top of page

Data privacy statement

Privacy policy 

This website (hereinafter "website") is provided by heyport GmbH (hereinafter "us" or "we"). Further information on the website provider can be found in our Imprint

A. Dealing with personal data 

In the following, we would like to inform you about our handling of personal data when using this website. Unless otherwise described in the following sections, the legal basis for handling your personal data follows from the necessity of handling for the provision of the functionalities requested by you on this website (Art. 6 (1)(b) General Data Protection Regulation). 


B. Use of the website 
1. Calling the website 

When you call up our website, your browser transmits certain data to our web server for technical reasons in order to provide you with the information you have called up. To enable you to visit the website, the following data is collected, stored for a short time and used: 

  • IP address 

  • Date and time of the request, time zone difference to Greenwich Mean Time (GMT) 

  • Content of the request (concrete page) 

  • Operating system and its access status / HTTP status code 

  • data volume transferred 

  • Website from which the request comes 

  • Browser, language and version of the browser software. 

In addition, in order to protect our legitimate interests, we store this data for a limited period of time in order to initiate a derivation to personal data in the event of unauthorised access or attempted access to local servers (Art. 6(1)(f) of the General Data Protection Regulation). 


2. Use of cookies 

a) What cookies are 

We use so-called "cookies" on this website. Cookies are small text files that are stored in the memory of your end device via your browser. Cookies store certain information (e.g. your preferred language or page settings) that can be sent back to us by your browser when you visit the website again (depending on the lifetime of the cookie).

b) How to prevent the use of cookies 

You can configure the use of cookies in your browser settings at any time or deactivate them completely. However, this may lead to restrictions in the functions or user-friendliness of our offer.

3 . Optimisation of the website 

We also use cookies and tracking software on our website to determine the frequency of use and the number of users on our website. With this software, we do not collect individual personal data or individual IP addresses. The data is used exclusively in anonymised and aggregated form for statistical purposes and for the development of the website. If you have given us your consent by clicking on the "Okay" button in the cookie query, you allow us to use such cookies. The data processing is then based on your consent pursuant to Art. 6 (1) (a) DSGVO or § 15 (3) TMG. You can prevent the collection of your data at any time by selecting "deactivate cookies" in the layer that appears when you initially call up the page. An opt-out cookie will be set, which prevents the collection of your data during future visits to this website.

a) Pendo 

We use the provider Pendo Inc, 301 Hillsborough St, Suite 1900, Raleigh, NC 276031, USA to provide guided tours/guides, create usage profiles to tailor the software to your needs, collect user feedback and communicate with users. Pendo is a technology service that helps us facilitate the onboarding of new users with role-specific tours. At the same time, Pendo allows us to better understand our users' experiences (e.g. how much time they spend on which pages, which links they click, what users like and dislike, etc.) so that we can provide user-centric services.  

Pendo uses cookies and other technologies to collect data about the behaviour of users and their devices. 

  • UUID of the users in anonymised form 

  • Progress status in the tour/guide 

  • Name and version of the browser used 

  • First and last visit 

  • Pageviews 

  • Click and focus events 

The data submitted to Pendo and Pendo's application are processed and stored in a secure, multi-tenant environment provided by Google Cloud Platform and hosted in Google's data centres in the European Union.  

All data storage is encrypted by default and various logical separation techniques are used to prevent one client from accessing another client's data.  

Neither we nor Pendo will ever use this data to identify individual users or match it with any other data about an individual user. Further details can be found in the privacy policy of Pendo.

b) Hotjar 

We use Hotjar to better understand the needs of our users and to optimise the offering and experience on this website. Hotjar is a service provided by Hotjar Ltd, Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta. Hotjar's technology gives us a better understanding of our users' experiences (e.g. how much time users spend on which pages, which links they click on, what they like and dislike etc.) and this helps us to tailor our service to our users' feedback. Hotjar uses cookies and other technologies to collect data about our users' behaviour and their devices, including device IP addresses (collected and stored anonymously while you are using the website), screen size, device type (unique device identifiers), browser information, location (country only), preferred language for viewing our website. Hotjar stores this information on our behalf in a pseudonymised user profile. Hotjar is contractually prohibited from selling the data collected on our behalf. For more information, please see the 'about Hotjar' section of Hotjar's help page

3. Contacting 

We use the email ticketing system of Freshworks, Inc, 2950 S. Delaware Street, Suite 201, San Mateo, California 94403, USA ("Freshdesk"). If users of our website send contact requests by email, these are stored and organised in the ticket system to enable chronological processing and to improve the service experience. Users can always view the current status of the processing of their request via the individually assigned ticket number. 
Exclusively for the organisation of the requests and their processing, personal data is collected to the extent provided in the request, but in any case name, first name and e-mail address, transmitted to Freshdesk, stored there and read out. 
The legal basis for the processing of this data is our legitimate interest in the efficient design of our customer service, in answering your request as quickly as possible and in optimising our service offer in accordance with Art. 6 Para. 1 lit. f DSGVO. 
We have concluded an order processing agreement with Freshdesk ("Data Processing Addendum", viewable here), with which we oblige Freshdesk to protect our customers' data and not to pass it on to third parties. For the transfer of data outside the European Economic Area, Freshdesk relies on so-called standard data protection clauses of the European Commission, which are intended to ensure compliance with the European level of data protection. 
Your data will be deleted after your request has been processed. This is the case when the circumstances indicate that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary. 
You can find more information about Freshdesk's data protection here.  

