Secure your spot now: neeyo User Conference 2026

DE
EN
Login
Contact us

Privacy Policy

With the following privacy policy, we would like to inform you about the types of your personal data (hereinafter also referred to as „data“) we process, for what purposes and to what extent.

The privacy policy applies to all processing of personal data carried out by us, in particular on our website, as well as within external online presences, such as our social media profiles.

This privacy policy is based on the requirements of the EU General Data Protection Regulation („GDPR“) and the revised Swiss Data Protection Act (DSG; revDSG).

The terms used are gender-neutral.

Responsible entities

The neeyo brand is operated by neeyo Group GmbH. neeyo Group GmbH represents the brand externally, in particular through the website neeyo.io and other marketing and communication channels.

neeyo Group GmbH
Schöneberger Straße 21a | 10963 Berlin | Germany
Business Address: Rumfordstraße 42 | 80469 Munich | Germany
Data protection contact: hello@neeyo.io

The processing of personal data in connection with the neeyo brand is carried out by the following companies, in each case as part of their operational activities and under their own responsibility under data protection law:

DocuMatrix GmbH
Mühlfeldstraße 4 | 3441 Einsiedl | Austria
Responsible for the processing of personal data, in particular in connection with:

• Website neeyo.io
- Newsletter
- Content, marketing and social media
- Lead and Customer Management (CRM)
- Application procedure
- Customer and contract relationships

Privacy policy: https://documatrix.com/datenschutzerklarung/

Formware GmbH
Stangenreiter Straße 2 | 83131 Nußdorf am Inn | Germany
Responsible for the processing of personal data, in particular in connection with:

- Lead and Customer Management (CRM)
- Application procedure
- Customer and contract relationships

Privacy policy: https://www.formware.de/de/datenschutz/

Which company is responsible for the processing of personal data in a specific case depends on the respective processing operation (e.g. newsletter, application procedure, conclusion of contract).

The relevant privacy policy of the responsible company contains further information on the type, scope, purpose and legal basis of data processing as well as the rights of the data subjects.

You can direct requests to exercise your data subject rights to hello@neeyo.io. We will forward your request to the responsible company if necessary.

Overview of processing

The following overview summarizes which personal data we process:

  • Contact details
    (e.g. name, e-mail address, company affiliation)
  • Customer and contract data
    (e.g. customer data, contract information, if applicable)
  • Content data
    (e.g. messages via contact forms)
  • Usage and log data
    (e.g. IP address, browser type, pages visited, access times)
  • Technical device data
    (e.g., operating system, device type)
  • Image and video recordings
    (e.g. photos of events, team presentations, reference or image videos, embedded video formats)
  • Tracking and marketing data
    (e.g. through LinkedIn Insight Tag, Meta Pixel, cookies)

Purposes and legal bases of processing

Processing is carried out for the following purposes on the basis of the legal bases stated in each case.
Note for Switzerland: Where the Swiss Data Protection Act (DSG; revDSG) applies, we base the processing of personal data – depending on the purpose – in particular on your consent, on the necessity to fulfil a contract or to carry out pre-contractual measures, on legal obligations, and on our overriding legitimate interest (e.g. in the secure and efficient operation of our website and communication).

  1. Provision and operation of the website
    • Purpose: Technical delivery, stability, security, and to ensure the functionality of the website
    • Legal basis: Art. 6(1)(f) GDPR (legitimate interest)
  2. Communication and answering inquiries
    • Purpose: Processing contact requests, including applications
    • Legal basis:
      • Art. 6(1)(b) GDPR (pre-contractual measures at the request of the data subject)
      • Art. 6(1)(f) GDPR (legitimate interest)
  3. Provision of contractual services and initiation of business relationships
    • Purpose: Customer and prospect support, as well as the identification of companies interested in our offering, for targeted outreach in the B2B sector
    • Legal basis:
      • Art. 6(1)(b) GDPR (Performance of a contract and pre-contractual inquiries)
      • Art. 6(1)(f) GDPR (legitimate interest)
  4. Analysis and optimization of the website
    • Purpose: Audience measurement, usage analysis
    • Legal basis: Art. 6(1)(a) GDPR (consent)
  5. Marketing and sales purposes
    • Purpose: Direct marketing, remarketing, newsletter
    • Legal basis: Art. 6(1)(a) GDPR (consent)
  6. Measuring the success of marketing activities
    • Purpose: Conversion tracking
    • Legal basis: Art. 6(1)(a) GDPR (consent)
  7. Public relations and company presentation
    • Purpose: Presentation of the company (images, videos, references). If consent is required, this will be obtained separately
    • Legal basis:
      • Art. 6(1)(a) GDPR (consent)
      • Art. 6(1)(f) GDPR (legitimate interest)
  8. Security measures
    • Purpose: Protection against misuse and attacks
    • Legal basis: Art. 6(1)(f) GDPR (legitimate interest)

General information on data processing

Security measures

We take appropriate technical and organizational measures to protect personal data from loss, misuse, unauthorized access or disclosure.

