Privacy Notice
Updated: February 2026
1. Data Controller
The controller under GDPR is:
HiroX Software Solutions
Zillibillerstr 32
83229 Aschau i. Chiemgau, Germany
2. General Information About Processing
We process personal data in accordance with GDPR, BDSG, and TDDDG. This privacy notice explains the nature, scope, and purpose of data processing on this website.
3. Hosting
Our website is hosted by Vercel Inc. (340 S Lemon Ave #4133, Walnut, CA 91789, USA). When you visit our site, server log data is processed automatically, including IP address, timestamp, requested URL, transfer status, browser, operating system, and ISP information.
Processing is based on Art. 6(1)(f) GDPR (legitimate interest in secure and stable operation). International transfers are safeguarded through EU Standard Contractual Clauses.
4. Contact Form
When you contact us, we process your name, email address, and message.
To prevent abuse, we use an email verification step with a 6-digit code valid for 10 minutes. Your request is only delivered after successful verification.
Verification and notification emails are sent via Amazon Simple Email Service (SES), provided by Amazon Web Services EMEA SARL (38 Avenue John F. Kennedy, L-1855 Luxembourg). Processing is based on Art. 6(1)(b) GDPR (pre-contractual measures) and Art. 6(1)(f) GDPR (abuse prevention). International transfers are safeguarded through EU Standard Contractual Clauses.
5. Cookies and Similar Storage
We only use technically necessary cookies and similar storage technologies required to provide the website securely and reliably. We do not use analytics or marketing storage. Legal basis: Art. 6(1)(f) GDPR and § 25(2) no. 2 TDDDG.
6. No Analytics or Tracking Tools
We do not use Google Analytics, Matomo, or similar tracking tools. No profiling takes place.
7. SSL/TLS Encryption
Data transmission is encrypted via SSL/TLS to protect confidential communications.
8. Your Rights
You have rights under GDPR, including access, rectification, erasure, restriction, portability, and objection.
To exercise your rights, email info@hirox-software-solutions.com. We respond within one month (Art. 12(3) GDPR).
9. Right to Lodge a Complaint
You may lodge a complaint with a supervisory authority under Art. 77 GDPR. The authority responsible for us is:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach, Germany
Website: www.lda.bayern.de
10. Retention Periods
Contact inquiries are retained for up to 12 months after completion to handle follow-ups. If a contract is concluded, statutory retention periods apply (especially 6 or 10 years under commercial and tax law). Verification tokens expire after 10 minutes and are not stored permanently. Hosting log files are deleted after 30 days at the latest.