Privacy Policy
Last updated: 30 June 2026
SoftBCom Berlin GmbH (“SoftBCom”, “we”, “us”, “our”) respects your privacy and is committed to protecting your personal data.
This Privacy Policy explains how we collect, use, and safeguard personal data when you visit our websites, use our SaaS products and related services (including AI-enabled services such as QAWacht and SoftBCom AI Agents), or otherwise communicate with us.
1. Controller and Contact
Controller (Art. 4 (7) GDPR):
SoftBCom Berlin GmbH
8th floor
Europaplatz 2
10557 Berlin
Germany
Email: contactsbc@softbcom.com
Phone: +49 30 51302118
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at the above details.
2. Contact for Data Protection Matters
If you have any questions regarding the processing of your personal data or wish to exercise your data protection rights, you can contact us at:
contactsbc@softbcom.com
or by post at the address above, marked “Attn: Data Protection”.
3. Scope of This Policy
This Policy applies to:
- Visitors of our websites and landing pages (e.g. softbcom.de, softbcom.com).
- Users of our SaaS services (e.g. QAWacht and SoftBCom AI Agents).
- Business contacts, newsletter subscribers, and webinar participants.
It
does not apply to data we process
on behalf of enterprise clients within QAWacht or other products.
For such processing, SoftBCom acts as a
data processor under Art. 28 GDPR, and the applicable
Data Processing Agreement (DPA/AVV) governs those operations.
4. Categories and Sources of Personal Data
We may process the following categories of data:
- Contact data: name, business email, phone number, company, job title.
- Account and access data: login credentials, usage logs, IP address, browser type, and session timestamps.
- Communication data: messages, support requests, or webinar/chat interactions.
- Marketing data: preferences, newsletter subscriptions, campaign responses.
- Technical data: device information, cookies, analytics identifiers, and server logs.
Data is collected directly from you, from your use of our website or platform, from forms, registrations, demo requests, webinar sign-ups and other direct interactions with us, or (for enterprise clients) from your employer or organisation that has authorised access.
5. Purposes and Legal Bases of Processing
We process your data for the following purposes and legal bases under Art. 6 GDPR:
| Purpose |
Legal Basis |
| Operating and securing our websites and services |
Art. 6 (1)(f) – legitimate interest |
| Providing and managing user accounts and platform access |
Providing and managing user accounts and platform access |
| Responding to inquiries, demos, or support requests |
Art. 6 (1)(b) or (f) |
| Sending product updates or newsletters (opt-in) |
Art. 6 (1)(a) – consent |
| Registering for and conducting webinars |
Art. 6 (1)(b) or (f) |
| Marketing analytics, tracking technologies and optional marketing communications |
Art. 6 (1)(a) or (f), depending on the relevant activity |
| Compliance with legal obligations (tax, retention, etc.) |
Art. 6 (1)(c) – legal obligation |
You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
6. Cookies and Analytics
We use cookies and similar technologies to ensure proper website functionality, security, and (with consent) analytics.
Essential cookies are used under Art. 6 (1)(f) (legitimate interest).
Analytics and marketing cookies (e.g. Google Analytics, LinkedIn Insights Tag, HubSpot Tracking) are used only with your consent via our Cookie Banner.
You can change or withdraw your consent at any time.
For more details, please refer to our Cookie Policy.
7. Recipients and Data Transfers
Your data may be shared with:
- Authorized employees and contractors of SoftBCom.
- Trusted service providers (hosting, analytics, CRM, communication tools) bound by data processing agreements.
- Public authorities when legally required.
We primarily host and process personal data
within the European Union, including in
Hetzner data centers in Germany. Where technically feasible and commercially reasonable, we seek to use EU-based infrastructure and regional endpoints. If a transfer outside the EEA becomes necessary, it will occur only on the basis of appropriate safeguards under
Art. 46 GDPR, such as
EU Standard Contractual Clauses.
8. Storage Periods
We store personal data only as long as necessary for the purposes described and in accordance with applicable legal, contractual and operational requirements.
Typical retention periods are as follows:
- Contractual and account data: up to 6 years after contract end, unless a longer period is required by law.
- Marketing and newsletter data: until consent withdrawal, objection or prolonged inactivity.
- Technical logs: typically up to 12 months for security and audit purposes.
- Support or inquiry records: typically up to 24 months, unless longer retention is necessary for follow-up, legal claims or compliance purposes.
After these periods, data is deleted or anonymized in accordance with our Data Retention Policy.
9. Security Measures
SoftBCom maintains technical and organizational measures (TOMs) to ensure the confidentiality, integrity, and availability of personal data, including:
- Secure hosting in ISO 27001-certified EU data centers.
- Role-based access control and encryption in transit and at rest.
- Regular vulnerability testing and employee security training.
A summary of our technical and organisational measures is available in our
Trust & Compliance documentation.
10. Your Rights (Art. 15–22 GDPR)
You have the following rights regarding your personal data:
- Access – obtain a copy of data we hold about you.
- Rectification – correct inaccurate or incomplete data.
- Erasure – request deletion (“right to be forgotten”).
- Restriction – limit how we process your data.
- Portability – receive your data in a structured format.
- Objection – object to processing based on legitimate interest.
- Withdraw consent – stop processing where consent was given.
To exercise your rights, contact us at
contactsbc@softbcom.com.
You also have the right to lodge a complaint with a supervisory authority, e.g.:
Berliner Beauftragte für Datenschutz und InformationsfreiheitAlt-Moabit 59–61, 10555 Berlin, Germany
www.datenschutz-berlin.de
11. Updates to This Policy
We may update this Privacy Policy periodically to reflect legal, technical, or business developments.
The latest version is always available on our website.
Significant changes will be announced on our website.