Privacy policy
Privacy policy
With the following privacy policy, we would like to explain to you what types of your personal data (hereinafter also referred to as „data“) we process, for what purposes and to what extent.
The privacy policy applies to all processing of personal data carried out by us, in particular to ourr Website sas well as within external online presences, such as our social media profiles.
This privacy policy is based on the Requirements of the EU General Data Protection Regulation („GDPR“) and of the revised Swiss Data Protection Act (DSG; revDSG).
The terms used are not gender-specific.
Responsible persons Positionn
The brand neeyo will be provided by the neeyo Group GmbH operated. The neeyo Group GmbH presents itself to the outside world in particular via the website neeyo.io and about other Marketingand communication appearances.
neeyo Group GmbH
Schöneberger Straße 21a |10963 Berlin | Germany
Business address: Rumfordstrasse 42 | 80469 Munich | Germany
Contact data protection: admin@neeyo.io
The processing of personal data in connection with the neeyo brand is carried out by the following companies, in each case as part of their operational activities and under their own responsibility under data protection law:
DocuMatrix GmbH
Mühlfeldstraße 4 | 3441 Einsiedl | Austria
Responsible for the processing of personal data, in particular in connection with:
Data protection regulations: https://documatrix.com/datenschutzerklarung/
Formware GmbH
Stangenreiter Straße 2 | 83131 Nußdorf am Inn | Germany
Responsible for the processing of personal data, in particular in connection with:
Data protection regulations: https://www.formware.de/de/datenschutz/
Which company is responsible for the processing of personal data in a specific individual case depends on the respective processing operation (e.g. newsletter, application procedure, conclusion of contract).
The relevant privacy policy of the responsible company contains further information on the type, scope, purpose and legal basis of data processing as well as the rights of the data subjects.
Requests for the exercise of You can exercise your data subject rights at admin@neeyo.io. We will forward your request to the responsible company if necessary.
Overview of processing
The following Overview summarizes which personal data we process:
(e.g. name, e-mail address, company affiliation)
(e.g. customer data, contract information, if applicable)
(e.g. messages via contact forms)
(e.g. IP address, browser type, pages visited, access times)
(e.g. operating system, Device type)
(e.g. photos of events, team presentations, reference or image videos, embedded video formats)
(e.g. through LinkedIn Insight Tag, Meta Pixel, cookies)
Purposee and Legal basis the processing
Processing is carried out for the following purposes on the basis of the legal bases stated in each case.
Note for Switzerland: Insofar as the Swiss Data Protection Act (DSG; revDSG) is applicable, we base the processing of personal data - depending on the purpose - in particular on your consent, on the necessity to fulfill a contract or to carry out pre-contractual measures, on legal obligations and on our overriding legitimate interest (e.g. in the secure and economical operation of our website and communication).
1. provision and operation of the website
2. communication and answering inquiries
3. Provision vyieldr Services and business initiation
4. analysis and optimization of the website
5. marketing and sales purposes
6. measuring the success of marketing measures
7. public relations and company presentation
8. safety measures
General information for data processing
Security measures
We take appropriate technical and organizational measures to protect personal data from loss, misuse, unauthorized access or disclosure.
The transmission of data is encrypted (e.g. using HTTPS/TLS).
Recipients and disclosure of personal data
Personal data will only be passed on to third parties if this is necessary to fulfill contractual obligations, if there is a legal obligation, if the data subject has given consent or if we have a legitimate interest in passing on the data.
Recipients of personal data may include IT service providers, hosting providers and providers of analysis, marketing or embedded content. We conclude the legally required contracts with these recipients, in particular order processing contracts in accordance with Art. 28 GDPR.
Personal data may be transferred within the group of companies if this is necessary for business processes.
International data transfers
If personal data is processed in countries outside the European Union (EU), the European Economic Area (EEA) or Switzerland, this is done exclusively in compliance with the legal requirements.
For data transfers to the USA or other third countries, we primarily use providers that are certified in accordance with the EU-U.S. Data Privacy Framework (DPF) (available at: https://www.dataprivacyframework.gov/list).
If necessary, we use additional suitable guarantees, in particular standard contractual clauses of the European Commission (SCC) (available at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en). For data transfers to which Swiss data protection law applies, the SCC are supplemented by the necessary Swiss adaptations (e.g. Swiss Addendum).
