Privacy Statement

We inform you below in accordance with the legal requirements of the data protection law (in particular according to BDSG n.F. and the European Data Protection Regulation 'DS-GVO') about the nature, extent and purpose of the processing of personal data by our company. This data protection declaration also applies to our websites and social media profiles. With regard to the definition of terms such as "personal data" or "processing", we refer to Art. 4 DS-GVO.

Name and contact details of the responsible person(s)

Our Responsible party (hereinafter "Responsible Party") within the meaning of Art. 4 Zif. 7 DS-GVO is:

cloudfluid GmbH
Emmy-Noether-Straße 17
DE-76131 Karlsruhe, Germany

Managing directors: Max Gaedtke and Marc Haußmann
Email address:

Types of data, purposes of the processing and categories of data subjects

In the following, we inform you about the type, scope and purpose of the Collection, processing and use of personal data.

1. Types of data we process
Usage data (access times, websites visited, etc.), inventory data (name, Address, etc.), contact data (telephone number, e-mail, fax, etc.), Payment data (bank data, account data, payment history, etc.), contract data (subject of the contract, duration etc.), content data (text entries, videos, photos etc.), communication data (IP address etc.),

2. purposes of the processing according to Art. 13 Para. 1 c) DS-GVO
Processing of contracts, optimizing the website technically and economically, providing easy access to the website, fulfilling contractual obligations, fulfilling legal obligations to retain data, optimizing and statistically evaluating our services, improving the user experience, making the website user-friendly, Compiling statistics,preventing SPAM and misuse, processing an applicant procedure, customer service and customer care, handling contact inquiries, providing websites with functions and content, security measures, uninterrupted, secure operation of our website.

3. Categories of data subjects according to Art. 13 para. 1 e) DS-GVO
Visitors/users of the website, customers, Suppliers, interested parties, applicants, employees,

The data subjects are collectively referred to as "users".

Legal basis for the processing of personal data

In the following we inform you about the legal basis of the Processing of personal data:

  1. If we have obtained your consent for processing personal data, then Art. 6 para. 1 p. 1 lit. a) DS-GVO legal basis.
  2. If the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures, which are carried out on your request, then Art. 6 para. 1 p. 1 lit. b) DS-GVO is the Legal basis.
  3. If the processing is necessary for compliance with a legal obligation to which we are subject (e.g. statutory retention obligations), then Art. 6 para. 1 p. 1 lit. c) DS-GVO is the Legal basis.
  4. If the processing is necessary in order to protect vital interests of the data subject or another natural person, then Art. 6 para. 1 p. 1 lit. d) DS-GVO is the legal basis. Legal basis.
  5. If the processing is necessary to protect the legitimate interests of ours or of a third party and your interests or fundamental rights and freedoms do not override this, then Art. 6 para. 1 sentence 1 lit. f) DS-GVO is the legal basis.

Transfer of personal data to third parties and Processors

Without your consent, we generally do not pass on any data to third parties. If this should nevertheless be the case, the passing on of data is done based on the previously mentioned legal grounds e.g. in the case of the disclosure of data to online payment providers for the fulfillment of the contract or due to a court order or due to a legal a legal obligation to hand over the data for the purpose of criminal prosecution, to avert danger or to enforce intellectual property rights.
We also use processors (external service providers, e.g. for the web hosting of our websites and databases) to process your data. If, within the framework of an agreement on commissioned processing, data is passed on to the processors, this is always done in accordance with Art. 28 DS-GVO. In doing so, we select our processors carefully, monitor them regularly and have granted us a right to issue instructions regarding the data. In addition, the processors must have taken appropriate technical and organizational measures and comply with the data protection regulations according to BDSG n.F. and DS-GVO

Data transfer to third countries

The adoption of the European General Data Protection Regulation (DS-GVO) has created a uniform basis for data protection in Europe. Your data is therefore predominantly processed by companies to which the DS-GVO applies. However, if the processing is carried out by services outside the European Union or the European Economic Economic Area, they must meet the special requirements of Art. 44 et seq. GDPR. This means that the processing is carried out on the basis of special guarantees, such as the officially recognized by the EU Commission, or the observance of an officially level of data protection or the observance of officially officially recognized special contractual obligations, the so-called "standard contractual clauses".

