Privacy Policy

1. Controller

ANATY GmbH
Brentanostraße 17
30625 Hannover
Germany
Email: contact@anaty.de

Represented by: Johannes Meiners, Jonas Lenz, Kai-Uwe Zimdars
Commercial Register: HRB 228438 – Amtsgericht Hannover

The Controller determines the purposes and means of processing personal data.

For privacy-related inquiries, please contact:
contact@anaty.de

2. Hosting and Website Operation

Our website is hosted by:
Squarespace Inc.
225 Varick Street, New York, NY 10014, USA

Squarespace acts as a data processor under Article 28 GDPR and processes personal data solely on our documented instructions as Controller.

Data processed may include IP addresses, browser type, device data, and other technical information necessary to operate the website. Data may be stored or processed on servers located in the United States. Squarespace uses EU Standard Contractual Clauses (SCCs) pursuant to Article 46 GDPR to ensure an adequate level of data protection.

Further information:
🔗 Squarespace Privacy Policy
🔗 Squarespace Cookie Policy

3. SSL/TLS Encryption

This website uses SSL/TLS encryption to protect the transmission of confidential data. You can recognize an encrypted connection by the lock symbol in your browser and “https://” in the address bar.

4. Categories and Purposes of Data Processing

Data CategoryPurposeLegal BasisIP address, device & browser infoWebsite functionality & securityArt. 6(1)(f) GDPR (legitimate interest); possibly Art. 6(1)(c) GDPR (legal obligation)Access date/time, pages visitedServer logs and diagnosticsArt. 6(1)(f) GDPR (legitimate interest)Name, email, message content (contact form or email)Responding to inquiries or contract initiationArt. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(a) GDPR (consent, if applicable)Cookies required for technical operationMaintain core website functionalityArt. 6(1)(f) GDPR (legitimate interest)

We process your IP address and technical data to ensure the technical availability and security of the website (e.g., to prevent misuse, attacks, or errors). We do not use any profiling or automated decision-making.

5. Cookies and Tracking Technologies

We use only technically necessary cookies essential for the operation of the site. These cookies do not require your consent.

No third-party analytics, marketing, or profiling cookies are used.

Cookies set by Squarespace include session identifiers, CSRF tokens, and security-related values.

🔗 See full details here: Squarespace Cookie Policy

A cookie banner is displayed when legally required based on the visitor’s region.

6. Data Transfers to Third Countries

Squarespace may process data in the United States, a third country under the GDPR. We rely on:

  • Standard Contractual Clauses (SCCs) as approved by the European Commission under Article 46(2)(c) GDPR;

  • Supplementary technical and organizational measures, such as encrypted transmission and access restrictions, to safeguard your data.

Please note that, despite these measures, the risk of access by U.S. authorities under local laws cannot be fully excluded.

7. Data Retention

We retain personal data only as long as necessary for the purposes specified or to comply with legal retention obligations.

  • Contact form data: 6 months;

  • Server logs: up to 14 days, unless longer retention is required for security analysis;

  • Email correspondence: up to 3 years after last contact, unless otherwise required by law or justified by legitimate interest.

8. Your Rights Under GDPR

You have the right to:

  • Access your personal data (Art. 15 GDPR);

  • Request correction of inaccurate data (Art. 16 GDPR);

  • Request deletion of your data (Art. 17 GDPR), subject to certain conditions;

  • Restrict processing of your data (Art. 18 GDPR);

  • Receive your data in a structured, machine-readable format and transmit it to another controller (Art. 20 GDPR);

  • Object to data processing based on legitimate interests or direct marketing (Art. 21 GDPR);

  • Withdraw consent at any time, without affecting the lawfulness of processing based on consent before withdrawal (Art. 7(3) GDPR);

  • Lodge a complaint with a supervisory authority (Art. 77 GDPR).

To exercise your rights, please contact us at:
Email: contact@anaty.de

Please note that some rights may be subject to limitations under GDPR and national laws.

Supervisory Authority:
State Commissioner for Data Protection of Lower Saxony
Prinzenstraße 5, 30159 Hannover, Germany
Email: poststelle@lfd.niedersachsen.de

9. Changes to this Privacy Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by posting a notice on our website or contacting you directly where appropriate. Please review this policy regularly.

10. Contact for Data Privacy

If you have any questions or wish to exercise your rights, please contact:
Email: contact@anaty.de

Germany, 15.05.2025