.svg)
(As of October 2025)
General notes The following notes provide a simple overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to personally identify you. Detailed information on data protection can be found in our privacy policy listed below this text.
Data collection on our website How do we collect your information? On the one hand, your data is collected when you provide it to us. This could be data that you enter in a contact form, for example.
Other data is automatically collected by our IT systems when you visit the website. This is primarily technical data (e.g. Internet browser, operating system or time of page access). This data is collected automatically as soon as you enter our website.
What do we use your data for? Some of the data is collected to ensure error-free provision of the website. Other data can be used to analyze your user behavior.
What are your rights with regard to your data? You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to correct, block or delete this data. You can contact us at any time about this and if you have any further questions about data protection.
Data protection The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations and this privacy policy.
We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may have security gaps. It is not possible to completely protect data from access by third parties.
Note on the responsible body The responsible body for data processing on this website is:
AJAT GmbH Gustav-Heinemann-Ufer 86A 50968 Cologne
Telephone: +49 221 912 46 144 E-mail: info@ajat.io
The responsible body is the natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data Ardalan Jahangiri Arfei.
Statutory data protection officer Ardalan Jahangiri Arfei, Ardelan.Arfei@ajat.io
example: We have appointed a data protection officer for our company:
Ardalan Jahangiri Arfei 50968 Cologne Gustav-Heinemann-Ufer E-mail: datenschutz@ajat.io
Storage period Unless a specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you make a legitimate request for deletion or withdraw your consent to data processing, your data will be deleted unless we have any other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the deletion will take place after these reasons cease to apply.
Note on data transfer to the USA and other third countries Our website includes tools from companies based in the USA. When these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are required to disclose personal data to security authorities without you, as the person concerned, being able to take legal action against this.
It cannot therefore be ruled out that US authorities (e.g. secret services) may process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence on these processing activities.
For companies following the EU-US Data Privacy Framework (DPF) are certified, this agreement serves as a basis for data transfer to ensure compliance with European data protection standards.
SSL or TLS encryption This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as inquiries that you send to us as the site operator. You can recognize an encrypted connection when the browser's address line changes from “http://” to “https://” and by the lock icon in your browser line.
Withdrawal of your consent to data processing Many data processing processes are only possible with your express consent. You can withdraw consent that you have already given at any time. All you need to do is send us an informal message by e-mail. The legality of the data processing carried out up to the time of revocation remains unaffected by the revocation.
Right to object to data collection in special cases (Art. 21 GDPR) IF DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6 PARA. 1 LIT. E OR F DSGVO, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS.
IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING.
Right to lodge a complaint with the competent supervisory authority In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority. The supervisory authority responsible for us is:
State Commissioner for Data Protection and Freedom of Information Nordrhein-Westfalen Cavaleriestr. 2-4 40213 Düsseldorf
Right to data portability You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to yourself or to a third party in a common, machine-readable format. If you request the direct transfer of data to another person responsible, this will only be done insofar as it is technically feasible.
Information, deletion and correction Within the framework of the applicable legal provisions, you have the right to receive information free of charge about your stored personal data, its origin and recipients and the purpose of data processing and, if applicable, a right to correct or delete this data.
Right to restrict processing You have the right to request that the processing of your personal data be restricted.
cookies Our websites use so-called “cookies.” Cookies are small text files and do not cause any damage to your computer.
Technically necessary cookies, which are required to carry out the electronic communication process or to provide certain functions you have requested, are stored on the basis of Article 6 (1) (f) GDPR. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services.
Other cookies (such as cookies to analyze your surfing behavior or for marketing) are only stored on the basis of your consent. If consent to the storage of cookies and comparable recognition technologies has been requested, processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TDDDG); consent can be withdrawn at any time.
Consent with Cookie Consent Tool Our website uses consent technology (cookie banner) to obtain your consent to store certain cookies in your browser or to use certain technologies and to document this in accordance with data protection regulations. When you enter our website, a cookie is stored in your browser, which stores the consents you have given or the withdrawal of these consents. This technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.
server log files The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
This data is not combined with other data sources. This data is collected on the basis of Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website.
