Privacy Policy

1. Controller and Overview

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

As the operator of this website, we take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.

2. Data Protection Officer

We have appointed a data protection officer in our company:

3. Collection and Processing of Personal Data

3.1 When Visiting Our Website

When you use our website for informational purposes only, i.e., if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to our server (so-called "server log files"). These include:

• IP address
• Date and time of the request
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (specific page)
• Access status/HTTP status code
• Amount of data transferred
• Website from which the request comes
• Browser
• Operating system and its interface
• Language and version of the browser software

The processing takes place in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

3.2 When Using Our Training Apps

When you register for our training apps, we collect and process the following data:

• First and last name
• Email address
• Usage data within the app

The processing is carried out in accordance with Art. 6(1)(b) GDPR for the performance of the contract regarding the use of our training apps.

3.3 For Payment Transactions

For processing payments, we use the service provider Stripe. Payment data is transmitted to Stripe; we do not store any account data ourselves. For more information about data processing by Stripe, please refer to Stripe's privacy policy at: https://stripe.com/de/privacy.

Data processing is based on Art. 6(1)(b) GDPR (contract fulfillment) and our legitimate interest pursuant to Art. 6(1)(f) GDPR to offer our customers effective and secure payment options.

4. Newsletter

With your consent, you can subscribe to our newsletter, through which we inform you about our current offers. Registration takes place using a so-called "single opt-in" procedure.

For sending the newsletter, we use your email address and your name to personalize the newsletter. The legal basis is Art. 6(1)(a) GDPR (consent).

You can cancel the receipt of our newsletter at any time by clicking on the unsubscribe link included in each newsletter or by sending us an email to mail@genicsecops.com .

Your data will be stored for newsletter delivery until you unsubscribe from the newsletter.

5. Cookies and Tracking

5.1 Necessary Cookies

We use cookies on our website that are necessary for the operation of the website, particularly for authentication. Cookies are small text files that are stored on your device. These necessary cookies help to make our website usable by enabling basic functions such as page navigation and access to secure areas of the website.

The legal basis for these cookies is Art. 6(1)(f) GDPR (legitimate interest) or, in the case of contract processing, Art. 6(1)(b) GDPR (contract fulfillment).

5.2 Marketing Cookies and Analysis

We also use cookies and similar technologies for marketing and analysis purposes:

Google Tag Manager

We use Google Tag Manager to manage various tracking codes on our website. The Google Tag Manager itself does not store any personal data. For more information, please visit: https://www.google.com/analytics/tag-manager/use-policy/

Google Ads

We use Google Ads and the associated conversion tracking. Google Ads stores a cookie on your device if you have reached our website via a Google ad. The cookies expire after 30 days and are not used for personal identification.

For more information about Google Ads, please see Google's privacy policy: https://policies.google.com/privacy

Meta Pixel (Facebook Pixel)

We use the "Meta Pixel" (formerly "Facebook Pixel") from Meta Platforms Inc. on our website. This makes it possible to measure the effectiveness of Facebook/Instagram advertisements and to display targeted advertising.

For more information about data processing by Meta, please see Meta's privacy policy: https://www.facebook.com/about/privacy/

These marketing and analysis cookies are only set if you have given us your consent to do so. The legal basis for this is Art. 6(1)(a) GDPR.

You can withdraw your consent at any time in our cookie settings or adjust your browser settings to generally reject cookies.

6. Processors and Data Transfer

We use the following service providers who process data on our behalf:

• Amazon Web Services (AWS) for hosting our website and applications
• Stripe for payment processing

Data processing agreements in accordance with Art. 28 GDPR have been concluded with all processors. No data processing takes place outside the EU.

7. Duration of Storage

We store personal data only for as long as is necessary for the purposes for which they are processed or as required by legal retention obligations:

• Data related to the use of our training apps: For the duration of the use of the service and, if applicable, beyond that, as far as legal retention periods exist
• Newsletter registration data: Until withdrawal of consent
• Server log files: 14 days

8. Your Rights

As a data subject, you have the following rights:

• Right to information (Art. 15 GDPR): You have the right to request information about your personal data processed by us.
• Right to rectification (Art. 16 GDPR): You can request the correction of incorrect or completion of your personal data stored by us.
• Right to erasure (Art. 17 GDPR): You have the right to request the deletion of your personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims.
• Right to restriction of processing (Art. 18 GDPR): You can request the restriction of the processing of your personal data.
• Right to data portability (Art. 20 GDPR): You have the right to receive your personal data in a structured, commonly used and machine-readable format or to request the transfer to another controller.
• Right to object (Art. 21 GDPR): You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data which is based on Art. 6(1)(e) or (f) GDPR.
• Right to withdraw data protection consent (Art. 7(3) GDPR): You have the right to withdraw your consent given to us at any time.
• Right to lodge a complaint with a supervisory authority (Art. 77 GDPR): You have the right to lodge a complaint with a supervisory authority.

To exercise your rights, you can contact us at any time at mail@genicsecops.com .

9. Data Security

In accordance with Art. 32 GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

These measures include in particular:

• Encryption of the website using SSL/TLS
• Regular security updates and patches
• Access restrictions to personal data
• Regular backups

10. Currency and Amendment of this Privacy Policy

This privacy policy is currently valid and was last updated on 4/25/2025.

We reserve the right to modify this privacy policy to ensure it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g., when introducing new services. The new privacy policy will then apply to your next visit.