Home
> Privacy Policy

Privacy Policy Information

Privacy Policy

Privacy Policy

1.Controller

The controller responsible for data processing within the meaning of the General Data Protection Regulation (GDPR) is:

CodeXaureus GmbH
August-Everding-Straße 25
81671 Munich
Germany

Email: info@codexaureus.com

Website: https://codex-aureus.de

2.Scope of This Privacy Policy

This Privacy Policy applies to:

    • Our websites and online presence
    • Our software products (including SaaS solutions and plugins)
    • Digital services, integrations, APIs, and platforms developed or operated by CodeXaureus GmbH
    • Customer communication, sales, marketing, and support activities
    • Our offerings are primarily directed at business customers (B2B) but may also be accessed by website visitors.

3. General Information on Data Processing

We process personal data exclusively in accordance with the GDPR and applicable national data protection laws.

Personal data means any information relating to an identified or identifiable natural person.

We process personal data only where legally permitted, in particular:

    • to perform contracts
    • to carry out pre-contractual measures
    • to comply with legal obligations
    • based on legitimate interests
    • based on consent, where required

4. Data Processing When Visiting Our Website

a) Server Log Files

When visiting our website, the following data is automatically collected by our hosting provider and stored in server log files:

    • IP address (anonymized or shortened)
    • Date and time of access
    • Accessed pages
    • Browser type and version
    • Operating system
    • Referrer URL

Purpose of processing:

    • Technical operation of the website
    • System security and stability
    • Error analysis

Legal basis:

Art. 6(1)(f) GDPR (legitimate interest)

5. Hosting and Infrastructure

Our websites, applications, and software systems are hosted by external service providers.

Where required, we have concluded Data Processing Agreements (DPA) pursuant to Art. 28 GDPR with all relevant providers.

Legal basis:

Art. 6(1)(f) GDPR

6. Contact and Communication

If you contact us via email, contact form, phone, or other communication channels, we process your data to handle your request.

Processed data may include:

    • Name
    • Company
    • Email address
    • Phone number
    • Message content

Purpose:

    • Communication
    • Sales inquiries
    • Support and consulting

Legal basis:

Art. 6(1)(b) GDPR (pre-contractual measures / contract performance)

Art. 6(1)(f) GDPR (legitimate interest)

7. Customer, Partner, and Contract Data

In the course of providing our software products and services, we process personal data of:

    • Customers
    • Business partners
    • Authorized contact persons
    • Processed data may include:
    • Company name
    • Contact person details
    • Billing and payment data
    • Contract information
    • Communication history

Purpose:

    • Contract performance
    • Billing and accounting
    • Customer support
    • Project execution

Legal basis:

Art. 6(1)(b) GDPR

8. Data Processing Within Software Products and Services

Our software products and digital services may process personal data depending on their functionality and configuration.

This may include, for example:

    • Technical usage data
    • Account and authentication data
    • System-related metadata

Such processing is:

limited to what is technically necessary

purpose-bound

subject to appropriate security measures

Unless expressly stated otherwise, CodeXaureus GmbH does not use customer data for profiling or marketing purposes.

The respective customer remains responsible for the lawful processing of personal data of end users on their own platforms.

9. Processing on Behalf of Customers (Data Processing Agreement)

Where we process personal data on behalf of customers, this is carried out exclusively on the basis of a Data Processing Agreement (DPA) in accordance with Art. 28 GDPR.

A DPA can be provided upon request.

10. Data Disclosure and Third Parties

Personal data is disclosed only if:

    • required for contract performance
    • required to fulfill legal obligations
    • consent has been given
    • legitimate interests apply
    • Data transfers to third countries take place only where an adequate level of data protection is ensured (e.g. EU Standard Contractual Clauses).

11. Data Retention

Personal data is stored only for as long as necessary for the respective purpose or as required by statutory retention obligations.

Once the purpose ceases to apply, the data is deleted.

12. Rights of Data Subjects

You have the right to:

    • Access (Art. 15 GDPR)
    • Rectification (Art. 16 GDPR)
    • Erasure (Art. 17 GDPR)
    • Restriction of processing (Art. 18 GDPR)
    • Data portability (Art. 20 GDPR)
    • Objection (Art. 21 GDPR)

Requests can be sent to: info@codexaureus.com

13. Withdrawal of Consent

Where processing is based on consent, consent may be withdrawn at any time with effect for the future.

14. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority.

Competent authority:

Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 27
91522 Ansbach
Germany

15. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or misuse.

16. Changes to This Privacy Policy

We reserve the right to amend this Privacy Policy to reflect legal requirements or changes to our services and products.

Stay Ahead.

Subscribe for Expert Insights.

You can unsubscribe at any time using the link in the footer of our emails. View our Privacy Policy.