Privacy Policy

We, Payrails GmbH, operate the website www.payrails.com and collect certain data from our customers and visitors where necessary. In the following privacy policy, you will be informed what we do with your data, so-called personal data, and why we do this. We will also inform you how we protect your data, when this data is deleted and what rights you have within data protection. First of all: We protect your data as best as possible.

Who can I contact?

Responsible for this website is:

Payrails GmbH

Zimmerstraße 16

10969 Berlin

contact@payrails.com

Via the contact data you can reach our Data Protection Officer or another data protection relevant contact. Don’t hesitate to contact us if you have specific questions about your personal data, deletion of your personal data or similar things.

What are my rights?

You can contact us at any time if you have any questions about your rights regarding data protection or if you wish to exercise any of the following rights:

• Right to withdraw your consent in accordance with Art. 7 para. 3 GDPR (e.g. you can contact us if you wish to cancel a previously given consent to a newsletter)
• Right to access your data in accordance with Art. 15 GDPR (e.g. you can contact us if you would like to know what data we have stored about you)
• Right to correct your data in accordance with Art. 16 GDPR (e.g. you can contact us if your e-mail address has changed and we should replace your old e-mail address)
• Right to have your data deleted in accordance with Art. 17 GDPR (e.g. you can contact us if you want us to delete certain data that we have stored about you)
• Right to limit data collection in accordance with Art. 18 GDPR (e.g. you can contact us if you do not want us to use your e-mail address for newsletters, but only to send absolutely necessary e-mails)
• Right to take your data with you in accordance with Art. 20 GDPR (e.g. you can contact us to receive your data in a zipped format, if you want to upload it to another website)
• Right to object how your data is handled in accordance with Art. 21 GDPR (e.g. you can contact us if you do not agree with any user analytics procedures as described within this privacy policy)
• Right to send complaints to the supervisory authority in accordance with Art. 57 para. 1 f GDPR (e.g. you can contact the data protection supervisory authority directly)

Deletion of data and storage periods

Unless otherwise stated, we will delete or anonymize your data as soon as it is no longer needed (e.g. your e-mail address after you have unsubscribed from a newsletter). Your data will also be deleted or anonymized automatically if the mandatory storage period expires (e.g. those required by law for payment transactions). Such data may be needed for longer periods of time for legal reasons. You can request information about all personal data we have stored about you.

Visiting our website

If you merely wish to browse our website, we do not collect any personal data, with the exception of the data that your browser sends to us, e.g.:

• IP address (e.g. 96.92.316.example or 2a02:7122:8337:1112:bdb2:651f:example)
• Approximate location based on IP range (e.g. “Luxembourg city”)
• Internet provider (e.g. “Telecom” or „AT&T“)
• Internet connection speed (e.g. 100 Mbit)
• Date and time of visit (e.g. 11:45 on 25.05.2018)
• Last visited website (e.g. google.com)
• Browser and version (e.g. Chrome v65 or Safari 11.1)
• Operating system (e.g. Mac OS)
• Hardware (e.g. Intel processor)

As a safeguard to protect your privacy, we delete or anonymise your IP address after your visit. Therefore, all other data possibly attached to it can no longer be traced back to you. It will only serve anonymous and statistical purposes to optimise our website. The purpose of temporarily storing this data is necessary to establish a connection as well as loading our website the way it was designed to. Such data is therefore required to display the website on your screen, to avoid display problems and other technical error messages. The legal basis for EU visitors is the legitimate interest in accordance with the European data protection requirements under Art. 6 para. 1 lit. f GDPR. In addition, we apply the aforementioned safeguards to protect your data.

Personal data you provide voluntarily

If you contact us via the Website, we will only collect such data and information that you will provide when describing the reason for your request. The provision of personal data is not required to this end. Should any personal data be provided, it will only be used to process your request and reply to it.

If you contact us via the e-mail address specified on our website, you will provide the following personal data:

• Name
• E-mail address
• Your company name

This information will only be used to process your inquiry and reply to it.

