Privacy Policy
This privacy policy informs you about how deltaDAO AG (in the following deltaDAO, we, us, our) processes your personal data when you visit our website, communicate with us via e-mail, subscribe to our newsletter or schedule an online appointment. Moreover, this privacy policy informs you about your rights.
Last updated on January 15, 2026.
1. Contact details of the controller and Data Protection Officer
The controller pursuant to the EU General Data Protection Regulation ("GDPR") responsible for the processing of your personal data is:
deltaDAO AG
Katharinenstraße 30a (Contor)
20457 Hamburg
Germany
E-mail: contact@delta-dao.com
If you have any questions about the protection of your personal data at deltaDAO, please contact our Data Protection Officer:
Data Protection Officer
deltaDAO AG
Katharinenstraße 30a (Contor)
20457 Hamburg
Germany
E-mail: privacy@delta-dao.com
2. Recipients and cross-border data transfer
deltaDAO transfers personal data to service providers that help us operate our website and providing our services to you. There are Data Processing Agreements (DPAs) in place with our service providers.
Some of our service providers are located in third countries (countries outside the European Union or the European Economic Area). Detailed information about each specific service provider, their headquarters' location, and whether or not the European Commission (EC) has issued an adequacy decision for that country can be found in Section 3 of this privacy policy. An adequacy decision is a formal recognition by the EC that a country ensures an adequate level of data protection. For countries where an adequacy decision is absent (such as the USA), we ensure your data remains protected by entering into Standard Contractual Clauses (SCCs) with the service providers. SCCs are standardized legal contracts pre-approved by the EC.
3. How we process your personal data
Personal data is any information that can be directly or indirectly associated with you. deltaDAO processes your personal data for the following purposes:
Processing | Personal data | Purposes | Legal basis | Retention period | Service Providers |
Providing and securing our website | IP address, URL, browser details, operating system | Technical requirement for communication between your device and our website; creation of logfiles for security, fraud/abuse prevention, and troubleshooting. | Legitimate interest (Art. 6(1)(f) GDPR): provide our website to you and to enable security, a technically error-free presentation, and the optimization of the website. | Our service provider retains your personal data as long as needed to provide their services; it is retained longer if needed for legal claims. | Hosting: Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA. There is no adequacy decision for the USA from the EC. Our cooperation with Vercel is based on SCCs. |
Creating aggregated website statistics | Pseudonymized usage data (hashed IP address, URL, and User-Agent) | Measurement and website optimization. | Legitimate interest (Art. 6(1)(f) GDPR): To gain insights to improve features/services and evaluate user engagement. | Completely anonymized after 24 hours. | Web Analytics: Plausible Insights OÜ, Västriku tn 2, 50403, Tartu, Estonia. We signed a DPA with Plausible Analytics. Here you can find Plausible Analytic’s current DPA, privacy practices, security practices and a legal assessment on GDPR compliance. |
Respond to e-mails | E-mail address, first name, last name, any other information provided in your message | To respond to your inquiries. | Legitimate interest (Art. 6(1)(f) GDPR): To answer your inquiries. | As long as needed to process inquiries; longer if required by tax/commercial law or legal disputes. | Mail Service: Microsoft Corporation, 1 Microsoft Way, Redmond, WA 98052, USA. There is no adequacy decision for the USA from the EC. Our cooperation with Microsoft is based on SCCs.
|
Send our newsletter | E-mail address | To send our newsletter to you. | Consent (Art. 6(1)(a) GDPR) | For as long as your consent is given; deleted after the contract with the service provider ends, unless legal requirements make further storage necessary. | Newsletter service: Mailchimp (The Rocket Science Group LLC d/b/a Mailchimp located at 675 Ponce de Leon Ave NE Suite 5000 Atlanta, GA 30308 USA). There is no adequacy decision for the USA from the EC. Our cooperation with Mailchimp is based on SCCs |
Enabling you booking online appointments | Appointment data (first name, last name, e-mail address, meeting topic and agenda), Usage data (IP address, referrer URL, time of access, whether you have made an inquiry with us) | To enable you booking an appointment. | Legitimate interest (Art. 6(1)(f) GDPR): To make booking appointments as uncomplicated as possible. | Usage data: stored exclusively for the technical provision of the service and then automatically deleted. Appointment data: one month. | Online appointment booking tool: meetergo GmbH, Hauptstr. 44, 40789 Monheim am Rhein, Germany. Our cooperation with meetergo GmbH is based on a DPA. To receive a copy of the addendum, please contact us at privacy@delta-dao.com. |
4. Cookies and statistics
4.1 Cookies
A cookie is a small file that stores information in your browser. Your web browser downloads it on the first visit to a website. The next time you open this website with the same device, the cookie and the information stored in it are either sent back to the website that created it (first-party cookie) or sent to another website it belongs to (third-party cookie). This enables the website to detect that you have opened it previously with this browser and, in some cases, to vary the displayed content. Some cookies are necessary for making websites work, and others are used for enhancing your experience on the visited website. Cookies can also be used for marketing and analytics purposes. Web storage (local storage and session storage) has similar functionality to cookies. In the following, the term "cookies" refers to both, web storage and regular cookies.
