Privacy Policy

Last updated: 16 April 2026

SoftBCom Berlin GmbH (“SoftBCom”, “we”, “us”, “our”) respects your privacy and is committed to protecting your personal data.

This Privacy Policy explains how we collect, use, and safeguard personal data when you visit our websites, use our SaaS products and related services (including AI-enabled services such as QAWacht and SoftBCom AI Agents), or otherwise communicate with us.

1. Controller and Contact

Controller (Art. 4 (7) GDPR):
SoftBCom Berlin GmbH
Schiffbauerdamm 19, 10117 Berlin, Germany
Email: contactsbc@softbcom.com
Phone: +49 30 51302118

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at the above details.

2. Contact for Data Protection Matters

If you have any questions regarding the processing of your personal data or wish to exercise your data protection rights, you can contact us at:
contactsbc@softbcom.com
or by post at the address above, marked “Attn: Data Protection”.

3. Scope of This Policy

This Policy applies to:

• Visitors of our websites and landing pages (e.g. softbcom.de, softbcom.com).
• Users of our SaaS services (e.g. QAWacht and SoftBCom AI Agents).
• Business contacts, newsletter subscribers, and webinar participants.

It does not apply to data we process on behalf of enterprise clients within QAWacht or other products.
For such processing, SoftBCom acts as a data processor under Art. 28 GDPR, and the applicable Data Processing Agreement (DPA/AVV) governs those operations.

4. Categories and Sources of Personal Data

We may process the following categories of data:

• Contact data: name, business email, phone number, company, job title.
• Account and access data: login credentials, usage logs, IP address, browser type, and session timestamps.
• Communication data: messages, support requests, or webinar/chat interactions.
• Marketing data: preferences, newsletter subscriptions, campaign responses.
• Technical data: device information, cookies, analytics identifiers, and server logs.

Data is collected directly from you, from your use of our website or platform, from forms, registrations, demo requests, webinar sign-ups and other direct interactions with us, or (for enterprise clients) from your employer or organisation that has authorised access.

 

5. Purposes and Legal Bases of Processing

We process your data for the following purposes and legal bases under Art. 6 GDPR:

You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

6. Cookies and Analytics

We use cookies and similar technologies to ensure proper website functionality, security, and (with consent) analytics.

Essential cookies are used under Art. 6 (1)(f) (legitimate interest).
Analytics and marketing cookies (e.g. Google Analytics, LinkedIn Insights Tag, HubSpot Tracking) are used only with your consent via our Cookie Banner.

You can change or withdraw your consent at any time.
For more details, please refer to our Cookie Policy.

7. Recipients and Data Transfers

Your data may be shared with:

• Authorized employees and contractors of SoftBCom.
• Trusted service providers (hosting, analytics, CRM, communication tools) bound by data processing agreements.
• Public authorities when legally required.

We primarily host and process personal data within the European Union, including in Hetzner data centers in Germany. Where technically feasible and commercially reasonable, we seek to use EU-based infrastructure and regional endpoints. If a transfer outside the EEA becomes necessary, it will occur only on the basis of appropriate safeguards under Art. 46 GDPR, such as EU Standard Contractual Clauses.

8. Storage Periods

We store personal data only as long as necessary for the purposes described and in accordance with applicable legal, contractual and operational requirements.

Typical retention periods are as follows:

• Contractual and account data: up to 6 years after contract end, unless a longer period is required by law.
• Marketing and newsletter data: until consent withdrawal, objection or prolonged inactivity.
• Technical logs: typically up to 12 months for security and audit purposes.
• Support or inquiry records: typically up to 24 months, unless longer retention is necessary for follow-up, legal claims or compliance purposes.

After these periods, data is deleted or anonymized in accordance with our Data Retention Policy.

9. Security Measures

SoftBCom maintains technical and organizational measures (TOMs) to ensure the confidentiality, integrity, and availability of personal data, including:

• Secure hosting in ISO 27001-certified EU data centers.
• Role-based access control and encryption in transit and at rest.
• Regular vulnerability testing and employee security training.

A summary of our technical and organisational measures is available in our Trust & Compliance documentation.

10. Your Rights (Art. 15–22 GDPR)

You have the following rights regarding your personal data:

• Access – obtain a copy of data we hold about you.
• Rectification – correct inaccurate or incomplete data.
• Erasure – request deletion (“right to be forgotten”).
• Restriction – limit how we process your data.
• Portability – receive your data in a structured format.
• Objection – object to processing based on legitimate interest.
• Withdraw consent – stop processing where consent was given.

To exercise your rights, contact us at contactsbc@softbcom.com.
You also have the right to lodge a complaint with a supervisory authority, e.g.:

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59–61, 10555 Berlin, Germany
www.datenschutz-berlin.de

11. Updates to This Policy

We may update this Privacy Policy periodically to reflect legal, technical, or business developments.

The latest version is always available on our website.

Significant changes will be announced on our website.

12. Contact

SoftBCom Berlin GmbH
Schiffbauerdamm 19, 10117 Berlin, Germany
Email: contactsbc@softbcom.com
Phone: +49 30 51302118