These purposes constitute our legitimate interest, which justifies data processing pursuant to art. 6 par. 1 lit. f) GDPR. In some cases, the reason why you contact us may be a pre-contractual measure, in which case the legal basis for processing is art. 6 par. 1 lit. b) GDPR.

We collect and process the personal data of applicants for the purpose of carrying out the application procedure. The processing can also be done electronically. This is particularly the case if an applicant sends us the relevant application documents electronically, e.g. by e-mail. If we conclude an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If there is no employment, the application documents will be deleted 6 months after the end of the application procedure, provided that no other legitimate interests of ours oppose the deletion. Another legitimate interest in this sense is, for example, the burden of proof in proceedings under the General Equal Treatment Act. To process the applications, we use a service provider (Personio) with whom we have concluded a data protection contract with the requirements of Art. 28 GDPR.

Newsletter

If you are interested in receiving updates about our company or our products, you can subscribe to our newsletter. We will then save your e-mail address until you unsubscribe from the newsletter. For this purpose you will find a corresponding link to unsubscribe in every e-mail of our newsletter. The delivery of the newsletter is carried out by a professional service provider.

As a safeguard to protect your privacy, we have entered into a data processing agreement with the assigned service provider. You also have the possibility to unsubscribe from the newsletter at any time and thus delete your e-mail address from the service provider's database. The purpose of the data requested is to send the newsletter to your personal e-mail address in order to fulfil your request for updates about our company or our products. The legal basis is your consent in accordance with the European data protection requirements under Art. 6 para. 1 lit. a GDPR.

Cookies

We use cookies on our website. Cookies are small text files that are usually stored in a folder from your browser. Cookies contain information about the current or last visit to our website:

If cookies do not contain an exact expiration date, they are stored only temporarily and are automatically deleted as soon as you close your browser or restart your device. Cookies with an expiration date will still be stored even when you close your browser or restart your device. Such cookies will not be deleted until the specified date or if you delete them manually.

We use the following three types of cookies on our website:

• required cookies (cookies that are required, e.g. to display the website correctly for you and to store certain settings temporarily)
• functional and performance-related cookies (cookies that help us improve our website, e.g. to evaluate technical data of your visit and avoid error messages)
• advertising and analytics cookies (cookies that provide analytics and personalized ads, e.g. advertising for shoes is displayed if you have previously searched for shoes)

You can configure, block and delete cookies in your browser settings. If you delete all cookies from our website, some functions of the website may not be displayed correctly.

Transfer to third countries

Unless otherwise stated, all data processing operations take place within the EU or the EEA countries.

Data processing operations carried out by third-party providers established outside the mentioned geographical area may be carried out in part or in full in the countries the respective providers are based in, in accordance with the relevant and applicable data protection regulations.

A transfer of personal data outside the EU or the EEA shall only take place on the basis of on an adequacy decision of the European Commission, or subject to appropriate safeguards, including but not limited to standard data protection clauses adopted by the European Commission.

Hubspot

This website uses the services of HubSpot, a software-based marketing service of HubSpot Ireland Ltd., 2nd Floor 30 North Wall Quay, Dublin 1, Ireland.

HubSpot allows you to digitally synchronize and manage various customer service and customer management services through a central user interface. HubSpot enables lead generation, centralized email and newsletter marketing, contact management through user segmentation and CRM, and contact form management.

To fulfill its various functions, HubSpot uses cookies, small text files that are stored locally in the cache of your web browser on your device and enable us to analyze your use of the website. These cookies collect certain information such as your IP address, location, time of page access, etc. Information collected via HubSpot is stored on HubSpot servers and evaluated on our behalf.

If personal data is processed in this context, the data processing is carried out for the statistical analysis of user behavior for optimization and marketing purposes in accordance with Art. 6 (1) (f) GDPR. Other legal bases for data processing that intervene within the scope of specific HubSpot services (such as express consent in accordance with Art. 6 (1) (a) GDPR when sending newsletters) remain unaffected.

We have concluded a data processing agreement with HubSpot, which obligates HubSpot to protect our customers' data and not to pass it on to third parties.