Hosting and contact forms via Webflow Our website is hosted by Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter “Webflow”). Webflow provides the platform on which we operate our website and offer contact forms.
When you visit our website, Webflow collects technical data (e.g. IP address, time, browser type) to ensure operation (legal basis: Art. 6 para. 1 lit. f DSGVO).
If you use our contact forms (e.g. for general inquiries or consulting inquiries), the data you enter (name, email, telephone, content of the request) is processed by Webflow and stored on their servers in order to forward it to us.
This form data is processed on the basis of Art. 6 para. 1 lit. b GDPR, as your request serves to initiate or fulfill a contract.
Data transfer to the USA: Webflow is an American company. Data is transferred to the USA. Webflow is after the EU-US Data Privacy Framework (DPF) certified. The DPF is an agreement that is intended to ensure compliance with European data protection standards when processing data in the USA. For details, see Webflow's privacy policy.
Request via email or phone If you contact us by e-mail or telephone, your request, including all resulting personal data (name, request), will be stored and processed by us for the purpose of processing your request. This data is processed on the basis of Article 6 (1) (b) GDPR, provided that your request is related to the fulfilment of a contract or is necessary to carry out pre-contractual measures. In all other cases, processing is based on our legitimate interest (Article 6 (1) (f) GDPR) in the effective processing of inquiries addressed to us.
Google Analytics This website uses Google Analytics, a web analysis service provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses “cookies” and comparable recognition technologies, which enable an analysis of your use of the website. The information generated about your use of this website is usually transmitted to a Google server in the USA and stored there.
Google Analytics is used exclusively on the basis of your consent (Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TDDDG), which you give via our cookie banner. This consent can be withdrawn at any time.
IP anonymization We have activated the IP anonymization feature on this website. As a result, your IP address is abbreviated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before transmission to the USA.
Data transfer to the USA The parent company, Google LLC, is based in the USA. Google is after EU-US Data Privacy Framework (DPF) certified. The DPF is an agreement that is intended to ensure compliance with European data protection standards when processing data in the USA.
Order processing We have concluded an order processing agreement (AVV) with Google. This is a contract required by data protection law, which ensures that Google only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
Zoho CRM If you contact us by e-mail, contact form or telephone, your enquiry data will be processed in our customer relationship management (CRM) system to process your request and to maintain the customer relationship. We use Zoho CRM for this. The provider is Zoho Corporation GmbH, Trinkausstr. 7, 40213 Düsseldorf, Germany (parent company: Zoho Corporation, USA).
This data is processed on the basis of Art. 6 para. 1 lit. b DSGVO, insofar as your request is related to the fulfilment of a contract, and on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in efficient and structured management of customer and interested party inquiries.
Data hosting in the EU: We have concluded an order processing contract (AVV) with Zoho and configured the service so that all customer data is stored exclusively in Zoho's European data centers (e.g. in Frankfurt am Main or Amsterdam). This generally precludes the transfer of your personal data to third countries.
YouTube with advanced data protection This website includes videos from YouTube. The operator of the pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We use YouTube in extended privacy mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the extended data protection mode does not necessarily preclude the transfer of data to YouTube partners.
As soon as you start a YouTube video on this website, a connection to YouTube's servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you allow YouTube to associate your surfing behavior directly with your personal profile.
YouTube is used on the basis of your consent (Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TDDDG), which you give via our cookie banner. The consent can be withdrawn at any time.
For more information about YouTube's privacy policy, please see YouTube's privacy policy. Google is after EU-US Data Privacy Framework (DPF) certified.
Book appointments with Microsoft Bookings We offer you the opportunity to make appointments with us online. For this purpose, we use the “Microsoft Bookings” service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (or for the EU: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland).
When you book an appointment, the data you enter (e.g. name, email address, telephone number, concerns) and appointment data are processed on Microsoft servers.
This data is processed to initiate or execute a contract (Art. 6 para. 1 lit. b GDPR).
Data transfer to the USA: Microsoft is after EU-US Data Privacy Framework (DPF) certified. This ensures compliance with European data protection standards. For details on data processing, see Microsoft's privacy policy.
