Back to homepage

Privacy Policy

Last updated: March 2026

1. Privacy at a Glance

General Information

The following information provides a brief overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in our privacy policy listed below this text.

Data Collection on This Website

Who is responsible for data collection on this website? Data processing on this website is carried out by the website operator. You can find their contact details in the section "Information on the Responsible Party" in this privacy policy.

How do we collect your data? Your data is collected in part when you provide it to us. This may be data that you enter in a contact form, for example. Other data is collected automatically or with your consent when you visit the website by our IT systems. This is primarily technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter this website.

What do we use your data for? Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior.

What rights do you have regarding your data? You have the right to receive information about the origin, recipient, and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time for the future. You also have the right, under certain circumstances, to request the restriction of the processing of your personal data. Furthermore, you have a right of complaint to the competent supervisory authority.

2. Hosting

We host the contents of our website with the following provider:

External Hosting

This website is hosted externally. The personal data collected on this website is stored on the host's servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses, and other data generated via a website.

External hosting is carried out for the purpose of fulfilling our contract with potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of a secure, fast, and efficient provision of our online offering by a professional provider (Art. 6(1)(f) GDPR).

3. General Information and Mandatory Disclosures

Data Protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

Information on the Responsible Party

The responsible party for data processing on this website is:

Nopex GmbH
Karlstraße 89
76137 Karlsruhe
Germany

Phone: +49 721 603218-0
Email: [email protected]

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Storage Duration

Unless a more specific storage period has been specified within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a justified request for deletion or revoke consent for data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial retention periods); in the latter case, deletion will occur after these reasons no longer apply.

Legal Basis for Data Processing on This Website

If you have consented to data processing, we process your personal data on the basis of Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, if special categories of data pursuant to Art. 9(1) GDPR are processed. In the case of express consent to the transfer of personal data to third countries, data processing is also carried out on the basis of Art. 49(1)(a) GDPR.

Revocation of Your Consent to Data Processing

Many data processing operations are only possible with your express consent. You can revoke consent that has already been given at any time. The lawfulness of the data processing carried out up to the point of revocation remains unaffected by the revocation.

Right to Object to Data Collection in Special Cases and to Direct Marketing (Art. 21 GDPR)

IF DATA PROCESSING IS BASED ON ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS.

Right to Lodge a Complaint with a Supervisory Authority

In the event of violations of the GDPR, data subjects have a right of complaint to a supervisory authority, in particular in the Member State of their habitual residence, their place of work, or the place of the alleged infringement.

Right to Data Portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format.

Access, Correction, and Deletion

Within the framework of applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipients, and the purpose of data processing, and if applicable, a right to correction or deletion of this data.

4. Data Collection on This Website

Cookies

Our websites use so-called "cookies." Cookies are small data packets that do not cause any damage to your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or they are automatically deleted by your web browser.

Cookies can be set by us (first-party cookies) or by third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g., cookies for processing payment services).

Server Log Files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources. The collection of this data is based on Art. 6(1)(f) GDPR.

Contact Form

If you send us inquiries via the contact form, your information from the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not share this data without your consent.

The processing of this data is based on Art. 6(1)(b) GDPR if your inquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries directed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if this has been requested.

Inquiries by Email or Phone

If you contact us by email or telephone, your inquiry, including all resulting personal data (name, inquiry), will be stored and processed by us for the purpose of handling your request. We do not share this data without your consent.

5. Newsletter

Newsletter Data

If you would like to receive the newsletter offered on the website, we require an email address from you, as well as information that allows us to verify that you are the owner of the email address provided and that you consent to receiving the newsletter. Further data is not collected or is collected only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.

The processing of the data entered in the newsletter subscription form is carried out exclusively on the basis of your consent (Art. 6(1)(a) GDPR). You can revoke your consent to the storage of data, the email address, and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter.

Brevo (formerly Sendinblue)

We use the service Brevo (formerly Sendinblue) for sending our newsletter as well as transactional emails (e.g., contact form confirmations, demo requests, ROI calculations). The provider is Brevo GmbH, Köpenicker Str. 126, 10179 Berlin, Germany.

The data you enter during newsletter registration or contact (e.g., email address, name, message content) is stored on Brevo's servers in the EU. Brevo uses this data to send and statistically evaluate emails on our behalf.

We have concluded a Data Processing Agreement (DPA) with Brevo pursuant to Art. 28 GDPR. The legal basis for sending the newsletter is your consent (Art. 6(1)(a) GDPR); for transactional emails, it is the performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR). For more information, please see Brevo's privacy policy: https://www.brevo.com/legal/privacypolicy/

6. Consent Management / Cookie Banner

When you first visit our website, a cookie consent banner is displayed. There you can select which categories of services (Necessary, Analytics, Marketing, Preferences) you wish to allow. Your selection is stored in your browser (localStorage) so that the banner does not appear again on subsequent visits. You can change your settings at any time via the "Cookie Settings" link in the footer of the website.

