Privacy Policy

Who is responsible for data collection?

Data processing on this website is carried out by the website operator. Their contact details can be found in the "Data Controller" section of this privacy policy.

How do we collect your data?

On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form.

Other data is collected automatically or with your consent when you visit the website through our IT systems. This is primarily technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right to receive information free of charge at any time about the origin, recipient, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time for the future.

Furthermore, you have the right, under certain circumstances, to request the restriction of the processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority.

External Hosting

This website is hosted by an external service provider (host). The personal data collected on this website is stored on the host's servers. This may primarily include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses, and other data generated via a website.

Hosting Provider:
Vercel Inc.
340 S Lemon Ave #4133
Walnut, CA 91789, USA
Server Location: EU (Frankfurt, Germany)

The use of the host is for the purpose of contract fulfillment towards our potential and existing customers (Art. 6 Para. 1 lit. b GDPR) and in the interest of a secure, fast, and efficient provision of our online offering by a professional provider (Art. 6 Para. 1 lit. f GDPR).

Data Processing Agreement

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that this party processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.

Data Protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data by which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens.

SSL and TLS Encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Revocation of Your Consent to Data Processing

Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to Object to Data Collection in Special Cases

If data processing is based on Art. 6 Para. 1 lit. e or f GDPR, you have the right at any time to object to the processing of your personal data for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy.

Right to Lodge a Complaint with the Competent Supervisory Authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work, or the place of the alleged violation. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.

Competent Supervisory Authority for Hamburg:
The Hamburg Commissioner for Data Protection and Freedom of Information
Ludwig-Erhard-Str. 22, 7th Floor
20459 Hamburg
Phone: 040 / 428 54 - 4040
Email: mailbox@datenschutz.hamburg.de

Right to Access

You have the right to request confirmation as to whether relevant data is being processed and to receive information about this data as well as further information and a copy of the data in accordance with Art. 15 GDPR.

Right to Rectification

In accordance with Art. 16 GDPR, you have the right to request the completion of data concerning you or the correction of inaccurate data concerning you.

Right to Erasure

You have the right to request that data concerning you be deleted immediately if one of the reasons listed in detail in Art. 17 GDPR applies, e.g., if the data is no longer needed for the purposes pursued.

Right to Restriction of Processing

You have the right to request the restriction of the processing of your personal data if one of the conditions in Art. 18 GDPR is met, e.g., if you have objected to processing, for the duration of the examination by the controller.

Right to Data Portability

You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format, and you have the right to transmit this data to another controller without hindrance from us, provided that processing is based on consent pursuant to Art. 6 Para. 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR or on a contract pursuant to Art. 6 Para. 1 lit. b GDPR.

Server Log Files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

• Browser type and browser version
• Operating system used
• Referrer URL
• Hostname of the accessing computer
• Time of server request
• IP address

This data is not merged with other data sources. Data collection is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of their website - for this purpose, server log files must be recorded.

Contact Form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.

The processing of this data is based on Art. 6 Para. 1 lit. b GDPR if your inquiry is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of inquiries sent to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if this was requested.

The data you enter in the contact form will remain with us until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your inquiry has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.

Inquiry by Email, Phone, or Fax

If you contact us by email, phone, or fax, your inquiry, including all resulting personal data (name, inquiry), will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.

The processing of this data is based on Art. 6 Para. 1 lit. b GDPR if your inquiry is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of inquiries sent to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if this was requested.

Legal Basis

The use of cookies and similar technologies is based on § 25 TTDSG (Telecommunications-Telemedia Data Protection Act) and Art. 6 Para. 1 lit. a GDPR (consent) if consent was requested, as well as on Art. 6 Para. 1 lit. f GDPR for technically necessary cookies.

What are Cookies?

Our website uses cookies and similar technologies. Cookies are small text files that are stored on your device. They do not cause any damage and do not contain viruses. Cookies enable us to offer certain functions and improve your user experience.