Data is transmitted in encrypted form (e.g. via HTTPS/TLS).

Recipients and disclosure of personal data

Personal data will only be disclosed to third parties where this is necessary to fulfil contractual obligations, where there is a legal obligation to do so, where the data subject has given their consent, or where we have a legitimate interest in doing so.

Recipients of personal data may include, in particular, IT service providers, hosting providers and providers of analytics, marketing or embedded content. We enter into the contracts required by law with these recipients, in particular data processing agreements in accordance with Article 28 of the GDPR.

Personal data may be transferred within the group of companies if this is necessary for business processes.

International data transfers

Where personal data is processed in countries outside the European Union (EU), the European Economic Area (EEA) or Switzerland, this is done strictly in accordance with legal requirements.

For data transfers to the USA or other third countries, we primarily use providers certified under the EU-US Data Privacy Framework (DPF) (available at: https://www.dataprivacyframework.gov/list).

Where necessary, we implement additional appropriate safeguards, in particular the European Commission’s Standard Contractual Clauses (SCC) (available at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en). For data transfers subject to Swiss data protection law, the SCCs are supplemented by the necessary Swiss adaptations (e.g. Swiss Addendum).

Information on data storage and deletion

Personal data is stored only for as long as is necessary for the respective processing purposes or as required by statutory retention obligations.

If the processing purposes no longer apply or if consent has been withdrawn, the data in question will be deleted in accordance with legal requirements, provided that no statutory retention obligations or legitimate interests prevent deletion.

Statutory retention obligations arise in particular from commercial and tax law provisions. In such cases, the data will be stored for the duration of the relevant retention period and subsequently deleted.

Specific processing activities

Provision of the online offering and web hosting

We process users’ personal data in order to provide our online service and to ensure the secure, stable and efficient operation of the website.

In particular, we process technical access data that is necessary to deliver content correctly to users’ respective devices, to ensure system security and to guarantee the functionality of the website. This includes, in particular, IP addresses, the date and time of access, pages visited, browser and device information, and technical log data.

 

Server log files

Every time our website is accessed, our hosting provider automatically records so-called server log files. These contain, in particular:

  • IP address of the requesting end device
  • Date and time of access
  • Pages or files accessed
  • Amount of data transferred
  • Browser type and version
  • Operating system used
  • Referrer URL

This data is processed exclusively for the purposes of technical security, system stability, and to prevent and investigate unauthorised access (e.g. attacks on the IT infrastructure).

The server log files are only stored for a limited period of time and then automatically deleted after a maximum of 30 days, provided there are no statutory retention obligations or further storage is required for evidence purposes.

Processing is carried out on the legal bases described in the section „Purposes and legal bases of processing“ .

Service providers used

Further information on data protection regarding the service providers used can be found in the respective privacy policies of the providers. The respective providers are responsible for the content of these policies.

The legally required data processing agreements are in place with the aforementioned service providers. Where processing takes place in third countries in connection with the use of individual services, the safeguards described in the section „International data transfers“ apply.

Spam and abuse protection (Google reCAPTCHA)

To protect our website and in particular our online forms against automated access, misuse and spam, we use the service Google reCAPTCHA.

reCAPTCHA analyses the behaviour of website visitors based on various technical characteristics to assess whether an input is the result of human action or an automated process. In doing so, information such as IP address, referrer URL, details about the device and browser used, mouse movements, duration of visit and other technical data may be processed and transmitted to Google.

This data is processed exclusively for the purpose of ensuring the technical security of our website and to prevent abusive automated access. If consent is required here, we will obtain this prior to use.

Processing is carried out on the legal bases described in the section „Purposes and legal bases of processing“ .

Service provider used

 

If personal data is transferred to third countries in the context of the use of Google reCAPTCHA, the provisions set out in section „International data transfers“ apply.

Cookies

We use cookies and similar technologies on our website to ensure the functionality, security and user-friendliness of our online offering and - if consent has been given - to provide analytical and marketing functions.

Cookies are small text files that are stored on the user's end device or read information from the end device. Some cookies are technically necessary to provide the website, others are optional.

Cookies are used in accordance with the legal requirements. Technically necessary cookies are used on the basis of our legitimate interests. Any other cookies are only set with the user’s prior consent.

Consent can be withdrawn or adjusted at any time via the cookie settings.

Further information on the cookies used, their storage period and individual services can be found in the relevant sections of this privacy policy and in the consent management tool used.

Service provider used

Contact form and enquiry management

When users contact us via our contact form, by e-mail or via other communication channels, we process the personal data provided in the enquiry in order to handle and respond to the respective request.

