Inc.
Name
__hstc
Lifetime
6 months
Description
Main tracking cookie of HubSpot; contains the domain, hubspotutk, timestamp of the first, last, and current visit, as well as a running session number.
Provider
HubSpot Inc.
Name
__hssc
Lifetime
30 minutes
Description
Stores session counter and timestamps to determine whether __hstc needs to be updated.
Provider
HubSpot Inc.
Name
__hssrc
Lifetime
session
Description
Contains the value "1" when HubSpot detects a new session; is deleted as soon as the browser is closed.
Provider
HubSpot Inc.
Name
messagesUtk
Lifetime
6 months
Description
Recognizes visitors using the chat widget and restores their chat history across page views.
Provider
HubSpot Inc.
Use of LocalStorage
In addition to traditional cookies, our website also uses your browser’s Local Storage. Small datasets can be stored on your device there. Local-storage entries are not automatically sent to our servers with every page request; they generally remain in your browser. We use this technique only when it is technically required for the requested function or helps us avoid setting additional cookies.
- Technically necessary status data (e.g. tab coordination, session/heartbeat) contain no personal information and are processed locally only.
- cookiePreferences: This Local-Storage object stores the settings you selected in the cookie banner together with a randomly generated ID. To fulfil our proof obligation under Art. 7 (1) GDPR, we transfer this ID together with your consent or refusal status to our server once only and archive it for the statutory documentation period. It is not used further or linked with other data.
Note: You can view and delete all Local-Storage entries at any time in your browser settings. Details (name, description, storage period) are shown in the table above.
2. Purpose of Data Processing
The purpose of using technically necessary cookies (listed as “Necessary”) is to ensure the functionality of our website. Some functions of our site cannot be offered without cookies; for these, the browser must be recognised again after a page change.
We need technically necessary cookies for the following purposes:
- Storing cookie settings (LocalStorage, see above)
- Applying language preferences
- Site functionality
- Bot/DDoS protection & delivery security
- Applying time-zone settings
Technically non-necessary cookies (listed as “Marketing & Statistics”) are used to improve the quality of our website, its content, and therefore our reach and economic efficiency. By setting these cookies we learn how the website is used and can continually optimise our offering. In particular, these cookies serve the following purposes:
- Visitor & session tracking
- Lead attribution & CRM synchronisation
- Marketing automation & personalisation
- CRM lead tracking & marketing analytics
- Appointment scheduling
- Debugging & error management
- Unique visitor ID to link form entries and page views to a lead
Combining these points creates a contact history in HubSpot that contains both chronological page visits and meeting-tool bookings. This allows a comprehensive profile (lead score, interests, last interactions) to be built, which marketing and sales teams can use for personalised outreach. More information is available in the section HubSpot.
3. Legal Basis for Data Processing
The storage of information on the end user’s device and/or access to information already stored on the device is governed by the German Telecommunications-Telemedia Data Protection Act (TTDSG).
When the setting and reading of cookies is technically necessary, this is done to ensure the functionality of our website. In this case, storage of and access to cookies on your device is based on § 25 (2) no. 2 TTDSG. This storage and access facilitate your use of our website and enable us to provide the services you request. Certain functions would not work without these cookies. The cookies are generally deleted when the session ends (e.g. logout or closing the browser) or after a predefined period. Information on differing storage periods can be found in later sections of this privacy notice.
Where cookies that are not technically necessary are used, this is based on your explicit consent, which you can give via the cookie banner. The legal basis for storage and access is then § 25 (1) TTDSG in conjunction with Art. 6 (1) a and Art. 7 GDPR. You may withdraw your consent at any time with future effect or grant it again later by configuring your cookie settings accordingly. Alternatively, you can prevent the storage of cookies by setting your browser software. Please note that such browser settings apply only to the browser in which they are made. If personal data are processed after the storage of and access to information on your device, the provisions of the GDPR apply. Details are provided in later sections of this privacy notice.
4. Exercising Your Rights
You can withdraw your consent to the use of cookies at any time and manage your preferences:
- Reopen the cookie banner (link “Cookie settings” in the website footer) and disable the “Marketing & Analytics” category. This deletes non-essential cookies and stops further tracking.
- Alternatively: Manually delete all cookies in your browser to prevent recognition. You must also delete LocalStorage in the browser to prevent it from being set again.
Email Contact
1. Description and Scope of Data Processing
Our website allows you to contact us via the email address provided. If you do so, the personal data transmitted with the email are stored.
The data are used solely for processing the conversation.
2. Purpose of Data Processing
If you contact us by email, the necessary legitimate interest in processing the data lies in handling your enquiry.