Information on data storage and deletion
Personal data is only stored for as long as is necessary for the respective processing purposes or for as long as there are statutory retention obligations.
If the processing purposes cease to apply or if consent is revoked, the data concerned will be deleted in accordance with the statutory provisions, provided that there are no statutory retention obligations or legitimate interests that prevent deletion.
Statutory retention obligations arise in particular from commercial and tax regulations. In these cases, the data is stored for the duration of the respective retention period and then deleted.
Concrete Verarprocessing operations
Provision of the online offer and web hosting
We process users' personal data in order to provide our online services and to ensure secure, stable and efficient website operation.
In particular, technical access data is processed that is required to deliver content correctly to the user's device, to guarantee system security and to ensure the functionality of the website. This includes, in particular, IP addresses, date and time of access, pages accessed, browser and device information and technical log data.
Server log files
Every time our website is accessed, our hosting provider automatically records so-called server log files. These contain in particular
This data is processed exclusively for the purposes of technical security, system stability and to prevent and investigate unauthorized access (e.g. attacks on the IT infrastructure).
The server log files are only stored for a limited period of time and then deleted. after a maximum of 30 days automatically deleted, provided that there are no statutory retention obligations or further storage is required for evidence purposes.
The processing is carried out on the basis of the „Purposes and legal bases of processing“ described legal bases.
Service providers used
Further information on data protection at the service providers used can be found in the respective data protection declarations of the providers. The respective providers are responsible for their content.
Web hosting and IT infrastructure
Privacy policy: https://www.mittwald.de/datenschutz
WordPress software and technical website functions
Privacy policy: https://automattic.com/de/privacy/
Performance optimization and caching
Privacy policy: https://wp-rocket.me/privacy-policy/
Google Search Console: Technical monitoring of website performance, Analysis of search queries
Privacy policy: https://policies.google.com/privacy
The legally required contracts for order processing are in place with the aforementioned service providers. If processing takes place in third countries in the context of the use of individual services, the data protection provisions set out in section „International data transfers“ described protective measures.
Spam and abuse protection (Google reCAPTCHA)
To protect our website and in particular our online forms from automated access, misuse and spam, we use the service Google reCAPTCHA.
reCAPTCHA analyzes the behavior of website visitors based on various technical characteristics in order to assess whether an input is a human action or an automated process. Information such as IP address, referrer URL, information about the end device and browser used, mouse movements, length of visit and other technical data can be processed and transmitted to Google.
This data is processed exclusively for the purpose of ensuring the technical security of our website and to prevent abusive automated access. If consent is required here, we will obtain it before use.
The processing is carried out on the basis of the „Purposes and legal bases of processing“ described legal bases.
Service provider used
• Google Ireland Limited, Ireland
Privacy policy: https://policies.google.com/privacy
If personal data is transferred to third countries in the context of the use of Google reCAPTCHA, the provisions set out in section „International data transfers“ described protective measures.
Cookies
We use cookies and similar technologies on our website to ensure the functionality, security and user-friendliness of our online offering and - if consent has been given - to provide analysis and marketing functions.
Cookies are small text files that are stored on the user's end device or read information from the end device. Some cookies are technically necessary to provide the website, others are optional.
Cookies are used in accordance with the legal requirements. Technically necessary cookies are used on the basis of our legitimate interests. All other cookies are only set with the prior consent of the user.
Consent can be revoked or adjusted at any time via the cookie settings.
Further information on the cookies used, their storage period and individual services can be found in the relevant sections of this privacy policy and in the consent management tool used.
Service provider used
Obtaining, managing and documenting consent
Privacy policy: https://de.borlabs.io/datenschutz
Contact form and request management
When users contact us via our contact form, by e-mail or via other communication channels, we process the personal data transmitted as part of the inquiry in order to process and respond to the respective request.
In particular, we process details such as name, contact information and the content of the request. Mandatory fields are marked as such, as we need these to process your request. The processing takes place exclusively for the purpose of communication, the processing of inquiries and the implementation of pre-contractual measures or the initiation of a contractual relationship.
We use a customer relationship management system (CRM) for the structured processing and management of contact inquiries. In this context, the transmitted data is stored and processed in our CRM to enable efficient communication and tracking of inquiries.
