Privacy Policy

This privacy policy informs you about the nature, scope and purpose of the processing of personal data (hereinafter "data") within our website and the functions and content associated with it.

1. Controller

Femosos GmbH
Gebäude 20, Böhlerstraße 1, 40667 Meerbusch, Germany
Email: [email protected]
Represented by the managing directors: Moritz Jaeger, Felix Knauf, Sebastian von Steinsdorff

2. Categories of data processed

• Contact data (e.g. email address when you contact us)
• Usage data (e.g. pages visited, interest in content, access times)
• Meta/communication data (e.g. device information, IP addresses)

3. Purpose of processing

• Providing the website and its functions.
• Responding to contact requests and communicating with users.
• Security measures.
• Marketing, market research and optimization based on legitimate interests.

4. Legal bases

Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) lit. a GDPR serves as the legal basis.

For the processing of personal data required for the performance of a contract or pre-contractual measures, Art. 6 (1) lit. b GDPR serves as the legal basis.

Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 (1) lit. c GDPR serves as the legal basis.

If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) lit. f GDPR serves as the legal basis.

5. Hosting, Cloudflare & server log files

Our website is hosted on servers of Hetzner Online GmbH (Industriestr. 25, 91710 Gunzenhausen, Germany). Processing takes place in data centres within the EU on the basis of our legitimate interest in a secure and efficient provision of our online offering (Art. 6 (1) lit. f GDPR). We have concluded a data processing agreement (DPA) with Hetzner pursuant to Art. 28 GDPR.

In addition, we use Cloudflare, Inc. (101 Townsend St, San Francisco, CA 94107, USA) to optimize the security and loading times of this website. Cloudflare operates a worldwide content delivery network (CDN) and stores static content such as images or scripts on cache servers to enable faster access.

This may involve the transfer of personal data (e.g. IP addresses) to third countries. Cloudflare is certified under the EU-U.S. Data Privacy Framework. Processing is based on our legitimate interest pursuant to Art. 6 (1) lit. f GDPR in ensuring the stability and security of the website.

Our hosting provider also collects server log files (name of the accessed page, file, date and time, browser type, IP address, etc.) for 7 days for security reasons. Data whose retention is required for evidentiary purposes is stored until the incident has been finally resolved.

6. Use of Google Analytics

We use Google Analytics, a web analytics service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google uses cookies to enable an analysis of the use of our website. The information generated by the cookie about the use of this website is usually transferred to a Google server in the USA and stored there.

We use the "IP anonymization" function, whereby the IP address of users within the EU or other contracting states of the Agreement on the European Economic Area is truncated. Only in exceptional cases is the full IP address transferred to Google servers in the USA and truncated there.

Processing is based on your consent pursuant to Art. 6 (1) lit. a GDPR. You can revoke your consent at any time or prevent the storage of cookies by configuring your browser software accordingly.

Further information can be found in Google’s privacy policy.

7. Use of PostHog

We use PostHog, a product analytics tool provided by PostHog, Inc. (2261 Market Street #4008, San Francisco, CA 94114, USA). PostHog helps us analyse and improve the use of our website and our product (e.g. page views, clicks, navigation paths and features used).

PostHog uses cookies and similar technologies to collect data about user behaviour and their device (in particular truncated/anonymized IP address, device and browser information, operating system, referrer URL, interactions with the website and a user identifier). This cookie-based processing takes place exclusively after your consent via our cookie banner pursuant to Art. 6 (1) lit. a GDPR. You can revoke your consent at any time with effect for the future via the cookie settings on our website.

Server-side conversion measurement: When you submit the “Request a free assessment” form, we additionally transmit the key details of your enquiry to PostHog on a server-to-server basis in order to measure incoming enquiries. The data transmitted comprises your email address (as an identifier), your industry, federal state and founding year, whether you provided figures on revenue and EBITDA, and your newsletter choice. This server-side transmission takes place independently of your cookie banner choice, based on your consent given when submitting the form and for the performance of pre-contractual measures (Art. 6 (1) lit. a and b GDPR).

Upon submitting an enquiry, the resulting user profile may be attributed to you (linked via your email address). Otherwise, the data is stored in a pseudonymized profile.

The data is processed on servers within the European Union (Frankfurt am Main region). The operator is PostHog, Inc., based in the USA; access from the USA in the context of maintenance and support cannot be entirely excluded. Insofar as a transfer to the USA occurs, PostHog, Inc. is certified under the EU-U.S. Data Privacy Framework; in addition, the EU Commission’s standard contractual clauses pursuant to Art. 46 (2) lit. c GDPR are used. We have concluded a data processing agreement (DPA) with PostHog pursuant to Art. 28 GDPR.

Further information can be found in PostHog’s privacy policy.

8. Contacting us and use of Brevo

If you contact us via our website, in particular via the "Request a free assessment" feature or a contact form, the information you provide (e.g. name, email address, company and the content of your request) will be stored by us for the purpose of processing your request and in case of follow-up questions.

For sending and processing these requests and for the associated email communication, we use Brevo, a service of Brevo GmbH (Köpenicker Straße 126, 10179 Berlin, Germany; part of the Brevo group, Brevo SAS, 7 rue de Madrid, 75008 Paris, France). Brevo processes the data exclusively on servers within the European Union. We have concluded a data processing agreement (DPA) with Brevo pursuant to Art. 28 GDPR.

The processing of data provided in the context of the "Request a free assessment" enquiry is based on Art. 6 (1) lit. b GDPR, as the processing is necessary for the implementation of pre-contractual measures at your request. Otherwise, contact requests are processed on the basis of our legitimate interest in responding to enquiries pursuant to Art. 6 (1) lit. f GDPR. Insofar as you have given us your consent, Art. 6 (1) lit. a GDPR serves as the legal basis.

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected and no statutory retention obligations prevent deletion. Further information can be found in Brevo’s privacy policy.

9. Your rights as a data subject

You have the right

• to request information about your personal data processed by us pursuant to Art. 15 GDPR.
• to request the rectification of inaccurate data or the completion of stored data pursuant to Art. 16 GDPR.
• to request the erasure of your personal data pursuant to Art. 17 GDPR.
• to request the restriction of processing pursuant to Art. 18 GDPR.
• to request data portability pursuant to Art. 20 GDPR.
• to object to the processing pursuant to Art. 21 GDPR.
• to revoke your consent at any time pursuant to Art. 7 (3) GDPR.
• to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR.

10. Validity and amendment of this privacy policy

This privacy policy is currently valid as of June 2026. Technical developments or legal changes may make it necessary to amend this privacy policy.