To the extent that we are required to provide data protection due to the ineffectiveness of the so-called "Privacy Shields", according to Art. 49 para. 1 p. 1 lit. a) DSGVO, we obtain your express consent to the transfer of data to the USA. In this regard, we draw your attention to the risk of secret access by US authorities and the use of the data for surveillance purposes, possibly without any legal remedy for EU citizens.

Deletion of data and retention period

Unless expressly stated in this privacy statement, your personal data will be deleted or blocked, as soon as the consent granted for the processing is revoked by you revoked or the purpose for storing the data is no longer applicable or the data is no longer required for the purpose, unless their continued storage is necessary for evidentiary purposes or this is legal obligations to retain data stand in the way of this. This include, for example, retention obligations under commercial law for business letters in accordance with Section 257 (1) of the German Commercial Code (HGB) (6 years) and retention obligations under tax law in accordance with § 147 Para. 1 AO for documents (10 years). If the prescribed retention period expires, your data will be blocked or deleted, unless the storage is still necessary for the conclusion or fulfillment of a contract.

Existence of automated decision-making

We do not use automated decision making or profiling. profiling.

Preparation of our website and creation of log files

If you are using our website for informational purposes only (i.e. no registration and also no other transmission of information), we collect only the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data:

  • IP address;
  • Internet service provider of the user;
  • Date and time of the request;
  • Browser type;
  • language and browser version;
  • content of the retrieval;
  • Time zone;
  • Access status/HTTP status code;
  • Dataset;
  • Websites from which the request is coming;
  • operating system.

A storage of these data together with other personal data from you does not take place.

  1. This data serves the purpose of user-friendly, functional and secure delivery of our website to you with functions and content as well as their optimization and statistical evaluation.
  2. Legal basis for this is our in the above purposes also lying legitimate interest in data processing pursuant to Art. 6 para 1 S.1 lit. f) DS-GVO.
  3. The data in server log files remain with us until you request us for deletion, revoke your consent to the storage or the purpose for the data storage ceases to apply. Mandatory legal provisions - in particular retention periods - remain unaffected.


  1. Our Internet pages use so-called "cookies". Cookies are small text files and do not cause any damage to your end device. They are either stored temporarily for the duration session (session cookies) or permanently (permanent cookies) stored on your terminal device. Session cookies are automatically deleted automatically deleted at the end of your visit. Permanent cookies remain stored on your terminal device until you delete them yourself or an automatic deletion by your web browser takes place.
  2. In some cases, cookies from third-party companies may also be stored on your end device when you enter our site (third-party cookies). (third-party cookies). These enable us or you to use of certain services of the third party company (e.g. cookies for the Processing of payment services).
  3. Cookies have various functions. Numerous cookies are technically necessary, as certain website functions would not would not work without them (e.g. the shopping cart function or the Display of videos). Other cookies are used to evaluate user behavior evaluate or display advertising.
  4. Cookies that are required to carry out the electronic communication process (necessary cookies) or for the provision of certain functions desired by you (functional cookies, For example, for the shopping cart function) or to optimize the website. (e.g. cookies for measuring the web audience) are necessary, are stored on the basis of Art. 6 para. 1 lit. f DSGVO, unless another legal basis is specified. The website operator has a legitimate interest in the storage cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the storage of the relevant cookies in question are stored exclusively on the basis of this consent (Art. 6 para. 1 lit. a DSGVO); the consent is revocable at any time.
  5. You can set your browser so that you are informed about the setting of cookies, allow cookies for specific cases or or generally exclude the automatic deletion of cookies when closing the browser. With the deactivation of Cookies, the functionality of this website may be limited.
    As far as cookies from third parties or for analysis purposes are used, we will inform you about this separately in the context of this Privacy Policy separately and, if necessary Consent query.

