Back to EVERLEAD

Privacy Policy

  1. DATA CONTROLLER

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the Member States as well as other data protection regulations is the:

ALEX & GROSS Technology GmbH
O3 2-8
68161 Mannheim
GERMANY

  1. DATA PROTECTION OFFICER

If you have any questions about data protection at ALEX & GROSS Technology, please contact our data protection officer. If you wish to delete your data from our database, please contact:

ALEX & GROSS Technology GmbH
Dr. Helge Bertram
dataprotection@alex-gross.com

III. GENERAL INFORMATION ON DATA PROCESSING

The security of your personal data is important to us. We therefore operate our web activities in accordance with the laws on data protection and data security. ALEX & GROSS Technology GmbH takes precautions to ensure the security of your personal data. Your data is conscientiously protected against loss, destruction, falsification, manipulation and unauthorized access or unauthorized disclosure. Below you will find out what information we may collect and how we handle it.

  1. SCOPE OF THE PROCESSING OF PERSONAL DATA

We collect and use our users’ personal data only insofar as this is necessary to provide a functional website and our content and services. The collection and use of our users’ personal data only takes place regularly with the user’s consent. An exception applies in cases where it is not possible to obtain prior consent for factual reasons and the processing of the data is permitted by law.

  1. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.

If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.

  1. DATA ERASURE AND STORAGE DURATION

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.

  1. PROVISION OF THE WEBSITE AND CREATION OF LOG FILES
  2. DESCRIPTION AND SCOPE OF DATA PROCESSING

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. The data is also stored in the log files of our system. The following information is collected without any action on the part of the user and stored until it is automatically deleted

  • Browser type and version used
  • Operating system of the user
  • Internet service provider of the user
  • IP address of the user
  • Date and time of access
  • Websites from which the user’s system accesses our website
  • Websites that are accessed by the user’s system via our website
  • Name and URL of the retrieved file
  1. PURPOSE OF DATA PROCESSING

We process the aforementioned data for the following purposes:

  • Ensuring a smooth connection setup of the website and thus to ensure the functionality of the website,
  • Ensuring convenient use of our website and optimization of the website
  • Evaluating and ensuring the system security and stability of our information technology systems and
  • For further administrative purposes

We reserve the right to statistically evaluate anonymized data records.

  1. LEGAL BASIS FOR DATA PROCESSING

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes for data collection listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about the user’s identity.

We also use cookies and analysis services when you visit our website. More detailed explanations can be found in sections V and VII of this privacy policy.

  1. DURATION OF STORAGE

If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated so that it is no longer possible to assign the calling client.

  1. POSSIBILITY OF OBJECTION AND REMOVAL

The collection of data for the provision of the website and the storage of data in log files are absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object.

  1. USE OF COOKIES
  2. DESCRIPTION AND SCOPE OF DATA PROCESSING

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. Cookies do not cause any damage to the user’s end device and do not contain any viruses, Trojans or other malware.

Most browsers accept cookies automatically. However, the browser can be configured so that no cookies are stored on the user’s computer or a message always appears before a new cookie is created. However, completely deactivating cookies may mean that not all functions of our website can be used.

We use cookies to make our website more user-friendly. Some elements of our website require that the accessing browser can be identified even after a page change.

The following data is stored and transmitted in the cookies:

– Language settings

– User IDs

We also use cookies on our website that enable an analysis of the user’s surfing behavior.

The following data can be transmitted in this way

– Search terms entered

– Frequency of page views

– Use of website functions

– Submission of forms

Information is thus stored in the cookie that results in each case in connection with the specific end device used. However, this does not mean that we obtain direct knowledge of the identity of the user.

The user data collected in this way is pseudonymized by technical precautions. It is therefore no longer possible to assign the data to the accessing user. The data is not stored together with other personal data of the user.

When accessing our website, users are informed by an information banner about the use of cookies for analysis purposes and their consent to the processing of the personal data used in this context is obtained. In this context, reference is also made to this privacy policy. In this context, there is also a reference to how the storage of cookies can be prevented in the browser settings.

  1. PURPOSE OF DATA PROCESSING

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary for the browser to be recognized even after a page change.

We require cookies for the following applications:

– Adoption of language settings

– Remembering search terms

The user data collected by technically necessary cookies is used to create user profiles.

