This statement explains which personal data is processed when you visit this website, for what purpose, and what rights you have as a data subject. As of 10 June 2026.
This website uses no tracking cookies, no analytics tools and no advertising platforms. The server stores technically required access data (e.g. anonymised IP, browser type) for a maximum of 60 days to defend against attacks. If you use the contact form, your entries are processed on our web server (Mittwald, Germany) and forwarded to us by email — no database, retained for a maximum of 6 months.
The controller within the meaning of the General Data Protection Regulation (GDPR) is:
A data protection officer is not legally required because the thresholds (§ 38 BDSG) are not met. For questions about data protection, please use the contact details above.
Personal data is any information that relates to an identified or identifiable natural person (Art. 4 No. 1 GDPR). We process your data exclusively on one of the following legal bases:
Each time this website is accessed, our hosting provider automatically records access data in so-called log files. This data is technically necessary to deliver the site correctly and to defend against attacks. The following data is captured:
Legal basis is Art. 6 (1) (f) GDPR (legitimate interest in stable and secure operation of the website). This data is not merged with other data sources. Retention periods: access logs (anonymised) 60 days; error logs 7 days; FTP logs (anonymised) 60 days. An individual adjustment of the retention period is not possible with the hosting provider used.
This website is hosted by Mittwald CM Service GmbH & Co. KG, Königsberger Straße 4-6, 32339 Espelkamp, Germany. Server location: Germany. Mittwald is ISO 27001 certified. A data processing agreement pursuant to Art. 28 GDPR is in place.
The fonts used (Exo, Crimson Pro, JetBrains Mono) are served exclusively from the Mittwald web server. No connection to Google, Adobe or other third parties takes place.
If you contact us by email or phone, the data you provide (name, email address, phone number and the content of the message) is stored and used solely to process your enquiry. It is not passed on to independent third parties.
Emails to info@nexym.de are received and stored by Strato AG, Pascalstraße 10, 10587 Berlin, Germany (email hosting). Server location: Germany. Strato processes this data exclusively on our instructions and on our behalf; a data processing agreement pursuant to Art. 28 GDPR is in place.
Legal basis is Art. 6 (1) (b) GDPR insofar as your enquiry is aimed at a contract, otherwise Art. 6 (1) (f) GDPR (legitimate interest in answering your enquiry).
The contact form on the Contact page submits your entries via POST to a PHP handler on our web server (Mittwald CM Service GmbH & Co. KG, Espelkamp, Germany — processor, DPA in place). The handler validates the input, checks for spam and then sends the enquiry by authenticated SMTP via the Strato mailbox (Strato AG, Berlin, Germany — processor, DPA in place) as an email to info@nexym.de. No data is stored in a database; the enquiry is received exclusively as an email in the mailbox and deleted once handled, at the latest after 6 months.
Legal basis for the processing of your enquiry is Art. 6 (1) (b) GDPR (pre-contractual measures) insofar as your enquiry is aimed at a contract, otherwise Art. 6 (1) (f) GDPR (legitimate interest in answering it). Ticking the checkbox before sending points you to this privacy policy and does not constitute separate consent.
Providing your name and email address is required to process your enquiry; without this information we cannot respond. All other fields are optional.
This website stores your display preferences (theme: light / dark, language: DE / EN) in your browser's localStorage. This data stays exclusively on your device, is never transmitted to us or to third parties and contains no personal information. You can delete it at any time via your browser settings.
This website does not use any cookies — neither first-party nor third-party cookies, neither for tracking nor for marketing or reach measurement.
This website uses TLS encryption (recognisable by the lock icon in the address bar and the "https://" prefix) to protect the transmission of your data against being read by third parties.
We store personal data only as long as required for the respective purpose or as mandated by statutory retention periods (e.g. 6 years for commercial correspondence under § 257 HGB, 10 years for tax-relevant documents under § 147 AO). After expiry, the data is deleted or securely anonymised.
Contact enquiries without a resulting contract are deleted once handled, at the latest after 6 months. Business correspondence with contractual relevance is subject to the statutory retention periods stated above (§ 257 HGB, § 147 AO).
You have the right at any time to assert the following claims against us:
An informal email to datenschutz@nexym.de is sufficient. We will process your request without undue delay, at the latest within one month.
There is no automated decision-making, including profiling, within the meaning of Art. 22 GDPR.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR). The competent authority is in particular the supervisory authority of the federal state in which you reside or in which the alleged infringement was committed.
The competent authority for the location of Nexym is:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen