Privacy Policy

Introduction We appreciate your interest in our website. Protecting your personal data is important to us. In this privacy policy, we inform you about what data we collect, how we use it, and what rights you have regarding your data.

We collect certain data from you when necessary. In this privacy policy, we explain what personal data we collect, for what purpose we use it, and why we do so. Additionally, we outline how we protect your data, when it is deleted, and what rights you have under data protection regulations.

Who can I contact?

Responsible for this website is:
Nicola Ritter
Pico Ventures GmbH
Novalisstraße 12
10115 Berlin
info@cloudpal.ai

What are my rights?

You can contact us at any time if you have any questions about your rights regarding data protection or if you wish to exercise any of the following rights:

• Right to withdraw your consent in accordance with Art. 7 para. 3 GDPR (e.g. you can contact us if you wish to cancel a previously given consent to a newsletter)
• Right to access your data in accordance with Art. 15 GDPR (e.g. you can contact us if you would like to know what data we have stored about you)
• Right to correct your data in accordance with Art. 16 GDPR (e.g. you can contact us if your e-mail address has changed and we should replace your old e-mail address)
• Right to have your data deleted in accordance with Art. 17 GDPR (e.g. you can contact us if you want us to delete certain data that we have stored about you)
• Right to limit data collection in accordance with Art. 18 GDPR (e.g. you can contact us if you do not want us to delete your e-mail address, but only to send absolutely necessary e-mails)
• Right to data portability in accordance with Art. 20 GDPR (e.g. you can contact us to receive your data in a zipped format, if you want to upload it to another website)
• Right to object how your data is handled in accordance with Art. 21 GDPR (e.g. you can contact us if you do not agree with advertising or user analytics procedures as described within this privacy policy)
• Right to send complaints to the supervisory authority in accordance with Art. 77 para. 1 f GDPR (e.g. you can contact the data protection supervisory authority directly: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm)

To exercise your rights, please contact us at: info@cloudpal.ai

Deletion of data and storage periods

Unless otherwise stated, we will delete or anonymize your data as soon as it is no longer needed, e.g. your e-mail address after you have unsubscribed from a newsletter. Your data will also be deleted or blocked automatically if the mandatory storage period expires. Such data may be needed for longer periods of time for legal reasons. You can request information about all personal data we have stored about you. Data protection inquiries and other legal matters may also be stored for a longer period of time within the scope of the legally relevant retention and statute of limitations periods.

Visiting our website

If you merely wish to browse our website, we do not collect any personal data, with the exception of the data that your browser sends to us, e.g.:

• IP address (e.g. 82.93.116.example or 2a02:7122:99222:1112:bdb2:723f:example)
• Approximate location based on IP range (e.g. "Berlin")
• Internet provider (e.g. "Telecom" or „AT&T")
• Internet connection speed (e.g. 120 Mbit)
• Date and time of visit (e.g. 11:55 on 25.05.2023)
• Last visited website (e.g. google.com)
• Browser and version (e.g. Chrome or Safari)
• Operating system (e.g. Mac OS)
• Hardware (e.g. Intel processor)

As a protective measure in favour of your privacy, we delete or anonymise the IP address after your visit to our website. This means that the other technical data can no longer be traced back to you and are only used for anonymous, statistical purposes to optimise our website. The purpose of the temporary storage of the data is, on the one hand, the technical necessity for establishing the connection and, on the other hand, the correct, error-free presentation of our website. The IP address and the technical data already mentioned are necessary to display the website, to prevent display problems for visitors and to correct error messages. The legal basis is the so-called legitimate interest, which has been examined in the context of the aforementioned protective measures as well as in accordance with the European data protection requirements from Art. 6 para. 1 lit. f GDPR.

Contact

When you contact us, for example via email, your request including any resulting personal data (name, inquiry) will be stored and processed for the purpose of handling your concern. We only share this data if necessary to fulfill your request or if you have given your prior consent.

The data of existing business partners, especially contact details, are managed using a Customer Relationship Management (CRM) system. This allows us to conduct interactions via email, social media, or telephone. In individual cases, we send information to investors and business contacts which we believe might be of interest to you. If you do not wish to receive further emails of this kind, you can opt-out at any time using the unsubscribe link provided.