Analysis cookies are used for the purpose of improving the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus constantly optimize our offer.

  • Access to content after registration, e.g. downloads
  • Pre-filling of forms
  • Direct access after initial registration

These purposes also constitute our legitimate interest in the processing of personal data in accordance with Art. 6 para. 1 lit. f GDPR.

  1. LEGAL BASIS FOR DATA PROCESSING

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f GDPR. The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 lit. a GDPR if the user has given consent to this.

  1. DURATION OF STORAGE, POSSIBILITY OF OBJECTION AND REMOVAL

Cookies are stored on the user’s computer and transmitted by it to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.

VI NEWSLETTER

1.DESCRIPTION AND SCOPE OF DATA PROCESSING

The newsletter is sent on the basis of the user’s registration on the website. It is possible to subscribe to a free newsletter on our website. When registering for the newsletter, the data from the input mask is transmitted to us.

The following data is collected during registration

  • Surname, first name
  • e-mail address
  • telephone number

Your consent is obtained for the processing of the data as part of the registration process and reference is made to this privacy policy.

No data will be passed on to third parties in connection with the data processing for sending newsletters. The data will be used exclusively for sending the newsletter.

  1. PURPOSE OF DATA PROCESSING

The purpose of collecting the user’s e-mail address is to deliver the newsletter. The collection of other personal data as part of the registration process serves to prevent misuse of the services or the e-mail address used

  1. LEGAL BASIS FOR DATA PROCESSING

The newsletter is sent on the basis of the user’s registration on the website. The legal basis for the processing of data after registration for the newsletter by the user is Art. 6 para. 1 lit. a GDPR if the user has given consent.

  1. DURATION OF STORAGE

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. The user’s email address is therefore stored for as long as the subscription to the newsletter is active. The other personal data collected during the registration process is generally deleted after a period of seven days.

  1. POSSIBILITY OF OBJECTION AND REMOVAL

The subscription to the newsletter can be canceled by the user concerned at any time.

be canceled at any time. For this purpose, there is a corresponding link in every newsletter. Alternatively, you can also send your unsubscribe request at any time to support@everlead.com by email.

This also enables you to withdraw your consent to the storage of the personal data collected during the registration process.

VII. CONTACT FORM

1.DESCRIPTION AND SCOPE OF DATA PROCESSING

For questions of any kind, we offer you the opportunity to contact us via a form provided on the website. It is necessary to provide a valid e-mail address so that we know who sent the request and can answer it. Further information can be provided voluntarily.

  1. PURPOSE OF DATA PROCESSING

Your data is processed in order to process your contact.

  1. LEGAL BASIS FOR DATA PROCESSING

Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your voluntarily given consent.

  1. DURATION OF STORAGE

The personal data collected by us for the use of the contact form will be automatically deleted after your request has been processed.

VIII. DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES

  1. DISCLOSURE TO SERVICE PROVIDERS

As part of the conclusion of contracts via the website, personal data of the contractual partner will be passed on to third parties (service providers used to fulfill the contract) for the purpose of fulfilling the contract, insofar as the order and contract processing cannot be conclusively processed by ALEX & GROSS Technology.

  1. USE OF SOCIAL MEDIA PLUGINS / THIRD PARTY COOKIES
  2. A) SCOPE OF THE PROCESSING OF PERSONAL DATA

ALEX & GROSS Technology uses various social network services. In each case, a direct connection is established between you and the respective service in the USA so that it receives your IP address and information about the page you are currently visiting. Due to the direct connection, ALEX & GROSS Technology GmbH has no influence on the data collected and can only inform you to the best of its knowledge. Responsibility for data protection-compliant operation must be guaranteed by the respective provider. ALEX & GROSS Technology GmbH does not transmit any further data to these networks.

Facebook / Facebook Like button

We may use plugins from Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) on our websites. When you access a page on our website that contains such a plugin, your browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser, which integrates it into the website. By integrating the plugins, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the USA and stored there. You can find an overview of the Facebook plugins here: https://developers.facebook.com/docs/plugins/ .

If you are logged in to Facebook, Facebook can directly associate your visit to our website with your Facebook account. If you interact with the plugins, for example by clicking the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends.

