Privacy Policy

Last updated on August 10, 2021 

This privacy policy informs you about your rights and how your personal data is processed by deltaDAO when you visit our website or contact us via e-mail.  

1. Controller

The controller pursuant to the EU General Data Protection Regulation (“GDPR”) for the processing of your personal data is: 

deltaDAO AG  

Geibelstraße 46b  

22303 Hamburg  


E-mail: [email protected] 

2. What’s personal data? 

Personal data is any information that can be directly or indirectly associated with you. deltaDAO takes the protection of personal data seriously and therefore only processes strictly necessary personal data about you. deltaDAO processes the following personal data. 

  • IP address: Your IP address is processed when visiting our website. 

  • E-mail address: Your e-mail address is processed if you contact us via mail. We will also process additional personal data about you if you provide them in your message (such as your name). 


You can find further information about the processing of your personal data in the chapter “Processing operations according to Article 13 GDPR”. 



3. Recipients and cross-border data transfer 


When visiting our website, your IP address is processed by Netlify, a service provider that hosts our website. Our website is served by Netlify using a Content Delivery Network, a geographically distributed network, with servers within and outside of the European Economic Area. This means, if you are located within the EEA, your IP address is highly like processed on a Netlify server within the EEA. Even if this is not the case, your personal data is appropriately handled as defined in the Standard Contractual Clauses (SCC) between Netlify and us. You can make use of your right to receive a copy of these SCC by clicking on the link below. 

Here you can find Netlify’s SCC ( Here you can find Netlify’s privacy policy ( 



When you contact us via e-mail, our (mail) service provider Microsoft supports us in processing your personal data so we can communicate with you. During this communication, your data will not leave the EEA. 


4. Processing operations according to Article 13 GDPR 

We process your personal data to provide our website and to respond to your requests via e-mail. 


4.1 Providing our website 

Our processor Netlify collects and uses your IP address for providing our website on our behalf. Your IP address is not logged or stored in any other way. 


Your IP address is collected and used because it is a technical requirement for establishing and maintaining communication between your device and our website. 

Legal basis: 

The legal basis for this processing is our legitimate interest, pursuant to Art. 6(1)(f) GDPR. 

Legitimate interests: 

Our legitimate interest is to provide our website to you. 

Retention period: 

We do not maintain your IP address after visiting our website. 


4.2 Contact via e-mail 

We collect, use and store your e-mail address and the contained personal data, such as your name, if you reach out to us via e-mail. (Microsoft supports us technically in providing our mail service to you.) 


Your personal data is collected, used, and stored by us to respond to your inquiries. 

Legal basis: 

The legal basis for this processing is our legitimate interest, pursuant to Art. 6(1)(f) GDPR. 

Legitimate interests: 

Our legitimate interest is to answer your inquiries. 

Retention period: 

We store your personal data as long we need it to process your inquires. We only store your personal data beyond this period if we are obliged to do so due to retention obligations or in the event of legal disputes. 

5. Cookies and web storage 

A cookie is a file that stores information in your browser. Cookies can be either created by the website owner (first-party cookie) or by a third party (third-party cookie). When you first visit a website, your browser downloads and saves cookies. When you visit the website again, the cookie is sent to the website owner or to a third party. Some cookies are necessary for making websites work, and others are used for enhancing your experience on the visited website. Cookies can also be used for marketing and analytics purposes. 

deltaDAO uses only functional first-party cookies or web storage, which do not transfer personal data about you, to operate our website and enhance your user experience. Web storage (local storage and session storage) has similar functionality to cookies. Whether we use cookies or web storage depends on your browser. You can disable cookies in your browser settings. Moreover, in your browser settings, you can delete cookies and web storage from your hard disk at any time. 


6. External links 

Our website contains links to websites owned by third parties. These websites are beyond our control and responsibility. We mark external links using this symbol (>arrow<). 


7. Your rights 

Pursuant to the GDPR, you have the following rights. If you wish to exercise your rights or have any questions, do not hesitate to contact us. 


7.1 Right of access (Art. 15 GDPR) 

You have the right to obtain confirmation about whether deltaDAO processes personal data about you. If we do so, you have the right to access these personal data along with the information defined in Art. 15 GDPR. 


7.2 Right to rectification (Art. 16 GDPR) 

You have the right to obtain from us the rectification of inaccurate personal data about you without undue delay. Also, you have to obtain from us the completion of incomplete personal data about you.  


7.3 Right to erasure (Art. 17 GDPR) 

You have the right to obtain the erasure of your personal data without undue delay, where the legal grounds defined in Art. 17 GDPR apply. 


7.4 Right to restriction of processing (Art. 18 GDPR) 

You have the right to obtain the restriction of processing personal data about you where the legal grounds defined in Art. 18 GDPR apply. 


7.5 Right to data portability (Art. 20 GDPR) 

You have the right to receive from us your personal data in a structured, commonly used, and machine-readable format and the right to transmit the received data to another controller without hindrance from us, where the legal grounds defined in Art. 20 GDPR apply. 



7.6 Right to object (Art. 21 GDPR) 

You have the right to object to the processing of your personal data, where we base the processing on legitimate interests (Art. 6(1)(f) GDPR). We will no longer process your personal data except we can demonstrate compelling legitimate grounds, which override your freedoms, rights, and interests, or if we have to establish, exercise, or defend legal claims. 


7.7 Right to lodge a complaint (Art. 77 GDPR) 

You have the right to lodge a complaint with a supervisory authority, especially in the Member State of your habitual residence, your place of work, or the place of the alleged infringement if you think that deltaDAO processes your personal data in a way that infringes the GDPR. 

8. Questions 

If you have any questions about our privacy policy, please send us an e-mail at
[email protected]