Privacy · EN
This privacy notice describes the processing of personal data on the static ACRION project website, in the public download area and in the prepared protected data room.
This version is tailored to the current website structure: static pages, public downloads, email contact and a data room to be protected server-side. The website package does not include its own tracking services, external fonts, map/video embeds or contact forms.
If contact forms, newsletter services, CRM tools, analytics, maps, videos, chat tools, external data rooms or investor portals are added later, this privacy notice must be extended accordingly.
Note: legal form, commercial register details and authorised representatives must be reviewed and updated after company registration, if required.
This website is prepared for operation on standard web hosting. If the website is hosted by IONOS, hosting is provided by:
When this website is accessed, the hosting provider processes technically necessary access data in order to deliver the pages, operate them reliably and protect them against misuse. This may include IP address, date and time of access, requested file, amount of data transferred, referrer URL, browser type, operating system and HTTP status code.
Legal basis: Article 6(1)(f) GDPR. The legitimate interest lies in the secure, stable and technically functional operation of the website and in preventing attacks and misuse.
Storage period: The exact retention period for server log files must be checked before go-live based on the actual hosting configuration and hosting agreement and then entered here.
Processing on behalf: Where the hosting provider processes personal data on behalf of the controller, a data processing agreement pursuant to Article 28 GDPR should be in place.
The current static website does not use its own web analytics tools, advertising cookies, external fonts, embedded maps, embedded videos or social media plugins. No persistent marketing or tracking cookies are set.
The IONOS customer account should also be checked to determine whether optional statistics or WebAnalytics functions are active. If such services are used, this privacy notice must be amended accordingly. If services store or read information on end devices, it must be checked in advance whether consent or a consent banner is required.
A protected data room is planned for confidential investor, financing and project documents. The data room should be protected server-side by directory protection, individual user allocation and strong password logic.
When the data room is used, user ID, access time, IP address, requested files and technical access data may be processed. This processing serves access control, traceability, confidentiality, prevention of misuse and documentation of the authorised user group.
Legal basis: Article 6(1)(b) GDPR where access serves the initiation or performance of a project-related agreement; additionally Article 6(1)(f) GDPR due to the legitimate interest in protecting, maintaining confidentiality and tracing access to confidential project documents.
Important: Confidential documents should only be provided after approval, where appropriate after NDA, and with individual access rights. A simple JavaScript password prompt is not sufficient for confidential documents.
If you contact us by email or telephone, the information you provide will be processed in order to respond to the request and to conduct possible business or project-related communication. Depending on the content of the request, this may include name, company, role, email address, telephone number, message text and attachments.
Legal basis: Article 6(1)(b) GDPR for pre-contractual or contractual communication and Article 6(1)(f) GDPR for other business communication.
When publicly available documents are downloaded, the web server processes technically necessary access data in the same way as for any page request. No separate registration is planned for public downloads in the current website version.
Confidential documents are intended to be provided only through the protected data room.
Personal data may, where necessary, be transmitted to technical service providers such as hosting providers, email service providers, IT service providers and to legal, tax, technical or financing advisors, provided that this is necessary to process the request, review the project, maintain confidentiality, pursue legal claims or provide legal protection.
Personal data will only be stored for as long as necessary for the respective purpose or as required by statutory retention periods. Project, investor and business documents may be subject to longer commercial or tax retention obligations depending on their legal classification.
Specific deletion periods must be aligned before go-live with the actual organisation, filing practice, email configuration, data room logging and hosting configuration.
Under the GDPR, data subjects have rights including the right of access, rectification, erasure, restriction of processing, data portability and objection to certain processing activities. Where processing is based on consent, such consent may be withdrawn with effect for the future.
Data subjects also have the right to lodge a complaint with a competent data protection supervisory authority.
No automated decision-making, including profiling, takes place on this website.