Facebook may use this information for the purposes of advertising, market research and the needs-based design of Facebook pages. For this purpose, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.

If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website. Please note that we have no knowledge of the content of the data transmitted to Facebook or how it is used. The purpose and scope of the data collection and information regarding the further processing and use of the data by Facebook as well as your rights in this regard and setting options to protect your privacy can be found in Facebook’s data protection information (https://www.facebook.com/about/privacy/).

Instagram
Our website uses so-called social plugins (“plugins”) from Instagram, which is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). The plugins are marked with an Instagram logo, for example in the form of an “Instagram camera.” An overview of the Instagram plugins and their appearance can be found here: https://blog.instagram.com/post/36222022872/introducing-instagram-badges

When you visit a page on our website that contains such a plugin, your browser establishes a direct connection to the Instagram servers. The content of the plugin is transmitted directly from Instagram to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has accessed the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is transmitted directly from your browser to an Instagram server in the USA and stored there.

If you are logged in to Instagram, Instagram can directly associate your visit to our website with your Instagram account. If you interact with the plugins, for example by clicking the “Instagram” button, this information is also transmitted directly to an Instagram server and stored there. The information is also published on your Instagram account and shown to your contacts.

For information on the purpose and scope of data collection, further processing and use of the data by Instagram, as well as your rights and settings options for protecting your privacy, please refer to Instagram’s privacy policy: https://help.instagram.com/155833707900388/

If you do not want Instagram to associate the data collected via our website directly with your Instagram account, you must log out of Instagram before visiting our website. You can also completely block the loading of Instagram plugins with browser add-ons, such as the script blocker “NoScript” (https://noscript.net/).

LinkedIn
We may use plugins from LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, on our websites. When using web pages equipped with such a plugin, the data collected during the use of the website is transmitted to LinkedIn servers—particularly information about which of our web pages you visited. If you are logged in as a LinkedIn member, the transmitted data will be linked to your personal LinkedIn user account. This enables additional functions of the plugin and your LinkedIn account. If you do not want LinkedIn to associate your visit to our pages with your account, please log out of your LinkedIn account before visiting our website.
Please note that we do not have knowledge of the content of the data transmitted to LinkedIn or how it is used. For information on how LinkedIn uses the collected data and on your rights and options to protect your privacy, please refer to LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy

  1. B) PURPOSE OF DATA PROCESSING
    ALEX & GROSS Technology GmbH provides the services of the companies mentioned above on its website to enable prospects, customers, and visitors of our website to:
    Stay informed about news, events, and ideas related to professional topics
    • Search for potential clients, customers, partners, and other individuals and establish business connections with them
    The underlying promotional purpose is considered a legitimate interest pursuant to the GDPR.
  2. C) LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
    The legal basis for the processing of personal data through the use of social media plugins is Art. 6 (1) lit. f GDPR.
  3. D) STORAGE DURATION
    ALEX & GROSS Technology does not store any data that is transmitted to the companies listed in section A.
    Information about the storage duration, account deletion, and associated data can be found in the privacy policies of the companies mentioned in section A.
  4. E) RIGHT TO OBJECT AND REMOVAL OPTIONS
    Information about objection and removal options can be found in the respective privacy policies of the companies listed in section A.
  5. WEBSITE ANALYSIS SERVICES

    A) SCOPE OF PROCESSING OF PERSONAL DATA

Google Adwords Conversion Tracking
To statistically record the use of our website and evaluate it for the purpose of optimizing our website, we also use Google Conversion Tracking. In this process, a cookie (see section 4) is set on your computer by Google Ads if you have reached our website via a Google advertisement. These cookies expire after 30 days and are not used for personal identification. If a user visits certain pages of the advertiser’s website and the cookie has not yet expired, Google and the advertiser can recognize that the user clicked on the ad and was redirected to that page.

Each Google Ads customer receives a different cookie. Therefore, cookies cannot be tracked across the websites of multiple Ads customers. The information obtained using the conversion cookie is used to generate conversion statistics for Ads customers who have opted for conversion tracking. The advertisers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information that can personally identify users.