Data is entered via our contact form using the service Heyflow (Heyflow GmbH, Germany), which enables us to record enquiries in a structured manner. The information you provide will be transmitted to our systems for the purpose of processing your enquiry.

In particular, we process information such as name, contact information and the content of the request. Mandatory fields are marked as such because we need them to process your request. The processing takes place exclusively for the purpose of communication, the processing of inquiries and the implementation of pre-contractual measures or the initiation of a contractual relationship.

We use a Customer Relationship Management (CRM) system for the structured processing and management of contact enquiries. In this context, the data provided is stored and further processed in our CRM to enable efficient communication and the tracking of enquiries.

Processing is carried out on the legal bases described in the section „Purposes and legal bases of processing“ .

 

Service providers used

We use the following service providers for the collection, management, and processing of contact requests:

 

The named service providers process personal data as processors on our behalf. If processing takes place in third countries as part of the use, the protective measures described in the „International Data Transfers“ section apply.

Newsletter

When you subscribe to our newsletter, we process personal data in order to send you regular updates about our services, offers and content.

As part of the subscription process, we process your email address, as well as the time of your subscription and confirmation. In addition, further details may be processed, provided they are supplied voluntarily. The collection of this data serves to personalise the newsletter and to provide evidence of your consent.

The processing of data collected during newsletter registration is carried out on the basis of the section „Purposes and legal bases of processing“ described principles. The data will be stored until you withdraw your consent or unsubscribe from the newsletter.

You can withdraw your consent at any time, for example via the unsubscribe link at the end of each newsletter or by sending a corresponding message to hello@neeyo.io.

To optimize our newsletter, we statistically record whether newsletters are opened and which content is clicked. Automatic profiling does not take place.

Where recipients submit specific enquiries via links contained in the newsletter (e.g. “Request a consultation”), these interactions are processed in order to forward the relevant enquiry to the appropriate team and to respond to it. In this case, processing is carried out on the basis of our legitimate interest in handling enquiries efficiently and effectively.

Service provider used

We use the following service provider to send and manage the newsletter:

Brevo processes personal data as a data processor on our behalf. The processing takes place on servers within the European Union. A data processing agreement in accordance with Art. 28 GDPR has been concluded with the provider.

Communication via social media

We maintain online presences on social networks, in particular LinkedIn and Instagram. When users contact us via these platforms (e.g. through direct messages, comments or other interactions), we process the personal data transmitted in order to process and respond to the respective request.

In particular, we process the displayed profile name, communication content and any other information provided to us in the course of establishing contact.

Please note that when using social networks, personal data is also processed by the respective platform operators. This data processing is beyond our control. Information on the scope and purpose of data processing by the platform operators can be found in the respective privacy policies of the providers.

Alternatively, you can contact us at any time using the contact options provided on our website (e.g. e-mail or contact form).

Processing is carried out on the legal bases described in the section „Purposes and legal bases of processing“ .

Platforms used

 

If processing takes place in third countries within the scope of using these services, the protective measures described in the „International Data Transfers“ section shall apply.

Web analytics, monitoring and optimization

We use analysis and monitoring tools to evaluate user behavior on our website and to continuously optimize our online offering. This provides us with information about how visitors use our website, which content is particularly relevant and where there is a need for optimization.

Processing is carried out exclusively in pseudonymised form. No personal data such as names or email addresses are stored. IP addresses are truncated or otherwise technically anonymised.

Analysis tools are only used if users have previously given their consent via the cookie banner. No corresponding analysis takes place without consent.

Processing is carried out on the legal bases described in the section „Purposes and legal bases of processing“ . Further information on cookies and consent can be found in the section „Cookies“.

Services used

 

If processing takes place in third countries in the context of the use of these services, the provisions set out in section „International data transfers“ apply.

Identification of company visitors

To optimize our sales and marketing processes in the B2B sector, we process information about which companies visit our website.

For this purpose, the IP address is processed and cross-referenced with publicly accessible or commercially available company databases to enable assignment to a company. Individual natural persons are not identified in this process.

No direct personal contact data such as names or e-mail addresses are collected. No individual personal user profiles are created.

Processing is carried out on the legal bases described in the section „Purposes and legal bases of processing“ .

You have the right to object to this processing at any time on grounds relating to your particular situation (Art. 21 GDPR). You can send your objection by e-mail to hello@neeyo.io direct.

Service provider used: 

Online marketing and conversion tracking

We use online marketing and tracking technologies to manage our advertising measures and measure their success. This allows us to track whether users perform specific actions on our website after clicking on an advertisement (known as conversion tracking). In addition, these technologies may be used to display interest-based advertising to users on other websites or platforms (remarketing).

Cookies and similar technologies may be used for this purpose and pseudonymous usage data may be processed. No clear data such as names or e-mail addresses are processed.