When contacting us (e.g. via contact form or email), personal data is processed exclusively for the purpose of processing and responding to your request and only to the extent necessary for this purpose. The legal basis for the processing of this data is our legitimate interest in responding to your request in accordance with Art. 6 Para. 1 lit. f DSGVO. If your contact is aimed at a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO. Your data will be deleted when the circumstances indicate that the matter concerned has been conclusively clarified and provided that there are no statutory retention obligations to the contrary. 

4. External services and content on our website 

We integrate external services or content on our website. When you use such a service or when third-party content is displayed to you, communication data is exchanged between you and the respective provider for technical reasons. 
In addition, the provider of the respective services or content may process your data for further, own purposes. We have configured services or content from providers known to process data for their own purposes to the best of our knowledge and belief in such a way that either communication for purposes other than displaying the content or services on our website does not take place, or communication only takes place when you actively decide to use the service. However, since we have no influence on the data collected by third parties and their processing, we cannot provide any binding information on the purpose and scope of the processing of your data. 
For further information on the purpose and scope of the collection and processing of your data, please refer to the data protection notices of the respective providers responsible under data protection law for the services or content we integrate.  


5. Newsletter 

On our website you have the option of registering for our newsletter in order to be kept up to date by e-mail about new online magazine articles. For the registration we only need your e-mail address. We use the so-called double opt-in procedure to register for the newsletter. In this process, after registration on the website, we send you a message to the e-mail address you have provided, in which we ask you to confirm your registration. The legal basis for the processing is your consent (Art. 6 (1)(a) DS-GVO)). You can unsubscribe from the newsletter at any time. To do so, you can use the unsubscribe link provided in each newsletter or object to the processing. To do so, please use the contact details in the imprint or contact our data protection officer. 

The newsletter is sent using Mailchimp, a newsletter sending platform of the US provider Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, Georgia 30308, USA. If you enter data for the purpose of receiving the newsletter (your e-mail address and other data optionally provided as part of the form), this data is stored on Mailchimp's servers in the USA. Mailchimp uses this information to send and statistically evaluate the newsletters on our behalf. You can find Mailchimp's privacy policy here. The transfer of data takes place on the basis of the EU standard contractual clauses. Mailchimp is obliged to process the personal data in accordance with the EU standard contractual clauses. 

6. Confirmation emails 

We use the Sendgrid service of Twilio Sendgrid Inc, 1801 California St #500 Denver, CO 80202, USA (hereinafter "Sendgrid") to send some emails. Sendgrid is used to send confirmation emails, transaction confirmations and emails with important information regarding existing requests. The dispatch via a specialised service provider is necessary to ensure the delivery of the e-mails to your e-mail account and to reduce the probability of these e-mails being classified as "spam" by your e-mail provider. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f) DSGVO. In addition, the use of Sendgrid is necessary for the fulfilment of the contract with you (Art. 6 para. 1 lit. b) DSGVO. 

The data provided with the respective request, including e-mail address, name and requested service, are processed. 

We have concluded a contract with Sendgrid that includes the EU standard contractual clauses. This ensures that a level of protection comparable to that in the EU exists (see also section 4 on data transfer to the USA). 

For more information about Sendgrid Inc.'s privacy policy, please see the privacy statement. 

7. transfer of data for processing on our behalf 

We sometimes use specialised service providers to process your data. Our service providers are carefully selected and regularly monitored by us. They process personal data only on our behalf and strictly in accordance with our instructions on the basis of corresponding contracts for commissioned processing. 

Processing of data outside the EU / EEA is only envisaged if an adequate level of data protection is guaranteed. 

8. Information about your rights 

The following rights are available to you under applicable data protection laws: 

  • Right to information about your personal data stored by us; 

  • Right to rectification, erasure or restriction of processing of your personal data; 

  • Right to object to processing which serves our legitimate interest, a public interest or profiling, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims; 

  • Right to data portability; 

  • Right to complain to a supervisory authority; 

You can revoke your consent to the collection, processing and use of your personal data at any time with effect for the future. You can find more information on this in the respective sections above, where data processing based on your consent is described. 

If you wish to exercise your rights, please address your request to the contact person named below. 

C. Contact 

For your data protection concerns, please use the following e-mail address: We process the data transmitted in this way exclusively for processing your enquiry on the basis of Art. 6 (1)(f) DS-GVO.  

D. Adaptation of the privacy policy 

We reserve the right to update this privacy policy from time to time. Updates to this privacy policy will be posted on our website. Changes will apply from the date of their publication on our website. We therefore recommend that you visit this page regularly to check for any updates. 

Status: 2 May 2023 

bottom of page