Types of Cookies

• Necessary Cookies (Required): These cookies are absolutely necessary for the basic functions of the website. Without these cookies, the website cannot function properly. They are set based on Art. 6 Para. 1 lit. f GDPR (legitimate interest).
• Analytical Cookies (Optional): These cookies help us analyze the use of our website and understand how visitors interact with the website. They are only set with your express consent according to Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG.
• Marketing Cookies (Optional): These cookies are used to follow visitors across websites. The intention is to display ads that are relevant and engaging for the individual user. They are only set with your consent.

Cookie Consent & Management

When you first visit our website, a cookie banner appears where you can decide which cookie categories you want to allow. Your consent is voluntary and you can change your decision at any time.

You can change or revoke your cookie settings at any time via the "Cookie Settings" link in the footer of our website. Cookies already set can be deleted at any time in your browser settings.

Browser Settings

You can configure your browser so that:

• You are informed about the setting of cookies
• Cookies are only allowed in individual cases
• The acceptance of cookies is generally excluded
• Cookies are automatically deleted when closing the browser

Please note that if you deactivate cookies, the functionality of our website may be limited.

Storage Duration of Cookies

Session Cookies: Are automatically deleted after closing your browser.
Persistent Cookies: Remain stored for a specified period (usually 1-24 months, depending on cookie type) or until you manually delete them.

Compliance with TTDSG (effective since December 1, 2021)

We strictly comply with the requirements of the TTDSG. Non-essential cookies are only set after your express consent. Your consent is logged and can be revoked at any time.

Purpose of Use

We use Google reCAPTCHA Enterprise on our contact form to protect our website from spam and abuse. This service checks whether the input is made by a human or abusively through automated, machine processing.

Provider

Google Ireland Limited
Gordon House, Barrow Street
Dublin 4, Ireland
Google Privacy Policy

Data Processing

The query of reCAPTCHA Enterprise is to ensure the security of our website and protection against spam and abuse. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. For this purpose, the following data is transmitted to Google:

• User's IP address
• Browser information (user agent)
• Time spent on the website
• Mouse and keyboard inputs
• Date and time of visit

Legal Basis

Processing is based on Art. 6 Para. 1 lit. f GDPR (legitimate interest). Our legitimate interest is in protecting our website from abusive automated spying and spam.

Data Transfer to Third Countries

Google may also process your data in the USA. For the transfer of data to the USA, there is an adequacy decision by the European Commission (EU-US Data Privacy Framework).

Further Information

Further information on Google reCAPTCHA Enterprise can be found in Google's Privacy Policy and in Google's Terms of Service .

Google Analytics 4

This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses cookies and similar technologies that enable analysis of your use of the website.

Scope of Data Processing

The information generated by cookies about your use of this website is usually transferred to a Google server and stored there. The following data is collected:

• Pages visited and time spent
• Scroll depth (25%, 50%, 75%, 90%, 100% of page)
• Form interactions and submissions with form IDs
• CTA clicks (Call-to-Action buttons)
• Video engagement (start, pause, completion, progress)
• Portfolio views and project interactions
• Search queries on the website
• 404 error pages and broken links
• Outbound links (outbound clicks)
• Device information (type, browser, operating system, screen resolution)
• Geographic data (country, region, city - based on IP address)
• Traffic sources (referrer, campaign parameters)
• Custom dimensions (e.g., user type, visit frequency)

IP Anonymization

We have activated IP anonymization. As a result, your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there.

Purpose of Data Processing

On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website use and internet use to the website operator.

Legal Basis

Processing is based on your consent according to Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG. Consent can be revoked at any time.

Data Transfer to the USA

Google also processes your data in the USA. Data transfer to the USA is based on the EU-US Data Privacy Framework.

Note: The EU-US Data Privacy Framework is currently (as of 2025) under legal review by the European Court of Justice. You have the right to object to data transfer to the USA.

Storage Duration

Data sent by us and linked to cookies is automatically deleted after 14 months. Deletion of data whose retention period has been reached occurs automatically once a month.

Objection and Deactivation

You can prevent the collection and processing of your data by Google Analytics by:

• Revoking your cookie consent (via our cookie settings)
• Installing the browser add-on to deactivate Google Analytics: https://tools.google.com/dlpage/gaoptout

Further Information

More information on the handling of user data at Google Analytics can be found in Google's privacy policy: https://support.google.com/analytics/answer/6004245

What is LocalStorage?