If you do not wish to participate in the tracking process, you can reject the setting of the cookie required for this – for example, by setting your browser to generally disable the automatic setting of cookies. You can also disable cookies for conversion tracking by setting your browser to block cookies from the domain “www.googleadservices.com“.
Google’s privacy notice regarding conversion tracking can be found here: https://services.google.com/sitestats/en.html

Google Tag Manager
This website uses Google Tag Manager from Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). This tool is used to manage the analytics services described above. Google Tag Manager only implements tags. This means: no cookies are set, and no personal data is collected. The Google Tag Manager merely triggers other tags, which may in turn collect data. However, Google Tag Manager does not access this data. If a deactivation has been carried out at the domain or cookie level, it remains in effect for all tracking tags implemented via Google Tag Manager.
More information on Google Tag Manager can be found at: https://support.google.com/tagmanager/ and https://policies.google.com/terms

Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. (https://www.google.com/intl/en/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). Google Analytics uses “cookies,” which are text files placed on your computer, to help analyze how users use the site. The information generated by the cookie about your use of this website such as:

  • browser type/version,
  • operating system used,
  • referrer URL (the previously visited page),
  • hostname of the accessing computer (IP address),
  • time of the server request

is usually transmitted to a Google server in the USA and stored there. The information is used to evaluate your use of the website, compile reports on website activity, and provide other services related to website and internet usage for purposes of market research and the needs-based design of this website. This information may also be transferred to third parties where required by law or where such third parties process the data on Google’s behalf.

Your IP address will never be merged with other Google data. IP addresses are anonymized so that identification is not possible (IP masking).

If IP anonymization is activated on this website, your IP address will first be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data held by Google.
Please note that this website uses Google Analytics with the extension “_anonymizeIp()” and therefore processes IP addresses only in a shortened form to exclude any direct personal reference.

  1. B) PURPOSE OF DATA PROCESSING
    On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website and internet usage to the website operator. The aim is to ensure demand-oriented design and continuous optimization of our website. Furthermore, data processing is carried out to statistically record the use of our website and to optimize our offering for you. These purposes constitute legitimate interests within the meaning of the aforementioned legal provision.
    The Google Analytics tracking code implemented on this website supports both search and display advertising. As part of Google Analytics for display advertising, the remarketing feature is used on this website. Ads are shown on third-party websites, including those by Google. Third-party vendors (e.g. Paessler or PRTG), including Google, use cookies. The combined use of first-party cookies (e.g. Google Analytics cookies) and third-party cookies (e.g. DoubleClick cookies) enables targeted ad delivery, optimization, and placement based on your previous visits to this website.

The following Google Ads functions are used on this website:

  • Remarketing
  • Interest Categories
  • Similar Audiences
  • Other types of interest-based advertising
  • Conversion Tracking
  • Dynamic Search Ads (DSA)
  • Customer Match (if used)
  • Remarketing Lists for Search Ads (RLSA)
  • Smart Bidding (automated bid strategies)

We use these Google Ads features to retarget visitors of this website on third-party websites or to reach internet users with specific interest profiles based on their online behavior. We do not collect any personal information through our cookies, remarketing lists, or other anonymous IDs.

  1. C) LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
    The legal basis for the processing of personal data using Google Analytics is Art. 6(1)(f) GDPR.
  2. D) DURATION OF STORAGE
    Data is deleted as soon as it is no longer required to fulfill the purpose for which it was collected.
    Other personal data collected during the registration process will be deleted after a period of seven days.
  3. E) RIGHT TO OBJECT AND REMOVAL OPTIONS
    You can prevent the storage of cookies by adjusting your browser settings accordingly; however, please note that in this case, you may not be able to fully use all features of this website.
    You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin or add-on available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en
    You can disable Google Analytics for display advertising and customize ads within the Google Display Network using the Ads Settings Manager.
    As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent the collection of data by Google Analytics by clicking on this link. An opt-out cookie will be set to prevent the future collection of your data when visiting this website. The opt-out cookie applies only to this browser, only to our website, and will be stored on your device. If you delete cookies in this browser, you must set the opt-out cookie again.
    Further information on data protection in connection with Google Analytics can be found, for example, in the Google Analytics Help Center: https://support.google.com/analytics/answer/6004245?hl=en

 

