This privacy policy provides you with information in accordance with the General Data Protection Regulation (GDPR) about the processing of personal data when using our website.
The Controller within the meaning of data protection laws is:
VisioLab GmbH, represented by Tim-Oliver Niekamp
Neumarkt 7, 49074 Osnabrück, Germany
Email address: hello@visiolab.io.
Personal data is all data that can be related to you personally, e.g., name, address, email addresses, user behavior.
When you use the website for informational purposes, i.e., simply viewing it without contacting us or otherwise providing us with information, we process the personal data that your browser transmits to our server. The data described below is technically necessary for us to display our website to you and to ensure stability and security, and must therefore be processed by us.
Types of data processed: IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (page visited), access status/HTTP status code, amount of data transferred in each case, browser, operating system, language and version of the browser software.
Legal basis: Art. 6 (1) (f) GDPR.
When contacting us (e.g., by mail, contact form, email, telephone, or social media) and within the scope of existing user and business relationships, the information provided by the inquiring persons will be processed to the extent necessary to respond to contact requests and any measures that may be requested.
Types of data processed: Contact details (e.g., email, telephone numbers); content data (e.g., entries in online forms); usage data (e.g., websites visited, interest in content, access times); meta, communication, and process-related data (e.g., IP addresses, time information, identification numbers, consent status).
Purposes of processing: Contact requests and communication; management and response to inquiries; feedback; provision of our online offering and user experience. Legal basis: legitimate interests (Art. 6 (1) (f) GDPR);
Contract fulfillment and pre-contractual inquiries (Art. 6 (1) (b) GDPR), consent (Art. 6 (1) (a) GDPR).
The data you provide when contacting us will be stored by us until you request its deletion, revoke your consent to its storage, or the purpose for data storage no longer applies.
The hosting platform we use is provided by Webflow. The provider is Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter: Webflow). When you visit our website, Webflow collects various log files, including your IP address. Webflow stores cookies or other recognition technologies that are necessary for the display of the page, for the provision of certain website functions, and to ensure security (necessary cookies).
To ensure data protection-compliant processing, we have entered into a data processing agreement (DPA) with Webflow.
For details, please refer to Webflow's privacy policy: EU & Swiss Privacy Policy | Webflow. Legal basis: legitimate interests (Art. 6 (1) (f) GDPR)
To improve the loading speed of content (e.g., images, text) and to defend against possible attacks, we use the services of Cloudflare, Inc. on the basis of standard contractual clauses. Cloudflare offers protection and optimization services that enable the secure and fast transmission of content to our website.
Cloudflare does not store any personal data on its servers. However, when you access our content, your device connects to Cloudflare's servers, whereby the IP address of your device is processed. This processing is used exclusively for the secure provision and optimization of content.
Our website uses TLS encryption for security reasons and to protect the transmission of confidential content, such as requests.
We use cookies to provide our website and enable certain functions. These are small text files that your web browser receives when you visit our pages and stores on your computer. Necessary cookies are required for operation. We only use all other cookies with your consent via our cookie consent manager.
Processing of cookie data on the basis of consent: We use a cookie consent management process that allows users to give, manage, and revoke their consent to the use of cookies or the processing and providers specified in the cookie consent management process. In this context, the declaration of consent is stored so that your request does not have to be repeated and consent can be proven in accordance with the legal obligation.
Types of data processed: Usage data (e.g., websites visited, interest in content, access times), meta/communication data (e.g., device information, IP addresses).
Processing by necessary cookies: The data processed with the help of necessary cookies is processed on the basis of our legitimate interests (e.g., in the operation of our online offering and its improvement) or if the use of cookies is necessary to fulfill our contractual obligations.
You can object to data processing at any time with future effect by preventing the storage of cookies through your browser settings or by clicking on the following link and changing your current preferences in our Cookie Consent Manager:
Manage my cookie settings.