As a protective measure, initiating contact - just like visiting the rest of the website - is done over an encrypted connection. Depending on whether a business relationship is established or not, we store your data, subject to contractual or legal retention obligations, until you request deletion or object to the processing, or the data is no longer required for our business purposes. The purpose of the requested data is communication and automation of pitch submissions, enabling us to make the process for inquiries and communication more efficient. The legal basis, depending on the request, is the execution of pre-contractual measures according to Art. 6 para. 1 lit. b GDPR or the so-called legitimate interest, which has been examined for the purpose of pursuing the goal within the framework of the aforementioned protective measures as well as in accordance with the European data protection requirements from Art. 6 para. 1 lit. f GDPR.

Cookies

Our website partially uses so-called cookies. Cookies are small text files that are usually stored in a folder of your browser. Cookies contain information about the current or last visit to the website:

• Name of the website
• Expiration date of the cookie
• Any value

If cookies do not contain an exact expiration date, they are stored only temporarily and are automatically deleted as soon as you close your browser or restart your device. Cookies with an expiration date will still be stored even when you close your browser or restart your device. Such cookies will not be deleted until the specified date or if you delete them manually.

We use the following three types of cookies on our website:

• required cookies (cookies that are required, e.g. to display the website correctly for you and to store certain settings temporarily)
• functional and performance-related cookies (cookies that help us improve our website, e.g. to evaluate technical data of your visit and avoid error messages)
• advertising and analytics cookies (cookies that provide analytics and personalized ads, e.g. advertising for shoes is displayed if you have previously searched for shoes)

You can configure, block and delete cookies in your browser settings. If you delete all cookies from our website, some functions of the website may not be displayed correctly. Helpful information and instructions for the most common browsers can be found here: https://www.allaboutcookies.org/manage-cookies/stop-cookies-installed.html

Hosting
To ensure the secure and reliable operation of our website, we use the services of hosting providers. These providers offer us infrastructure and platform solutions, server capacities, storage space, database services, security measures, and technical maintenance.

In this process, inventory, contact, content, contract, usage, as well as meta and communication data are processed to provide the website and its functions. Processing is carried out in accordance with Art. 6 (1) lit. f GDPR (legitimate interest in a secure and efficient provision of our services) and based on Art. 28 GDPR (conclusion of a data processing agreement).

Webflow (Hosting Provider)
Our website is hosted by Webflow:

• Provider: Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA
• Function: Website hosting and provision of website functions
• Collected Data: IP addresses, technical log files, cookies
• Legal Basis: Art. 6 (1) lit. f GDPR (legitimate interest in a stable website operation)
• More Information: Webflow Privacy Policy

Since data transfer to the USA may occur, this is based on the EU Commission's Standard Contractual Clauses.

Data Processing Agreement:
We have concluded a Data Processing Agreement (DPA) with Webflow to ensure that personal data is processed in compliance with GDPR.

Google Tag Manager
We use Google Tag Manager to manage various analytics tools such as Google Analytics and Google Ads on our website.

• Provider: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
• Function: Management of tracking tags, no storage of personal data
• Legal Basis: Art. 6 (1) lit. f GDPR (legitimate interest in efficient website analysis, optimization, and economic operation)
• More Information: Google Tag Manager Usage Policy

Google Analytics
Google Analytics is operated by Google Ireland Ltd., headquartered at Gordon House, Barrow Street, Dublin 4, Ireland.

• Function: Analysis of user behavior and provision of personalized advertising.
• IP Anonymization: We use Google Analytics with enabled IP anonymization, which shortens users' IP addresses before processing by Google.
• Data Processing: Depending on the location, data is processed either within the European Union (EU) or in the United States.
• Legal Basis: Art. 6 (1) lit. f GDPR (legitimate interest in efficient website analysis, optimization, and economic operation).
• More Information: Google Privacy Policy

Google Ads
Google Ads is operated by Google Ireland Ltd., headquartered at Gordon House, Barrow Street, Dublin 4, Ireland.

• Function:
  
  • Enables the placement of advertisements in the Google search engine or on third-party websites based on specific keywords (keyword targeting).
  • Displays targeted ads based on user information, including location data and interests (audience targeting).
• Data Processing: Depending on the location, data is processed either within the European Union or in the United States.
• Legal Basis: Art. 6 (1) lit. f GDPR (legitimate interest in efficient website analysis, optimization, and economic operation).
• More Information: Google Privacy Policy

Hotjar
Hotjar is operated by Hotjar Ltd., headquartered at Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta, Europe.