  1. FRIENDLY CAPTCHA
  2. A) SCOPE OF PROCESSING PERSONAL DATA
    Types of data collected:
  • Date/time of the request
  • Version of the Friendly Captcha service used
  • Hash value of the incoming IP address (one-way encryption)
  • Number of requests from the (hashed) IP address within a time frame
  • Response to the cryptographic challenge solved by the visitor’s device
  • HTTP request header data, especially user agent (browser, operating system), origin, and referrer (previous websites)

Information about the data recipient:
Friendly Captcha GmbH, Am Anger 3–5, 82237 Wörthsee, Germany
Further information about data protection at Friendly Captcha can be found here:
https://friendlycaptcha.com/de/legal/privacy-end-users/

Friendly Captcha uses the following service provider for hosting and content delivery (CDN):
Cloudflare Inc, San Francisco, USA

  1. B) PURPOSE OF DATA PROCESSING
    To prevent fraudulent activity, we use the service provided by the third-party provider “Friendly Captcha.” It integrates a JavaScript element into our website, for example in newsletter sign-up forms, contact forms, and other interactive sections. This script loads Friendly Captcha’s software in the background to verify that a website visitor is a human and not an automated, abusive system.
  2. C) LEGAL BASIS FOR PROCESSING PERSONAL DATA
    We process your data based on our legitimate interest pursuant to Art. 6(1)(f) GDPR. This is done to protect our website from fraudulent activity.

 

  1. ORDERING AND CONTRACT INITIATION

    9.1 Contract Data

    As part of the ordering process for one of our products or EVERLEAD services, the provision of personal data is required for the conclusion of the contract. We store this data for the duration of the contractual relationship to ensure proper contract execution.

If the contractual relationship ends, we retain the contract data beyond the termination date if legal retention obligations exist or if there are unresolved claims or disputes. The processing of this data is limited to what is necessary. The data will not be processed for any other purposes.

You can update this information at any time in your customer login area.

We store the following types of data:
• Salutation
• First and last name
• Email address
• Phone number
• Company name (for business customers)
• Address
• Product contracts and usage
• Contract details
• Payment data
• Tax ID

Legal basis
Your data is required for contract initiation and execution pursuant to Art. 6(1)(b) GDPR.

Retention period
After termination of the contract, processing of the contract data is restricted. The data is deleted after the statutory retention period of 10 years in accordance with Sections 257 of the German Commercial Code (HGB) and 147 of the German Fiscal Code (AO).

9.2 Chat Functions

When using the chat function, cookies are placed by us or by third-party providers we use to operate the chat. These cookies are technically necessary for the functionality of the chat. In some cases, they also serve analytical purposes.

For quality assurance, we store the chat transcript for 90 days. This allows us to improve our customer support. The processing is based on our legitimate interest pursuant to Art. 6(1)(f) GDPR. At the beginning of the chat, we will inform you about the storage of the chat transcript. You will have the option to object to this storage. You may also object at a later time by sending an email to dataprotection@alex-gross.com.

Additionally, the chat transcript will be stored if the conversation transitions into a sales discussion and leads to the conclusion of a contract. In this case, only the part of the conversation related to the sale will be stored for the duration of the contractual relationship in order to document the contract conclusion.

Legal basis
The legal basis for this storage is the performance of the contract pursuant to Art. 6(1)(b) GDPR.

Retention period
After the end of the contractual relationship, the processing of contract data is restricted. The data will be deleted after the statutory retention period of 10 years in accordance with Sections 257 of the German Commercial Code (HGB) and 147 of the German Fiscal Code (AO).
Chat transcripts recorded for quality purposes are stored for 90 days.

9.3 Real-Time Chat Translation

If you use the chat function including the translation feature, your input and our responses will be transmitted to the third-party translation service in order to perform the requested translation and return the result to you.

Legal basis
The legal basis for processing is Art. 6(1)(b) GDPR and Art. 6(1)(f) GDPR. The legitimate interest in processing the data lies in facilitating communication with customers in different languages.

Retention period
The original message content will be deleted after translation. The translated content will be stored in accordance with Section 9.2.

Data recipient
AWS Service Terms of Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855, Luxembourg.
We additionally refer to the following privacy policy:
AWS Service Terms of Amazon Web Services EMEA SARL: https://aws.amazon.com/de/service-terms/

  1. CONTRACT PROCESSING

10.1 Contract Information and Invoices
We process your personal data for the execution of the contract. This enables the necessary communication for the exchange of information related to the performance of the contract as well as the invoicing of services.