Services used and service providers:
CookieHub ehf, Hafnargata 18, 230 Reykjanesbsr, Iceland (hereinafter "CookieHub"). When you visit our website, a connection is established to CookieHub's servers in order to obtain your consent and other declarations regarding the use of cookies. CookieHub then stores a cookie in your browser to assign the consents you have given or their revocation. The data collected in this way is stored until you request us to delete it, delete the CookieHub cookie yourself, or the purpose for data storage no longer applies. Mandatory legal retention obligations remain unaffected. This cookie is automatically deleted after 12 months. The legal basis is Art. 6 (1) (c) GDPR. Further information: https://www.cookiehub.com/de/produkt/dsgvo.
We use Google Analytics to measure and analyze the use of our online offering on the basis of a pseudonymous user identification number. This identification number contains no unique data, such as names or email addresses. It is used to assign analysis information to a terminal device in order to identify which content users have accessed within one or more usage processes, which search terms they have used, which they have accessed again, or how they have interacted with our online offering. The time of use and its duration are also stored, as well as the sources of users who refer to our online offering and technical aspects of their terminal devices and browsers.
Pseudonymous user profiles are created using information from the use of various devices, whereby cookies may be used. Google Analytics does not log or store individual IP addresses for EU users. However, Analytics provides rough geographical location data by using the following metadata from IP addresses: City (and the derived latitude and longitude of the city), Continent, Country, Region, Subcontinent (and ID-based counterparts). For EU data traffic, IP address data is used exclusively for this derivation of geolocation data before being deleted immediately. It is not logged, is not accessible, and is not used for any other purpose. When Google Analytics collects measurement data , all IP queries are carried out on EU-based servers , before the traffic is forwarded to processing on Analytics servers; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; legal basis: consent (Art. 6 (1) (a) GDPR); Website: https://marketingplatform.google.com/intl/de/about/analytics/; Security measures: IP masking (pseudonymization of the IP address); Privacy policy: https://policies.google.com/privacy; Data processing agreement: https://business.safety.google/adsprocessorterms/; Basis for third-country transfers: Data Privacy Framework (DPF),
https://business.safety.google/adsprocessorterms; Opt-out option: Opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=de, Settings for the display of advertisements: https://myadcenter.google.com/personalizationoff; Further information: https://business.safety.google/adsservices/ (types of processing and data processed).
We use Google Tag Manager from Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, exclusively for the management of website tags. Google Tag Manager only implements tags. This means that no cookies are used and no personal data is collected. Google Tag Manager triggers other tags, which in turn may collect data. However, Google Tag Manager does not access this data. If deactivation has been carried out at domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager. Further information on Google Tag Manager can be found at https://www.google.com/intl/de/tagmanager/use-policy.html.
On this website, data is collected and stored for marketing, market research, and optimization purposes using SalesViewer® technology from SalesViewer® GmbH on the basis of our legitimate interests (Art. 6 (1) (f) GDPR).
For this purpose, a JavaScript-based code is used to collect company-related data and information about its use. The data collected using this technology is encrypted using a non-reversible one-way function (known as hashing). The data is immediately pseudonymized and is not used to personally identify visitors to this website.
The data stored within the scope of Salesviewer® is deleted as soon as it is no longer required for its intended purpose and there are no legal retention obligations that prevent its deletion.
You can object to the collection and storage of data at any time with future effect by clicking on this link https://www.salesviewer.com/opt-out to prevent SalesViewer® from collecting data on this website in the future. An opt-out cookie for this website will be stored on your device. If you delete your cookies in this browser, you will need to click on this link again.
Right to object
You can object to the collection and storage of data for the purpose of usage analysis at any time with future effect by notifying us of your objection: e.g. by
email:legal@visiolab.io .
We integrate functional and content elements into our online offering that are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). These may be graphics or videos, for example (hereinafter referred to collectively as "content"). When you access this content, the third-party provider processes your IP address, among other things; cookies or similar technologies are sometimes used.