• Function: Hotjar is a web analytics tool that helps businesses better understand user behavior on their website.
• Collected Data:
  
  • Heatmaps (visual representation of click and scroll behavior)
  • Visitor recordings
  • Analysis of conversion funnels
  • Collection of user feedback
• Data Processing: Within the European Union (EU).
• Legal Basis: Art. 6 (1) lit. f GDPR (legitimate interest in efficient website analysis, optimization, and economic operation).
• More Information: Hotjar Privacy Policy

Mailchimp
Mailchimp is operated by The Rocket Science Group, LLC, headquartered at 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.

• Function: Mailchimp is a marketing platform that provides businesses and individuals with tools to create, manage, and analyze email campaigns and newsletters.
• Data Processing: Depending on the location, data is processed either within the European Union or in the United States.
• More Information: Mailchimp Privacy Policy

HubSpot
HubSpot is operated by HubSpot, Inc., headquartered at 25 First St., 2nd Floor, Cambridge, Massachusetts 02141, USA.

• Function: HubSpot is a software solution for customer management and service optimization, supporting various online processes.
• Applications:
  
  • Management of customer inquiries from various channels
  • Ticketing system for support and service requests
  • Collection and analysis of user feedback
  • Conducting customer satisfaction surveys
• More Information:
  
  • HubSpot Website
  • HubSpot Privacy Policy

Google Fonts
Google Fonts is operated by Google LLC, headquartered at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

• Function: Provides fonts for website display.
• Data Processing: When loading fonts, your IP address may be transmitted to Google servers.
• More Information:
  
  • Google Privacy Policy
  • Google Opt-out Settings

Social Sign-In & Social Login

We maintain company presences on social media platforms

• LinkedIn
• Xing

and process your personal data if you communicate with us through these channels. Specifically, we process contact details (e.g., profiles, email addresses, or phone numbers, as far as you provide these) and content data (e.g., comments, tags, and links).

As a protective measure, the data you enter is transmitted via an encrypted connection of the respective platform. We do not use the sign-in to access personal data such as friend lists or contacts nor do we store this information for our own purposes. There is no permanent link between your user account and the operator's user account. We are unaware of which data the social networks collect during sign-in or how data is linked. Depending on your location, the data is processed either within the European Union or the USA. For more information, please refer to the privacy policies of the respective operators. The purpose of the requested data is to sign in using an existing user account to use extended features (such as information about our services or to communicate with you) on the website. Signing in via social networks is voluntary and can be revoked or the user account can be logged off at any time. If we use evaluations provided by the platform operators to create user profiles and place advertisements within and outside the networks, we are co-responsible in the sense of Art. 4 No. 7 GDPR with:

• LinkedIn, operated by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland. LinkedIn is a professional networking platform that allows users to connect with others in their industry, discover job opportunities, share content, and showcase their skills and work experiences. Depending on your location, the data is processed either within the European Union or the USA. For more information, please refer to LinkedIn’s Privacy Policy.
• Xing, operated by New Work SE, headquartered at Dammtorstraße 30, 20354 Hamburg, Germany. Xing is a professional networking platform that enables users to connect with industry professionals, explore job opportunities, share content, and highlight their skills and work experience. Data processing takes place within the European Union (EU). For more information, please refer to Xing’s Privacy Policy.

As Joint Controllers as per Art. 26 GDPR of these pages, we have agreements with most platform operators stating they assume the key data protection obligations for information and fulfillment of the rights of the data subjects as well as data security and notification and information in case of data protection violations. As providers of the social media platforms, they have immediate access to necessary information and can also take immediate necessary actions and provide information. We only receive anonymized user statistics.

You can assert your rights as a data subject against any of the Joint Controllers. If you contact us, we will instruct the platform providers accordingly. For further information, we refer to the privacy policies and information provided by the operators of the respective networks.

Changes to This Privacy Policy
This privacy policy is regularly reviewed and updated. The latest version is always available on our website.

Last updated: 03.03.2025

‍