Stored and processed data

  • Salutation
  • First and last name
  • Email address
  • Telephone number
  • Company name
  • Address
  • Contract data
  • Payment data
  • Tax number
  • Data of the legal or authorized representative

Legal basis
Your data is required for the initiation and execution of the contract in accordance with Art. 6(1)(b) GDPR.

Retention period
We process your data until the termination of your contract. Beyond that, we store your contract data if there are unresolved objections or claims. Additionally, we retain your data for the duration of the legal retention periods.
The data will be deleted after the statutory retention period pursuant to Sections 257 of the German Commercial Code (HGB) and 147 of the German Fiscal Code (AO), currently 10 years after the end of the calendar year in which the contract was terminated.

10.2 Communication Regarding Newsletters and Product Advertising

We inform you about product benefits and useful product additions by email or telephone, provided you have given us the legally required consent for such contact (Art. 6(1)(a) GDPR). You may withdraw your consent at any time by sending an email to dataprotection@alex-gross.com.

Legal basis
The legal basis for processing is your consent in accordance with Art. 6(1)(a) GDPR.

Retention period
Your data will be deleted once the purpose has been fulfilled or upon withdrawal of your consent.

10.3 Communication Within the Scope of Customer Support

As part of our customer support, we require various data from you. Typically, we process the following personal data:

  • Contact details
  • Data for identification and authentication
  • Contract data
  • Content of your inquiries
  • Payment data

Legal basis
Performance of the contract pursuant to Art. 6(1)(b) GDPR.

Retention period
We retain this communication for the duration of the contract and beyond until the inquiries are resolved and for the length of the statutory retention periods.

10.4 PRODUCT-SPECIFIC DATA PROTECTION INFORMATION

10.4.1 Email Services

  • Email newsletter management
  • Email automation
  • Shared inbox / centralized Exchange mailboxes

Service Description:
EVERLEAD’s email services enable both automated and manual management of email communication for marketing, sales, and customer interaction purposes. The platform supports businesses in creating personalized email campaigns, sending newsletters, managing shared inboxes, and tracking interactions with contacts.

Purpose of processing:
Provision and management of email services, including sending, storing, and archiving emails, as well as creating, configuring, and deleting email addresses and managing contacts, appointments, and tasks.

Types of personal data:
Emails, contacts, appointments, tasks, domain data, log files & metadata.

Categories of data subjects:
Customers and prospects, employees of customers, user contacts.

Retention period:
Data is deleted 45 days after termination.

Legal basis:
Contract execution, Art. 6(1)(b) GDPR

10.4.2 User and Permission Management

Service Description:
EVERLEAD enables the management of user accounts, roles, and permissions. Administrators can define individual access levels, monitor user activities, and manage platform security policies.

Purpose of processing:
The processing of personal data serves the secure management of user accounts and the control of access rights within the EVERLEAD platform.

Types of personal data processed:
User data, permission data, security and log data

Categories of data subjects:
Administrators, employees of customers

Retention period:
Data is deleted two years after the expiration of the last license.

Legal basis:
Contract execution, Art. 6(1)(b) GDPR
Legitimate interest, Art. 6(1)(f) GDPR
Your consent, Art. 6(1)(a) GDPR

10.4.3 AI features:

Data Research, Data Enrichment, AI Battle Cards, AI Multilanguage, AI Lead Scoring

Purpose of processing

If you use the AI features, your input will be transmitted to the AI and translation service of the third-party provider used in order to have the input you have requested processed, translations carried out and the result transmitted to you.

This serves to create content of an editorial nature with the help of artificial intelligence. For this purpose, the respective content details are transferred to a third-party provider offering the AI service at the request of the person entering the data. The AI features service includes in particular

Data Research

With the Data Research add-on, EVERLEAD supports you in the targeted search for contact persons in companies.

Data Enrichment

The Data Enrichment add-on enriches your company profiles with valuable additional information, such as industry data, company size or key financial figures.

AI Battle Cards

EVERLEAD’s AI Battle Cards provide your sales teams with valuable information about competitors in real time.