You can permanently object to HubSpot collecting data using cookies and to the setting of cookies by preventing the storage of cookies through your browser settings.

You can find further information about Hubspot's privacy policy at the following internet address: https://legal.hubspot.com/de/datenschutz

To the extent legally required, we have obtained your consent to the processing of your data as described above in accordance with Art. 6 (1) (a) GDPR. You can revoke your consent at any time with future effect. To exercise your consent, please follow the objection option described above.

Bing Ads

On our website we use technologies from "Bing Ads", a service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (hereinafter referred to as: "Microsoft").

Bing Ads collects and stores data from which usage profiles are created using pseudonyms. Bing Ads enables us to track user activities on our website, insofar as the users have reached our website via ads from Bing Ads. If you access our website via such an ad, a cookie will be set on your end device. This enables us and Microsoft to understand that a user clicked on a Bing Ads ad and was redirected to our website. Microsoft and we can also understand that the user has reached a predetermined target page, a so-called conversion page. We only learn the total number of users who clicked on a Bing Ads ad and were then redirected to the conversion page.

The information collected is transferred to Microsoft servers in the USA and stored there for a maximum of 180 days. In addition, Microsoft may be able to use so-called cross-device tracking to track your usage behavior across several end devices you use. This allows Microsoft to show you personalized advertising on Microsoft websites and in apps provided by Microsoft.

We use Bing Ads for marketing and optimization purposes, in particular to analyze the use of our website and to be able to continuously improve individual functions and offers as well as the user experience. By statistically evaluating user behavior, we can improve our offer and make it more interesting for you as a user. This is also our legitimate interest in the processing of the above data by the third-party provider. The legal basis for this type of data processing is your consent, Article 6 (1) (a) GDPR.

You can withdraw your consent at any time with effect for the future. Please use the "Cookie consent" function in the footer.

Microsoft processes the data on our behalf based on an order processing agreement between us and Microsoft. This ensures that data processing on our behalf is carried out in accordance with the General Data Protection Regulation while guaranteeing the protection of the rights of the data subjects.

You can find more information about the analysis services of Bing Ads at: https://help.bingads.microsoft.com/#apex/3/de/53056/2

LinkedIn Marketing Solutions

We use “LinkedIn Marketing Solutions” on our website, a service provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (hereinafter “LinkedIn”). This enables us to point visitors to our website to other content that is likely to correspond to their interests based on their usage behavior on the LinkedIn social network. This content is displayed based on a cookie-based analysis of previous usage behavior, although no personal data is stored. For this interest-based content determination, cookies, i.e. small text files, are stored on your computer or mobile device in order to collect pseudonymized data about your surfing behavior and thus adapt the content individually to the stored information.

If the information collected and evaluated is personal, the processing is carried out in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest in displaying personalized page content and in market research.

The information can be assigned to the user's identity with the help of other information that LinkedIn has stored about the user, e.g. due to the user's ownership of an account on the social network "LinkedIn". LinkedIn uses an algorithm to analyze surfing behavior and can then display targeted product recommendations as personalized advertising banners on the user's LinkedIn account. LinkedIn can also combine the information collected via cookies with other information that LinkedIn has collected via other websites and/or in connection with the use of the social network "LinkedIn" and thus create pseudonymized user profiles. Under no circumstances can the information collected be used to personally identify visitors to this website.

You can prevent LinkedIn from collecting the aforementioned information by setting an opt-out cookie on one of the websites linked below:

https://www.linkedin.com/psettings/guest-controls

To the extent legally required, we have obtained your consent to the processing of your data as described above in accordance with Art. 6 (1) (a) GDPR. You can revoke your consent at any time with future effect by deactivating this service in the "Cookie Consent Tool" integrated into this website.

Further information on LinkedIn's privacy policy can be found on the following website: https://www.linkedin.com/legal/privacy-policy

‍Google Ads and Remarketing

We use Google Ads & Google Remarketing, an advertising service of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

Google Ads & Google Remarketing enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on the user data available at Google (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate this data quantitatively, for example by analyzing which search terms have led to the display of our advertisements and how many advertisements have led to corresponding clicks.

Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent Google from collecting the data generated by the cookie and relating to their use of the online offer and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

This list contains all data collected by or through the use of this service.

- your web request

- the IP address

- the browser type

- the browser language

- the date and time of your request

- one or more cookies that may uniquely identify your browser

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with Art. 25 para. 1 GDPR.

Google processes the data on our behalf on the basis of a data processing agreement between us and Google. This ensures that the data processing on our behalf is carried out in accordance with the General Data Protection Regulation while guaranteeing the protection of the rights of the data subjects.

Further information on the use of data by Google, setting and objection options, can be found in Google's privacy policy (https://policies.google.com/technologies/ads) and in the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated). You can also withdraw your consent to cookies by clicking on "Cookie consent" in the footer of our website.

Further information on the terms of use of Google Ads & Google Remarketing and the data protection regulations can be found at: https://policies.google.com/technologies/ads or at https://policies.google.com/.

Youtube

We integrate videos from the “YouTube” platform of provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. If you are habitually resident in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the data controller. Your interactions with this function are governed by Google’s privacy policy: https://policies.google.com/privacy

‍Social Media

Our website uses the "share function" of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. If you click the LinkedIn "button", you will be forwarded to your user account in a separate browser window - provided you are logged into your LinkedIn user account. The plug-in establishes a direct connection between your browser and the LinkedIn server. LinkedIn receives the information that you have visited our website with your IP address. In addition, LinkedIn will then be able to assign your visit to our website to you and your user account. We point out that we have no knowledge of the content of the transmitted (personal) data and their use by LinkedIn.

The legal basis for the collection and processing of your personal data carried out for us by LinkedIn for the aforementioned statistical purposes is Article 6 Paragraph 1 Clause 1 Letter a) GDPR. You can find more information on this in LinkedIn's privacy policy at: https://www.linkedin.com/legal/privacy-policy.

ZoomInfo

Our organization uses ZoomInfo Technologies LLC (“ZoomInfo”) to collect and process business-related information about companies and professionals. This may include names, business contact details (such as email addresses and phone numbers), job titles, company names, and similar professional information. ZoomInfo collects this data from public sources, professional profiles, and other business contexts.

If you are a business professional and wish to review, update, or delete your information from ZoomInfo’s database, you may do so by visiting the ZoomInfo Privacy Center or contacting ZoomInfo directly. For more information about how ZoomInfo collects and uses data, please refer to their Privacy Policy.

Google Tag Manager

Google Tag Manager (GTM), provided by Google Ireland Limited, Gordon House, Barrow Street Dublin 4 Ireland. We use GTM to organize all third-party tags on websites and controlling when these are triggered. You can voluntarily agree to these functions within our cookie banner and also deselect them. Depending on your location, the data is stored either in the European Union or the USA. For more information, please see Google's privacy policy.

Hotjar

We use Hotjar to track users’ activities in our website during their visit. It helps us understand what users want, care about and do on our site by visually representing their clicks, taps and scrolling behavior. Hotjar assigns all users a unique identifier called a Hotjar User ID within Recordings when they visit our website, allowing us to find Recordings from a specific user, while still allowing the user to remain otherwise anonymous. Categories of the collected data is specified by Hotjar in their website. Hotjar is a GDPR compliant solution and secures the data and the privacy.

We have also entered into contract processing agreements with all external recipients to comply with European law requirements. Depending on your location, some of the above service providers - if specified - will also transfer your data to the United States. The European Court of Justice has ruled that the United States does not have a level of data protection equivalent to the EU and authorities may be able to access data without due process. Additional safeguards are therefore required to ensure a sufficient level of data protection. To meet this requirement, we have concluded additional contracts for commissioned processing called standard contractual clauses. We also check each service provider together with our data protection officer and ensure that additional security measures are available, such as strong data encryption.

Last update of the privacy policy: 02.09.2025