The integration always requires that the third-party providers of this content process the IP address of the users, as they cannot send the content to their browser without the IP address. The IP address is therefore necessary for the display of this content or these functions. We endeavor to use only content whose respective providers use the IP address solely for the delivery of the content. Third-party providers may also use so called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Pixel tags can be used to analyze information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring websites, time of visit, and other information about the use of our online offering, and may be linked to such information from other sources.
Types of data processed: Usage data (e.g., websites visited, interest in content, access times); meta, communication, and process data (e.g., IP addresses, time data, identification numbers, consent status); account data (e.g., names, addresses); Contact data (e.g., email, telephone numbers); Content data (e.g., entries in online forms).
Data subjects: Users (e.g., website visitors).
Purposes of processing: Provision of our online offering and user-friendliness; marketing; profiles with user-related information (creation of user profiles). Legal basis: Consent (Art. 6 (1) (a) GDPR).
YouTube videos (Google)
YouTube: YouTube videos are integrated via a special domain (recognizable by the component "youtube-nocookie") in what is known as "extended data protection mode," which means that no cookies are collected on user activities in order to personalize video playback. Nevertheless, information about user interaction with the video (e.g., remembering the last playback position) may be stored. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: Consent (Art. 6 (1) (a) GDPR); website: https://www.youtube.com; Privacy policy: https://policies.google.com/privacy; Basis for third-country transfers: Data Privacy Framework (DPF).
We maintain profiles on social networks to provide information and communicate. Data processing is primarily carried out by the platform providers in accordance with their terms and conditions; we may receive aggregated usage statistics. Legal basis: Legitimate interest (Art. 6(1)(f) GDPR); for individual inquiries, contractual/pre-contractual communication (Art. 6(1)(b) GDPR)
We process personal data for the purpose of online marketing, which may include, in particular, the presentation of advertising and other content (collectively referred to as "content") based on the potential interests of users and the measurement of its effectiveness.
For these purposes, so-called user profiles are created and stored in a file (the so-called "cookie") or similar procedures are used to store information about the user that is relevant for the presentation of the aforementioned content. This may include, for example, content viewed, websites visited, online networks used, but also communication partners and technical information, such as the browser used, the computer system used, and information about usage times and functions used. If users have consented to the collection of their location data, this may also be processed.
We only receive access to summarized information about the success of our advertisements. However, we can use conversion measurements to check which of our online marketing methods have led to a conversion, i.e., for example, to the conclusion of a contract with us. Conversion measurement is used solely to analyze the success of our marketing measures.
Types of data processed: Usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions); meta, communication, and procedural data (e.g., IP addresses, time stamps, identification numbers, persons involved).
Data subjects: Users (e.g., website visitors, users of online services).
Purposes of processing: Reach measurement (e.g., access statistics, recognition of returning visitors); tracking (e.g., interest/behavior-based profiling, use of cookies); target group formation; marketing; profiles with user-related information (creation of user profiles); conversion measurement (measurement of the effectiveness of marketing measures).
Storage and deletion: Deletion in accordance with the information in the section "General information on data storage and deletion"; storage of cookies for up to 2 years (unless otherwise specified, cookies and similar storage methods may be stored on users' devices for a period of two years).
Legal basis: Consent (Art. 6 (1) (a) GDPR); legitimate interests (Art. 6 (1) (f) GDPR). Further information on processing procedures, methods, and services:
Online marketing procedure for the purpose of placing content and ads within the service provider's advertising network (e.g., in search results, in videos, on websites, etc.) so that they are displayed to users who are presumed to be interested in the ads. In addition, we measure the conversion of the ads, i.e., whether users have taken the opportunity to interact with the ads and use the advertised offers (so-called conversions). However, we only receive anonymous information and no personal information about individual users; Service provider:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Website:
https://marketingplatform.google.com; Privacy policy:
https://policies.google.com/privacy; Basis for third-country transfers: Data Privacy Framework (DPF); Further information: Types of processing and data processed: https://business.safety.google/adsservices/;
Data processing terms between controllers and standard contractual clauses for third-country transfers of data:
https://business.safety.google/adscontrollerterms.