These technologies are only used if users have previously given their consent via the cookie banner.

Processing is carried out on the legal bases described in the section „Purposes and legal bases of processing“ . Further information on cookies and consent can be found in the section „Cookies and similar technologies“.

Services used

 

If processing takes place in third countries within the scope of using the aforementioned services, the safeguards described in the „International Data Transfers“ section apply.

Application process

We have included a careers page on our website which can be used to apply for open positions.

Personal data is processed when you visit the careers page and when submitting an application. This may include, in particular, contact details, application documents (e.g. CV, cover letter, references) and technical access data (e.g. IP address, date and time of access, device and browser information). Processing is carried out solely for the purpose of conducting the application process.

The careers page is integrated into our website as an external service (e.g. as an embedded form). In doing so, content from Personio is loaded and personal data may be transferred to Personio. Personio processes the data on our behalf. Further information on the processing of personal data during the application process can be found in the separate privacy notice for applicants.

Processing is carried out on the legal bases described in the section „Purposes and legal bases of processing“ . Where consent is required as part of the application process, we will obtain this separately.

Service provider used

 

If processing takes place in third countries in the context of the use of Personio, the protective measures described in the section „International data transfers“ apply.

Login area and software usage (suite.neeyo.io)

We provide a login area for using our software under the subdomain suite.neeyo.io. Personal data is processed during registration and use of this area, particularly login credentials and technical access data.

The processing of personal data in connection with the use of the software is carried out on the basis of the applicable contractual agreements and the relevant privacy notices.

Further information on the processing of personal data in connection with the use of the software can be found in the separate data protection information for the use of the software, which can be accessed in the login area.

Rights of the data subjects

Under the applicable data protection laws, data subjects have the following rights in particular. These rights may be exercised provided that the legal requirements are met.

Rights under the GDPR

As a data subject, you have the following rights under the General Data Protection Regulation (GDPR), in particular, according to Articles 15 to 21 GDPR:

  • Right of access (Art. 15 GDPR)
    You have the right to request confirmation as to whether we are processing your personal data. If this is the case, you have the right to access this data, as well as to further information regarding the processing and a copy of the personal data.
  • Right to rectification (Art. 16 GDPR)
    You have the right to request the rectification of inaccurate personal data or the completion of incomplete data.
  • Right to erasure (Art. 17 GDPR)
    You have the right to request the erasure of your personal data, provided that the legal requirements for this are met.
  • Right to restriction processing (Art. 18 GDPR)
    You have the right, subject to the legal requirements, to request the restriction of the processing of your personal data.
  • Right to data portability (Art. 20 GDPR)
    You have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format, or to request that it be transmitted to another controller.
  • Right to object (Art. 21 GDPR)

    You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data, provided that such processing is carried out on the basis of Article 6(1)(e) or (f) of the GDPR.

    If personal data is processed for the purpose of direct marketing, you have the right to object to this processing at any time.

    To exercise your right to object, you can contact us at any time at hello@neeyo.io .

  • Right to withdraw consent (Art. 7 para. 3 GDPR)
    You have the right to withdraw your consent at any time with effect for the future.
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
    You have the right to lodge a complaint with a competent data protection supervisory authority, in particular with the supervisory authority for your habitual residence, your place of work or the place of the alleged infringement, if you consider that the processing of your personal data infringes the GDPR.

Rights under the Swiss Data Protection Act (DSG)

Data subjects with a connection to Switzerland have, in accordance with the Swiss Data Protection Act (DPA, revDPA), in particular the following rights:

  • Right of access
    You have the right to request information as to whether and what personal data is being processed about you, and to receive the information necessary to exercise your rights under the DSG.
  • Right to data disclosure or portability
    You have the right to request the disclosure of the personal data you have provided to us in a commonly used electronic format and – provided the legal requirements are met – to request its transfer to another data controller.
  • Right to rectification
    You have the right to request the correction of incorrect personal data.
  • Right to erasure, destruction or omission
    You have the right to request the erasure or destruction of personal data concerning you, or the cessation of processing, provided that no statutory retention obligations or overriding interests prevent this.
  • Right to lodge a complaint
    You have the right to lodge a complaint with a competent data protection supervisory authority (Art. 77 GDPR). Data subjects with a connection to Switzerland may also contact the Federal Data Protection and Information Commissioner (FDPIC).

Scope of this privacy policy

This privacy policy applies to the use of the website neeyo.io as well as the content and functions offered there.
Separate data protection notices apply to the login area at suite.neeyo.io and to the use of the neeyo software, which can be accessed in the respective login area.

Changes and updates to the privacy policy

We reserve the right to amend this privacy policy in order to adapt it to changed legal requirements or in the event of changes to our services and processing. The current version is always available on this website.

Status of the privacy policy

Status: February 2026

Table of contents