Privacy Policy
Last updated: February 2026
Unless otherwise stated below, the provision of your personal data is neither required by law or contract nor necessary for entering into a contract. You are not obliged to provide the data. Failure to provide it will have no consequences. This applies only insofar as no other information is provided in the processing operations described below.
“Personal data” means any information relating to an identified or identifiable natural person.
- Controller
The controller within the meaning of the General Data Protection Regulation (GDPR), other national data protection laws of the Member States and other data protection provisions is:
HORIZONT Software Ltd.
Schäufeleinstr. 7
80687 Munich
Germany
Phone: +49 (0)89 540 162 0
Email: info(at)horizont-it.com
Website: www.horizont-it.com
- Data Protection Officer
Gerhard Smischek
Phone: +49 (170) 2347311
Email: info(at)horizont-it.com
- Hosting, Server Log Files and Automatic Data Collection
You may visit our websites without providing any information about yourself.
Each time our website is accessed, usage data is transmitted to us or to our hosting/IT service providers by your internet browser and stored in log data, also known as server log files. This data includes in particular:
accessed page/URL
date and time of access
IP address
amount of data transferred
referrer URL
browser type/version and operating system
requesting provider
Purposes:
Ensuring uninterrupted operation, IT security, abuse and error analysis, and optimization of our offering.
Legal basis:
Art. 6(1)(f) GDPR, legitimate interest in security and stable provision of the website.
Storage period:
Log files are generally deleted after 4 weeks, unless further retention is required to investigate security incidents.
- Contacting Us — Contact Form and Email
A contact form is available on our website. Depending on your entries, we process the following data:
first name, last name, title
company
email address
telephone number, optional
technical data: IP address as well as date and time of submission
Alternatively, you may contact us by email. In that case, we process the personal data contained in the email.
Purposes:
Processing your inquiry and subsequent communication, prevention of misuse, and IT security.
Legal bases:
For contact forms, generally Art. 6(1)(a) GDPR, consent, where the form is implemented with a consent mechanism, for example checkbox/consent.
Otherwise and/or additionally Art. 6(1)(f) GDPR, legitimate interest in processing inquiries.
Storage period:
Until processing of the inquiry has been completed; beyond that only insofar as statutory retention obligations apply or storage is necessary for the establishment, exercise or defense of legal claims.
- Registration and Use of Online Support — Licensed Customers
Use of online support, including Customer Helpdesk, Requirements, Documentation, Support Newsletter, PTF Download and Working Groups, is available only to licensed customers and requires one-time registration. In this context, we process:
first name, last name, title
customer number
company
position
email address
telephone number, optional
country of origin, optional
technical data: IP address as well as date and time of registration/login
Purposes:
Provision of protected content, support processing, and administration.
Legal bases:
Art. 6(1)(b) GDPR, contract/performance of pre-contractual measures, and, where applicable, Art. 6(1)(f) GDPR, security/administration. Where consent is obtained for individual processing operations: Art. 6(1)(a) GDPR.
Storage period:
For as long as the account exists or as long as required; thereafter the data will be deleted unless retention or documentation obligations prevent deletion.
- Newsletter
If you subscribe to our newsletter, we process:
email address
technical data: IP address as well as date and time of subscription
Legal basis:
Art. 6(1)(a) GDPR, consent.
Unsubscribe:
You may unsubscribe at any time using the unsubscribe link in the newsletter or by email to unsubscribe(at)auconet-it.com.
Storage period:
Until you unsubscribe; thereafter the data will be deleted unless documentation obligations, such as documented consent, prevent deletion.
- Applications
We process applicant data for the purpose of carrying out the application process. Applications may also be submitted electronically, for example by email.
For applications via the applicant portal, we use the online application tool “softgarden” provided by softgarden e-recruiting GmbH, Tauentzienstr. 14, 10789 Berlin, Germany. Applicants leave our website and are redirected to the softgarden website.
Purposes:
Conducting the application process, communication, and decision-making.