Processing of contracts

  1. We process inventory data (e.g., company, title/academic degree, names and addresses as well as contact data of users, e-mail), contract data (e.g. services used, names of contact persons) and services used, names of contact persons) and payment data (e.g. bank details, payment history) for the purpose of fulfilling our contractual obligations (knowledge of who is the contractual partner; Justification, content and execution of the contract; checking the plausibility of the data) and services (e.g. contacting the (e.g. contacting customer service) pursuant to Art. 6 para. 1 p. 1 lit. b) DS-GVO. The entries marked as mandatory in online forms, are required for the conclusion of the necessary.
  2. A passing on of these data to third parties takes place in principle not unless it is necessary for the pursuit of our claims (eg Handover to lawyer for collection) or for the fulfillment of the contract (e.g. transfer of data to payment providers) is necessary or there is a legal obligation to do so according to. Art. 6 para. 1 p. 1 lit. c) DS-GVO.
  3. We may also use the data you have provided in order to inform you about other interesting products from our portfolio or to send you e-mails with technical information to you.
  4. The data will be deleted as soon as they are no longer needed to achieve the purpose for which it was collected. This is the case for the inventory and contract data when the data is no longer required for the performance of the contract and claims arising from the contract can no longer be asserted because they are statute-barred (warranty: two years / standard limitation period: three years). Due to commercial and tax law tax law, we are obliged to store your address, payment and order data for order data for a period of ten years. However we carry out a restriction of the processing after three years, i.e. restriction of processing, i.e. your data will only be used for compliance with the compliance with legal obligations. Information in the User account remain until its deletion.

Contact us via contact form / e-mail / fax / mail

  1. When contacting us via contact form, fax, mail or e-mail, your data will be processed for the purpose of handling the Contact request processed.
  2. Legal basis for the processing of data is in the case of Existence of a consent from you Art. 6 Abs. 1 S. 1 lit. a) DS-GVO. Legal basis for the processing of data, which are transmitted in the course of a contact request or e-mail, letter or fax is Art. 6 Abs. 1 S. 1 lit. f) DS-GVO. The responsible party has a legitimate interest in the processing and storage of the data in order to be able to answer the users' inquiries, to preserve evidence for liability reasons and, if necessary, to fulfill its legal retention obligations for business letters. If the contact aims at the conclusion of a contract, the following is additional legal basis for the processing is Art. 6 Abs. 1 S. 1 lit. b) DS-GVO.
  3. We may store your details and contact request in our Customer Relationship Management System ("CRM System") or a comparable system.
  4. The data will remain with us until you request us to delete them, revoke your consent to the storage or the purpose for storing the data no longer applies (e.g., after the completed processing of your request). Mandatory legal provisions - in particular retention periods - remain unaffected.
  5. You have the option at any time to withdraw your consent in accordance with Art. 6 para 1 p. 1 lit. a) DS-GVO for the processing of the revoke personal data. If you contact us by e-mail with us, you can object to the storage of personal data at any time.

Contact us by phone

  1. When you contact us by telephone, your telephone number is temporarily stored or displayed in the RAM/cache of the phone device/display for processing the contact request and its handling. The storage is done for liability and security reasons, in order to be able to lead the proof of the call as well as for economic reasons, in order to enable a callback. In case of unauthorized advertising calls, we block the phone numbers.
  2. Legal basis for the processing of the telephone number is Art. 6 para. 1 p. 1 lit. f) DS-GVO. Aims of the contact the conclusion of a contract, the additional legal basis for the processing is Art. legal basis for the processing is Art. 6 para. 1 lit. b) DS-GVO.
  3. The device cache stores the calls days and overwrites or deletes successively old data, when disposing of the device all data is deleted and the memory is destroyed if necessary. Blocked phone number are checked annually for the necessity of the Blocking check.
  4. You can prevent the phone number from being displayed by calling with suppressed phone number.

