TechCare Solutions GmbH

Privacy policy

1. Controller

The party responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:

TechCare Solutions GmbH
Birkenweg 25, 65623 Hahnstätten
Represented by: Marek Höhn (Managing Director)
info@techcaresolutions.de · +49 6430 9227117

2. Collection of general information when visiting our website

When you access our website, general information is automatically recorded. This information (server log files) includes the type of web browser, the operating system used, the domain name of your internet service provider, your IP address, the previously visited page, the date and time of access, and the files retrieved. This data is processed exclusively to ensure trouble-free operation of the website and to improve our services. No merging with other data sources takes place. The legal basis is Art. 6 (1) lit. f GDPR (legitimate interest). Log data is deleted after a maximum of seven days.

3. Contact and lead processing

If you contact us by email, telephone or via the forms embedded on our website (e.g. contact form, whitepaper download, ROI calculator, mini audit), your details (name, company, email address, phone number, role, content of the message, and where applicable marketing-attribution such as UTM parameters) will be stored to process the enquiry and for ongoing lead management. Downstream electronic processing takes place via our CRM system (see section 6.2). The legal basis is Art. 6 (1) lit. b GDPR (initiation of contract) or Art. 6 (1) lit. f GDPR (legitimate interest in processing your enquiry and in efficient sales processes). The data will be deleted as soon as it is no longer required for the purpose for which it was processed, at the latest after expiry of the statutory retention periods (typically 6 years under § 257 HGB or 10 years under § 147 AO for tax-relevant matters).

4. Cookies and local browser storage

This website does not set tracking cookies and does not set cookies for marketing purposes. The following technically necessary values are stored in your local browser storage (localStorage or sessionStorage):

tc-cookie-consent — your decision in the privacy banner ("accepted" or "rejected"), localStorage, persists until browser cache is cleared
tc-lang — your language selection (DE/EN), localStorage, set only on "Accept all" and removed on "Reject"
tc-chat / tc-chat-session-id — temporary storage of the current chat conversation and session identifier (sessionStorage, removed when the browser tab is closed), see section 6.4

You can configure your browser to disable local storage — the full functionality of the website is not affected. Choosing "Reject" in the privacy banner removes functional values. The anonymous web analytics provided by Plausible (see section 5) uses no cookies and no local storage; it is not affected by the cookie-banner decision because no personal data is processed.

5. Web analytics with Plausible Analytics

We use Plausible Analytics for reach measurement and for improving our offer. The provider is Plausible Insights OÜ, Västriku tn 2, 50403 Tartu, Estonia. Data processing takes place on European servers (Hetzner Online GmbH, Germany). Plausible uses no cookies and creates no personal usage profiles; IP addresses are only used briefly to generate an anonymous daily-salt hash and are not stored. Only aggregated values are collected (visited pages, time on page, referrer, browser and device class, approximate region based on the IP). The legal basis is Art. 6 (1) lit. f GDPR (legitimate interest in web optimisation). Since neither cookies nor personal data are processed, consent under § 25 (1) TTDSG is not required. No transfer to third countries takes place; a data processing agreement under Art. 28 GDPR is in place with Plausible. Further information at https://plausible.io/privacy.

6. Recipients and processors

For the operation of our website and the processing of your enquiries we use the processors listed below. Data processing agreements under Art. 28 GDPR are in place with all processors. Beyond that, your personal data will only be transferred to third parties if this is necessary for the performance of the contract (e.g. to logistics or technical service providers as part of a maintenance service) or if there is a legal obligation.

6.1 Website and API hosting

This website and the associated PHP backend endpoints (chat function, lead forms) are hosted by Strato AG, Pascalstraße 10, 10587 Berlin, Germany. When the site is accessed, technically necessary data (see section 2) is processed by the host. Strato processes data exclusively on servers in Germany. A data processing agreement under Art. 28 GDPR is in place with Strato.

6.2 CRM and lead processing: Pipedrive

Lead enquiries that you submit via our website forms (see section 3) are automatically transferred via our PHP interface into our CRM system Pipedrive. The provider is Pipedrive OÜ, Paldiski mnt 80, 10617 Tallinn, Estonia. Pipedrive is part of an international corporate group including affiliates in the USA; the customer data of our Pipedrive account is processed in the EU data centre; individual maintenance and support access from the USA cannot be entirely ruled out. Pipedrive is certified under the EU-US Data Privacy Framework; EU Standard Contractual Clauses additionally apply to any USA access. Processed are name, company, email address, phone number, enquiry content, and marketing attribution. Legal basis: Art. 6 (1) lit. b and f GDPR. Further information: https://www.pipedrive.com/en/privacy.

