Privacy Policy
Unsere Datenschutzrichtlinie beschreibt, wie wir Ihre persönlichen Informationen sammeln, verwenden und schützen. Ihre Privatsphäre und Sicherheit haben bei uns oberste Priorität.
Last Updated on May 4, 2025
Introduction
Below we inform you about the processing of personal data when using
● our website magnamate.de
● our profiles on social media.
Personal data is any data that can be attributed to a specific natural person, e.g., their name or their IP address.
1.1. Contact details
Responsible according to Art. 4 Para. 7 EU General Data Protection Regulation (GDPR) is N.L. Tech Solutions UG (limited liability), Rodensteinstr 54a, 64625 Bensheim, Germany, E-Mail: info@streamlined-ai.com. We are legally represented by Nolan Lewis.
Our Data Protection Officer can be reached via heyData GmbH, Schützenstraße 5, 10117 Berlin, www.heydata.eu, E-Mail: datenschutz@heydata.eu.
1.2. Scope of data processing, purposes of processing, and legal bases
We will detail the scope of data processing, processing purposes, and legal bases below. The following legal bases are generally considered for data processing:
● Art. 6 para. 1 sentence 1 lit. a GDPR serves as the legal basis for processing activities for which we obtain consent.
● Art. 6 para. 1 sentence 1 lit. b GDPR is the legal basis insofar as the processing of personal data is necessary for the fulfillment of a contract, e.g., when a visitor to our site purchases a product from us or we perform a service for them. This legal basis also applies to processing necessary for pre-contractual measures, such as inquiries about our products or services.
● Art. 6 para. 1 sentence 1 lit. c GDPR applies when we fulfill a legal obligation by processing personal data, as may be the case in tax law.
● Art. 6 para. 1 sentence 1 lit. f GDPR serves as the legal basis when we can rely on legitimate interests for processing personal data, e.g., for cookies that are necessary for the technical operation of our website.
1.3. Data processing outside the EEA
As far as we transmit data to service providers or other third parties outside the EEA, adequacy decisions by the EU Commission under Art. 45 para. 3 GDPR guarantee the security of the data during transfer, provided these exist, as is the case for the United Kingdom, Canada, and Israel.
When transferring data to service providers in the USA, the legal basis for the data transfer is an adequacy decision by the EU Commission if the service provider is also certified under the EU US Data Privacy Framework.
In other cases (e.g., when no adequacy decision exists), the legal basis for the data transfer is generally, unless we provide a different notice, standard contractual clauses. These are a framework adopted by the EU Commission and part of the contract with the respective third party. According to Art. 46 para. 2 lit. b GDPR, they ensure the security of the data transfer. Many providers have given contractual guarantees that go beyond the standard contractual clauses, which protect the data beyond the standard contractual clauses. These include guarantees regarding the encryption of data or regarding an obligation of the third party to notify affected individuals when law enforcement agencies want to access data.
1.4. Retention period
Unless expressly stated otherwise in this privacy policy, the data stored with us will be deleted as soon as they are no longer required for their intended purpose and there are no statutory retention obligations preventing deletion. If the data is not deleted because it is required for other legally permissible purposes, its processing will be restricted, meaning the data will be blocked and not processed for other purposes. This applies, for example, to data that we must retain for commercial or tax reasons.
1.5. Rights of the Data Subjects
Individuals have the following rights regarding their personal data:
● Right to access,
● Right to rectification or deletion,
● Right to restrict processing,
● Right to object to processing,
● Right to data portability,
● Right to withdraw consent at any time.
Individuals also have the right to lodge a complaint with a data protection supervisory authority regarding the processing of their personal data. Contact details for data protection supervisory authorities can be found at https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html.
1.6. Obligation to Provide Data
Clients, prospective clients, or third parties must provide us with the personal data that is necessary for establishing, executing, and terminating the business relationship or for any other relationship that we are legally obligated to collect. Without this data, we will generally have to refuse to conclude a contract or provide a service, or we will no longer be able to execute an existing contract or other relationship.
Mandatory information is marked as such.