3. Legal Basis for Data Processing
The legal basis for processing the data transmitted in the course of sending an email is Art. 6 (1) lit. f GDPR. Our legitimate interest is to answer your email enquiry in the best possible way.
If the email contact aims at concluding a contract, the additional legal basis is Art. 6 (1) lit. b GDPR.
4. Duration of Storage
The data are deleted as soon as they are no longer necessary for the purpose for which they were collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is deemed ended when it can be inferred from the circumstances that the matter in question has been fully resolved.
Any personal data additionally collected during the sending process are deleted at the latest after seven days.
5. Exercising Your Rights
If the user contacts us by email, they may object to the storage of their personal data at any time. In such a case the conversation cannot be continued.
All personal data stored in the course of contacting us will be deleted in this case.
Applications by Email
1. Description and Scope of Data Processing
You can send us your application by email. In doing so we record your email address and any data you provide in the email.
After your application has been sent, you will receive an email confirming receipt of your application documents.
Further information on the processing of applicant data can be found at the following link: https://www.prognostica.de/en/privacy-notice/#fuer-bewerber.
2. Purpose of Data Processing
The processing of the personal data from your application email is solely for handling your application.
3. Legal Basis for Data Processing
The legal basis for processing your data is the initiation of a contract at the request of the data subject, Art. 6 (1) sentence 1 lit. b GDPR in conjunction with § 26 (1) sentence 1 BDSG.
4. Duration of Storage
After the application procedure has been completed, the data will be stored for up to six months. At the latest after six months your data will be deleted. If there is a statutory obligation, the data will be stored in accordance with the applicable provisions.
Corporate presences
YouTube
YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, United States
On our YouTube company page we provide information and give YouTube users a channel for communication.
If you interact with our YouTube presence (e.g. comments, posts, likes, etc.), personal data such as your real name or profile photo may become publicly visible.
Because we generally have little or no influence over how YouTube processes your personal data, we cannot make binding statements about the exact purposes or scope of that processing.
We use social-network profiles for communication and the exchange of information with (potential) customers, especially regarding products, services, events, prize draws and company news.
Publications on the profile may contain, for example:
- Information on products
- Information on services
- Prize draws
- Advertising
- Customer support
- Company news
Every user is free to disclose personal data through such activities.
Where we process your personal data to analyse your online behaviour, run competitions or conduct lead-generation campaigns, this is done on the basis of your explicit consent, Art. 6 (1) a and Art. 7 GDPR.
The legal basis for processing personal data for the purpose of communicating with customers and interested parties is Art. 6 (1) f GDPR; our legitimate interest is to respond to your enquiry efficiently or provide the requested information. If the contact is aimed at concluding a contract, the additional legal basis is Art. 6 (1) b GDPR.
For transfers of your personal data to third countries we have implemented appropriate safeguards in the form of Standard Contractual Clauses pursuant to Art. 46 (2) c GDPR. You can request a copy of these clauses from us.
You may object at any time to the processing of personal data that we collect in connection with your use of our YouTube presence and you may exercise the rights set out in Section III of this privacy policy. Simply send an informal email to privacy@prognostica.de. For information on how YouTube itself processes your data and on additional opt-out options, please visit: https://policies.google.com/privacy?hl=de.
X
X Internet Unlimited Company, One Cumberland Place, Dublin 2, D02 AX07, Ireland
On our X company page we provide information and give X users a channel for communication.
If you interact with our X presence (e.g. comments, posts, likes, etc.), personal data such as your real name or profile photo may become publicly visible.
Because we generally have little or no influence over how X processes your personal data, we cannot make binding statements about the exact purposes or scope of that processing.
We use social-network profiles for communication and the exchange of information with (potential) customers, especially regarding products, services, events, prize draws and company news.
Publications on the profile may contain, for example:
- Information on products
- Information on services
- Prize draws
- Advertising
- Customer support
- Company news
Every user is free to disclose personal data through such activities.
Where we process your personal data to analyse your online behaviour, run competitions or conduct lead-generation campaigns, this is done on the basis of your explicit consent, Art. 6 (1) a and Art. 7 GDPR.
The legal basis for processing personal data for the purpose of communicating with customers and interested parties is Art. 6 (1) f GDPR; our legitimate interest is to respond to your enquiry efficiently or provide the requested information. If the contact is aimed at concluding a contract, the additional legal basis is Art. 6 (1) b GDPR.
For transfers of your personal data to third countries we have implemented appropriate safeguards in the form of Standard Contractual Clauses pursuant to Art. 46 (2) c GDPR. You can request a copy of these clauses from us.
