Skip to content

Legal notice:
This English version is provided for convenience only.
The German version of this Privacy Policy is the legally binding version.
In case of discrepancies, the German text shall prevail.

Privacy Policy

Foreword

We, PPJ Venture Labs UG (haftungsbeschränkt), hereinafter: "the company", "we" or "us", take the protection of your personal data seriously and would like to inform you here about data protection in our company.

Within the scope of our data protection responsibility, the entry into force of the EU General Data Protection Regulation (Regulation (EU) 2016/679; hereinafter: "GDPR") has imposed additional obligations on us to ensure the protection of personal data of the data subject affected by processing (we also address you below as the data subject with "customer", "user", "you" or "data subject"). Where we decide alone or jointly with others on the purposes and means of data processing, this includes in particular the obligation to inform you transparently about the type, scope, purpose, duration and legal basis of the processing (cf. Art. 13 and 14 GDPR). With this statement (hereinafter: "Privacy Notice"), we inform you about the way in which your personal data is processed by us.

A. General

(1) Definitions

Based on Art. 4 GDPR, the following definitions apply to this Privacy Notice:

  • "Personal data" (Art. 4 no. 1 GDPR) means all information relating to an identified or identifiable natural person ("data subject"). A person is identifiable if they can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, an online identifier, location data, or by one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person. Identifiability can also be given by linking such information or other additional knowledge. The origin, form or embodiment of the information is irrelevant (photos, video or audio recordings can also contain personal data).
  • "Processing" (Art. 4 no. 2 GDPR) means any operation or set of operations which is performed on personal data, whether or not by automated (i.e., technology-supported) means. This includes in particular the collection (i.e., acquisition), recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment, combination, restriction, erasure or destruction of personal data, as well as the change of an objective or purpose originally underlying the processing.
  • "Controller" (Art. 4 no. 7 GDPR) means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.
  • "Third party" (Art. 4 no. 10 GDPR) means any natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or processor, are authorized to process the personal data; this also includes other affiliated legal entities.
  • "Processor" (Art. 4 no. 8 GDPR) means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller, in particular in accordance with its instructions (e.g. IT service providers). In the sense of data protection law, a processor is in particular not a third party.
  • "Consent" (Art. 4 no. 11 GDPR) of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.

(2) Name and address of the controller

The entity responsible for the processing of your personal data within the meaning of Art. 4 no. 7 GDPR are the managing directors:

Patrick Humbrock, Paul Koch, Julius Hasenzahl der: PPJ Venture Labs UG (haftungsbeschränkt), Barellistr. 3b, 80638 Munich, registered in the commercial register of Munich under number: HRB XXX, VAT ID No.: DE XXX

Further information about our company can be found in the imprint on our website www.getclide-fm.de

(3) Contact details of the data protection officer

A data protection officer has not been appointed for our company because we are not legally required to do so (Art. 37 GDPR in conjunction with § 38 BDSG).

If you have any questions, please contact: kontakt@ppj

(4) Legal bases for processing

As a matter of law, the processing of personal data is generally prohibited and is only permitted if the processing falls under one of the following legal bases:

  • Art. 6(1) sentence 1 lit. a GDPR ("Consent"): If the data subject has freely, in an informed manner and unambiguously indicated by a statement or other clear affirmative action that they consent to the processing of personal data relating to them for one or more specific purposes;
  • Art. 6(1) sentence 1 lit. b GDPR: If the processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract;
  • Art. 6(1) sentence 1 lit. c GDPR: If the processing is necessary for compliance with a legal obligation to which the controller is subject (e.g., a statutory retention obligation);
  • Art. 6(1) sentence 1 lit. d GDPR: If the processing is necessary to protect vital interests of the data subject or of another natural person;
  • Art. 6(1) sentence 1 lit. e GDPR: If the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; or
  • Art. 6(1) sentence 1 lit. f GDPR ("Legitimate interests"): If the processing is necessary for the purposes of legitimate (in particular legal or economic) interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject (especially where the data subject is a minor).

