Privacy Policy




Last updated: 11 November 2025

SoftBCom Berlin GmbH (“SoftBCom”, “we”, “us”, “our”) respects your privacy and is committed to protecting your personal data.
This Privacy Policy explains how we collect, use, and safeguard personal information when you visit our websites, use our SaaS products (such as QAWacht), or communicate with us.



1. Controller and Contact


Controller (Art. 4 (7) GDPR):
SoftBCom Berlin GmbH
Schiffbauerdamm 19, 10115 Berlin, Germany
Email: contactsbc@softbcom.com
Phone: +49 30 51302118

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at the above details.


2. Data Protection Officer

SoftBCom has appointed a Data Protection Officer (DPO) who can be contacted at:
contactsbc@softbcom.com
or via postal mail to the address above, marked “Attn: Data Protection Officer”.


3. Scope of This Policy

This Policy applies to:

  • Visitors of our websites and landing pages (e.g. softbcom.de, softbcom.com).
  • Users of our SaaS services (e.g. QAWacht platform).
  • Business contacts, newsletter subscribers, and webinar participants.
It does not apply to data we process on behalf of enterprise clients within QAWacht or other products.
For such processing, SoftBCom acts as a data processor under Art. 28 GDPR, and the applicable Data Processing Agreement (DPA/AVV) governs those operations.

4. Categories and Sources of Personal Data

We may process the following categories of data:

  • Contact data: name, business email, phone number, company, job title.
  • Account and access data: login credentials, usage logs, IP address, browser type, and session timestamps.
  • Communication data: messages, support requests, or webinar/chat interactions.
  • Marketing data: preferences, newsletter subscriptions, campaign responses.
  • Technical data: device information, cookies, analytics identifiers, and server logs.

Data is collected directly from you, from your use of our website or platform, or (for enterprise clients) from your employer who has authorized access.

 

5. Purposes and Legal Bases of Processing

We process your data for the following purposes and legal bases under Art. 6 GDPR:

Purpose Legal Basis
Operating and securing our websites and services Art. 6 (1)(f) – legitimate interest
Providing and managing user accounts and platform access Art. 6 (1)(b) – contract performance
Responding to inquiries, demos, or support requests Art. 6 (1)(b) or (f)
Sending product updates or newsletters (opt-in) Art. 6 (1)(a) – consent
Conducting webinars and marketing analytics Art. 6 (1)(a) – consent
Compliance with legal obligations (tax, retention, etc.) Art. 6 (1)(c) – legal obligation

You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.


6. Cookies and Analytics

We use cookies and similar technologies to ensure proper website functionality, security, and (with consent) analytics.

Essential cookies are used under Art. 6 (1)(f) (legitimate interest).
Analytics and marketing cookies (e.g. Google Analytics, LinkedIn Insights Tag, HubSpot Tracking) are used only with your consent via our Cookie Banner.

You can change or withdraw your consent at any time.
For more details, please refer to our Cookie Policy.


7. Recipients and Data Transfers

Your data may be shared with:

  • Authorized employees and contractors of SoftBCom.
  • Trusted service providers (hosting, analytics, CRM, communication tools) bound by data processing agreements.
  • Public authorities when legally required.
We host and process data exclusively within the European Union, primarily in Hetzner data centers (Germany).
If a transfer outside the EEA becomes necessary (e.g. for customer support tools), it will only occur under Art. 46 GDPR safeguards, such as EU Standard Contractual Clauses.

8. Storage Periods

We store personal data only as long as necessary for the purposes described:

  • Contractual and account data: up to 6 years after contract end (legal retention).
  • Marketing and newsletter data: until consent withdrawal or inactivity.
  • Technical logs: up to 12 months for security and audit purposes.
  • Support or inquiry records: up to 24 months.
After these periods, data is deleted or anonymized in accordance with our Data Retention Policy.


9. Security Measures

SoftBCom maintains technical and organizational measures (TOMs) to ensure the confidentiality, integrity, and availability of personal data, including:

  • Secure hosting in ISO 27001-certified EU data centers.
  • Role-based access control and encryption in transit and at rest.
  • Regular vulnerability testing and employee security training.
A summary of our TOMs is available on our Trust Page.

10. Your Rights (Art. 15–22 GDPR)

You have the following rights regarding your personal data:

  • Access – obtain a copy of data we hold about you.
  • Rectification – correct inaccurate or incomplete data.
  • Erasure – request deletion (“right to be forgotten”).
  • Restriction – limit how we process your data.
  • Portability – receive your data in a structured format.
  • Objection – object to processing based on legitimate interest.
  • Withdraw consent – stop processing where consent was given.
To exercise your rights, contact us at contactsbc@softbcom.com.
You also have the right to lodge a complaint with a supervisory authority, e.g.:

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59–61, 10555 Berlin, Germany
www.datenschutz-berlin.de



11. Updates to This Policy

We may update this Privacy Policy periodically to reflect legal, technical, or business developments.
The latest version is always available at https://www.softbcom.com/privacy-policy.

Significant changes will be announced on our website.


12. Contact

SoftBCom Berlin GmbH
Schiffbauerdamm 19, 10115 Berlin, Germany
Email: contactsbc@softbcom.com
Phone: +49 30 51302118