You may object at any time to the processing of personal data that we collect in connection with your use of our X presence and you may exercise the rights set out in Section III of this privacy policy. Simply send an informal email to privacy@prognostica.de. For information on how X itself processes your data and on additional opt-out options, please visit: https://x.com/de/privacy.
Use of Corporate Profiles on Professional Networks
1. Scope of Data Processing
On our page we provide information and offer users an opportunity for communication.
The corporate profile is used for recruitment, information/PR and active sourcing. We have no details regarding the processing of your personal data by the companies that share responsibility for the profile. Further information can be found in the privacy policies of:
On our page we provide information and offer users an opportunity for communication.
The corporate profile is used for recruitment, information/PR and active sourcing.
We have no details regarding the processing of your personal data by the companies that share responsibility for the profile. Further information can be found in the privacy policies of:
LinkedIn: https://www.linkedin.com/legal/privacy-policy
XING: https://privacy.xing.com/de
If you carry out an action on our corporate profile (e.g. comments, posts, likes, etc.) you may thereby make personal data public (e.g. your real name or the photo from your user profile).
2. Legal Basis for Data Processing
The legal basis for processing personal data for the purpose of communicating with customers and interested parties is Art. 6 (1) sentence 1 lit. f GDPR. Our legitimate interest is to respond to your enquiry in the best possible way or to provide the requested information.
If the contact is aimed at concluding a contract, the additional legal basis is Art. 6 (1) lit. b GDPR.
3. Purpose of Data Processing
Our corporate profile serves to inform users about our services. Every user is free to publish personal data through their activities.
4. Duration of Storage
Data generated via the corporate profile are not stored in our own systems.
5. Exercising Your Rights
You may object at any time to the processing of your personal data that we collect in connection with your use of our corporate profile and you may exercise the data-subject rights listed under Section IV of this privacy notice. To do so, send an informal email to the address given in this privacy notice.
Further information on exercising your rights is available here:
LinkedIn: https://www.linkedin.com/legal/privacy-policy
XING: https://privacy.xing.com/en
Integrated Third-Party Services
We use various service providers to deliver the services offered on the website.
In general, we have a legitimate interest in sharing your data with the relevant service providers when those services are essential for providing the basic functionality offered on the website.
If such services are required for additional services, extended functions or further purposes, your personal data are shared with service providers only if you give your consent.
You can withdraw your consent to the use of integrated third-party services and manage your consent settings at any time: On every sub-page of the website you can adjust the cookie settings in the footer.
HubSpot Analytics and Meeting-Scheduling Tool
1. Description and Scope of Data Processing
We use services provided by HubSpot Inc., 2nd Floor, 25 First Street, Cambridge, MA 02141, USA (hereinafter “HubSpot”). HubSpot is an integrated software solution that enables us to cover various aspects of our online-marketing activities. These include, inter alia:
- Email marketing (newsletters as well as automated mailings, e.g. for the provision of downloads),
- Social-media publishing and reporting,
- Reporting (in particular the analysis of traffic sources, page views, etc.),
- Contact management (especially user segmentation and CRM),
- Landing pages, and
- Contact forms.
Personal data may be processed within these functions for the above-mentioned purposes. Where HubSpot processes personal data on servers located in the United States, such processing is safeguarded by appropriate transfer mechanisms (e.g. standard contractual clauses adopted by the European Commission) to ensure an adequate level of data protection in accordance with Art. 44 ff. GDPR.
Our website integrates the HubSpot tracking-code script and the HubSpot meeting widget. As soon as you accept the “Marketing & Analytics” category in the cookie banner:
- a unique visitor ID is stored in your browser, and
- HubSpot links all interactions to this ID and—after a form submission or meeting booking—assigns them to your contact record in HubSpot CRM.
The following categories of data may be processed:
| Data category | Individual data points / examples |
|---|---|
| Contact data | First and last name, business email address, company name, telephone number |
| Appointment data | Booked slot (date, time, time-zone), meeting title, internal calendar ID |
| Website & usage data | Pages viewed, click paths, form submissions, referrer URL, session length |
| Tracking IDs | Cookie IDs (hubspotutk, etc.), HubSpot session ID, chat cookie messagesUtk (if applicable) |
| Technical metadata | IP address, approximate geolocation (country/city), browser & device information, timestamp |
| CRM additions (manual) | Call notes, offer details, internal tags, pipeline status, tasks |
| Communication data | Send/open statistics of marketing emails, chat transcripts, meeting minutes |
| Consent records | Date, time and status of your cookie consent |
Profiling / data consolidation:
Once you book a meeting or submit a form, the visitor ID mentioned above is linked to your contact profile. This creates a complete history of your website visits, interactions and communication events (e.g. email opens). Our sales and marketing teams use this information for personalised outreach.
