Last updated: 16 June 2026
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally. For detailed information on data protection, please refer to the privacy policy set out below this text.
Who is responsible for collecting data on this website?
Data processing on this website is carried out by the website operator. You can find the operator's contact details in the imprint of this website.
How do we collect your data?
Your data is collected, on the one hand, when you provide it to us, for example by entering it into a contact form. Other data is collected automatically or with your consent when you visit the website by means of our IT systems. This is primarily technical data (e.g. internet browser, operating system or time of the page request).
What do we use your data for?
Some of the data is collected to ensure the error-free provision of the website. Other data may be used to analyse your user behaviour.
What rights do you have regarding your data?
You have the right at any time to receive information free of charge about the origin, recipients and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time with effect for the future. You also have the right, under certain circumstances, to request the restriction of the processing of your personal data. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various items of personal data are collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
We would like to point out that data transmission over the internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.
The party responsible for data processing on this website is:
Nexode Consulting GmbH
Oberwallstraße 6
10117 Berlin, Germany
Phone: +49 30 4397375 0
E-mail: info@nexode.de
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data.
Unless a more specific storage period is stated within this privacy policy, your personal data will remain with us until the purpose for the data processing ceases to apply. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data; in the latter case, deletion will take place once these reasons no longer apply.
Insofar as we have obtained your consent to process personal data, Art. 6(1)(a) GDPR is the legal basis. If processing is necessary for the performance of a contract to which you are a party, Art. 6(1)(b) GDPR is the legal basis. If a legal obligation to process exists, Art. 6(1)(c) GDPR applies. In all other cases (in particular where there is a legitimate interest), Art. 6(1)(f) GDPR applies.
Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. The lawfulness of the data processing carried out up to the point of revocation remains unaffected by the revocation.
In the event of breaches of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, place of work or place of the alleged breach. This right to complain exists without prejudice to any other administrative or judicial remedy.
For security reasons and to protect the transmission of confidential content, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
Within the framework of the applicable statutory provisions, you have the right at any time to free information about your stored personal data, its origin and recipients and the purpose of the data processing and, if applicable, a right to correction or deletion of this data. You can contact us at any time regarding this and other questions on the subject of personal data.
You have the right to request the restriction of the processing of your personal data. You can contact us at any time to do so. The right to restriction of processing exists in the following cases:
If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of processing.
If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of deletion.
If we no longer need your personal data but you need it to exercise, defend or assert legal claims, you have the right to request the restriction of processing instead of deletion.
If you have lodged an objection pursuant to Art. 21(1) GDPR, a balancing of your and our interests must be carried out. As long as it has not been determined whose interests prevail, you have the right to request the restriction of processing.
We hereby object to the use of contact data published within the scope of the imprint obligation for sending advertising and information material that has not been expressly requested. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example through spam e-mails.
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address
This data is not merged with other data sources. This data is collected on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of its website. The server log files are stored for a period of 30 days and then deleted.
Our website uses technically necessary cookies or comparable storage technologies that are required to operate the site — for example to store your language selection and to maintain your session after login. In addition, only with your consent, we use analytics cookies or comparable technologies for reach and product analysis (see the section “Web analytics with PostHog”).
Technically necessary cookies are stored on the basis of Art. 6(1)(f) GDPR; the operator has a legitimate interest in a functional, user-friendly website. Insofar as cookies are not technically required, they are only set with your consent (Art. 6(1)(a) GDPR). You can set your browser to inform you about the setting of cookies and to allow cookies only in individual cases or to exclude them in general.
On the basis of your consent (Art. 6(1)(a) GDPR), we use PostHog, a product and web analytics tool. PostHog helps us understand how our website and service are used so we can improve them. It primarily collects event and usage data (e.g. pages viewed and actions triggered), device and browser information, a truncated IP address and a pseudonymous identifier; for logged-in users, a user identifier may additionally be associated.
Data is collected via a reverse proxy under our own domain. Processing and storage take place in PostHog's EU Cloud (eu.i.posthog.com) with servers located in the European Union (Frankfurt, AWS eu-central-1). Session replay is disabled by default; if it is enabled, sensitive inputs such as passwords and form contents are masked.
We host our website and our service with Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, L-1855 Luxembourg (“AWS”). Operations take place in the AWS Frankfurt region (eu-central-1). When you visit our website, your personal data is processed on AWS servers.
The use of AWS is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the most reliable presentation of our website possible. Where a corresponding consent was requested, processing takes place exclusively on the basis of Art. 6(1)(a) GDPR.
We have concluded a data processing agreement (DPA) with AWS. This contract ensures that AWS processes the data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
To register for and use the Farion platform, we process account and usage data (in particular name, e-mail address, role and the technical access and audit data required for security and traceability). The legal basis is Art. 6(1)(b) GDPR (performance of a contract) and Art. 6(1)(f) GDPR (operation and security of the service).
Where you, as a customer, provide your own data (e.g. source code and technical artefacts) as part of the security analysis, we process this exclusively on your behalf and in accordance with your instructions. The separately concluded data processing agreement (DPA), together with the technical and organisational measures described therein, is decisive in this respect. Customer data is not used to train AI models; the AI-assisted analysis takes place within the AWS Frankfurt region (eu-central-1).
You can revoke your consent at any time with effect for the future by adjusting your cookie or consent settings. The lawfulness of the processing carried out up to the point of revocation remains unaffected.
If you send us enquiries via the contact form or by e-mail, your details from the form or your e-mail, including the contact data you provide, will be stored by us for the purpose of processing the enquiry and in case of follow-up questions. We do not pass on this data without your consent.
The processing of this data is based on Art. 6(1)(b) GDPR, provided your enquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of enquiries addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), where this was requested.