This privacy policy informs you about how deltaDAO AG (in the following deltaDAO, we, us, our) processes your personal data. Moreover, this privacy policy informs you about your rights.
Last updated on September 25, 2024.
The controller pursuant to the EU General Data Protection Regulation ("GDPR") for the processing of your personal data is:
deltaDAO AG
Katharinenstraße 30a (Contor)
20457 Hamburg
Germany
E-mail: contact@delta-dao.com
If you have any questions about the protection of your personal data at deltaDAO, please contact our Data Protection Officer:
Data Protection Officer
deltaDAO AG
Katharinenstraße 30a (Contor)
20457 Hamburg
Germany
E-mail: privacy@delta-dao.com
Personal data is any information that can be directly or indirectly associated with you. deltaDAO processes the following personal data.
You can find further information about the processing of your personal data in the chapter “Processing operations according to Article 13 GDPR”.
Webflow
We host our website with Webflow (Webflow, Inc. located at 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA). Webflow is a tool for creating and hosting websites. When you visit our website, Webflow collects log files including your IP address. Further information can be found in chapter 4.
There is no adequacy decision for the USA from the European Commission. Our cooperation with Webflow is based on a Data Processing Agreement (DPA) including Standard Contractual Clauses (SCC). You have the right to receive a copy of these SCC. To exercise your right, please contact us at privacy@delta-dao.com
Mailchimp
We use Mailchimp (The Rocket Science Group LLC d/b/a Mailchimp located at 675 Ponce de Leon Ave NE Suite 5000 Atlanta, GA 30308 USA) for sending and subscribing to our newsletter. Further information can be found in chapter 4.
There is no adequacy decision for the USA from the European Commission. Our cooperation with Mailchimp is based on a Data Processing Agreement (DPA) including Standard Contractual Clauses (SCC). You have the right to receive a copy of these SCC. To exercise your right, please contact us at privacy@delta-dao.com.
Microsoft Corporation
When you contact us via e-mail, our (mail) service provider Microsoft Corporation (located at 1 Microsoft Way, Redmond, Washington 98052-8300, USA) supports us in processing your personal data so we can communicate with you. Further information can be found in chapter 4.
There is no adequacy decision for the USA from the European Commission. However, Microsoft is EU-US DPF (EU‐US Data Privacy Framework) certified. The EU‐US DPF is an adequacy decision of the European Commission, limited to certified entities. Moreover, we have restricted storage on the EEA and signed SCC with our provider. You have the right to receive a copy of these SCC. To exercise your right, please contact us at privacy@delta-dao.com.
We host our website with Webflow (see also chapter 3). When you visit our website, Webflow collects and uses your IP address and creates logfiles including your IP address.
Purpose: Collecting and using your IP address is necessary for providing our website because it is a technical requirement for ensuring communication between your device and our website. Logfiles including your IP address are created for security, fraud-prevention, abuse-prevention, and troubleshooting purposes.
Legal basis: The legal basis for this processing is our legitimate interest, pursuant to Art. 6(1)(f) GDPR.
Legitimate interests: Our legitimate interest is to provide our website to you and to enable security, a technically error-free presentation, and the optimization of the website.
Retention period: Webflow stores your personal data for 15 days.
If you contact us via e-mail, deltaDAO collects, uses, and stores your e-mail address, and any other information you provide us in your message, such as your name. When you send us an e-mail, our (mail) service provider Microsoft Corporation (see also chapter 3) supports us in processing your personal data so we can communicate with you.
Purpose: We collect, use and store this personal data to respond to your inquiries.
Legal basis: The legal basis for this processing is our legitimate interest, according to Art. 6(1)(f) GDPR.
Legitimate interests: Our legitimate interest is to answer your inquiries.
Retention period: We store your personal data as long as we need it to process your inquires. We store your personal data beyond this period if we are obliged to do so due to retention obligations under tax and commercial law or in the event of legal disputes. If the latter is the case, your personal data will be erased after the retention period has expired.
If you subscribe to our newsletter and give us your consent, we collect, use, and store the e-mail address you provide to us in the subscription form. Our service provider Mailchimp receives your personal data and acts as a processor for us (see also chapter 3).
Purpose: We collect, use, and store your e-mail address, so we can send our newsletter to you.
Legal basis: The legal basis for this processing is your consent pursuant to Art. 6(1)(a) GDPR.You have the right to withdraw your consent at any time (see also chapter 8.1).
Retention period: Your personal data will be processed for as long as you have given your consent. Apart from this, it will be deleted after the contract between us and Mailchimp has ended, unless legal requirements make further storage necessary.
We process personal data of applicants who apply for our job offers we share via e-mail, this website or LinkedIn. We collect, use and store the following personal data: full name and other contact details, information contained in the CV, certificates, references and cover letter (if provided).
Purpose: We process the personal data to procure, find and select employees with the right skills and characteristics for the position in question.
Legal basis: The legal basis for this processing is the performance of a contract pursuant to Art. 6(1)(b) GDPR.