How do we use cookies?
- Website: Our website does not use cookies or web storage.
- Online appointment booking tool: When you make an appointment using our meetergo appointment booking tool, a first-party local storage entry called "__anon_id" is permanently stored on your device by the meetergo.com service for internal analysis or session purposes.
How to block or delete cookies?
Removing cookies from your device: You can delete all cookies or site-specific cookies from your computer's hard disk at any time in your browser settings. For more details, please check the privacy or cookie settings in your preferred browser.
Blocking cookies: Most browsers have settings you can use to prevent cookies from being placed on your device. For more details, please check the privacy or cookie settings in your preferred browser. These settings may result in some websites not displaying content or functioning correctly.
4.2 Statistics
deltaDAO uses Plausible Analytics, a privacy-friendly web analytics tool for tracking overall trends in our website traffic. Plausible Analytics does not use cookies or similar technologies that require information to be stored on your device. Plausible Analytics does not track individual visitors and does not create persistent identifiers. It does not use cross-platform or cross-device tracking and does not pass on data to third parties. You can find further information in chapter 3.
5. Social Media
When you visit our online presences on social media, your personal data will be processed by the respective social media providers listed below.
LinkedIn
LinkedIn is an offer of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn"). The information automatically collected by LinkedIn about your use of our online presence on LinkedIn is usually sent to a server of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA and stored there. For the USA, there is no adequacy decision of the European Commission. Our cooperation with them is based on Standard Contractual Clauses of the European Commission. You have the right to receive a copy of these SCC. To exercise your right, please contact us at privacy@delta-dao.com.
- Here you can find LinkedIn’s current SCCs.
- Here you can find LinkedIn’s privacy policy.
YouTube
YouTube is an offer of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The information processed by Google about your use of our online presence on YouTube is usually transmitted to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA and stored there. For the USA, there is no adequacy decision of the European Commission. Our cooperation with them is based on Standard Contractual Clauses of the European Commission. You have the right to receive a copy of these SCC. To exercise your right, please contact us at
- Here you can find Google’s current SCCs.
- Here you can find Google’s privacy policy.
6. Automated decision making including profiling according to Article 13(2)(f) GDPR
Automated decision making including profiling does not take place.
7. External links
This website contains links to external websites. deltaDAO is not responsible for the content and privacy practices of those websites.
8. Your rights
Pursuant to the GDPR, you have the following rights. If you wish to exercise your rights or have any questions, do not hesitate to contact us.
8.1 Right to withdraw consent (Art. 7(3) GDPR)
You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
8.2 Right of access (Art. 15 GDPR)
You have the right to obtain confirmation as to whether deltaDAO processes personal data about you. If we are processing personal data about you, you have the right to access these personal data and to gain the information defined in Art. 15 GDPR.
8.3 Right to rectification (Art. 16 GDPR)
You have the right to obtain without undue delay the rectification of inaccurate personal data about you. Additionally, you have the right that incomplete personal data about you are completed.
8.4 Right to erasure (Art. 17 GDPR)
You have the right to obtain without undue delay the erasure of personal data about you, where the defined legal grounds in Art. 17 GDPR apply.
8.5 Right to restriction of processing (Art. 18 GDPR)
Moreover, you have the right to obtain the restriction of processing your personal data where the defined legal grounds in Art. 18 GDPR apply.
8.6 Right to data portability (Art. 20 GDPR)
You have the right to receive your personal data in a structured, commonly used, and machine-readable format. Additionally, you have the right to transmit those data to another controller without hindrance, where the defined legal grounds in Art. 20 GDPR apply. You can make use of your right to data portability by contacting us.
8.7 Right to object (Art. 21 GDPR)
On grounds relating to your particular situation, you have the right to object to the processing of your personal data where we based the processing on legitimate interests (Art. 6(1)(f) GDPR). If you object, deltaDAO will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing, overriding your rights, freedoms, and interests, or if the processing is required to establish, exercise, or defend legal claims.
8.8 Right to lodge a complaint (Art. 77 GDPR)
You have the right to lodge a complaint with a supervisory authority if you consider the processing of your personal data by deltaDAO to infringe the GDPR. You can lodge a complaint in particular
- in the Member State of your habitual residence,
- in the Member State of your place of work, and
- in the place of the alleged infringement.
9. Questions
If you have any questions about our privacy policy, please send us an e-mail at privacy@delta-dao.com.
10. Changes to the Privacy Policy
This privacy policy will be amended from time to time. You can see the date of the last alteration at the top of the privacy policy.