Legal bases:
Art. 6(1)(b) GDPR, steps prior to entering into an employment relationship, and, where applicable, Art. 6(1)(a) GDPR, consent, if obtained.
Storage period:
If no employment contract is concluded, the data will generally be deleted 2 months after completion of the process, unless longer storage is required for legal defense, for example documentation under the German General Equal Treatment Act, AGG.
- Cookies and Consent Management
Our website uses cookies and, where applicable, similar technologies such as local storage.
Technically necessary cookies are used to provide the website and its core functions.
We use optional cookies/technologies, such as analytics or marketing technologies, only if you have given your consent.
In Germany, consent pursuant to Section 25 TTDSG is generally required for the storage or reading of non-essential cookies; any subsequent processing of personal data is additionally governed by the GDPR.
You may also delete or block cookies using your browser settings. Please note that certain website functions may then be restricted.
- Tracking and Analytics
9.1 Google Analytics
We use Google Analytics, a web analytics service provided by Google LLC or, in the EU, generally Google Ireland Limited. Google Analytics uses cookies and similar technologies that enable analysis of website use, such as page views, interactions and technical information.
We use Google Analytics with IP anonymization, where technically configured accordingly. Data may be transferred to the USA.
Legal basis:
Art. 6(1)(a) GDPR, consent, in conjunction with Section 25 TTDSG, setting/reading cookies, where analytics cookies are used.
Storage period:
14 months according to the current configuration.
Withdrawal:
You may withdraw or adjust your consent at any time via the cookie banner/consent tool. Optionally, a browser add-on may also be used as an opt-out mechanism.
Notice:
Several European supervisory authorities have critically assessed the use of Google Analytics in the context of international data transfers.
9.2 Legal Basis: Legitimate Interest
Where tracking or analytics technologies without cookies are purely technically necessary, Art. 6(1)(f) GDPR may apply. However, as soon as cookies or similar identifiers are used for analytics or marketing purposes, this is generally done only on the basis of consent, as described above.
- Tag Management
Google Tag Manager
We use Google Tag Manager. The Tag Manager is used to manage website tags and can trigger other services, such as Analytics. According to the provider, Google Tag Manager itself does not set cookies; however, when it is loaded, connection data such as the IP address may be processed for technical reasons. The actual data processing is carried out by the respective integrated services.
Legal basis:
Art. 6(1)(a) GDPR where services requiring consent are triggered via Tag Manager; otherwise Art. 6(1)(f) GDPR, secure and efficient management of integrations.
- Protection Against Misuse and Spam
Google reCAPTCHA, including Invisible reCAPTCHA
We use reCAPTCHA to distinguish whether entries are made by humans or by automated means. In this context, among other things, the IP address, device/browser data and interaction data are transmitted to Google and processed there; a transfer to the USA cannot be excluded.
Legal basis:
Art. 6(1)(f) GDPR, protection against misuse/spam.
- Maps, Media and External Content
12.1 Google Maps
When pages with embedded Google Maps maps are accessed, data is transmitted to Google and cookies may be set.
Legal basis:
Art. 6(1)(a) GDPR in conjunction with Section 25 TTDSG, where technologies or cookies requiring consent are used; otherwise Art. 6(1)(f) GDPR, user-friendly display of locations.
12.2 YouTube
We embed YouTube videos in “privacy-enhanced mode”. Nevertheless, when a video is played, data may be transmitted to YouTube/Google, including a possible transfer to the USA.
Legal basis:
Art. 6(1)(a) GDPR in conjunction with Section 25 TTDSG, insofar as technologies requiring consent are used.
- Fonts
Google Fonts
Variant A, local, recommended:
If fonts are served locally from our server, no data is transferred to Google.
Variant B, loaded externally:
If Google Fonts are loaded from Google servers, a connection to Google is established when the page is accessed; in this context, the IP address and browser data, among other things, may be transmitted.
Legal basis:
For external integration: Art. 6(1)(a) GDPR in conjunction with Section 25 TTDSG, where identifying technologies are used, or Art. 6(1)(f) GDPR, uniform presentation, depending on the specific implementation.
