Privacy Policy

The controller within the meaning of the GDPR is:

North Star Digital Labs UG (haftungsbeschränkt), Gerhofstrasse 3, 20354 Hamburg, Germany.

Data protection enquiries: datenschutz@northstarlabs.io, or by post to the address above marked for the attention of the data protection officer.

We process personal data only insofar as is necessary to provide a functional website and our content and services. Processing generally takes place only with the user's consent (Art. 6 (1) (a) GDPR) or where another legal basis applies (in particular Art. 6 (1) (b), (c) or (f) GDPR).

When you access our website, technical data is processed that your browser automatically transmits: browser type and version, operating system, referrer URL, hostname/IP address, time of the server request.

Legal basis: legitimate interest in stable, secure operation of the website (Art. 6 (1) (f) GDPR). Retention: up to 14 days in server logs.

If you contact us via the contact form or by email, we process the data you provide (name, company, email, content of the message) in order to respond.

Legal basis: Art. 6 (1) (b) GDPR (pre-contractual measures) or Art. 6 (1) (f) GDPR (legitimate interest). Retention: as long as required to handle your enquiry and any follow-up.

We use technically necessary cookies to make the website work (e.g. storing your language and cookie preferences). These do not require consent (Art. 6 (1) (f) GDPR).

We set optional cookies (statistics, marketing) only with your consent via the cookie banner (Art. 6 (1) (a) GDPR). You can withdraw your consent at any time.

Our contact page embeds an appointment booking widget from Cal, Inc. (San Francisco, USA). When you use the widget, the data you enter (e.g. name, email, selected slot) is transmitted to Cal.com.

Legal basis: Art. 6 (1) (b) GDPR (pre-contractual measures) and Art. 6 (1) (f) GDPR (efficient scheduling). Transfers to the USA are based on appropriate safeguards (EU-US Data Privacy Framework and EU Standard Contractual Clauses).

For security reasons this site uses SSL/TLS encryption to protect the transmission of confidential content.

You have the right to access (Art. 15 GDPR), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and to object (Art. 21). You can withdraw any consent given at any time (Art. 7 (3) GDPR).

You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR). The authority responsible for us is the Hamburg Commissioner for Data Protection and Freedom of Information.