The storage of information in the end user's terminal equipment or access to information already stored in the terminal equipment is only permitted if it is covered by one of the following legal bases:

  • § 25(1) TTDSG: If the end user has consented on the basis of clear and comprehensive information. The consent must be given in accordance with Art. 6(1) sentence 1 lit. a GDPR;
  • § 25(2) no. 1 TTDSG: If the sole purpose is the transmission of a message over a public telecommunications network; or
  • § 25(2) no. 2 TTDSG: If the storage or access is absolutely necessary for the provider of a telemedia service to provide a telemedia service explicitly requested by the user. For the processing operations we carry out, we specify the applicable legal basis in each case below. Processing may also be based on more than one legal basis.

(5) Data deletion and storage period

For the processing operations we carry out, we specify below how long the data is stored by us and when it is deleted or blocked. Unless an explicit storage period is specified below, your personal data will be deleted or blocked as soon as the purpose or legal basis for storage no longer applies. Your data is generally stored only on our servers in Germany, subject to any transfer in accordance with the rules in A.(7) and A.(8). However, storage may continue beyond the specified time in the event of a (threatened) legal dispute with you or other legal proceedings, or if storage is required by statutory provisions to which we are subject as a controller (e.g., § 257 HGB, § 147 AO). When the storage period prescribed by law expires, the personal data will be blocked or deleted unless further storage by us is necessary and there is a legal basis for doing so.

(6) Data security

We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties (e.g., TLS encryption for our website), taking into account the state of the art, implementation costs, and the nature, scope, context and purpose of the processing, as well as the existing risks of a data breach (including their likelihood and impact) for the data subject. Our security measures are continuously improved in line with technological developments. Further information can be provided upon request. Please contact our data protection officer for this (see A.(3)).

(7) Cooperation with processors

As with any larger company, we also use external domestic and foreign service providers to handle our business transactions (e.g., for IT, logistics, telecommunications, sales and marketing). They act only on our instructions and have been contractually obligated within the meaning of Art. 28 GDPR to comply with data protection regulations. Insofar as personal data from you is transferred by us to our subsidiaries or transferred from our subsidiaries to us (e.g., for advertising purposes), this is done on the basis of existing processing relationships.

(8) Requirements for transferring personal data to third countries

As part of our business relationships, your personal data may be transferred or disclosed to third companies. These may also be located outside the European Economic Area (EEA), i.e., in third countries. Such processing takes place exclusively to fulfill contractual and business obligations and to maintain your business relationship with us (legal basis is Art. 6(1) lit. b or lit. f in conjunction with Art. 44 et seq. GDPR). We inform you about the specific details of the transfer at the relevant points below. The European Commission has certified adequate data protection comparable to the EEA standard for certain third countries by means of so-called adequacy decisions (a list of these countries and a copy of the adequacy decisions can be found here: https://ec.europa.eu/info/law/lawtopic/data-protection/international-dimension-data-protection/adequacy-decisions_en). In other third countries to which personal data may be transferred, there is sometimes no consistently high level of data protection due to a lack of legal provisions. Where this is the case, we ensure that data protection is adequately safeguarded. This is possible through binding corporate rules, the European Commission's standard contractual clauses for the protection of personal data pursuant to Art. 46(1), 2 lit. c GDPR (the 2021 standard contractual clauses are available at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32021D0915&locale-en), certifications or recognized codes of conduct. Please contact our data protection officer (see A.(3)) if you would like further information on this.

(9) No automated decision-making (including profiling)

We do not intend to use personal data collected from you for automated decision-making (including profiling).

(10) No obligation to provide personal data

We do not make the conclusion of contracts with us dependent on you providing us with personal data in advance. As a customer, you are generally not legally or contractually obliged to provide us with your personal data; however, we may not be able to provide certain offers or may only be able to provide them to a limited extent if you do not provide the data required for this purpose. If this should exceptionally be the case within the scope of the products we offer below, you will be informed separately.

(11) Legal obligation to provide certain data

We may be subject to a special legal obligation to make legally processed personal data available to third parties, in particular public authorities (Art. 6(1) sentence 1 lit. c GDPR).

