Privacy Policy

Last updated: 15th January 2026

Introduction

dataforge GmbH ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our CRM software services and visit our website at dataforge.world.

As a company registered in Germany (Registration Number: HRB103915), we comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws. We act as the data controller for the personal information we process about you.

Data Collection

The data we collect depends on how you interact with our services. We collect information that you provide directly to us, information we collect automatically when you use our services, and information from third-party sources.

Information You Provide

  • Contact details (name, email address, phone number, company information)
  • Account registration information and login credentials
  • Customer data you input into our CRM platform
  • Communication preferences and marketing consents
  • Support requests and correspondence with our team
  • Payment and billing information for subscription services

Automatically Collected Information

  • Device information (IP address, browser type, operating system)
  • Usage data (pages visited, features used, time spent on platform)
  • Technical information (error logs, performance metrics)
  • Location data (general geographic location based on IP address)

How We Use Your Information

We process your personal data for specific purposes based on legitimate legal grounds. Understanding how we use your data helps you make informed decisions about sharing your information with us.

Service Provision

  • Providing access to our CRM platform and related services
  • Processing transactions and managing your subscription
  • Delivering customer support and technical assistance
  • Maintaining and improving platform functionality and security

Communication and Marketing

  • Responding to your enquiries and support requests
  • Sending important service updates and notifications
  • Providing marketing communications (with your consent)
  • Conducting customer satisfaction surveys and feedback collection

Analytics and Improvement

  • Analysing usage patterns to improve our services
  • Conducting research and development for new features
  • Monitoring platform performance and identifying issues
  • Generating anonymised statistics and reports

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

Our website uses various types of cookies including necessary cookies for basic functionality, analytics cookies to understand user behaviour, and marketing cookies for advertising purposes. For detailed information about the cookies we use, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your information in specific circumstances as outlined below, always ensuring appropriate safeguards are in place.

Service Providers

We work with trusted third-party service providers who assist us in delivering our services, including cloud hosting providers, payment processors, and analytics services. These providers are contractually bound to protect your data and use it only for specified purposes.

Legal Requirements

We may disclose your information when required by law, court order, or government regulation, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce our agreements. The specific retention periods depend on the type of data and the purpose for processing.

  • Account information: Retained while your account is active and for 3 years after closure
  • Customer data: Retained according to your subscription terms and data processing agreements
  • Communication records: Retained for 7 years for business and legal purposes
  • Analytics data: Typically retained for 26 months in aggregated, anonymised form

Your Rights

Under GDPR and applicable data protection laws, you have several rights regarding your personal data. We are committed to facilitating the exercise of these rights in accordance with legal requirements.

  • Right of Access: You can request information about the personal data we hold about you
  • Right to Rectification: You can request correction of inaccurate or incomplete data
  • Right to Erasure: You can request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: You can request limitation of how we process your data
  • Right to Data Portability: You can request transfer of your data to another service provider
  • Right to Object: You can object to certain types of data processing
  • Right to Withdraw Consent: You can withdraw consent for processing based on consent

To exercise any of these rights, please contact us using the information provided in the Contact section below. We will respond to your request within one month, though this may be extended in complex cases.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

  • Encryption of data in transit and at rest using industry-standard protocols
  • Regular security assessments and penetration testing
  • Access controls and authentication mechanisms
  • Employee training on data protection and security practices
  • Incident response procedures and breach notification protocols
  • ISO 27001 certification for information security management

International Data Transfers

Your personal data is primarily processed within the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other approved transfer mechanisms.

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and, where appropriate, through other communication channels.

Contact Information

If you have questions about this Privacy Policy, wish to exercise your rights, or need to contact us about data protection matters, please reach out to us:

Data Controller

dataforge GmbH
Hauptstraße 129
10023 Berlin, Germany
Registration Number: HRB103915

Contact Details

Email: privacy@dataforge.world
Phone: +49 30 59270621
General enquiries: contact@dataforge.world

You also have the right to lodge a complaint with a supervisory authority if you believe we have not handled your personal data in accordance with applicable law. In Germany, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).