In principle, we do not use fully automated decision-making in accordance with Article 22 of the GDPR for the establishment and execution of a business relationship or any other relationship. Should we apply these procedures in individual cases, we will inform you separately about this, provided that it is legally required.
When contacting us, for example via email or phone, the data you provide to us (such as your name and email address) will be stored by us to respond to inquiries. The legal basis for processing is our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR) in answering inquiries directed to us. We will delete the data collected in this context once the storage is no longer necessary, or restrict processing if legal retention obligations apply.
Occasionally, we offer sweepstakes through our website or in other ways. The data we collect is processed to determine and notify the winners. After that, we delete the data. It may also be that we only offer sweepstakes for existing customers. In that case, we only process the name to determine the winners and the contact details to notify the winners. It is our legitimate interest to offer sweepstakes to attract customers or to interact with our existing customers. The legal basis for data processing is Article 6 (1) (f) of the GDPR.
From time to time, we conduct customer surveys to better understand our customers and their needs. In this process, we collect the requested data. It is in our legitimate interest to better understand our customers and their desires, so the legal basis for the associated data processing is Article 6, Paragraph 1, Sentence 1, lit. f of the GDPR. We delete the data when the survey results have been evaluated.
Newsletter
We reserve the right to inform customers who have already received services from us or purchased goods from time to time via email or other means about our offerings, unless they have objected to this. The legal basis for this data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in direct advertising (Recital 47 GDPR). Customers can object to the use of their email address for advertising purposes at any time without additional costs, for example via the link at the end of each email or by email to our above-mentioned email address.
Interested parties have the option to subscribe to a free newsletter. We process the data provided during registration solely for the purpose of sending the newsletter. Registration occurs by selecting the appropriate field on our website, by checking the relevant box in a paper document, or through another clear action through which interested parties indicate their consent to the processing of their data, so that the legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR. Consent can be revoked at any time, e.g., by clicking the corresponding link in the newsletter or by notifying our above-mentioned email address. The processing of data until revocation remains lawful even in the event of a revocation.
Based on the consent of the recipients (Art. 6 para. 1 sentence 1 lit. a GDPR), we also measure the open and click rates of our newsletters to understand which content is relevant to our recipients.
We send newsletters using the Mailchimp tool from the provider Rocket Science Group LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. The provider processes content, usage, meta/communication data, and contact data in the USA. Further information can be found in the provider's privacy policy at https://mailchimp.com/legal/privacy/.
Data processing on our website
3.1. Note for website visitors from Germany
Our website stores information on the end devices of website visitors (e.g., cookies) or accesses information that is already stored on the end device (e.g., IP addresses). The specific information can be found in the following sections.
This storage and access is based on the following provisions:
● To the extent that this storage or access is absolutely necessary to provide the service expressly requested by website visitors (e.g., to operate a chatbot used by the website visitor or to ensure the IT security of our website), it is carried out on the basis of § 25 Abs. 2 Nr. 2 of the Telecommunications-Telemedia Data Protection Act (TDDDG).
● Furthermore, this storage or access is based on the consent of the website visitors (§ 25 Abs. 1 TDDDG).
The subsequent data processing is carried out in accordance with the following sections and based on the provisions of the GDPR.
When using the website for informational purposes, that is, when visitors do not provide us with information separately, we collect the personal data that the browser transmits to our server in order to ensure the stability and security of our website. This is based on our legitimate interest, so the legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR.
This data includes:
● IP address
● Date and time of the request
● Time zone difference to Greenwich Mean Time (GMT)
● Content of the request (specific page)
● Access status/HTTP status code
● Amount of data transmitted
● Website from which the request originates
● Browser
● Operating system and its interface
● Language and version of the browser software.
This data is also stored in log files. They will be deleted when their storage is no longer necessary, at the latest after 14 days.
Our website is hosted by Vercel. The provider is Vercel Inc., 340 S Lemon Ave Unit 4133 Walnut, CA, USA. The provider processes the personal data transmitted via the website, e.g. content, usage, meta/communication data, or contact details, in the EU. For more information, please see the provider's privacy policy at https://vercel.com/legal/privacy-policy.