(12) Your rights

You can assert your rights as a data subject regarding your processed personal data to us at any time using the contact details provided at the beginning. As a data subject, you have the right:

  • in accordance with Art. 15 GDPR, to request information about your data processed by us. In particular, you can request information about the purposes of processing, the categories of data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected from you, and the existence of automated decision-making including profiling and, where applicable, meaningful information about its details;
  • in accordance with Art. 16 GDPR, to request without undue delay the rectification of inaccurate data or the completion of your data stored by us;
  • in accordance with Art. 17 GDPR, to request the deletion of your data stored by us, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims;
  • in accordance with Art. 18 GDPR, to request the restriction of processing of your data if the accuracy of the data is contested by you or the processing is unlawful;
  • in accordance with Art. 20 GDPR, to receive your data that you have provided to us in a structured, commonly used and machine-readable format or to request transfer to another controller ("data portability");
  • in accordance with Art. 21 GDPR, to object to processing if processing is based on Art. 6(1) sentence 1 lit. e or lit. f GDPR. This is particularly the case if processing is not necessary for the performance of a contract with you. If it is not an objection to direct marketing, we ask you to explain the reasons why we should not process your data as we do. In the event of your justified objection, we will examine the situation and will either stop or adjust the data processing or will demonstrate our compelling legitimate grounds for continuing the processing;
  • in accordance with Art. 7(3) GDPR, to withdraw your consent once given (including before the GDPR entered into force, i.e., before 25 May 2018) – i.e., your voluntary, informed and unambiguous will expressed by a statement or other clear affirmative action that you consent to the processing of the personal data in question for one or more specific purposes – at any time by notifying us if you have given such consent. This has the consequence that we may no longer continue the data processing based on this consent in the future and

(13) Changes to the privacy notice

As data protection law continues to develop and due to technological or organizational changes, our privacy notice is regularly reviewed for the need for adjustments or additions. You will be informed about changes in particular on our German website at www.getclide-fm.de. This privacy notice is dated November 2025.

B. Visiting websites

(1) Explanation of the function

Information about our company and the services we offer is available in particular at getclide-fm.de and its associated subpages (together: "Websites"). When you visit our Websites, personal data may be processed.

(2) Processed personal data

When using the Websites for informational purposes, the following categories of personal data are collected, stored and further processed by us:

"Log data": When you visit our Websites, a so-called log record (server log files) is temporarily and anonymized stored on our web server. It consists of:

  • the page from which the page was requested (referrer URL)
  • the name and URL of the requested page
  • the date and time of access
  • the description of the type, language and version of the browser used
  • the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established
  • the amount of data transmitted
  • the operating system
  • the message as to whether the access was successful (access status/HTTP status code)
  • the GMT time zone difference

"Contact form data": When using contact forms, the data transmitted via them is processed (e.g., gender, first and last name, address, company, email address and the time of transmission).

In addition to purely informational use of our website, we offer a subscription to our newsletter, with which we inform you about current developments in commercial law and events. If you register for our newsletter, the following "newsletter data" is collected, stored and further processed by us:

  • the page from which the page was requested (referrer URL)
  • the date and time of access
  • the description of the type of browser used
  • the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established
  • the email address
  • the date and time of registration and confirmation

Please note that we evaluate your user behavior when sending the newsletter. For this evaluation, the emails sent include so-called web beacons or tracking pixels, which are one-pixel image files stored on our website. For the evaluations, we link the aforementioned data and the web beacons with your email address and an individual ID. Links contained in the newsletter also contain this ID. The data is collected exclusively in pseudonymized form, i.e., the IDs are not linked to your other personal data and direct personal identification is excluded.

