+49 (0) 89 540 162-0 info@horizont-it.com

The privacy policy was written in German and automatically translated into other languages. 

Privacy policy

Unless otherwise specified below, the provision of your personal data is neither required by law or contract, nor is it necessary for the conclusion of a contract. You are not obliged to provide the data. Failure to provide the data will have no consequences. This only applies if no other information is provided in the following processing operations.

"Personal data" means any information relating to an identified or identifiable natural person.

1. Responsible party

The responsible party within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection regulations is:

HORIZONT Ltd.
7 Schäufelein Street
80687 Munich
Phone: +49 (0)89 540 162 0
Email: info@horizont-it.com
Website: www.horizont-it.com

2. Data Protection Officer

Gerhard Smischek
Phone: +49 (170) 2347311
Email: info(at)horizont-it.com

3. Hosting, server log files, and automatic data collection

You can visit our website without providing any personal information.

Every time you access our website, usage data is transmitted to us or our hosting/IT service providers by your Internet browser and stored in log files (server log files). This data includes, in particular:

  • page/URL accessed

  • Date and time of retrieval

  • IP address

  • amount of data transferred

  • referrer URL

  • Browser type/version, operating system

  • requesting provider

Purposes: Ensuring trouble-free operation, IT security, abuse and error analysis, and optimization of the offering.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in security and stable provision).

Storage period: Log files are generally deleted after 4 weeks, unless further storage is necessary to investigate security incidents.

4. Contact (contact form and email)

A contact form is available on our website. Depending on the information entered, we process the following data:

  • First name, last name, title

  • company

  • email

  • Telephone number (optional)

  • Additional technical information: IP address and date/time of transmission

Alternatively, you can contact us by email. In this case, we will process the personal data contained in the email.

Purposes: Processing your request and follow-up communication, preventing misuse/IT security.

Legal basis:

  • For contact forms, this is usually Art. 6 (1) (a) GDPR (consent), provided that you implement this (checkbox/consent).

  • otherwise or in addition, Art. 6 (1) (f) GDPR (legitimate interest in processing inquiries)

Storage period: until processing is complete; beyond that, only if there are legal retention obligations or if storage is necessary for law enforcement purposes.

5. Registration and use of online support (licensed customers)

The use of online support (customer helpdesk, requirements, documentation, support newsletter, PTF download, working groups) is only available to licensed customers and requires a one-time registration. In doing so, we process:

  • First name, last name, title

  • customer number

  • company

  • Position

  • email

  • Telephone number (optional)

  • Country of origin (optional)

  • Technical: IP address and date/time of registration/login

Purposes: Provision of protected content, support processing, administration.

Legal basis: Art. 6(1)(b) GDPR (contract/pre-contractual measures) and, where applicable, Art. 6(1)(f) GDPR (security/administration). If consent is obtained for individual processes: Art. 6(1)(a) GDPR.

Storage period: for as long as the account exists or as long as necessary; thereafter deletion, unless there are retention/documentation obligations that prevent this.

6. Newsletter

When you subscribe to our newsletter, we process:

  • E-mail address

  • Technical: IP address and date/time of registration

Legal basis: Art. 6(1)(a) GDPR (consent).

Unsubscribe: at any time via the unsubscribe link in the newsletter or by emailing unsubscribe(at)auconet-it.com.

Storage period: until deregistration; subsequently deleted, provided there are no obligations to retain records (e.g., documented consent).

7. Applications

We process applicant data for the purpose of conducting the application process. Applications can also be submitted electronically (e.g., by email).

For applications submitted via the applicant portal, we use the online application tool "softgarden" from softgarden e-recruiting GmbH, Tauentzienstr. 14, 10789 Berlin. Applicants will leave our website and be redirected to the softgarden website.

Purposes: Conducting the application process, communication, decision-making.

Legal basis: Art. 6(1)(b) GDPR (initiation of an employment relationship) and, where applicable, Art. 6(1)(a) GDPR (consent, if obtained).

Storage period: If no employment contract is concluded, deletion generally takes place two months after the conclusion of the procedure, unless longer storage is necessary for legal defense (e.g., AGG evidence).

8. Cookies and consent management

Our website uses cookies and, where applicable, similar technologies (e.g., local storage).

  • Technically necessary cookies are used to provide the website and its core functions.

  • We only use optional cookies/technologies (e.g., analysis/marketing) if you have consented to this.

In Germany, consent in accordance with Section 25 TTDSG is generally required for the storage/reading of non-essential cookies; the subsequent processing of personal data is also governed by the GDPR.

You can also delete or block cookies via your browser settings. Please note that this may restrict some of the website's functions.

9. Tracking and analysis

9.1 Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC / in the EU regularly Google Ireland Limited. Google Analytics uses cookies/similar technologies that enable analysis of website usage (e.g., page views, interactions, technical information).

We use Google Analytics with IP anonymization, provided that it is technically configured to do so. The data may be transferred to the USA.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent) in conjunction with § 25 TTDSG (setting/reading cookies), if analysis cookies are used.

Storage period: 14 months (according to your configuration/specification).

Revocation: You can revoke or adjust your consent at any time via the cookie banner/consent tool. Optionally, a browser add-on can also be used (opt-out).

Note: Several European supervisory authorities have critically assessed the use of Google Analytics in the context of international data transfers.

9.2 Legal basis "legitimate interest"

Insofar as tracking/analysis technologies without cookies are technically necessary, Art. 6 para. 1 lit. f GDPR may be relevant. However, as soon as cookies/similar identifiers are used for analysis/marketing purposes, this is generally only done with consent (see above).