In addition to cookies, we also use LocalStorage technology to store data locally in your browser. LocalStorage allows us to permanently store information on your device without it being transmitted to the server with every request.

Used LocalStorage Data

We store the following information in your LocalStorage:

• Cookie Consent Status: Your decisions regarding cookie categories (necessary, analytical, marketing)
• A/B Test Assignments: Which test variant you were assigned to ensure a consistent experience
• Chatbot Status: Your conversation history with our AI chatbot (only local, not on servers)
• Exit Intent Status: Whether you have already seen an exit intent popup
• User Preferences: Your individual settings (e.g., preferred language, theme settings)
• Form Drafts: Temporary storage of your form inputs for recovery in case of accidental closure

Legal Basis

Storage is based on:

• Art. 6 Para. 1 lit. f GDPR (legitimate interest) for technically necessary storage
• Art. 6 Para. 1 lit. a GDPR and § 25 TTDSG (consent) for analytical and marketing purposes

Storage Duration and Deletion

LocalStorage data remains permanently stored in your browser until you manually delete it. You can delete all LocalStorage data at any time via your browser settings:

• Chrome: Settings → Privacy and security → Clear browsing data → Site data
• Firefox: Settings → Privacy & Security → Cookies and Site Data → Clear Data
• Safari: Settings → Privacy → Manage Website Data
• Edge: Settings → Privacy, search, and services → Clear browsing data

Use of AI-Powered Chatbot

On our website, we use an AI-powered chatbot based on OpenAI technology (GPT-3.5-turbo). The chatbot serves to automatically answer your questions, support you in navigating through our website, and pre-qualify your requests.

Note according to EU AI Act 2025: You are informed that you are interacting with an AI system. Content generated by the chatbot is marked as AI-generated.

Provider

OpenAI, L.L.C.
3180 18th Street
San Francisco, CA 94110, USA
OpenAI Privacy Policy

Processed Data

When using the chatbot, the following data is collected and processed:

• Your chat messages and requests
• Unique visitor ID (pseudonymized)
• Session ID for assignment of your chat session
• IP address (shortened)
• Device information (browser, operating system, screen resolution)
• Timestamp of messages
• Technical metadata for error handling

Purpose of Processing

Data processing is carried out for the following purposes:

• Answering your questions and providing customer service
• Pre-qualifying inquiries and lead generation
• Improving chatbot functionality
• Analyzing frequently asked questions for website optimization

Legal Basis

Processing is based on your consent according to Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG. Consent is obtained before the first use of the chatbot and can be revoked at any time.

Data Transfer to the USA

OpenAI processes your chat data on servers in the USA. Data transfer to the USA is based on the EU-US Data Privacy Framework. OpenAI is certified under the Data Privacy Framework and commits to compliance with the corresponding data protection principles.

Important Note: The EU-US Data Privacy Framework is currently (as of 2025) under legal review by the European Court of Justice. The data protection level in the USA may not fully correspond to the European standard. You have the right to object to data transfer to the USA, which however excludes the use of the chatbot.

Storage Duration by OpenAI

OpenAI stores data transmitted via the chatbot for 30 days for the purpose of abuse detection and system optimization. After this period, the data is automatically deleted. OpenAI does not use your chat data to train AI models when using the API version.

No Automated Individual Decision-Making

The chatbot does not create automated decisions with legal effect or similar significant importance to you within the meaning of Art. 22 GDPR. All essential decisions (e.g., contract conclusions) are made by human employees.

Your Rights and Revocation

You can revoke your consent to use the chatbot at any time by closing the chat window or contacting us. Revocation does not affect the lawfulness of processing carried out until then. Upon revocation, we will delete your stored chat data immediately.

Functional Description

We offer an online booking system on our website through which you can book consultation appointments and services directly. This allows you quick and uncomplicated appointment scheduling without telephone contact.