- Email, Newsletter and Chat
14.1 Brevo, formerly Sendinblue
This website uses Brevo to send emails/newsletters. Your data, such as your email address, is processed on Brevo servers. Newsletters may contain tracking links that allow statistical evaluation of openings and clicks.
Legal basis:
Art. 6(1)(a) GDPR, consent, insofar as tracking/analytics takes place.
14.2 Brevo Chat
If you use the chat, the data you enter, such as name/email address and message content, is processed; technical connection data may also be generated.
Legal basis:
Art. 6(1)(b) GDPR, pre-contractual measures/performance of a contract, or Art. 6(1)(f) GDPR, efficient communication; for optional tracking in the chat, consent may be required.
- CDN, Security and Performance Services
15.1 Cloudflare
We use Cloudflare as a CDN and security service to improve delivery speed and protect against attacks. Personal data may be processed in server log files in this context.
Legal basis:
Art. 6(1)(f) GDPR, legitimate interest in security and efficient delivery.
15.2 jsDelivr
We use jsDelivr as a CDN for faster provision of content, such as scripts. In this context, a connection to jsDelivr servers is established; the IP address may be processed.
Legal basis:
Art. 6(1)(f) GDPR, efficient and secure provision.
- Online Documentation via GitBook
We use GitBook to provide our online documentation. When documentation pages are accessed, GitBook processes technical usage data, in particular IP address, date/time, accessed page/URL, referrer and browser/device information, in server log files in order to deliver content and ensure security and stability.
Subprocessors / hosting / CDN:
GitBook uses subprocessors, in particular for hosting and infrastructure, including Google Cloud/Firebase, as well as CDN services.
Third-country transfer:
According to GitBook, customer data is stored in US data centers; content/assets may also be cached in other regions via a CDN.
Cookies:
GitBook may use cookies; the type and scope depend on the specific use/integration.
Legal basis:
Art. 6(1)(f) GDPR, legitimate interest in the secure and efficient provision of documentation. Insofar as GitBook uses cookies/tracking requiring consent in our specific integration: Art. 6(1)(a) GDPR in conjunction with Section 25 TTDSG.
- Social Media Presences
We maintain presences on Facebook, Instagram and LinkedIn. Personal data of visitors may be processed by the respective platforms, including outside the EU. For information, purposes and objection options, please refer to the privacy notices of the respective providers.
Notice regarding third-country transfers:
Processing in third countries, in particular the USA, cannot be excluded. Standard contractual clauses and additional measures are generally used as appropriate safeguards, depending on the provider.
- Tools / Frontend Libraries
DataTables
We use DataTables for table displays. Depending on the integration, technical connection data may be processed when external resources are loaded.
- Storage Period and Deletion
Personal data is deleted or restricted as soon as the purpose of storage no longer applies. Longer storage takes place only if statutory retention periods or legitimate interests, such as the establishment, exercise or defense of legal claims, require this.
- Disclosure of Data
We disclose personal data only if:
- a) you have expressly given your consent, Art. 6(1)(a) GDPR;
- b) this is necessary for the establishment, exercise or defense of legal claims, Art. 6(1)(f) GDPR;
- c) there is a legal obligation, Art. 6(1)(c) GDPR; or
- d) this is necessary for the performance of a contract, Art. 6(1)(b) GDPR.
- Right to Object — Art. 21 GDPR
You have the right, on grounds relating to your particular situation, to object at any time to processing based on Art. 6(1)(e) or Art. 6(1)(f) GDPR; this also applies to profiling. You may object to direct marketing at any time.
- Rights of the Data Subject
In particular, you have the following rights:
right of access, Art. 15 GDPR
right to rectification, Art. 16 GDPR
right to erasure, Art. 17 GDPR
right to restriction of processing, Art. 18 GDPR
right to data portability, Art. 20 GDPR
right to withdraw consent, Art. 7(3) GDPR
right to lodge a complaint with a supervisory authority, Art. 77 GDPR
- Changes to this Privacy Policy
We reserve the right to update this privacy policy. The current version will be published on our website.
Last updated: February 2026