Further information on the processing of data by HubSpot can be found here: https://legal.hubspot.com/de/privacy-policy
2. Purpose of Data Processing
| Primary purpose | Explanation |
|---|---|
| Appointment scheduling | Provision of the meeting widget, display of available slots, automatic calendar entries |
| Lead management & CRM | Consolidation of your appointment and website interactions into one contact profile; tracking of sales opportunities |
| Marketing analytics & personalisation | Creation of traffic and conversion reports, segmentation & workflow automation for personalised emails or website content |
| IT security & error management | Bot protection (Cloudflare cookie), logging of technical events for incident and fraud prevention |
3. Legal Basis for Data Processing
| Legal basis | Applies to |
|---|---|
| Art. 6 (1) a GDPR – Consent | Setting of marketing & analytics cookies, profiling, marketing automation |
| Art. 6 (1) b GDPR – Contract / pre-contractual measure | Meeting booking (initial consultation) at your request |
| Art. 6 (1) f GDPR – Legitimate interest | IT-security logs, bot protection, error diagnostics |
4. Duration of Storage
| Data type | Storage period |
|---|---|
HubSpot cookies (hubspotutk, __hstc, __hssc …) | 30 minutes to 6 months (depending on the cookie); session cookies until the browser is closed |
| Contact & CRM data | As long as a business relationship is active; at the latest 3 years after last contact or in accordance with statutory retention (6 / 10 years) |
| Security & server logs | 30 days, or until a security incident is finally resolved |
| Consent records | 6 months (statutory proof obligation under Art. 7 (1) GDPR) |
| Anonymised statistical data | Unlimited (no personal reference) |
5. Withdrawal / Objection
| Option | Effect |
|---|---|
| Cookie settings | Reopen the cookie banner (link “Cookie settings” in the footer) and disable the “Marketing & Analytics” category. This deletes HubSpot cookies and stops further tracking. |
| Browser deletion | Manually delete all HubSpot cookies in your browser to prevent recognition. You must also delete LocalStorage in the browser to prevent it from being set again. |
| Unsubscribe from marketing emails | Every mailing contains an “Unsubscribe” link; clicking it blocks your contact from further marketing emails. |
| Profiling / CRM deletion | Send an informal email to privacy@prognostica.de requesting deletion or restriction of your contact profile. |
| Objection under Art. 21 GDPR | You may object at any time to processing for direct-marketing purposes or on grounds relating to your particular situation. We will then stop processing your data unless compelling legitimate grounds override your interests. |
Integration of Plugins via External Providers
1. Description and Scope of Data Processing
Certain functions on our website are provided by external service providers. This applies in particular to HubSpot services whose content is loaded when you visit our site. HubSpot itself uses a content delivery network (CDN) to speed up and secure the delivery of content—such as forms, scripts or tracking functions.
Therefore, when you access our website, a connection may be established to the servers of HubSpot or the CDN used by HubSpot (e.g. Cloudflare).
Information about HubSpot can be found in the section HubSpot.
Other services used by HubSpot for content delivery include:
| Third-party provider | Address | Privacy policy URL |
|---|---|---|
| Amazon Web Services, Inc. | 410 Terry Avenue North, Seattle, WA 98109-5210, USA | https://aws.amazon.com/privacy/ |
| Cloudflare, Inc. | 101 Townsend St, San Francisco, CA 94107, USA | https://www.cloudflare.com/privacypolicy/ |
| Google LLC (Google Cloud Platform) | 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA | https://policies.google.com/privacy |
| Snowflake Inc. (Data warehouse/CDN cache) | Suite 3A, 106 East Babcock St, Bozeman, MT 59715, USA | https://www.snowflake.com/en/legal/privacy/privacy-policy/ |
Personal data may be stored and processed in server log files, in particular:
- IP address
- Device and browser information
- Operating system
- Time of access
2. Purpose of Data Processing
These services are used to deliver and accelerate online applications and content.
3. Legal Basis for Data Processing
Data collection is based on Art. 6 (1) f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of the site.
4. Duration of Storage
Your personal information is stored for as long as necessary to fulfil the purposes described in this privacy notice or as required by law.
5. Exercising Your Rights
Information on how to exercise your rights vis-à-vis HubSpot can be found at:
https://legal.hubspot.com/de/privacy-policy
This privacy policy was created with the support of DataGuard.
Last update: 06.06.2025