Contact us by Koalender

  1. We use Koalender ( to make appointments online. Koalender is an external platform for the arrangement of appointments. There is no disclosure of data to third parties. The transmission and storage serves only the administration and organization of the appointments.
  2. Information regarding the processing of data can be found in the privacy policy of Koalender:

Online meetings, conference calls and webinars

  1. We use the Microsoft Teams or Google Meet tools to host telephone conferences, online meetings, video conferences and/or Conduct webinars (hereinafter: online meetings). Microsoft Teams is a service provided by Microsoft Corporation, Google Meet is a service provided by Google Ireland Limited.
  2. When you use online meetings, various types of types of data are processed. The scope of the data thereby also depends on depends on the data you provide before or during participation in an online meeting.
  3. The following personal data are the subject of the processing:
    • User details: e.g. display name ("Display name"), email address if applicable, profile picture (optional), preferred language.
    • Meeting metadata: e.g. date, time, meeting ID, phone numbers, location
  1. Text, audio and video data: you may have the possibility, to use the chat function in an online meeting. To this extent the text entries you make will be processed in order to display them in the "online meeting". To enable the display of video and the playback of audio, the data from the microphone of your end device and any video camera on the terminal device will be processed for the duration of the meeting. You can turn off the camera or microphone yourself at any time via the applications.
  2. If we want to record online meetings, we will communicate this to you transparently in advance and - if necessary - ask for your consent.
  3. If it is necessary for the purposes of recording the results of an online meeting, we will log the chat content. However, this will generally not be the case.
  4. Automated decision-making in the sense of Art. 22 DSGVO will not be used.
  5. A data processing outside of the European Union (EU) does not take place in principle, as we have limited our storage location to Data centers in the European Union limited. We can not exclude, however, that the routing of data over Internet servers that are located outside the EU. This may be the case, in particular, if participants in an "Online Meeting" are located in a third country. The data is encrypted during transport over the internet and thus secured against unauthorized access by third parties.

Presence in social media.

  1. We maintain profiles or fan pages in social media. With the use and the call of our profile in the respective network the respective data protection information and terms of use of the respective network.
  2. Data categories and description of the Data processing: usage data, contact data, Content data, inventory data. Furthermore, the data of users within social networks usually processed for market research and advertising purposes. Thus, for example, on the basis of the behavior and the resulting interests of the users. usage profiles can be created. The usage profiles can in turn be used, for example, to place advertisements within and and outside of the networks that presumably correspond to the interests of the users. For these purposes, as a rule cookies are stored on the user's computer, in which the user's usage behavior and interests of the users are stored. Furthermore, data can also be stored in the usage profiles independently of the devices used by the users may be stored in the user profiles (in particular, if the users are members of the respective platforms and are logged in to these). For a detailed presentation of the respective forms of processing and the opt-out options, we refer to the privacy statements and information provided by the operators of the respective networks. Also in the case of requests for information and the assertion of data rights of data subjects, we would like to point out that these are most effectively be asserted with the providers. Only providers have access to the data of the users and can directly take can take appropriate measures and provide information directly. give information. If you still need help, you can contact us.
  3. Purpose of processing: Communication with those connected and registered on the social networks. Users; information and advertising for our products, offers and services; external presentation and image maintenance; evaluation and analysis of the users and content of our presences in the social media.
  4. Legal basis: The legal basis for. the processing of the personal data is our legitimate interest in the above purposes pursuant to Art. 6 para. 1 p. 1 lit. f) DS-GVO. Insofar as you give us or the responsible party of the social network has given its consent to the processing of your personal data, the legal basis is Art. 6. Para. 1 S. 1 lit. a) in conjunction with. Art. 7 DS-GVO.
  5. Data transfer/recipient category:. Social network.
  6. The data protection notices, information options and Objection options (opt-out) of the respective networks / Service providers can be found here:

    LinkedIn - Service Provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) - Privacy Policy:, Cookie Policy and Opt-Out:

Data protection in applications and in the application process

  1. Applications sent electronically or by mail to the Responsible, are processed electronically or manually for the purposes of the applicant procedure.
  2. We expressly point out that. application documents containing "special categories of personal data" in accordance with Art. 9 DS-GVO (e.g. a photo which could draw conclusions about your ethnic origin, religion or marital status), except for a possible family status), with the exception of a possible severe disability, which you freely choose to disclose, are undesirable. You should submit your application without this data. This has no Effects on your chances of applying.
  3. Legal bases for the processing are Art. 6 para. 1 p.1. lit. b) DS-GVO as well as § 26 BDSG n.F.
  4. If, after completion of the applicant procedure, an Employment relationship with the applicant / the applicant entered, the applicant data will be stored in compliance with relevant data protection regulations. If you are not offered a position after completion of the application process, your application submitted letter of application including documents will be deleted 6 months after the in order to be able to satisfy any claims and obligations to provide evidence in accordance with the AGG.

Rights of the person concerned

  1. Objection or revocation against the processing of your data
    As far as the processing is based on your consent pursuant to Art. 6 para. 1 p. 1 lit. a), Art. 7 DS-GVO, you have the right to revoke the consent at any time. The legality of the processing based on the consent until the revocation is thereby not affected.

    Insofar as we base the processing of your personal data is based on the balancing of interests pursuant to Art. 6. (1) p. 1 lit. f) DS-GVO, you can object to the processing. This is the case if the processing in particular is not necessary for the performance of a contract with you with you, which is explained by us in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the case of your justified objection, we will examine the the situation and will either discontinue or adjust the data processing or adapt the data processing or show you our compelling reasons worthy of protection.

    You may object to the processing of your personal data for the purposes of advertising and data analysis at any time. You can exercise the right of objection free of charge. About your advertising objection you can contact us under
    the above contact details of the Responsible
  2. Right of access
    You have a right to information about your personal data stored by us according to Art. 15 DS-GVO. This includes in particular information about The processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the the origin of your data, if this has not been collected directly from you. have been collected.
  3. Right of rectification
    You have a right to rectification of inaccurate data or to the completion correct data in accordance with Art. 16 DS-GVO.
  4. Right to erasure
    You have a right To delete your data stored by us according to Art. 17 DS-GVO, unless statutory or contractual retention periods or or other legal obligations or rights to further storage of data stand in the way of this.
  5. Right to restriction
    You have the Right to request a restriction in the processing of your personal data if one of the conditions in Art. in Art. 18 para. 1 lit. a) to d) DS-GVO is met:
  • If you dispute the accuracy of the personal data concerning you personal data for a period of time which enables the controller to verify the accuracy of the personal data to be verified;
  • the processing is unlawful and you object to the erasure of the personal data and instead request the restriction of the use of the personal data the use of the personal data;
  • the controller no longer needs the personal data for the purposes of the processing, but you do not require it for the for the assertion, exercise or defense of legal claims; or or
  • if you object to the processing pursuant to Art. 21 Paragraph 1 of the DS-GVO and it has not yet been determined whether the legitimate reasons of the controller outweigh your reasons. outweigh.
  1. Right to data portability
    You have a right to data portability in accordance with Art. 20 DS-GVO, which means that you can receive the personal data we have stored about you in a structured personal data we have stored about you in a structured, common and machine-readable format, or that you can request the transfer to another another responsible party can demand.
  2. Right of complaint
    You have a Right to complain to a supervisory authority. As a rule you can contact the supervisory authority for this purpose, in particular in the the Member State of your residence, your place of work or the of the place of the alleged infringement.

Data security

To protect any personal data that is transferred to us. and to ensure that the data protection regulations are are adhered to by us, but also by our external service providers. we have taken appropriate technical and organizational security measures. Therefore, among other things, all data is transferred between your browser and our server via a secure SSL connection encrypted transferred.

The English translation exclusively serves informational purposes; solely the German version is binding.