Skip to content

Privacy Policy

This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website www.adpilot.com or use our services.
We comply with the General Data Protection Regulation (GDPR) and all applicable German data protection laws.

1. Controller

The controller responsible for data processing on this website is:

opXon GmbH
Mühlenstraße 8a
14167 Berlin
Germany
Email: info@opxon.com
Phone: +49 030 20966212
Represented by: André Joswig

2. Collection and Storage of Personal Data

We process personal data only when necessary and only for legitimate purposes.

Automatically collected data (server logs):

When accessing our website, the following data is automatically processed:

  • IP address
  • Date and time of access
  • Access status / HTTP status code
  • Referrer URL
  • Browser type and version
  • Operating system
  • Amount of data transferred

These data are technically required to display the website and ensure stability and security.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest).

3. Contact and Communication

When you contact us (e.g., via email, contact form, or phone), we process:

  • Name
  • Contact details
  • Content of your message

Legal basis: Art. 6(1)(b) GDPR (pre-contractual steps) or Art. 6(1)(f) GDPR (legitimate interest).

Data is only stored for the purpose of responding and will not be shared without permission.

4. Cookies

Our website may use cookies that are necessary for technical operation (e.g., session cookies).

Non-essential cookies (analytics, marketing, targeting) are only set with your explicit consent (Art. 6(1)(a) GDPR).

You can revoke consent at any time.

5. Analytics and Tracking Tools

Google Analytics

If you have given your consent, this website uses Google Analytics, a web analytics service of Google Ireland Limited (“Google”).
Google Analytics uses cookies that allow an analysis of your use of the website. The information generated by the cookies may be transmitted to a Google server in the USA.

We use Google Analytics with IP anonymization, ensuring that your IP address is shortened within the European Union or the EEA before being transmitted.
Google processes this data on our behalf under a Data Processing Agreement (Art. 28 GDPR).

Legal basis: Consent (Art. 6(1)(a) GDPR).
You may withdraw your consent at any time.

More information on Google’s data practices:
https://policies.google.com/privacy

Matomo

If you have given your consent, we use Matomo for website analytics. Depending on configuration:

  • Self-Hosted: Data is processed solely on our servers within the EU and not shared with third parties.
  • Cloud Hosted: Data may be processed by InnoCraft Ltd. in New Zealand. New Zealand has an adequacy decision from the EU Commission (Art. 45 GDPR).

Matomo uses cookies or fingerprinting techniques to help us understand how visitors interact with our website.

Legal basis: Consent (Art. 6(1)(a) GDPR).
You may withdraw your consent at any time.

More information:
https://matomo.org/privacy/

6. Use of Third-Party Services

Our website may integrate external services (e.g., fonts, scripts, CDN resources, embedded maps or videos).
If these services collect personal data (e.g., IP address), this is only with consent unless technically required.

We ensure that external providers comply with GDPR and have appropriate safeguards (Art. 46 GDPR).

7. Data Processing for Business Purposes

If you engage with our business services (consulting, ad optimization, or the AdYield platform), we may process:

  • Billing and contract data
  • Communication history
  • Technical usage data (if using digital services)

Legal bases:

  • Art. 6(1)(b) GDPR (contract performance)
  • Art. 6(1)(f) GDPR (legitimate interest in business operations)
  • Art. 6(1)(c) GDPR (legal obligations)

8. Data Transfer

Data is only transferred to third parties when necessary for:

  • Contract fulfillment
  • Technical hosting providers
  • Legal obligations

All processors are bound by Art. 28 GDPR and contractually obliged to comply with data protection regulations.

We do not sell or trade personal data.

9. Data Retention

We store personal data:

  • Only as long as required for the intended purpose
  • According to statutory retention periods (e.g., 6–10 years for tax documents)
  • Technical logs for a maximum of 30 days unless security incidents require extension

After expiration, data is deleted or anonymized.

10. Your Rights Under GDPR

You have the following rights:

  • Right of access (Art. 15)
  • Right to rectification (Art. 16)
  • Right to erasure (Art. 17)
  • Right to restriction (Art. 18)
  • Right to data portability (Art. 20)
  • Right to object (Art. 21)
  • Right to withdraw consent at any time (Art. 7(3))

Please direct all requests to: info@opxon.com

You also have the right to lodge a complaint with a supervisory authority:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
https://www.datenschutz-berlin.de/

11. Security Measures

We use appropriate technical and organizational measures (TOMs) to protect your data, including:

  • SSL/TLS encryption
  • Access control
  • Firewall and intrusion detection systems
  • Secure server infrastructure

12. External Links

Our website may contain links to external sites.
We are not responsible for the privacy practices of these external websites.

13. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy to comply with legal requirements or changes to our services.
The current version is always available on this website.