Privacy Policy

This policy describes how personal data is processed when you visit exma.systems. The site is a single static page with a mailto link and no analytics, cookies, tracking, or embedded third-party content.

Controller

What data is processed

The site is served via GitLab Pages, operated by GitLab Inc. When you load this page, GitLab automatically receives technical information sent by your browser, including your IP address, the requested URL, the date and time of the request, the HTTP status, the amount of data transferred, the referring URL, and your user agent string. This information is stored in server log files for the purpose of operating, securing, and troubleshooting the site.

If you click the get in touch link, your local email client opens a new message addressed to contact@exma.systems. No data is transmitted to us until you actually send that email. Once you do, the contents (including your sender address) are processed for the purpose of responding to your enquiry.

Legal basis

Server log processing is based on Art. 6(1)(f) GDPR (legitimate interest in providing a functional and secure website). Processing of email correspondence you initiate is based on Art. 6(1)(b) GDPR (steps prior to entering a contract) or Art. 6(1)(f) GDPR (legitimate interest in answering enquiries), depending on the nature of the message.

Retention

Server logs are retained by GitLab in line with their own retention policy; we have no access to these logs and do not store them ourselves. Email correspondence is retained for as long as required to handle the matter and any subsequent legal or contractual obligations.

Recipients and international transfers

Server logs are processed by GitLab Inc. (United States) acting as a processor under Art. 28 GDPR. As GitLab Inc. is based outside the EU/EEA, data is transferred to the United States. The transfer is safeguarded by the EU–US Data Privacy Framework (in which GitLab Inc. participates) and, additionally, by the Standard Contractual Clauses adopted by the European Commission. See GitLab’s privacy notice at about.gitlab.com/privacy for details.

We do not share personal data with any other third parties in the context of this site.

Your rights

Under the GDPR you have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and to object to processing (Art. 21). To exercise any of these rights, contact us at the address above.

You also have the right to lodge a complaint with a supervisory authority. The competent authority for our seat is the Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg.

Changes to this policy

As exma systems develops, the scope of processing may change. This policy will be updated accordingly. The version shown above always reflects the current state of the site.