The processing is carried out on the basis of the „Purposes and legal bases of processing“ described legal bases.
Service provider used
We use for the administration and processing of contact requests:
Customer Relationship Management System
Privacy policy: https://www.pipedrive.com/en/privacy
Pipedrive processes personal data as a processor on our behalf. Insofar as processing takes place in third countries in the context of use, the provisions set out in section „International data transfers“ described protective measures.
Newsletter
If you register for our newsletter, we process personal data in order to send you regular information about our services, offers and content.
As part of the registration process, we process your e-mail address and the time of registration and confirmation. In addition, further data may be processed if provided voluntarily. The collection of this data serves to personalize the newsletter and to prove your consent.
The processing of the data collected as part of the newsletter registration takes place on the basis of which in the section „Purposes and legal bases of processing“ described principles. The data will be stored until you withdraw your consent or unsubscribe from the newsletter.
You can withdraw your consent at any time, for example via the unsubscribe link at the end of each newsletter or by sending a corresponding message to hello@neeyo.com.
To optimize our newsletter, we statistically record whether newsletters are opened and what content is clicked on. One automaticallye profiling does not take place.
If recipients make specific inquiries via links contained in the newsletter (e.g. „Request advice“), these interactions are processed in order to forward the respective inquiry to the responsible team and answer it. In this case, the processing is based on our legitimate interest in the efficient and targeted processing of inquiries.
Service provider used
We use the following service provider to send and manage the newsletter:
E-mail marketing and newsletter service
Privacy policy: https://www.brevo.com/de/legal/privacypolicy/
Brevo processes personal data as a processor on our behalf. The processing takes place on servers within the European Union. There is a contract with the provider for order processing in accordance with Art. 28 GDPR.
Communication via social media
We maintain online presences on social networks, in particular LinkedIn and Instagram. When users contact us via these platforms (e.g. through direct messages, comments or other interactions), we process the personal data transmitted in order to process and respond to the respective request.
In particular, we process the displayed profile name, communication content and any other information provided to us in the course of establishing contact.
Please note that when using social networks, personal data is also processed by the respective platform operators. This data processing is beyond our control. Information on the scope and purpose of data processing by the platform operators can be found in the respective privacy policies of the providers.
Alternatively, you can contact us at any time using the contact options provided on our website (e.g. e-mail or contact form).
The processing is carried out on the basis of the „Purposes and legal bases of processing“ described legal bases.
Platforms used
Privacy policy: https://www.linkedin.com/legal/privacy-policy
Privacy policy: https://privacycenter.instagram.com/policy
Web analysis, monitoring and optimization
We use analysis and monitoring tools to evaluate user behavior on our website and to continuously optimize our online offering. This provides us with information about how visitors use our website, which content is particularly relevant and where there is a need for optimization.
The processing is exclusively pseudonymized. No clear data such as names or e-mail addresses are stored. IP addresses are shortened or otherwise technically anonymized.
Analysis tools are only used if users have previously given their consent via the cookie banner. No corresponding analysis takes place without consent.
The processing is carried out on the basis of the „Purposes and legal bases of processing“ described legal bases. Further information on cookies and consent can be found in the section „Cookies“.
Services used
Google Analytics
Evaluation of website usage, Reporting
Privacy policy: https://policies.google.com/privacy
Technical integration of analysis and marketing tools
Privacy policy: https://policies.google.com/privacy
If processing takes place in third countries in the context of the use of these services, the provisions set out in section „International data transfers“ described protective measures.
Online marketing and conversion tracking
We use online marketing and tracking technologies to manage our advertising measures and measure their success. This allows us to track whether users perform certain actions on our website after clicking on an advertisement (so-called conversion measurement). These technologies can also be used to display interest-based advertising to users on other websites or platforms (remarketing).
Cookies and similar technologies may be used for this purpose and pseudonymous usage data may be processed. No clear data such as names or e-mail addresses are processed.
These technologies are only used if users have previously given their consent via the cookie banner.
The processing is carried out on the basis of the „Purposes and legal bases of processing“ described legal bases. Further information on cookies and consent can be found in the section „Cookies and similar technologies“.
