How Etmita UG collects, uses and protects your personal data — under the EU General Data Protection Regulation (GDPR / DSGVO) and the German Federal Data Protection Act (BDSG).
Last updated: May 2026
The controller responsible for processing personal data on this site is Etmita UG (haftungsbeschränkt), Hauptstraße 61, 79268 Bötzingen, Germany. Contact: [email protected] · +49 176 8426 3714.
When you visit etmita.com we automatically receive technical data sent by your browser: IP address (anonymised after processing), user-agent string, referrer, requested URL, timestamp, and approximate country (via the Cloudflare CF-IPCountry header used to set the default language). When you contact us via the form or apply through the careers drawer, we process the data you supply directly: name, email, phone (optional), company, message, links you share, and any file you attach (resume).
We process technical data on the basis of our legitimate interest in operating a secure, performant website (Art. 6 (1) (f) GDPR). Form submissions are processed to answer your request (Art. 6 (1) (b) GDPR — pre-contractual measures) and, in the case of job applications, on the basis of § 26 BDSG.
We use strictly necessary cookies for site operation: a 'NEXT_LOCALE' cookie to remember your language choice (12 months) and a theme cookie set by next-themes to remember light/dark preference (12 months). These do not require consent under § 25 (2) TTDSG. Any analytics or marketing cookies — currently none — require explicit opt-in via our consent banner.
The site is hosted on a Hetzner Online GmbH server in Germany (Industriestr. 25, 91710 Gunzenhausen). Traffic is routed via Cloudflare, Inc. for CDN and security; an EU data-processing agreement (Standard Contractual Clauses) is in place. Form submissions are transmitted via EmailJS Inc., a US-based service operating under the EU-US Data Privacy Framework.
We do not sell your data and do not share it with third parties beyond the processors above (Hetzner for hosting, Cloudflare for CDN, EmailJS for form delivery). Each acts under a written data-processing agreement (Art. 28 GDPR).
Server logs are retained for 14 days, then deleted. Contact form messages are kept for as long as needed to handle the request, then archived for up to three years for tax/contract reasons. Job applications are kept for six months after the role is filled and then deleted on request.
Under GDPR you have the right to: access your data (Art. 15), rectification (Art. 16), erasure / 'right to be forgotten' (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and to object to processing (Art. 21). You can also withdraw consent at any time. To exercise any of these rights, email [email protected].
If you believe we have violated GDPR you have the right to lodge a complaint with a supervisory authority — for us this is the Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg (https://www.baden-wuerttemberg.datenschutz.de).
We may update this policy as the service evolves. The 'last updated' date above reflects the current version. Material changes will be highlighted on the site.