Non-necessary services (such as Google Analytics, Google Ads, LinkedIn, or Leadfeeder) are only activated after your express consent. Technically, our website is controlled via Google Tag Manager Consent Mode v2: All consent types (analytics_storage, ad_storage, ad_user_data, ad_personalization, functionality_storage) are set to "denied" by default and are only updated to "granted" after your consent.

The legal basis for storing your consent settings is Art. 6(1)(f) GDPR (legitimate interest in the lawful collection and documentation of consent).

7. Analytics and Marketing Services

Google Tag Manager

This website uses Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is a tool that allows us to integrate tracking or statistics tools and other technologies on our website. Google Tag Manager itself does not create user profiles, does not store cookies, and does not perform independent analyses. It only serves to manage and deploy the tools integrated through it.

We use Google Tag Manager with Consent Mode v2. This means that all services loaded via the Tag Manager (e.g., Google Analytics, Google Ads) are only permitted to set tracking cookies or process personal data after your express consent. Without your consent, no analytics data is collected. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in the efficient management of website tags).

Umami Analytics

We use Umami Analytics, a privacy-friendly website analytics service. The provider is Umami Software, Inc. Umami does not use cookies and does not store personal data. Only anonymized page view statistics are collected (e.g., pages visited, time spent, referrer, device type). IP addresses are not stored, and there is no cross-device tracking.

Data is processed on Umami's servers (cloud.umami.is). Since Umami operates without cookies and without personal data, consent pursuant to Art. 5(3) of the ePrivacy Directive is not required. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in the statistical analysis of website usage for the optimization of our offering). For more information: https://umami.is/privacy

Google Analytics

This website may use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics is loaded exclusively via Google Tag Manager and only activated after your express consent (consent category "Analytics").

Google Analytics uses cookies to enable an analysis of your use of the website. The information generated by the cookie about your use of this website is generally transmitted to a Google server in the USA and stored there. We have activated IP anonymization. The legal basis is your consent (Art. 6(1)(a) GDPR). For more information: https://policies.google.com/privacy

Google Ads / Conversion Tracking

This website may use Google Ads Conversion Tracking, a service provided by Google Ireland Limited. Google Ads is loaded exclusively via Google Tag Manager and only activated after your express consent (consent category "Marketing"). If you reach our website via a Google ad, after your consent a cookie is set to measure conversions. The legal basis is your consent (Art. 6(1)(a) GDPR).

LinkedIn Insight Tag

This website may use the LinkedIn Insight Tag, a service provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. The Insight Tag is loaded exclusively via Google Tag Manager and only activated after your express consent (consent category "Marketing"). It enables conversion tracking and retargeting for LinkedIn campaigns. The legal basis is your consent (Art. 6(1)(a) GDPR). For more information: https://www.linkedin.com/legal/privacy-policy

Dealfront Web Visitors (Leadfeeder)

This website uses Dealfront Web Visitors (formerly Leadfeeder), a B2B analytics service provided by Dealfront Group GmbH, Töölönlahdenkatu 2, 00100 Helsinki, Finland. The Dealfront tracker is only activated after your express consent (consent category "Marketing"). Dealfront identifies companies (not individuals) that visit our website based on IP addresses. The legal basis is your consent (Art. 6(1)(a) GDPR). For more information: https://www.dealfront.com/privacy-at-dealfront/

8. Plugins and Tools

Cloudflare Turnstile

We use Cloudflare Turnstile on our forms (contact form, demo request, newsletter registration, ROI calculator). The provider is Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA. Turnstile is a security service that verifies whether input on our website is made by a human and not by automated programs (bots).

For this purpose, Turnstile analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor accesses a form with an embedded Turnstile widget. For the analysis, Turnstile evaluates various information (e.g., IP address, time spent by the website visitor on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to Cloudflare.

The legal basis is Art. 6(1)(f) GDPR (legitimate interest in protecting our forms from abusive automated use). Cloudflare Turnstile does not set cookies. For more information: https://www.cloudflare.com/privacypolicy/

Google Fonts (Local Hosting)

This site uses Google Fonts for a consistent display of typefaces, provided by Google. The Google Fonts are installed locally. No connection to Google servers is made.

9. Our Own Services

Handling of Applicant Data

We offer you the opportunity to apply with us (e.g., by email or post). Below we inform you about the scope, purpose, and use of your personal data collected during the application process.

We assure you that the collection, processing, and use of your data is carried out in accordance with applicable data protection law and all other statutory provisions, and that your data is treated in strict confidence.