Services used
Measuring the reach and effectiveness of Google ads
Privacy policy: https://policies.google.com/privacy
Measurement of Reach and effectiveness of LinkedIn ads
Privacy policy: https://www.linkedin.com/legal/privacy-policy
Measuring the reach and effectiveness of Instagram ads
Privacy policy: https://privacycenter.instagram.com/policy
If processing takes place in third countries in the context of the use of the aforementioned services, the provisions set out in section „International data transfers“ described protective measures.
Application procedure
We have included a careers page on our website which can be used to apply for vacancies.
Personal data is processed when the careers page is accessed and as part of an application. This may include, in particular, contact data, application documents (e.g. CV, cover letter, references) and technical access data (e.g. IP address, date and time of access, device and browser information). The processing takes place exclusively for the purpose of carrying out the application process.
The careers page is integrated into our website as an external service (e.g. as an embedded form). This loads content from Personio and may result in the transfer of personal data to Personio. Personio processes the data on our behalf. Further information on the processing of personal data in the application process can be found in the separate data protection information for applicants.
The processing is carried out on the basis of the data processing described in section „Purposes and legal bases of processing“ described legal bases. If consent is required as part of the application process, we will obtain this separately.
Service provider used
Transmission of applicant data
Privacy policy: https://www.personio.de/datenschutzerklaerung/
If processing takes place in third countries in the context of the use of Personio, the provisions set out in section „International data transfers“ described protective measures.
Login area and software usage (suite.neeyo.io)
Under the subdomain suite.neeyo.io we provide a login area for the use of our software. As part of the registration and use of this area, personal data is processed, in particular login information and technical access data.
The processing of personal data in connection with the use of the software is carried out on the basis of the applicable contractual agreements and the relevant data protection notices.
Further information on the processing of personal data in the context of software use can be found in the separate data protection information for use the software, which can be accessed in the login area.
Rights of the data subjects
Data subjects have the following rights in particular under the applicable data protection laws. These rights can be asserted if the legal requirements are met.
Rights under the GDPR
As a data subject, you have the following rights under the General Data Protection Regulation (GDPR))in particular the following rights pursuant to Art. 15 to 21 GDPR:
You have the right to request confirmation as to whether we are processing your personal data. If this is the case, you have the right to information about this data as well as further information about the processing and a copy of the personal data.
You have the right to request the rectification of inaccurate personal data or the completion of incomplete data.
You have the right to request the deletion of your personal data, provided that the legal requirements for this are met.
You have the right to request the restriction of the processing of your personal data under the legal requirements.
You have the right to receive personal data that you have provided to us in a structured, commonly used and machine-readable format or to request its transmission to another controller.
You have the right to object to the processing of your personal data at any time for reasons arising from your particular situation, provided that this is done on the basis of Art. 6 para. 1 lit. e or f GDPR.
If personal data is processed for the purpose of direct marketing, you have the right to object to this processing at any time.
You have the right to withdraw your consent at any time with effect for the future.
You have the right to lodge a complaint with a competent data protection supervisory authority, in particular with the supervisory authority of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your personal data infringes the GDPR.
Rights under the Swiss Data Protection Act (DSG)
In accordance with the Swiss Data Protection Act (DSG, revDSG) in particular the following rights:
You have the right to request information about whether and what personal data about you is being processed and to receive the information required to exercise your rights under the FADP.
You have the right to request that the personal data you have provided to us be handed over to you in a commonly used electronic format and - insofar as the legal requirements are met - to request that it be transferred to another controller.
You have the right to request the correction of incorrect personal data.
You have the right to request the deletion or destruction of the personal data concerning you or the omission of processing, provided that there are no statutory retention obligations or overriding interests to the contrary.
Right of appeal
You have the right to lodge a complaint with a competent data protection supervisory authority (Art. 77 GDPR). Data subjects with a connection to Switzerland can also contact the Federal Data Protection and Information Commissioner (FDPIC).
Scope of this privacy policy
This privacy policy applies to the use of the website neeyo.io and the content and functions offered there.
For the login area under suite.neeyo.io as well as for the use of the neeyo software, separate data protection notices apply, which can be accessed in the respective login area.
Changes and updates to the privacy policy
We reserve the right to amend this privacy policy in order to adapt it to changed legal requirements or in the event of changes to our services and processing. The current version is always available on this website.
Status of the privacy policy
Stand: february 2026