This website and its services are provided by:
Workaround GmbH
Rupert‑Mayer‑Str. 44, Building 64.08
81379 München
Managing Director: Stefan Lampa
Data Protection Officer: Liam Klages
Contact: klages@tresec.com
Personal Data collected includes: Cookies, Usage Data, country, email address, ZIP/Postal code, first name, last name, and gender.
Details of each data type are provided in specific sections or displayed prior to collection. Some data is provided by the User; Usage Data is collected automatically. Unless stated otherwise, all data requested is mandatory.
Methods of processing: Data is protected by security measures. Processing is carried out using IT tools according to organizational procedures. Data may be accessed by internal staff and external processors such as hosting providers or agencies.
Legal basis: Processing may be based on consent, contractual necessity, legal obligation, public interest, or legitimate interests.
Place: Data is processed at the Owner’s offices and those of parties involved. Where necessary, data may be transferred outside the EU; see relevant sections or inquire for details.
Data is retained only as long as required for its collection purpose—e.g., for contractual or legitimate interest purposes—and may be retained longer if consented or legally required. After expiry, data is deleted, and rights such as access or deletion no longer apply.
Data is collected for: Analytics, Tag Management, Contacting the User. Specific services used are described below.
Google Analytics (Google LLC)
Used to analyze website visitor behavior. Data (e.g. pages accessed, session length, IP) is transferred to Google’s servers. IP anonymization is enabled. Processing is based on Art. 6(1)(f) GDPR (legitimate interest) or Art. 6(1)(a) if consented. Learn more and opt‑out via Google’s support site.
Contract data processing agreement is in place. Data is anonymized or deleted after 14 months.
Hotjar (Hotjar Ltd., Malta)
Records scroll, mouse movement, clicks, heatmaps, conversion funnels, and feedback. Processing is based on Art. 6(1)(f) GDPR or Art. 6(1)(a) if consent. Users can opt‑out via Hotjar’s opt‑out page. Contract data processing agreement in place.
Contact form: Country, email, and ZIP/Postal code collected to respond to requests.
Mailing list / newsletter: Email, first name, gender, and last name collected for commercial mailings. Processed via MailChimp (Rocket Science Group LLC, USA), certified under the EU‑US Privacy Shield. Data processed and stored in the USA. Consent is the legal basis (Art. 6(1)(a)), revocable by unsubscribing or link provided in each newsletter.
Google Tag Manager (Google LLC): Collects Cookies and Usage Data. Processing Takes place in the USA. Privacy Shield applies.
YouTube video widget (Google Inc.): Embeds videos, collecting Cookies and Usage Data. Processed in the USA. Privacy Shield applies.
Twitter account access (Twitter, Inc.): Allows connection to user’s Twitter account. Collects data as per Twitter’s policy. Processed in the USA. Privacy Shield applies.
Objections may be made without justification when processing is for direct marketing.
Submit requests to the contact details above. Requests are free of charge and addressed within one month.
Legal action: Personal Data may be used in court proceedings. Disclosure may be required by public authorities.
System logs & maintenance: Logs and IP addresses may be collected for operational purposes.
Information not contained: Additional processing details can be requested from the Owner at any time.
Owner may update this policy at any time, posting notice on this page and in the Application. If changes affect processing based on consent, new consent may be requested.