10. Tag management

Google Tag Manager

We use Google Tag Manager. Tag Manager is used to manage website tags and can trigger other services (e.g., analytics). According to the manufacturer, Google Tag Manager itself does not set any cookies; however, connection data (e.g., IP address) may be processed during loading for technical reasons. The actual data processing is carried out by the respective integrated services.

Legal basis: Art. 6(1)(a) GDPR, insofar as services are triggered via the Tag Manager with consent; otherwise Art. 6(1)(f) GDPR (secure/efficient management of integrations).

11. Protection against misuse and spam

Google reCAPTCHA (including Invisible reCAPTCHA)

We use reCAPTCHA to distinguish whether entries are made by humans or automatically. Among other things, IP addresses, device/browser data, and interaction data are transmitted to Google and processed there; transmission to the USA cannot be ruled out.

Legal basis: Art. 6(1)(f) GDPR (protection against misuse/spam).

12. Maps, media, and external content

12.1 Google Maps

When you visit pages with embedded Google Maps, data is transferred to Google and cookies may be set.

Legal basis: Art. 6 (1) (a) GDPR in conjunction with § 25 TTDSG, if cookies/technologies requiring consent are used; otherwise Art. 6 (1) (f) GDPR (user-friendly display of locations).

12.2 YouTube

We embed YouTube videos in "extended data protection mode." Nevertheless, data may be transferred to YouTube/Google when playing (including possible transfer to the USA).

Legal basis: Art. 6 (1) (a) GDPR in conjunction with § 25 TTDSG, insofar as technologies requiring consent are used.

13. Fonts

Google Fonts

Option A (local, recommended): If fonts are delivered locally from our server, no data is transferred to Google.

Option B (externally loaded): If Google Fonts are loaded from Google servers, a connection to Google is established when the page is accessed, whereby IP addresses and browser data, among other things, may be transmitted.

Legal basis: for external integration, Art. 6 (1) (a) GDPR in conjunction with § 25 TTDSG (if identification technologies are used) or Art. 6 (1) (f) GDPR (uniform presentation) – depending on the specific implementation.

14. Email, newsletters, and chat

14.1 Brevo (formerly Sendinblue)

This website uses Brevo to send emails/newsletters. Your data (e.g., email address) is processed on Brevo's servers. Newsletters may contain tracking links that are used to statistically evaluate openings/clicks.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent), insofar as tracking/analysis is carried out.

14.2 Brevo Chat

When you use the chat function, the data you enter (e.g., name/email, message content) will be processed; additional technical connection data may also be collected.

Legal basis: Art. 6(1)(b) GDPR (initiation/fulfillment) or Art. 6(1)(f) GDPR (efficient communication); for optional tracking in chat, consent may be required.

15. CDN, security, and performance services

15.1 Cloudflare

We use Cloudflare as a CDN and security service to improve delivery speed and protect against attacks. In doing so, personal data may be processed in server log files.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in security and efficient delivery).

15.2 jsDelivr

We use jsDelivr as a CDN to deliver content (e.g., scripts) more quickly. This involves establishing a connection to jsDelivr servers; the IP address may be processed.

Legal basis: Art. 6(1)(f) GDPR (efficient, secure provision).

16. Online documentation via GitBook

We use GitBook to provide our online documentation. When you access the documentation pages, GitBook processes technical usage data (in particular IP address, date/time, page/URL accessed, referrer, browser/device information) in server log files in order to deliver content and ensure security and stability.

Subcontractors / Hosting / CDN: GitBook uses subcontractors, particularly for hosting and infrastructure (including Google Cloud/Firebase) and CDN services.

Third-country transfer: According to GitBook, customer data is stored in US data centers; content/assets may also be cached in other regions via a CDN.

Cookies: GitBook may use cookies; the type and scope depend on the specific use/integration.

Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in secure, efficient provision of documentation). Insofar as GitBook uses cookies/tracking that require consent in your specific integration: Art. 6 (1) (a) GDPR in conjunction with § 25 TTDSG.

17. Social media presence

We maintain a presence on Facebook, Instagram and LinkedIn. Personal data of visitors may be processed by the respective platforms—even outside the EU. For information, purposes, and options for objection, please refer to the privacy policies of the respective providers.

Note on transfers to third countries: Processing in third countries (in particular the USA) cannot be ruled out; in such cases, standard contractual clauses and other measures are regularly used as appropriate safeguards (depending on the provider).

18. Tools/Frontend libraries

DataTables

We use DataTables for table displays. Depending on the integration, technical connection data may be processed when loading external resources.

19. Storage period and deletion

Personal data will be deleted or blocked as soon as the purpose for storage no longer applies. Longer storage will only take place if required by statutory retention periods or legitimate interests (e.g., law enforcement).

20. Disclosure of data

We only disclose personal data if:
a) you have expressly consented (Art. 6 (1) (a) GDPR),
b) this is necessary for the assertion/exercise/defense of legal claims (Art. 6 (1) (f) GDPR),
c) there is a legal obligation (Art. 6 (1) (c) GDPR), or
d) this is necessary for the performance of a contract (Art. 6 (1) (b) GDPR).

21. Right to object (Art. 21 GDPR)

You have the right to object at any time to processing based on Article 6(1)(e) or (f) of the GDPR for reasons arising from your particular situation; this also applies to profiling. You can object to direct marketing at any time.

22. Rights of the data subject

In particular, you have the following rights:

  • Information (Art. 15 GDPR)

  • Rectification (Art. 16 GDPR)

  • Deletion (Art. 17 GDPR)

  • Restriction (Art. 18 GDPR)

  • Data portability (Art. 20 GDPR)

  • Withdrawal of consent (Art. 7(3) GDPR)

  • Complaint to a supervisory authority (Art. 77 GDPR)

23. Changes to this privacy policy

We reserve the right to update this privacy policy. The current version will be published on our website.

As of February 2026