AI Multilanguage

EVERLEAD offers AI-powered multilingual capabilities that allow you to automatically translate and customize content into different languages.

AI Lead Scoring
EVERLEAD AI lead scoring helps you to identify and prioritize the most promising leads.

The applications listed here are not exhaustive.

Categories of personal data
Content data, usage data

Legal basis
The legal basis for storage is:

Performance of the contract pursuant to Art. 6 para. 1 lit. b GDPR
Legitimate interest, Art. 6 para. 1 lit. f GDPR

Storage period
The entered message content is deleted after transmission to the Ki service provider (see data recipient).

Data recipient

  1. AWS Service Terms of Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855, Luxembourg.
    We also refer to the following data protection provisions:
    AWS Service Terms of Amazon Web Services EMEA SARL: https://aws.amazon.com/de/service-terms/
  2. OpenAI L.L.C, San Francisco , USA
    We refer to the following terms of use, guidelines and data protection regulations: https://openai.com/policies/privacy-policy
    OpenAI’s usage guidelines
    OpenAI’s publication guidelines


10.4.4 Data enrichment through the acquisition of contact data via the third-party provider Dealfront

Purpose of processing
By using the function to acquire B2B contact data via the third-party provider Dealfront, contact data can be purchased directly from Everlead.

Categories of personal data
Inventory data, content data, contact data

Legal basis
Contract execution, Art. 6 para. 1 lit. b GDPR

Data recipient
“Dealfront” – consisting of Dealfront Group GmbH and its affiliated companies, including, but not limited to, Dealfront Germany GmbH and Dealfront Finland Oy

Details can be found in the data recipient’s privacy policy at: https://www.dealfront.com/de/privacy-notice/

10.4.5 Use of Payment Service Providers

Purpose of Processing
Depending on the selected payment method, additional data is collected in order to communicate with the respective payment service providers.

Categories of Personal Data
Master data

Legal Basis
Contract performance, Art. 6 (1) lit. b GDPR

Data Recipient
Stripe Payments Europe, Limited (SPEL), 1 Grand Canal Street Lower, Grand Canal Dock, Dublin
D02 H210, Ireland

  1. Disclosure of Data to Group Companies

ALEX & GROSS Technology GmbH is part of the ALEX & GROSS Group, which includes ALEX & GROSS GmbH, Mannheim, and its subsidiaries. To avoid duplicate address data, it may be reasonable in individual cases to share customer data with companies of the ALEX & GROSS Group for specific purposes, taking into account the legitimate interests of the customer.

Legal Basis
The legal basis for the data transfer is our legitimate interest pursuant to Art. 6 (1) lit. f GDPR.

XII. Data Transfers to Third Countries

We may use service providers located in third countries. Therefore, in some cases, data transfers to third countries—such as the United States—may occur when using EVERLEAD services. Detailed information on such data transfers is provided in the respective sections of this privacy policy for the relevant services.

XIII. Duration of Storage

The duration of storage for each EVERLEAD service can generally be found in the specific privacy notices for the respective services. If no specific details are provided, your personal data will be retained for as long as necessary to fulfill the purposes of data processing and will be deleted—due to the technical duration of data backups—no earlier than 45 days thereafter.

If the data is subject to statutory retention obligations under §§ 257 of the German Commercial Code (HGB) and 147 of the German Tax Code (AO), it will be deleted after 10 years, counted from the end of the calendar year in which the contract was terminated.

In the event of a withdrawal of your consent or an objection, the data will be deleted under the conditions specified in section XIV.

XIV. RIGHTS OF THE DATA SUBJECT

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

  1. RIGHT TO INFORMATION

According to Art. 15 GDPR, you have the right to request information about your personal data processed by us. In particular, you can request information about the following:

  • the purposes for which the personal data are processed;

the categories of personal data being processed;

  • the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
  • the planned duration of storage of the personal data concerning you or, if specific information is not available, the criteria for determining the storage period;
  • the existence of a right to rectification or erasure of the personal data concerning you, a right to restriction of processing by the controller, or a right to object to such processing;
  • the existence of a right to lodge a complaint with a supervisory authority;
  • all available information about the origin of the data if the personal data are not collected from the data subject;
  • the existence of automated decision-making, including profiling, pursuant to

Article 22 (1) and (4) GDPR and – at least in these cases – meaningful information about the logic involved, as well as the significance and intended consequences of such processing for the data subject.

