Legal

Privacy Policy

Effective date: 22 June 2026

This Privacy Policy explains how BizSim UG (haftungsbeschränkt) ("BizSim", "we", "us") collects, uses and protects personal data when you visit our website, contact us, or use our platform. We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

1. Controller

The controller responsible for data processing on this website is:

BizSim UG (haftungsbeschränkt) Neue-Heimat-Straße 8 68789 St. Leon-Rot, Germany Email: info@bizsim.ai

Full company details are available in our Impressum.

2. Scope

This policy applies to our public website and marketing pages. Where you use our platform under a separate pilot, project or subscription agreement, the data processing carried out on your behalf is additionally governed by that agreement and, where applicable, a Data Processing Agreement (DPA) pursuant to Art. 28 GDPR.

3. Personal data we process

a) Server log files. When you access our website, our hosting provider automatically collects access data (IP address, date and time of request, requested page, referrer URL, browser type and operating system). This is technically necessary to deliver the website and to ensure security and stability.

b) Contact. When you use our contact form or email us, we process the data you provide (such as your name, email address, company and message) in order to respond to your request.

c) User accounts and authentication. If you register for or are provisioned an account, we process your account data (such as name, email address, organisation and authentication identifiers) to operate the service and manage access.

d) Email communication. We process the email address and content of messages we exchange with you (e.g. account verification, service and support emails).

e) Cookies and local storage. We use technically necessary cookies and local storage to operate the site, keep you signed in, and remember preferences such as language and colour theme. We do not use advertising or third-party tracking cookies.

4. Purposes and legal bases

We process personal data on the following legal bases under Art. 6(1) GDPR:

  • Providing the website and service, and pre-contractual / contractual measures — Art. 6(1)(b) GDPR (performance of a contract or steps prior to entering into a contract), e.g. responding to enquiries, operating accounts.
  • Legitimate interests — Art. 6(1)(f) GDPR, e.g. ensuring the security and stability of our systems and preventing misuse. Our legitimate interest is the secure and efficient operation of our services.
  • Legal obligations — Art. 6(1)(c) GDPR, e.g. statutory retention obligations.
  • Consent — Art. 6(1)(a) GDPR, where we ask for it (e.g. optional communications). You may withdraw consent at any time with effect for the future.

5. Recipients and processors

We only share personal data where necessary and on a lawful basis. Service providers that process data on our behalf (e.g. hosting and infrastructure providers) act as processors under data processing agreements pursuant to Art. 28 GDPR and only on our documented instructions.

6. Hosting

Our website and platform are operated on infrastructure located in the European Union. Our infrastructure provider processes the server log data described in Section 3(a) on our behalf as a processor.

7. International data transfers

We aim to process personal data within the EU/EEA. Should a transfer to a third country occur, we ensure appropriate safeguards pursuant to Art. 44 et seq. GDPR (e.g. an EU adequacy decision or EU Standard Contractual Clauses).

8. Retention and erasure

We retain personal data only as long as necessary for the purposes described above or as required by statutory retention periods (e.g. under commercial and tax law). When the purpose no longer applies and no retention obligation exists, we erase or anonymise the data.

9. Your rights

Under the GDPR you have the right to:

  • access the personal data we hold about you (Art. 15);
  • rectification of inaccurate data (Art. 16);
  • erasure ("right to be forgotten") (Art. 17);
  • restriction of processing (Art. 18);
  • data portability (Art. 20);
  • object to processing based on legitimate interests (Art. 21); and
  • withdraw consent at any time with effect for the future (Art. 7(3)).

To exercise these rights, contact us at info@bizsim.ai.

10. Right to object

Where we process personal data on the basis of legitimate interests (Art. 6(1)(f) GDPR), you have the right to object at any time, on grounds relating to your particular situation, to such processing.

11. Right to lodge a complaint

You have the right to lodge a complaint with a data protection supervisory authority. The authority responsible for us is:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg, Lautenschlagerstraße 20, 70173 Stuttgart, Germany.

You may also contact the supervisory authority of your habitual residence.

12. Data security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss or misuse, including encrypted connections (TLS) and access controls.

13. Automated decision-making

We do not use automated decision-making producing legal effects concerning you, or similarly significantly affecting you, within the meaning of Art. 22 GDPR.

14. Changes to this policy

We may update this Privacy Policy to reflect changes to our services or legal requirements. The current version published on this page applies.

Contact

For any questions about this Privacy Policy or your personal data, contact us at info@bizsim.ai.