Privacy Policy

Last updated: 1 January 2025

Contents

  1. Data Controller
  2. Data We Collect
  3. Purpose and Legal Basis
  4. Data Retention
  5. Disclosure of Data
  6. Your Rights
  7. Cookies
  8. Data Security
  9. Changes to This Policy
  10. Contact

1. Data Controller

The data controller responsible for the processing of personal data on this website is:

ABACUS Financial Services AG
Dornhaldenstraße 5
70199 Stuttgart, Germany
Telephone: + 49 711 6583809-0
Email: support@abacus-ag.org

2. Data We Collect

We collect personal data only when you actively provide it to us or when it is automatically generated through your use of our website.

2.1 Contact Form Data

When you submit our contact form, we collect the following data which you voluntarily provide:

  • First and last name
  • Email address
  • Company name (optional)
  • The content of your message
  • Your selected enquiry topic

2.2 Server Log Files

Our web server automatically records the following data in server log files each time you access our website:

  • IP address of the requesting device (anonymised after 7 days)
  • Date and time of the request
  • Page requested (URL)
  • HTTP status code
  • Browser type and version
  • Operating system
  • Referring URL

2.3 Cookies and Tracking

We use cookies as described in our Cookie Policy. With your consent, we may use analytics tools to understand aggregate usage patterns on our website. No personal profiles are built from this data.

3. Purpose and Legal Basis

We process personal data on the following legal bases under the General Data Protection Regulation (GDPR):

3.1 Responding to Enquiries

Contact form data is processed to respond to your enquiry. The legal basis is Art. 6(1)(b) GDPR (performance of a contract or steps prior to entering a contract) or, where no contractual relationship arises, Art. 6(1)(f) GDPR (legitimate interest in responding to enquiries).

3.2 Website Operation

Server log data is processed to ensure the technical operation, security, and stability of our website. The legal basis is Art. 6(1)(f) GDPR (legitimate interest).

3.3 Analytics and Cookies

Where you have provided consent, we process usage data for website analytics. The legal basis is Art. 6(1)(a) GDPR (consent). You may withdraw your consent at any time by adjusting your cookie preferences or contacting us.

4. Data Retention

We retain personal data only for as long as necessary for the purpose for which it was collected:

  • Contact form enquiries: up to 24 months from the date of last correspondence
  • Server log files: 90 days (IP addresses anonymised after 7 days)
  • Analytics data: aggregated only; no individual records retained beyond 26 months

Data may be retained for longer periods where required by applicable law or to establish, exercise, or defend legal claims.

5. Disclosure of Data

We do not sell personal data to third parties. We may share data in the following limited circumstances:

  • Service providers: Hosting and IT service providers who process data on our behalf under a data processing agreement, as required by Art. 28 GDPR
  • Legal obligations: Where required by applicable law, court order, or governmental authority
  • Business transfers: In the context of a merger, acquisition, or sale of all or part of our business assets, subject to appropriate confidentiality obligations

We do not transfer personal data to countries outside the European Economic Area (EEA) unless adequate safeguards are in place as required by Chapter V of the GDPR.

6. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR): You may request a copy of the personal data we hold about you.
  • Right to rectification (Art. 16 GDPR): You may request correction of inaccurate or incomplete data.
  • Right to erasure (Art. 17 GDPR): You may request deletion of your personal data where no overriding legitimate grounds exist.
  • Right to restriction (Art. 18 GDPR): You may request that we restrict the processing of your data in certain circumstances.
  • Right to data portability (Art. 20 GDPR): You may request a machine-readable copy of data you have provided to us.
  • Right to object (Art. 21 GDPR): You may object to processing based on legitimate interests.
  • Right to withdraw consent (Art. 7(3) GDPR): Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at support@abacus-ag.org. You also have the right to lodge a complaint with the competent supervisory authority. The supervisory authority for Baden-Württemberg is the Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg (LfDI).

7. Cookies

This website uses cookies. For full details on which cookies we use, their purpose, and how to manage them, please read our Cookie Policy.

8. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration, and destruction. These measures include TLS encryption for all data in transit, restricted access controls, and regular security reviews. However, no method of transmission over the internet is entirely secure; we cannot guarantee absolute security.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or services. The date of the most recent revision is displayed at the top of this page. We encourage you to review this policy periodically.

10. Contact

For any questions, concerns, or requests relating to this Privacy Policy or our data processing activities, please contact us:

ABACUS Financial Services AG
Dornhaldenstraße 5
70199 Stuttgart, Germany
Email: support@abacus-ag.org
Telephone: + 49 711 6583809-0