Tendry – Privacy Policy

Privacy Policy

In accordance with Article 13 GDPR

Name and Address of the Data Controller

The responsible body within the meaning of the GDPR and other data protection regulations is:

LeanMind GmbH
Stockholmer Platz 1
70173 Stuttgart
Deutschland
Phone: +49 711 34067844
E-Mail: info@tendry.io

Name and Address of the Data Protection Officer

dostani IT GmbH
Westfalendamm 80
44141 Dortmund
E-Mail: dsb@dostani-it.de

General Information on Data Processing

Legal Basis for Processing Personal Data

In accordance with Article 13 GDPR, we inform you of the legal bases for our data processing. Where no legal basis is specified, the following applies: consent is based on Art. 6(1)(a) in conjunction with Art. 7 GDPR; contractual processing on Art. 6(1)(b) GDPR; legal obligations on Art. 6(1)(c) GDPR; legitimate interests on Art. 6(1)(f) GDPR; and protection of vital interests on Art. 6(1)(d) GDPR.

Data Deletion and Retention Period

We adhere to the principles of data minimisation (Art. 5(1)(c) GDPR) and storage limitation (Art. 5(1)(e) GDPR). Personal data is stored only as long as necessary to achieve the stated purposes or as required by law. Once the purpose no longer applies or retention periods expire, data is deleted as promptly as possible.

Note on Data Transfers to Third Countries

Our website uses tools from companies based in third countries. When active, your personal data may be transferred to their servers. Data protection standards in third countries generally do not correspond to EU law, and there is a risk of data being passed to authorities in those countries. We have no influence over these processing activities.

External Links

This website may contain links to third-party websites. We accept no responsibility for those websites or their privacy notices. Please review their privacy policies before using them. Only when you click an external link will your personal data — including IP address, click time and referring page — be transferred to the link destination. Some links may result in data transfers outside the European Economic Area, potentially giving foreign authorities access to your data.

Rights of Data Subjects

As a data subject under the GDPR, you may assert the following rights: right of access (Art. 15), right to rectification (Art. 16), right to erasure (Art. 17), right to restriction of processing (Art. 18), right to object (Art. 21), right to lodge a complaint with a supervisory authority, and right to data portability (Art. 20).

Right of Withdrawal

Where processing is based on your explicit consent, you may revoke it at any time. The lawfulness of processing carried out prior to the revocation remains unaffected.

Right to Object

Where processing is based on Art. 6(1)(e) or (f) GDPR, you may object at any time for reasons arising from your particular situation, including in cases of profiling. We will cease processing unless we can demonstrate compelling legitimate grounds which override your interests, or the processing serves the establishment, exercise or defence of legal claims. You may also object at any time to processing for direct marketing purposes.

Right to Lodge a Complaint

If you believe that the processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a supervisory authority in the Member State of your residence, place of work or the place of the alleged infringement.

Right to Data Portability

Where processing is carried out automatically on the basis of consent or contract performance, you have the right to receive your data in a structured, commonly used and machine-readable format, and to request its transfer to another controller where technically feasible.

Right to Information, Correction and Deletion

You have the right to obtain information about your processed personal data, including the purposes of processing, categories, recipients and duration of storage. For questions on this or any other data protection matter, please contact us via the details provided in the imprint.

Right to Restriction of Processing

You may request restriction of processing at any time if one of the following applies:

  • You contest the accuracy of the personal data — restriction applies for the duration of verification.
  • Processing is unlawful and you request restriction as an alternative to erasure.
  • We no longer need the data, but you require it for the establishment, exercise or defence of legal claims.
  • You have objected pursuant to Art. 21(1) GDPR, pending a balancing of interests.

Restricted data may only be processed — beyond storage — with your consent, for legal claims, for the protection of another person's rights, or for reasons of important public interest.

Provision of the Website (Web Host)

Our website is hosted by:
Webflow, Inc.
398 11th Street, 2nd Floor
San Francisco, CA 94103, USA

When you access our website, we automatically collect and store information in server log files, including:

  • IP address of the visitor's end device
  • Device used
  • Hostname of the accessing computer
  • Visitor's operating system
  • Browser type and version
  • Name of the retrieved file
  • Time of server request
  • Amount of data transferred
  • Information on whether the retrieval was successful

This data is not merged with other data sources. The legal basis is Art. 6(1)(f) GDPR. A data processing agreement has been concluded with the hosting provider.

Use of Local Storage, Session Storage and Cookies

Our website uses local storage items, session storage items and/or cookies to store user preferences, manage sessions and carry out analyses of visitor behaviour. Third-party companies may also store such objects when you visit our site. Where necessary for operation or optimisation, their use is based on Art. 6(1)(f) GDPR. In all other cases, they are only stored with your explicit consent (Art. 6(1)(a) GDPR). Where third-party or analytics cookies are used, we will inform you separately and request your consent.

Hosting

Hosting involves the provision of web space and stored files by a web hosting service, including the transfer and storage of personal data such as IP addresses, meta and communication data, and website access data.

This processing is based on our legitimate interest (Art. 6(1)(f) GDPR) in making our website available on the internet.

Microsoft Azure

Provider: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland. May involve data transfer to the USA. Certified under the EU–U.S. Data Privacy Framework. Privacy policy: privacy.microsoft.com

Interface Software

We use interface software to link different applications and securely transfer personal data between them, enabling efficient integration into our business processes. Processing only takes place with your explicit consent via our consent banner (Art. 6(1)(a) GDPR). You may revoke your consent at any time.

Web Fonts

This site uses web fonts from an external provider for consistent font display. When loaded, the provider receives your IP address as your browser establishes a direct connection to their servers. Processing only takes place with your explicit consent via our consent banner (Art. 6(1)(a) GDPR). You may revoke your consent at any time.

Contact by Telephone or Email

In accordance with legal requirements, we have provided a telephone number and email address on our website. Data transmitted via these channels is automatically stored by us to process your enquiries. This data will not be passed on to third parties without your consent.

Where contact is made for pre-contractual or contractual purposes, the legal basis is Art. 6(1)(b) GDPR. For all other enquiries, the legal basis is our legitimate interest pursuant to Art. 6(1)(f) GDPR.