You have the right to request information about whether the personal data concerning you will be transferred to a third country or to an international organization. In this context, you can request to be informed of the appropriate safeguards pursuant to Article 46 GDPR in connection with the transfer.

  1. RIGHT TO CORRECTION

According to Art. 16 GDPR, you have the right to have your data stored by us rectified and/or completed without undue delay if the personal data concerning you that we process is incorrect or incomplete.

  1. RIGHT TO RESTRICTION OF PROCESSING

Under the following conditions, you may request the restriction of the processing of personal data concerning you in accordance with Art. 18 GDPR:

  • if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
  • if the processing is unlawful and you refuse to delete the personal data and instead request the restriction of its use;
  • if the controller no longer needs the personal data for the purposes of processing, but you require them to assert, exercise or defend legal claims, or
  • if you have objected to processing pursuant to Art. 21 (1) GDPR and it has not yet been determined whether the legitimate grounds of the controller outweigh your grounds. If the processing of personal data concerning you has been restricted, this data – with the exception of storage – may only be processed with your consent or for the establishment, exercise or defense of legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.

If the restriction of processing has been restricted in accordance with the above-mentioned conditions, you will be informed by the controller before the restriction is lifted.

  1. RIGHT TO ERASURE
  2. A) OBLIGATION TO DELETE

In accordance with Art. 17 GDPR, you may request that the personal data concerning you be deleted immediately and the controller is obliged to delete this data immediately if one of the following reasons applies:

  • The personal data concerning you are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
  • You revoke your consent on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR and there is no other legal basis for the processing.
  • You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
  • The personal data concerning you has been processed unlawfully.
  • The deletion of personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
  • The personal data concerning you have been collected in relation to the offer of information society services referred to in Art. 8 (1) GDPR.
  1. B) INFORMATION TO THIRD PARTIES

If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Article 17(1) GDPR, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you as the data subject have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

  1. C) EXCEPTIONS

The right to erasure shall not apply to the extent that processing is necessary

  • for exercising the right of freedom of expression and information;
  • for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  • for reasons of public interest in the area of public health pursuant to Art. 9 para. 2 lit. h and i and Art. 9 para. 3 GDPR;
  • for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 para. 1 GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
  • for the establishment, exercise or defense of legal claims.
  1. RIGHT TO INFORMATION

If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

You have the right vis-à-vis the controller to be informed about these recipients.

  1. RIGHT TO DATA TRANSMISSIBILITY

In accordance with Art. 20 GDPR, you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided, provided that

  • the processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR and
  • the processing is carried out by automated means.

In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. The freedoms and rights of other persons must not be affected by this.

The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

  1. RIGHT TO OBJECT

In accordance with Art. 21 GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 para. 1 lit. e or f GDPR; this also applies to profiling based on these provisions.

The controller will no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

If the personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

You have the option of exercising your right to object in connection with the use of information society services – notwithstanding Directive 2002/58/EC – by means of automated procedures that use technical specifications.

If you wish to exercise your right of revocation or objection, simply send an e-mail to: support@everlead.com.

  1. RIGHT TO WITHDRAW DATA PROTECTION CONSENT

In accordance with Art. 7 para. 3 GDPR, you have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. However, we may no longer continue the data processing that was based on this consent in the future.

  1. AUTOMATED DECISION-MAKING IN INDIVIDUAL CASES INCLUDING PROFILING

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision

  • is necessary for entering into, or the performance of, a contract between you and the controller,
  • is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or
  • is based on your explicit consent.

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.

In the cases referred to in (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.

  1. right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement pursuant to Art. 77 GDPR, if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

  1. DATA SECURITY

We use the widespread SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser when you visit our website. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

XVI CURRENCY AND AMENDMENT OF THIS PRIVACY POLICY

This Privacy Policy is currently valid and was last updated in March 2025.

It may become necessary to amend this Privacy Policy as a result of the further development of our website and services or due to changes in legal or regulatory requirements. You can access and print out the current privacy policy at any time on the website at https://www.everlead.ai/datenschutz/.

 

Dismiss