Retention period: In the event of a commitment, the above-mentioned personal data will be deleted after recruitment. After a rejection or if the applicant is no longer interested in the position, the above-mentioned personal data will be deleted within four months.
Our online presence on YouTube and LinkedIn
Insofar as you have given your consent to the respective social media operator in accordance with Art. 6 (1)(a) GDPR, when you visit our online presences on the social media mentioned above, your data will be automatically collected and stored for market research and advertising purposes, from which usage profiles will be created using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. Cookies are generally used for this purpose. For detailed information on the processing and use of data by the respective social media operator, as well as a contact option and your rights and setting options in this regard to protect your privacy, please refer to the privacy notices of the providers linked below. If you still require assistance in this regard, you can contact us.
YouTube is an offer of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The information automatically collected by Google about your use of our online presence on YouTube is usually transmitted to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA and stored there. For the USA, there is no adequacy decision of the European Commission. Our cooperation with them is based on Standard Contractual Clauses of the European Commission. You have the right to receive a copy of these SCC. To exercise your right, please contact us at privacy@delta-dao.com
LinkedIn is an offer of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn"). The information automatically collected by LinkedIn about your use of our online presence on LinkedIn is usually sent to a server of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA and stored there. For the USA, there is no adequacy decision of the European Commission. Our cooperation with them is based on Standard Contractual Clauses of the European Commission. You have the right to receive a copy of these SCC. To exercise your right, please contact us at privacy@delta-dao.com
A cookie is a small file that stores information in your browser. Your web browser downloads it on the first visit to a website. The next time you open this website with the same device, the cookie and the information stored in it are either sent back to the website that created it (first-party cookie) or sent to another website it belongs to (third-party cookie). This enables the website to detect that you have opened it previously with this browser and, in some cases, to vary the displayed content. Some cookies are necessary for making websites work, and others are used for enhancing your experience on the visited website. Cookies can also be used for marketing and analytics purposes.
Our website uses cookies that are required to display the website, to provide certain website functions and to ensure security (necessary cookies).
deltaDAO uses Plausible Analytics, a privacy-friendly web analytics tool for tracking overall trends in our website traffic. We create aggregated statistics based on our legitimate interest to gain insights to improve existing and future features and services, and to evaluate user engagement. Plausible Analytics does not use cookies or similar technologies that require information to be stored on your device. Instead, the tool focuses on analyzing aggregated data without the need to access your end device or store information there.
Plausible Analytics does not track individual visitors and does not create persistent identifiers. It does not use cross-platform or cross-device tracking and does not pass on data to third parties. Plausible Analytics primarily uses data that is recorded by default in server logs, such as requested URLs, access times, HTTP status codes and transferred data volumes. This information is used to analyze website traffic. Data processing at Plausible Analytics takes place in two steps:
Plausible Analytics only uses EU-based service providers for hosting and additional services such as CDN and DDoS protection. The servers are located in Germany (operated by Hetzner) and additional services are provided by Bunny (based in Slovenia).
deltaDAO signed a DPA with Plausible Analytics.
Automated decision making including profiling does not take place.
Our website contains links to websites owned by third parties. These websites are beyond our control and responsibility.
Pursuant to the GDPR, you have the following rights. If you wish to exercise your rights or have any questions, do not hesitate to contact us.
9.1 Right to withdraw consent (Art. 7(3) GDPR)
You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
9.2 Right of access (Art. 15 GDPR)
You have the right to obtain confirmation as to whether deltaDAO processes personal data about you. If we are processing personal data about you, you have the right to access these personal data and to gain the information defined in Art. 15 GDPR.
9.3 Right to rectification (Art. 16 GDPR)
You have the right to obtain without undue delay the rectification of inaccurate personal data about you. Additionally, you have the right that incomplete personal data about you are completed.
9.4 Right to erasure (Art. 17 GDPR)
You have the right to obtain without undue delay the erasure of personal data about you, where the defined legal grounds in Art. 17 GDPR apply.
9.5 Right to restriction of processing (Art. 18 GDPR)
Moreover, you have the right to obtain the restriction of processing your personal data where the defined legal grounds in Art. 18 GDPR apply.
9.6 Right to data portability (Art. 20 GDPR)
You have the right to receive your personal data in a structured, commonly used, and machine-readable format. Additionally, you have the right to transmit those data to another controller without hindrance, where the defined legal grounds in Art. 20 GDPR apply. You can make use of your right to data portability by contacting us.
9.7 Right to object (Art. 21 GDPR)
On grounds relating to your particular situation, you have the right to object to the processing of your personal data where we based the processing on legitimate interests (Art. 6(1)(f) GDPR). If you object, deltaDAO will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing, overriding your rights, freedoms, and interests, or if the processing is required to establish, exercise, or defend legal claims.
9.8 Right to lodge a complaint (Art. 77 GDPR)
You have the right to lodge a complaint with a supervisory authority if you consider the processing of your personal data by deltaDAO to infringe the GDPR. You can lodge a complaint in particular
If you have any questions about our privacy policy, please send us an e-mail at privacy@delta-dao.com.
This privacy policy will be amended from time to time. You can see the date of the last alteration at the top of the privacy policy.