Code that is loaded when a user visits our online offering and tracks the user's behavior and conversions and stores them in a profile (possible uses: measurement of
campaign performance, optimization of ad delivery, creation of custom and lookalike audiences);
Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Website:
https://www.linkedin.com; privacy policy:
https://www.linkedin.com/legal/privacy-policy, cookie policy:
https://www.linkedin.com/legal/cookie_policy; data processing agreement:
https://www.linkedin.com/legal/l/dpa; Basis for third-country transfers: Data Privacy Framework (DPF); Opt-out option:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
We send newsletters, emails, and other electronic notifications (hereinafter "newsletter") only with the consent of the recipients or with legal permission.
To subscribe to our newsletters, it is usually sufficient to provide your email address. However, we may ask you to provide a name for the personal address in the newsletter or further information if this is necessary for the purposes of the newsletter.
Double opt-in procedure: Registration for our newsletter always takes place in a so-called double opt-in procedure. This means that after registering, you will receive an email asking you to confirm your registration. This confirmation is necessary so that no one can register with other email addresses. Newsletter registrations are logged in order to be able to verify the registration process in accordance with legal requirements. This includes storing the time of registration and confirmation as well as the IP address. Changes to your data stored by the mailing service provider are also logged.
Deletion and restriction of processing: We may store unsubscribed email addresses for up to three years before deleting them in order to be able to prove previously given consent, based on our legitimate interests. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the previous existence of consent is confirmed at the same time. In the event of obligations to permanently observe objections, we reserve the right to store the email address in a block list (so-called "block list") for this purpose alone.
Content: Information about us, our services, promotions, and offers.
Types of data processed: Account data (e.g., names, addresses); contact data (e.g., email, telephone numbers); meta, communication, and process-related data (e.g., IP addresses,
time data, identification numbers, consent status); usage data (e.g., websites visited, interest in content, access times).
Data subjects: Communication partners; users (e.g., website visitors), contractual partners. Purposes of processing: Direct marketing (e.g., by email or post); provision of contractual services and customer service.
Legal basis: Consent (Art. 6 (1) (a) GDPR); legitimate interests (Art. 6 (1) (f) GDPR), Section 7 (3) UWG (German Unfair Competition Act).
Right to object (opt-out): You can unsubscribe from our newsletter at any time, i.e., revoke your consent or object to further receipt. You will find a link to unsubscribe from the newsletter at the end of each newsletter, or you can use one of the contact options listed above, preferably email.
Further information on processing, procedures, and services:
HubSpot CRM: Management of customer contacts, tracking of sales activities, automation of marketing campaigns, analysis of sales data, creation and management of email campaigns, integration with other tools and platforms, management of customer support requests, AI assisted content generation, personalized email creation, predictive sales forecasts, automatic workflow descriptions, and AI chatbots for customer interaction; Service provider: HubSpot, Inc., 25 First St., 2nd Floor, Cambridge, Massachusetts 02141, USA; Legal basis: Contract fulfillment and pre-contractual inquiries (Art. 6(1)(b) GDPR), Legitimate interests (Art. 6(1)(f) GDPR); Website: https://www.hubspot.de; Privacy policy:
https://legal.hubspot.com/de/privacy-policy; Data processing agreement: https://legal.hubspot.com/dpa; Standard contractual clauses (ensuring the level of data protection when processing in third countries): https://legal.hubspot.com/dpa.