Processed Data

When using the booking system, the following data is collected:

• First name and last name
• Email address
• Phone number (optional)
• Company name (if applicable)
• Desired service / type of consultation
• Appointment request (date and time)
• Additional notes or concerns
• IP address at time of booking
• Confirmation and cancellation tokens (technically required)

Email Dispatch via Resend

For sending booking confirmations, reminders, and cancellation confirmations, we use the email service Resend (Resend Inc., USA). Your email address, name, and appointment details are transmitted to Resend.

Provider:
Resend Inc.
USA
Resend Privacy Policy

Note: Transfer is to the USA based on the EU-US Data Privacy Framework. The Framework is currently under legal review. You can object to data transfer, which however excludes use of the booking system.

Purpose of Processing

Data processing is carried out for the following purposes:

• Execution and management of your appointment booking
• Sending booking confirmations and reminders
• Enabling appointment changes and cancellations
• Preparation for the consultation appointment
• Documentation of the contractual relationship

Legal Basis

Processing of your data is based on Art. 6 Para. 1 lit. b GDPR for the fulfillment of a contract or the implementation of pre-contractual measures. Providing the data is necessary for the appointment booking. Without this data, we cannot carry out the booking.

Storage Duration

We store your booking data for the duration of contract processing and beyond for 12 months after the appointment. This serves to fulfill legal retention obligations and traceability for inquiries. After this period, the data is automatically deleted unless legal retention periods oppose this.

Your Rights

You can view, change, or delete your booking data at any time. Use the cancellation link in your confirmation email or contact us directly. If you delete your data, the booked appointment will also be automatically canceled.

Newsletter Dispatch with Mailchimp

If you would like to receive the newsletter offered on the website, we need an email address from you as well as information that allows us to verify that you are the owner of the specified email address and agree to receive the newsletter.

Provider

For newsletter dispatch, we use Mailchimp, a service of The Rocket Science Group LLC:

The Rocket Science Group LLC d/b/a Mailchimp
675 Ponce de Leon Ave NE
Suite 5000
Atlanta, GA 30308, USA
Mailchimp Privacy Policy

Processed Data

As part of newsletter dispatch, the following data is processed:

• Email address
• Registration time and date
• IP address at registration
• Name (optional, if provided)
• Opening and clicking behavior of newsletters
• Device and browser information
• Interests and preferences (if provided)

Double Opt-In Procedure

Registration for our newsletter is done in a double opt-in procedure. This means that after your registration, you will receive an email in which you are asked to confirm your registration. Only after this confirmation will your newsletter subscription be activated. This serves to ensure that no one can be registered with foreign email addresses.

Newsletter registrations are logged to prove the registration process according to legal requirements. This includes storing the registration and confirmation time as well as the IP address.

Legal Basis

Newsletter dispatch is based on your consent according to Art. 6 Para. 1 lit. a GDPR and § 7 Para. 2 No. 3 UWG. Logging of the registration procedure is based on our legitimate interests according to Art. 6 Para. 1 lit. f GDPR to prove proper registration.

Data Transfer to the USA

Mailchimp processes your data on servers in the USA. Transfer is based on the EU-US Data Privacy Framework. Mailchimp is certified under the Data Privacy Framework.

Note: The EU-US Data Privacy Framework is currently under legal review. You can object to data transfer to the USA by unsubscribing from the newsletter.

Newsletter Tracking

Newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic embedded in emails to enable log file recording and log file analysis. This allows us to evaluate whether and when a newsletter email was opened and which links in the email were called up.

This data serves the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of recipients.

Unsubscribing from the Newsletter

You can cancel receipt of our newsletter at any time, i.e., revoke your consent. A link to cancel the newsletter can be found at the end of each newsletter. After unsubscribing, your email address and other personal data will be deleted from our newsletter distribution list unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is legally permitted.

Storage Duration

Your email address is stored as long as the newsletter subscription is active. After unsubscribing, the data is deleted unless there are legal retention periods.

Free Resources and Guides

We offer free resources such as e-books, guides, checklists, whitepapers, and other downloadable materials on our website. To download these resources, you are usually required to provide your contact details.