6.3 Appointment booking: Microsoft Bookings

For booking 30-minute consultation slots we link in the footer to the Microsoft Bookings service (part of Microsoft 365). The contractual party is Microsoft Ireland Operations Ltd., One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. When you click the booking link, you are redirected to the Microsoft platform; from that point the Microsoft privacy statement applies (https://privacy.microsoft.com/en-us/privacystatement). Microsoft is certified under the EU-US Data Privacy Framework; in addition, the EU Data Boundary applies to Microsoft 365 customer data so that processing primarily takes place within the EU. Processed are your email address, your name, and the chosen appointment. Legal basis: Art. 6 (1) lit. b GDPR (initiation of contract).

6.4 Chat function: Anthropic + Zulip

On this website you can submit questions to an AI-powered assistant via a chat widget. If you actively use the chat widget, your messages are transmitted to the Anthropic Messages API (Anthropic, PBC, San Francisco, USA) for answering. Anthropic is certified under the EU-US Data Privacy Framework. Anthropic does not store your messages for training purposes; processing is limited to answering your request under the API terms of use.

Chat conversations are also mirrored into our self-hosted team communication platform (Zulip, server in Germany at zulip.techcaresolutions.de) for processing by our sales team. The data therefore remains on a server we control within the EU; no third-country transfer takes place via this path.

The legal basis for processing within the chat function is Art. 6 (1) lit. f GDPR (legitimate interest in the efficient handling of your enquiry) and, insofar as you raise specific contract or pre-contractual questions, Art. 6 (1) lit. b GDPR (pre-contractual measures). You can end use of the chat widget at any time; without active input, no chat data is collected.

7. Job applications via the careers page

On the careers page (/karriere.html) you will find our job offers with application links via email (mailto:). Application emails including attached CVs, cover letters, references, and other documents are processed in the inbox of info@techcaresolutions.de or the addresses linked there (hosting see section 6.1). All information you voluntarily submit in your application will be processed. The legal basis is Art. 6 (1) lit. b GDPR in conjunction with § 26 (1) BDSG (initiation of contract in an employment relationship); for special categories of personal data (e.g. severe disability information) additionally Art. 9 (2) lit. b GDPR. Application documents are deleted 6 months after the application procedure is concluded in accordance with the limitation period under § 15 (4) AGG, unless you have consented to longer storage (e.g. in a talent pool). If you are hired, the documents are transferred to your personnel file; in that case you will receive a separate privacy notice for employees.

8. Third-country transfers — overview

Where personal data is transferred to processors with a registered office or processing location outside the EU/EEA, this is done on the basis of the following safeguards:

Anthropic, PBC (USA) — chat API requests (section 6.4). Certified under the EU-US Data Privacy Framework.
Pipedrive (USA group-level access) — CRM maintenance and support (section 6.2). Certified under the EU-US Data Privacy Framework plus EU Standard Contractual Clauses.
Microsoft Corporation (USA) — when booking appointments via Microsoft Bookings (section 6.3). Certified under the EU-US Data Privacy Framework; EU Data Boundary for Microsoft 365 customer data generally active.

No further transfer to third countries takes place. With our hoster (Strato), the web-analytics provider (Plausible), and our self-hosted Zulip platform your data is processed exclusively within the EU.

9. Your rights

You have the following rights regarding your personal data: right to access (Art. 15 GDPR), rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR), data portability (Art. 20 GDPR), and objection to processing (Art. 21 GDPR). Please send requests to info@techcaresolutions.de.

10. Right to lodge a complaint

You have the right to lodge a complaint with a supervisory authority regarding our processing of personal data. The responsible authority is the State Commissioner for Data Protection and Freedom of Information of Rhineland-Palatinate, Hintere Bleiche 34, 55116 Mainz, Germany.

11. Currency of this privacy policy

This privacy policy is currently valid. Continued development of our website or changes in legal or regulatory requirements may make it necessary to amend this privacy policy. The current version can be accessed on this page at any time.