Measurement of opening and click rates: The newsletters contain a so-called "web beacon," i.e., a pixel-sized file that is retrieved from the server of our mailing service provider when the newsletter is opened. During this retrieval, technical information such as information about the browser and your system, as well as your IP address and the time of retrieval, is initially collected. This information is used to technically improve our newsletter based on the technical data or the target groups and their reading behavior based on their retrieval location (which can be determined using the IP address) or access times. This analysis also includes determining whether the newsletters are opened, when they are opened, and which links are clicked. This information is assigned to the individual newsletter recipients and stored in their profiles until they are deleted. We use the analyses to identify the reading habits of our users and to tailor our content to them or to send different content according to the interests of our users.
We offer online chats and chatbot functions (collectively referred to as "chat services") as a means of communication. The chat services enable us to contact visitors to our website via live chat and to respond to support and communication requests.
efficiently. When you use our chat functions, we may process your personal data.
Data categories: technical connection data relating to server access (IP address, date, time, page accessed, browser information), content of the conversation, information about your request, and contact details such as your name or email address.
Purpose: To support website visitors/customers with technical or content-related questions and to optimize content.
Legal basis: legitimate interest (Art. 6 (1) (f) GDPR); contract/pre-contractual measures (Art. 6 (1) (b) GDPR).
We use the "Intercom" service from Intercom R&D Unlimited Company, 2nd Floor, Stephen Court, 18–21 Saint Stephen's Green, Dublin 2, Ireland, on our website. We have concluded an agreement with Intercom for order processing in accordance with Art. 28 GDPR. This regulates the data protection-compliant handling of personal data and obliges Intercom to process the data exclusively on our instructions and to comply with technical and organizational measures for data protection.
Data processing is generally carried out by Intercom R&D Unlimited Company, based in Ireland. For certain technical services, data may be transferred to group companies in third countries (USA). In such cases, Intercom relies on the standard contractual clauses of the EU Commission in accordance with Art. 46 (2) (c) GDPR. Details on data processing by Intercom can be found at: https://www.intercom.com/legal/privacy
If you would like to view our job vacancies, you will be redirected to the Personio career website.
Personio: HR software platform; Service provider: Personio SE & Co. KG Seidlstraße 3 80335 Munich Tel.: +49 (89) 1250 1005; Legal basis: Legitimate interests (Art. 6 (1) (f) GDPR); Website: https://www.personio.de/; Data protection page: www.personio.de/datenschutz/
Your personal data will only be passed on to third parties within the scope of contract processing, in particular for the delivery of goods, to the company commissioned with the delivery, insofar as this is necessary for the delivery of the goods, or to the credit institution commissioned with the payment processing, insofar as this is necessary for the payment processing. Your data will only be passed on to other third parties if we are legally obliged to do so, if we are required to do so by a court decision, or if the transfer is necessary for law enforcement or criminal prosecution.
To exercise your rights, please contact us at this email address:legal@visiolab.io You have the following rights:
You can revoke your consent to the processing of personal data at any time with effect for the future. The above contact options are available to you for this purpose.
You have the right to object at any time to the processing of your personal data based on Art. 6 (1) (e) or (f) GDPR. We will then no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.
You also have the following rights with regard to your personal data:
- Right of access (Art. 15 GDPR),
- Right to rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR),
- Right to restriction of processing (Art. 18 GDPR),
- Right to data portability (Art. 20 GDPR).
You also have the right to complain to a data protection supervisory authority about our processing of your personal data.
The supervisory authority responsible for us is:
The State Commissioner for Data Protection of Lower
Saxony Prinzenstraße 5, 30159 Hanover
Phone: 05 11/ 120-45 00
Fax: 05 11/ 120 - 45 99
Email: poststelle@lfd.niedersachsen.de, Website: https://www.lfd.niedersachsen.de
We reserve the right to change this privacy policy at any time in accordance with data protection law. The current version of the privacy policy is always available on our website.
The German text of this privacy policy takes precedence over the English text. The English text is merely a non-binding practical translation.
As of: November 2025