Processed Data

When requesting download resources, we collect the following data:

• First name and last name
• Email address
• Company name (optional)
• Position/Role (optional)
• Requested resource / topic area
• Download time and date
• Device information (browser, operating system)
• IP address at time of download

Email Tracking

Download links and resources are sent to you by email. These emails may contain tracking technologies to capture:

• Whether the email was opened
• When the download link was clicked
• Whether the resource was actually downloaded
• Which devices and email clients were used

Email Dispatch via Resend

For sending download links, we use the email service Resend (USA). Your email address and metadata are transmitted to Resend.

Note: Data transfer is to the USA based on the EU-US Data Privacy Framework, which is currently under legal review.

Purpose of Processing

Data processing is carried out for the following purposes:

• Providing the requested download resources
• Lead generation and contact for marketing purposes (only with consent)
• Analysis of user interests to improve our offering
• Sending further information and offers (only with consent)
• Personalization of future communication

Legal Basis

Processing of your data is based on:

• Art. 6 Para. 1 lit. a GDPR (consent) for providing the resource and for marketing communication
• Art. 6 Para. 1 lit. f GDPR (legitimate interest) for analyzing download activities to optimize our offering

Providing contact details is voluntary but necessary for downloading resources. When requesting, you can optionally consent to us contacting you for marketing purposes. This consent is independent of the download and can be granted or refused separately.

Storage Duration

Your data is stored as long as you do not object to processing and no deletion reason exists. If you have consented to marketing communication, your data will be stored until revocation or up to 3 years after the last interaction. Download logs are anonymized after 24 months.

Revocation and Deletion

You can revoke your consent to process your data at any time. Send an email to datenschutz@senorit.eu for this purpose. After revocation, your data will be deleted immediately unless there are legal retention periods. Downloaded resources remain with you.

Use of A/B Testing

For continuous improvement of our website and optimization of user experience, we conduct A/B tests. Different visitors are shown different versions of website elements (e.g., headlines, buttons, layouts, colors) to determine which variant works better.

Processed Data

As part of A/B testing, the following data is collected:

• Unique visitor ID (pseudonymized)
• Session ID for session assignment
• Assigned test variant (e.g., "Variant A" or "Variant B")
• Interactions with tested elements (clicks, conversions)
• Timestamp of interactions
• Device information (screen resolution, device type, browser)
• Technical performance data (loading times, render times)

LocalStorage Storage

Assignment to a test variant is stored in your browser LocalStorage to ensure you consistently see the same variant throughout the test. This storage occurs locally on your device and is not transmitted to external servers.

Purpose of Processing

Data processing serves exclusively for:

• Optimizing website user experience
• Improving conversion rate
• Improving accessibility and usability
• Data-driven decision-making for design and functionality

Legal Basis

Processing is based on our legitimate interest according to Art. 6 Para. 1 lit. f GDPR in optimizing our website and improving user experience. Processing occurs exclusively pseudonymized and does not allow conclusions about your person.

Storage Duration

A/B test data is stored for the duration of the respective test plus 30 days. After completion of evaluation, data is anonymized or deleted. LocalStorage entries remain until manual deletion or expiry of the test period.

Right to Object

You can object to participation in A/B tests at any time by deleting your browser LocalStorage data or contacting us. Objection has no impact on website functionality.

Performance Monitoring

We use Real User Monitoring (RUM) to measure the performance and loading speed of our website from the perspective of real users. This helps us identify technical problems and continuously improve website performance.

Captured Metrics

The following performance data is collected:

• Session ID (pseudonymized)
• Web Vitals: Largest Contentful Paint (LCP), First Input Delay (FID), Cumulative Layout Shift (CLS)
• Loading Times: Time to First Byte (TTFB), First Contentful Paint (FCP), Time to Interactive (TTI)
• JavaScript errors and exceptions
• Resource loading times (CSS, JavaScript, images)
• Network information (connection type, effective connection speed)
• Device information (CPU, memory, screen resolution)
• Browser information (name, version)
• Visited page URLs

Purpose of Processing

Performance data is used exclusively for:

• Identifying and fixing performance problems
• Optimizing loading speed
• Improving user experience on different devices
• Monitoring Core Web Vitals (Google ranking factor)
• Error analysis and debugging

Legal Basis

Processing is based on our legitimate interest according to Art. 6 Para. 1 lit. f GDPR in the technical optimization and error-free provision of our website. Data is collected exclusively pseudonymized and does not enable identification of individuals.