(3) Purpose and legal basis for processing

We process the personal data described above in accordance with the provisions of the GDPR, other applicable data protection regulations, and only to the extent necessary. Insofar as the processing of personal data is based on Art. 6(1) sentence 1 lit. f GDPR, the stated purposes also represent our legitimate interests. The processing of log data serves statistical purposes and the improvement of the quality of our website, in particular the stability and security of the connection (legal basis is Art. 6(1) sentence 1 lit. f GDPR). The processing of contact form data is carried out to handle customer inquiries (legal basis is Art. 6(1) sentence 1 lit. b or lit. f GDPR). The processing of newsletter data is for the purpose of sending the newsletter. When you register for our newsletter, you consent to the processing of your personal data (legal basis is Art. 6(1) lit. a GDPR). For registering for our newsletter we use the double opt-in procedure. This means that after your registration we will send you an email to the email address provided in which we ask you to confirm that you wish to receive the newsletter. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data. You can withdraw your consent to receive the newsletter at any time and unsubscribe. You can declare your withdrawal by clicking on the link provided in every newsletter email, by email to patrick@vera.tools, or by sending a message to the contact details provided in the imprint. If, for processing the data, the storage of information on your terminal equipment or access to information already stored on your terminal equipment is required, § 25(1), (2) TTDSG is the legal basis for this.

(4) Duration of processing

Your data is processed only for as long as this is necessary to achieve the processing purposes stated above; the legal bases specified within the processing purposes apply accordingly. Third parties used by us will store your data on their systems for as long as is necessary in connection with the provision of services for us in accordance with the respective order.

(5) Transfer of personal data to third parties; legal basis

The following categories of recipients, which are generally processors, may have access to your personal data:

  • Service providers for operating our website and processing the data stored or transmitted by the systems (e.g., data center services, payment processing, IT security). The legal basis for the transfer is then Art. 6(1) sentence 1 lit. b or lit. f GDPR, insofar as they are not processors;
  • Government agencies/authorities, insofar as this is necessary to fulfill a legal obligation. The legal basis for the transfer is then Art. 6(1) sentence 1 lit. c GDPR;
  • Persons deployed to conduct our business operations (e.g., auditors, banks, insurers, legal advisors, supervisory authorities, parties involved in company acquisitions or the establishment of joint ventures). The legal basis for the transfer is then Art. 6(1) sentence 1 lit. b or lit. f GDPR. With regard to safeguards for an adequate level of data protection when transferring data to third countries. In addition, we only pass your personal data on to third parties if you have given your express consent pursuant to Art. 6(1) sentence 1 lit. a GDPR.

(6) Use of cookies, plugins and other services on our website

a) Cookie

We use cookies on our Websites. Cookies are small text files that are assigned to your browser by a characteristic string and stored on your hard drive, through which the entity setting the cookie receives certain information. Cookies cannot run programs or transmit viruses to your computer and therefore cannot cause any damage. They are used to make the internet offering more user-friendly and effective overall, i.e., more pleasant for you. Cookies can contain data that makes it possible to recognize the device used. In some cases, cookies only contain information about certain settings that are not personally identifiable. However, cookies cannot directly identify a user. A distinction is made between session cookies, which are deleted when you close your browser, and persistent cookies, which are stored beyond the individual session. With regard to their function, cookies are distinguished as follows:

  • Technical cookies: These are essential to navigate the website, use basic functions and ensure the security of the website; they neither collect information about you for marketing purposes nor store which websites you have visited;
  • Performance cookies: These collect information about how you use our website, which pages you visit and, for example, whether errors occur when using the website; they do not collect any information that could identify you – all information collected is anonymous and is only used to improve our website and to find out what interests our users;
  • Advertising cookies, targeting cookies: These serve to offer the website user advertising tailored to their needs on the website or offers from third parties and to measure the effectiveness of these offers; advertising and targeting cookies are stored for a maximum of 13 months;
  • Sharing cookies: These serve to improve the interactivity of our website with other services (e.g., social networks); sharing cookies are stored for a maximum of 13 months.

The legal basis for cookies that are absolutely necessary to provide you with the expressly requested service is § 25(2) no. 2 TTDSG. Any use of cookies that is not strictly technically necessary for this purpose constitutes data processing that is only permitted with your express and active consent pursuant to § 25(1) TTDSG in conjunction with Art. 6(1) sentence 1 lit. A GDPR. This applies in particular to the use of performance, advertising, targeting or sharing cookies. In addition, we only pass on your personal data processed by cookies to third parties if you have given your express consent pursuant to Art. 6(1) sentence 1 lit. a GDPR.

b) Social media plugins

We do not use any social media plugins on our Websites. If our Websites contain symbols of social media providers, we use them only for passive linking to the pages of the respective providers.