It is our legitimate interest to provide a website, so the legal basis for the described data processing is Art. 6 Para. 1 S. 1 lit. f GDPR.
Our website is hosted by Framer. The provider is Framer B.V., Rozengracht 207 B, 1016LZ Amsterdam, Netherlands. The provider processes the personal data transmitted via the website, e.g. content, usage, meta/communication data, or contact details, in the USA. For more information, please see the provider's privacy policy at https://www.framer.com/legal/privacy-statement/.
It is our legitimate interest to provide a website, so the legal basis for the described data processing is Art. 6 Para. 1 S. 1 lit. f GDPR.
The legal basis for the transfer to a country outside the EEA is standard contractual clauses. The security of the data transmitted to the third country (i.e., a country outside the EEA) is ensured by standard data protection clauses issued in accordance with the review procedure under Art. 93 Para. 2 GDPR, which we have agreed upon with the provider (Art. 46 Para. 2 lit. c GDPR).
We use the Cloudflare content delivery network for our website. The provider is Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA. The provider processes the personal data transmitted via the website, e.g. content, usage, meta/communication, or contact data in the USA. For more information, please see the provider's privacy policy at https://www.cloudflare.com/de-de/privacypolicy/.
We have a legitimate interest in utilizing sufficient storage and delivery capacities to ensure optimal data throughput even during large peak loads. Therefore, the legal basis for the described data processing is Art. 6 Para. 1 S. 1 lit. f GDPR.
The legal basis for the transfer to a country outside the EEA is the adequacy decision. The security of the data transmitted to the third country (i.e., a country outside the EEA) is ensured because the EU Commission has decided in an adequacy decision under Art. 45 Para. 3 GDPR that the third country provides an adequate level of protection.
When contacting us via the contact form on our website, we store the data requested there and the content of the message.
The legal basis for the processing is our legitimate interest in responding to inquiries directed at us. Therefore, the legal basis for processing is Article 6 (1) sentence 1 lit. f GDPR.
We delete the data arising in this context after the storage is no longer necessary, or we restrict processing if there are statutory retention obligations.
We publish job advertisements on our website, on pages connected to the website, or on third-party websites.
The processing of the data provided during the application is carried out for the conduct of the application process. As far as this is necessary for our decision to establish an employment relationship, the legal basis is Art. 88 Para. 1 GDPR in conjunction with § 26 Para. 1 BDSG. The data required for conducting the application process have been marked accordingly or we point them out. If applicants do not provide this data, we cannot process the application.
Other data is voluntary and not required for an application. If applicants provide additional information, the basis is their consent (Art. 6 Para. 1 S. 1 lit. a GDPR).
We ask applicants to refrain from mentioning political opinions, religious beliefs, and similarly sensitive data in their resumes and cover letters. They are not required for an application. If applicants do provide such information, we cannot prevent its processing in the context of processing the resume or cover letter. Its processing is then also based on the consent of the applicants (Art. 9 Para. 2 lit. a GDPR).
Finally, we process the applicants' data for further application processes if they have granted us their consent. In this case, the legal basis is Art. 6 Para. 1 S. 1 lit. a GDPR.
We pass on the applicants' data to the relevant personnel in the Human Resources department, to our processors in the recruiting area, and to the other employees involved in the application process.
If we enter into an employment relationship with the applicant after the application process, we delete the data only after the end of the employment relationship. Otherwise, we delete the data no later than six months after rejecting an applicant.
If applicants have granted us their consent to use their data for further application processes, we delete their data only one year after receiving the application.
For processing payments, we use payment processors that are themselves data controllers within the meaning of Art. 4 No. 7 GDPR. As far as they receive the data and payment information entered by us during the ordering process, we fulfill the contract concluded with our customers (Art. 6 para. 1 sentence 1 lit. b GDPR).
These payment service providers are:
● Stripe Payments Europe, Ltd., Ireland
Our website uses cookies. Cookies are small text files that are stored in the web browser on the device of a visitor to the website. Cookies help make the service more user-friendly, effective, and secure. As far as these cookies are necessary for the operation of our website or its functions (hereinafter "Technically Necessary Cookies"), the legal basis for the associated data processing is Article 6(1)(f) of the GDPR. We have a legitimate interest in providing customers and other website visitors with a functioning website.