Storage Duration

Performance metrics are stored in aggregated form for 90 days. Individual session data is deleted after 7 days. JavaScript error logs are anonymized after 30 days.

No Disclosure to Third Parties

Collected performance data is processed exclusively internally and not disclosed to third parties. It serves exclusively for technical optimization of our website.

PWA Functionality

Our website uses Progressive Web App (PWA) technology to provide you with an optimal user experience even with poor or no internet connection. PWAs enable installation of the website as an app on your device and offline browsing of certain content.

Service Worker and Caching

We use service workers - JavaScript files that run in the background of your browser and enable the following functions:

• Caching of static resources (HTML, CSS, JavaScript, images) on your device
• Offline availability of already visited pages
• Faster loading times through local caching
• Background sync for delayed requests
• Optimized data transfer

Stored Data

The service worker stores locally on your device:

• HTML pages you have already visited
• CSS files and stylesheets
• JavaScript files
• Images and other media files
• Fonts (web fonts)
• API responses (cached for faster access)

Push Notifications (optional)

Our PWA can send push notifications to inform you about important updates, new content, or appointments. Use of push notifications is optional and requires your express consent.

For push notifications, we collect:

• Push subscription token (unique device ID)
• Timestamp of registration
• Browser and device type
• Interaction with notifications (opening, rejection)

Legal Basis

Processing is based on:

• Art. 6 Para. 1 lit. f GDPR (legitimate interest) for caching and offline functionality - this serves to improve user experience and faster loading times
• Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TTDSG (consent) for push notifications

Management and Deactivation

You can deactivate PWA functions at any time:

• Delete service worker: Browser settings → Website settings → Remove service worker
• Delete cache: Completely delete browser cache via browser settings
• Deactivate push notifications: Browser settings → Notifications → Revoke permission for our website
• Uninstall PWA app: Remove installed app like any other app from your device

Storage Duration

Cached resources are automatically updated when new versions are available. Cache is removed with browser updates or manual deletion. Push subscriptions remain active until you revoke them or uninstall the app.

Exit Intent Technology

We use exit intent technology to show you relevant offers or information before you leave our website. Exit intent detection analyzes your mouse behavior to recognize when you are likely to leave the website (e.g., movement to browser tab or address bar).

Captured Behavioral Data

For exit intent detection, we capture:

• Mouse position and movements
• Scroll behavior and scroll depth
• Time spent on page
• Number of pages visited in session
• Whether an exit intent popup has already been displayed (LocalStorage)

Processed Data on Form Completion

If you fill out a form in the exit intent popup, we capture:

• First name and email address
• Phone number (optional)
• Company (optional)
• Source page (from which page the popup was triggered)
• Source URL (complete URL including parameters)
• Timestamp of interaction
• IP address (shortened)
• Referrer (from which website you came)

Purpose of Processing

Exit intent data is used for:

• Reducing bounce rate
• Providing relevant offers at the right moment
• Lead generation and contact
• Personalization of future offers
• Analysis of user behavior for website optimization

Legal Basis

Processing is based on:

• Art. 6 Para. 1 lit. f GDPR (legitimate interest) for behavioral analysis for exit intent detection
• Art. 6 Para. 1 lit. a GDPR (consent) for processing your contact data and marketing communication after form completion

LocalStorage Storage

To prevent the same exit intent popup from being repeatedly shown to you, we store in your browser LocalStorage whether you have already seen or interacted with a popup. This storage occurs locally and is not transmitted to servers.

Storage Duration

Behavioral analysis data (mouse movements, scroll behavior) is only processed temporarily during your session and not permanently stored. Contact data from form completions is stored for up to 3 years or until revocation. LocalStorage entries remain until manual deletion.

Revocation and Deactivation

You can deactivate exit intent popups by:

• Deleting your browser LocalStorage data
• Deactivating JavaScript in your browser (restricts website functionality)
• Contacting us by email to be placed on an exclusion list

You can revoke your consent to process data provided in the form at any time by email to datenschutz@senorit.eu.