Project Management and Support Processing (Jira & Confluence) We use the “Jira” and “Confluence” services from the provider Atlassian (EU representative: Atlassian B.V., the Netherlands) to organize projects and process support inquiries.
Hosting in Germany: We have configured data residency for these services so that all of your personal customer data is stored exclusively on servers in Germany (“Germany West” region). We have concluded a corresponding order processing agreement (AVV) with Atlassian, which ensures that the data remains in the EEA.
When you submit a support request to us as a customer, your data (name, email, content of the request) is collected in our Jira system. In Confluence, we document project progress.
This data is processed to fulfill our contractual obligations (Art. 6 para. 1 lit. b GDPR) and to protect our legitimate interest in efficient project organization (Art. 6 para. 1 lit. f GDPR).
Data processing through social networks We maintain publicly available profiles on social networks. The individual social networks we use can be found below. Social networks such as Facebook, etc. can usually comprehensively analyze your user behavior when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media sites triggers numerous data protection-relevant processing processes.
legal basis Our social media presence should ensure the most comprehensive presence possible on the Internet. This is a legitimate interest within the meaning of Article 6 (1) (f) GDPR. The analysis processes initiated by social networks may be based on different legal bases, which must be provided by the operators of the social networks (e.g. consent within the meaning of Article 6 (1) (a) GDPR).
Responsible person and enforcement of rights If you visit one of our social media sites, we, together with the operator of the social media platform, are responsible for the data processing processes triggered during this visit. In principle, you can assert your rights (information, correction, deletion, etc.) both against us and against the operator of the respective social media portal.
Storage period The data collected directly by us via the social media presence is deleted from our systems as soon as the purpose for data storage no longer applies, you ask us to delete it or withdraw your consent. We have no influence on the storage period of your data, which is stored by social network operators for their own purposes.
Social networks in detail
facebook We have a Facebook profile. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. According to Facebook, the collected data is also transferred to the USA and other third countries. We have concluded a joint processing agreement (Controller Addendum) with Facebook. For details, see Facebook's privacy policy. The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF).
linkedin We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. Details on how they handle your personal data can be found in LinkedIn's privacy policy. The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF).
instagram We have an Instagram profile. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Details on how they handle your personal data can be found in Instagram's privacy policy. The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF).
youtube We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on how they handle your personal data can be found in YouTube's privacy policy. The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF).
X (formerly Twitter) We have a profile with X. The provider is Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. The parent company is X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. Details on how they handle your personal data can be found in X's privacy policy. The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF).
applications We offer you the opportunity to apply to us. Applications will be sent by us via email to HR@ajat.io received.
If you send us an application, we process your associated personal data (e.g. contact and communication data, application documents) insofar as this is necessary to decide whether to establish an employment relationship.
The legal basis for this is § 26 BDSG (initiation of an employment relationship) and Art. 6 para. 1 lit. b DSGVO (general contract initiation).
Data storage period If we are unable to make you a job offer, you reject a job offer or withdraw your application, the data you provide will be stored or kept (retention period) for a maximum of 6 months after completion of the application process in order to be able to understand the details of the application process in the event of discrepancies (Art. 6 para. 1 lit. f GDPR).
YOU CAN OBJECT TO THIS STORAGE IF YOU HAVE LEGITIMATE INTERESTS THAT OUTWEIGH OUR INTERESTS. After expiry of the storage period, the data will be deleted, unless there is a statutory storage obligation or any other legal reason for continued storage.
We reserve the right to change our security and data protection measures insofar as this is necessary due to technical developments. In these cases, we will also adapt our privacy policy accordingly. Please therefore note the latest version of our data protection policy.
Willkommen bei AJAT GmbH. Durch den Zugriff auf oder die Nutzung unserer Website, Dienstleistungen und Lösungen („Dienste“) erklären Sie sich damit einverstanden, diese Nutzungsbedingungen („Bedingungen“) einzuhalten und an sie gebunden zu sein. Bitte lesen Sie diese sorgfältig durch, bevor Sie unsere Dienste nutzen. Wenn Sie nicht einverstanden sind, dürfen Sie unsere Dienste nicht nutzen.