Specifically, we use technically necessary cookies for the following purpose(s):
● Cookies that store login data
We use Google Tag Manager for analysis and advertising purposes. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The provider processes usage data (e.g., visited websites, interest in content, access times) in the USA.
The legal basis for processing is Art. 6 para. 1 sentence 1 lit. a GDPR. The processing is based on consent. Affected individuals can withdraw their consent at any time by contacting us at the contact details provided in our privacy policy. The withdrawal does not affect the legality of the processing prior to the withdrawal.
The transfer of personal data to a country outside the EEA is done on the basis of an adequacy decision. The security of the data transferred to the third country (i.e., a country outside the EEA) is ensured because the EU Commission has determined within the framework of an adequacy decision pursuant to Art. 45 para. 3 GDPR that the third country provides an adequate level of protection.
We delete the data when the purpose of its collection has ceased to apply. Further information is available in the provider's privacy policy at https://policies.google.com/privacy?hl=de.
We have integrated a data protection seal on our website. The provider is heyData GmbH, Schützenstraße 5, 10117 Berlin, Germany. The provider processes meta/communication data (e.g., IP addresses) in the EU.
The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f GDPR. We have a legitimate interest in providing website visitors with confirmation of our data protection compliance. At the same time, the provider has a legitimate interest in ensuring that only customers with existing contracts use its seals, which is why a mere image copy of the certificate is not a viable alternative for confirmation.
The data is masked after collection, so that no personal reference exists anymore. Further information can be found in the provider's privacy policy at https://heydata.eu/datenschutzerklaerung.
Data processing on social media platforms
We are represented in social media networks to present our organization and our services there. The operators of these networks regularly process their users' data for advertising purposes. Among other things, they create user profiles from their online behavior, which are used to show advertisements on the network pages and elsewhere on the internet that correspond to users' interests. To do this, the operators of the networks store information about usage behavior in cookies on users' computers. It is also not excluded that the operators may aggregate this information with other data. More information, as well as notes on how users can object to processing by the site operators, can be found in the privacy policies of the respective operators listed below. It may also be the case that the operators or their servers are located in non-EU countries, so that they process data there. This can pose risks for users, e.g., because the enforcement of their rights is made more difficult or government authorities may access the data.
When users of the networks contact us through our profiles, we process the data they provide to respond to the requests. This is our legitimate interest, so the legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR.
We maintain a profile on Facebook. The operator is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The privacy policy is available here: https://www.facebook.com/policy.php. One way to object to data processing is through the ad settings: https://www.facebook.com/settings?tab=ads.
We are jointly responsible for processing the data of visitors to our profile based on an agreement in accordance with Article 26 of the GDPR with Facebook. Which data is processed exactly is explained by Facebook at https://www.facebook.com/legal/terms/information_about_page_insights_data. Affected individuals can exercise their rights both against us and against Facebook. However, according to our agreement with Facebook, we are obligated to forward inquiries to Facebook. Affected individuals will receive a quicker response if they contact Facebook directly.
We maintain a profile on Instagram. The operator is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The privacy policy can be accessed here: https://help.instagram.com/519522125107875.
We maintain a profile on TikTok. The operator is TikTok Technology Limited, whose registered office is at 10 Earlsfort Terrace, Dublin, D02 T380, Ireland. The privacy policy can be accessed here: https://www.tiktok.com/en/privacy-policy.
We maintain a profile on YouTube. The operator is Google Ireland Limited Gordon House, Barrow Street Dublin 4, Ireland. The privacy policy can be accessed here: https://policies.google.com/privacy?hl=en.
We maintain a profile on LinkedIn. The operator is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. The privacy policy can be accessed here: https://www.linkedin.com/legal/privacy-policy?_l=en_US. One way to object to data processing is through the ad settings: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Changes to this privacy policy
We reserve the right to change this privacy policy with effect for the future. An up-to-date version is available here at any time.
Questions and comments
For questions or comments regarding this privacy policy, please feel free to contact us using the contact details provided above.