Use of external service providers and tools

As part of operating this website and providing our online services, we use various external service providers and tools. All service providers are carefully selected and contractually obligated as processors pursuant to Art. 28 GDPR. Personal data is processed exclusively on the basis of the stated legal bases and, where required, your consent (Art. 6(1) lit. a GDPR). Below is an overview of the providers used:

Hosting & provision of the website

Netlify Inc., San Francisco, USA
Our website is provided via Netlify. A data processing agreement exists, and data transfer is based on the EU standard contractual clauses. Further information: https://www.netlify.com/privacy

Appointment booking / calendar management

Cal.com, Inc. (USA) or alternatively Google Calendar (Google Ireland Limited, Ireland)
Used for scheduling and managing appointments. Legal basis: Art. 6(1) lit. b GDPR (performance of contract) or Art. 6(1) lit. a GDPR (consent). A processing agreement pursuant to Art. 28 GDPR exists.

Email communication

Google Ireland Limited (Gmail)
Used to handle email communication. Processing is based on a processing agreement; data transfer to the USA is carried out in accordance with EU standard contractual clauses.

Customer communication & marketing automation

Lemlist SAS, France
Used for relationship management and email campaigns.
Lemwarm (Lemlist SAS, France)
Used to warm up email domains to improve deliverability.
Processing agreements exist for both services; data is processed exclusively within the EU.

Web analytics

Plausible Analytics, OÜ, Estonia
Cookie-free audience analytics, fully GDPR-compliant. No personal data is stored or passed on. Further information: https://plausible.io/data-policy

Note on data collection by Plausible Analytics (basic vs. extended tracking)

Basic tracking (enabled by default): This variant operates completely without cookies and without storing personal data. No IP addresses, user identifiers (user_id) or cookies are used. Collection is carried out exclusively at an aggregated level (e.g., page views, referrers, browser types). This basic tracking serves the statistical analysis of our website and is necessary for the operation of the site. Consent is therefore not required (Art. 6(1) lit. f GDPR, § 25(2) no. 2 TTDSG).

Extended tracking (with consent): If you consent via the cookie or consent banner ("Cookiebot") to the "Statistics" category (or a comparable category), tracking is extended by a pseudonymous user identifier (cid / user_id). This allows us to better analyze repeat visits or campaign successes without establishing direct personal identification. The legal basis in this case is your consent pursuant to Art. 6(1) lit. a GDPR in conjunction with § 25(1) TTDSG.

You can withdraw your consent at any time via the cookie banner.

User analysis / behavior tracking

Hotjar Ltd., Malta
May be used to analyze user behavior (e.g., click paths, heatmaps). The IP address is anonymized. Use only takes place with your consent via the cookie banner (Art. 6(1) lit. a GDPR). Further information: https://www.hotjar.com/legal/policies/privacy/

Newsletter delivery & contact management

Brevo (Sendinblue SAS), France
Service provider for sending newsletters and managing email contacts. A processing agreement exists pursuant to Art. 28 GDPR. Further information: https://www.brevo.com/de/legal/privacypolicy/

Consent management / cookie management

Cookiebot by Usercentrics A/S, Denmark
Used to manage consents under TTDSG and GDPR. Legal basis: Art. 6(1) lit. c GDPR (legal obligation). Further information: https://www.cookiebot.com/de/privacy-policy/

Embedding external media & platforms

YouTube (Google Ireland Limited, Ireland)
Used to embed videos. Personal data (e.g., IP address) may be transferred when you play a video. Use only takes place with consent via the cookie banner.
Reddit Inc., USA
Used for evaluation or linking of campaign content. Data transfer is based on the EU standard contractual clauses.
All named providers process personal data only within the scope of the respective agreed purposes. There is no transfer to third parties outside the listed processors.