Privacy policy.
Last updated: August 13, 2025
The essentials in 20 seconds
- Controller: dgtl.ai GmbH, Leipziger Platz 10, 10117 Berlin, Germany · Email: hello@dgtl.ai · Phone: +49 30 40739797.
- What we process: Server logs when accessing the website; cookies and similar technologies only with consent; contact data when you contact us.
- Why: Operation and security of the website, communication with you, optional analytics and convenience features.
- Your choices: Manage consents anytime via the cookie banner (“Cookie Settings”); rights to access, deletion, and more.
- Our service providers: Hosting by Hetzner (Germany), consent management via Cookiebot (Denmark), tag control via Google Tag Manager (Ireland).
- No automated decision-making as defined by Art. 22 GDPR.
1. Who we are and how to reach us
dgtl.ai GmbH
Leipziger Platz 10
10117 Berlin, Germany
Email: hello@dgtl.ai
Phone: +49 30 40739797
2. How you manage your consents (Cookie Banner)
We only use non-essential technologies with your prior consent.
You can change or withdraw your selection anytime via the “Cookie Settings” link in the footer.
3. Hosting & Server Logs (Hetzner)
- Provider: Hetzner Online GmbH, Germany (data processing agreement under Art. 28 GDPR).
- Data: IP address, date/time, requested resource, referrer, user agent, HTTP status, transmitted bytes.
- Purpose: Delivery, stability, IT security, abuse prevention.
- Legal basis: Art. 6(1)(f) GDPR (legitimate interest).
- Storage: Deleted within days or weeks unless required for security incidents.
4. Cookies & Device Access (§25 TDDDG)
- Essential: Required for basic site functionality.
- Non-essential: Analytics/marketing/convenience – only with consent.
- Legal bases: § 25 TDDDG (consent for device access); Art. 6(1)(a) GDPR for consent-based processing; Art. 6(1)(f) GDPR for essential operations.
5. Consent Management (Cookiebot)
- AnbProvider: Usercentrics A/S, Copenhagen, Denmark.
- Functions: Consent banner and management, blocking until consent, logging of consent status and time.
- Legal bases: § 25(2) TDDDG (technically necessary), Art. 6(1)(c) GDPR with Art. 7(1) GDPR (proof of consent), Art. 6(1)(f) GDPR (compliance).
6. Tag Management with Google Tag Manager (GTM)
- Provider: Google Ireland Limited, Dublin, Ireland.
- GTM helps us manage and deploy scripts on our website. It does not set cookies or process data for Google’s own purposes.
However, minimal metadata (e.g. IP address, browser info, container ID) may be transmitted to Google servers.
This takes place under the EU–US Data Privacy Framework; where required, transfers are additionally secured by EU Standard Contractual Clauses (Art. 46 GDPR). - Non-essential tags (e.g. analytics or marketing tools) are only loaded after your explicit consent via the cookie banner.
- Legal basis: Art. 6 (1)(f) GDPR (necessary operation); Art. 6 (1)(a) GDPR / § 25 (1) TDDDG (consent for optional tools).
7. Contact (Form or Email)
- Data: Information you send to us (e.g. name, email, message content).
- Purpose: Responding to your inquiries and processing requests; potential contract initiation.
- Legal bases: Art. 6(1)(b) GDPR (contract-related) and Art. 6(1)(f) GDPR (communication).
- Storage: Retained until request completion; otherwise per statutory retention.
8. Analytics, Marketing & Embedded Content (Consent-based)
- If you consent, we may use analytics or marketing tools and embed third-party content.
- Details and providers are transparently listed in the cookie banner.
- Data transfers: Where applicable, secured via EU Standard Contractual Clauses (Art. 46 GDPR) or the EU–US Data Privacy Framework.
9. Click IDs (e.g. “gclid”, “wbraid”, “gbraid”)
- When you access our site through Google Ads, these parameters may be appended to the URL. They are used for campaign effectiveness tracking and only analyzed with your marketing consent.
- Legal basis: Art. 6(1)(a) GDPR (consent).
10. Recipients & Processors
- We use carefully selected service providers under Art. 28 GDPR.
- Processing is carried out only per our instructions and secured via technical and organizational measures (TOMs).
11. Storage Duration
- We only store personal data as long as necessary or legally required; data is then deleted or anonymized.
12. Your Rights
- You have the following rights under Art. 12–22 GDPR: access, rectification, erasure, restriction, data portability.
- You can withdraw any consent at any time with future effect.
- You have the right to object (see below) and to file a complaint with a supervisory authority.
- Competent authority: Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59–61, 10555 Berlin, Germany
Phone: +49 30 13889-0 · Email: mailbox@datenschutz-berlin.de
13. Right to Object (Art. 21 GDPR)
- You may object at any time to processing based on Art. 6(1)(e) or (f) GDPR for reasons relating to your situation.
- You may also object to direct marketing at any time without justification.
14. Data Protection Officer
We are currently not required to appoint a Data Protection Officer (Art. 37 GDPR; § 38 BDSG).
For privacy inquiries, please use the contact details above (hello@dgtl.ai).
15. Provision of Data & Automated Decisions
- No legal obligation to provide personal data; certain functions may be unavailable without it.
- We do not use automated decision-making as defined by Art. 22 GDPR.
16. Security
- We apply technical and organizational measures (encryption, access control, logging) according to the current state of the art and risk level.




