Privacy Policies

3.1 Provision of the website 

Purpose of Processing:  

We process your data to

• ensure the reliable operation of the Website

• facilitate user-friendly access to our Website

• and maintain IT security

Recipients: 

• Framer B.V., Singel 542, 1017 AZ Amsterdam, Netherlands (Provision and operation of a web-based design and development platform for creating websites, prototypes, and interactive user interfaces)

• Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, L-1855, Luxemburg (Provision of cloud computing infrastructure and services for storing, processing, and managing data, as well as operating web applications and services)

Data Processed: 

• IP address of the requesting device

• Method (e.g., GET, POST), date and time of the request

• Address of the accessed website and path of the requested file

• if applicable, the previously accessed or requesting website/file (HTTP referer)

• Information about the browser and operating system used

• Version of the HTTP protocol, HTTP status code, size of the delivered file

• Request information such as language, content type, content encoding, character sets

Legal Basis:  Art. 6(1)(f) GDPR. The processing of the aforementioned data is necessary to provide the Website and to ensure its secure and user-friendly operation.

Retention Period: The collected data will be deleted when it is no longer necessary for the operation of the Website, and at the latest after 30 days, unless a longer retention period is required by law. 

Further information: https://www.framer.com/legal/privacy-statement/; https://aws.amazon.com/de/compliance/data-privacy/.

3.2 Google Fonts

Purpose: Display of website content and fonts indirectly via Tally

Recipient: Tally as the responsible party for integrating Google Fonts; Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland and Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Data processed: 

• Access data (e.g. IP address, error timestamp) 

• Device information (e.g. device type, operating system) 

• Browser data (e.g. browser type, version) 

• Location data (e.g. country based on IP address) 

Legal basis: Legitimate interest according to Art. 6(1)(f) GDPR. The legitimate interest is in the appropriate display of our content and fonts. 

Retention period: Data is deleted as soon as the purpose of display is fulfilled. 

Third country transfer: Data may be transferred to servers in the USA. Google is certified under the EU-U.S. Data Privacy Framework, so transfers are based on Art. 45 GDPR. Standard Contractual Clauses (SCCs) are also in place with Google.

Further information: https://tally.so/privacy; https://policies.google.com/privacy.

3.3 Book a demo

Purpose: Collection of contact information for scheduling and conducting product demonstrations.

Recipient: Tally.so, 228 Park Ave S, New York, NY 10003, USA; Cal.com, Inc. 2261 Market Street, Suite 4382, San Francisco, CA 94114, USA

Data Processed:

• Contact information (e.g., name, email address)

• Company data (e.g., company name, position)

• Appointment preferences (e.g., desired date, time)

• Technical data (e.g., IP address, browser type)

Legal basis: Performance of a contract or pre-contractual measures pursuant to Art. 6(1)(b) GDPR for processing data necessary for demo booking, legitimate interest pursuant to Art. 6(1)(f) GDPR for processing additional data to optimize our services and for customer care.

Storage duration: Data is stored for the duration of the business relationship and beyond in accordance with legal retention periods.

Third country transfer: Data transfer to the USA based on Standard Contractual Clauses pursuant to Art. 46(2)(c) GDPR.

Further information: https://tally.so/privacy; https://cal.com/privacy

3.4 Booking a free course on www.arrcampus.com

Purpose: Collection of contact information for sending access to free course via email.

Data Processed:

• Contact information (e.g., name, email address)

• Technical data (e.g., IP address, browser type)

Legal basis: Performance of a contract or pre-contractual measures pursuant to Art. 6(1)(b) GDPR for processing data necessary for demo booking, legitimate interest pursuant to Art. 6(1)(f) GDPR for processing additional data to optimize our services and for customer care.

3.5 Purchase of a course on www.arrcampus.com

Purpose: Fulfilling of your order and processing of online payments for our services.

Recipient: Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103, USA (Payment provider), systeme.io by ITACWT Limited, 2 Cruise Park Rise, Tyrrelstown, Dublin 15, Irland (Hosting of the course)

Data Processed:

• Contact information (e.g., email address)

• Payment information (e.g., credit card number, PayPal account)

• Transaction data (e.g., purchase amount, purchase date)

• Device information (e.g., IP address, browser type)

Legal basis: Performance of a contract pursuant to Art. 6(1)(b) GDPR

Storage duration: Data is stored for the duration of the business relationship and beyond in accordance with statutory retention periods.

Third country transfer: Data transfer to the USA based on the EU-U.S. Data Privacy Framework (Art. 45 GDPR).

Further information: https://stripe.com/privacy

3.6 Applications

Purpose: Selection of candidates for potential establishment of an employment relationship.

Recipient: JOIN Solutions AG, Landsgemeindeplatz 6, 9043 Trogen.

Data Processed:

• Name

• Email address

• Phone number

• Curriculum vitae (CV)

• Cover letter

• Other application documents provided by you

• IP address

• Browser type and version

• Operating system

• Date and time of access

Legal basis: Article 6(1)(b) GDPR (performance of pre-contractual measures) and Section 26(1) BDSG; Article 6(1)(f) GDPR, where our legitimate interest is the efficient management of the recruitment process.

Retention period: We retain your personal data until the application procedure is completed. If your application is unsuccessful, your data will be stored for an additional six months after notification. In the event of a legal dispute, data may be kept until the dispute is resolved. If you are hired, your application data will be stored in your personnel file for the duration of your employment. You may withdraw your application or object to processing at any time. In this case, we will no longer consider your application and will delete all stored data.

International data transfers: Data may be transferred to Switzerland based on an adequacy decision by the European Commission. Transfers to other third countries cannot be excluded. In such cases, JOIN ensures that appropriate safeguards are in place to maintain a level of data protection in accordance with GDPR requirements.

Further information: https://join.com/privacy-policy

3.7 Analytics and Tracking

Tracking technologies enable us to analyze user behavior on our website—for example, through web storage (local or session storage), fingerprints, tags, or pixels. These technologies store information on your device or access such information to evaluate website usage. Most browsers accept these technologies by default, but you can configure your browser settings to block them or require your consent. If you disable certain tracking technologies, some website features may not function properly.

Purpose: We use tracking and analytics tools to continuously improve our website and tailor it to your needs. To achieve this, information is collected using technologies or by combining device data (device fingerprinting). 

Legal Basis: Necessary tools for website operation are used based on our legitimate interests under Art. 6(1)(f) GDPR, or to perform a contract/pre-contractual measure under Art. 6(1)(b) GDPR. Storage/access of information on your device is strictly necessary in these cases and subject to § 25(2) TDDDG. Optional tools are used only with your consent under Art. 6(1)(a) GDPR, § 25(1) TDDDG. The following section describes the tracking and analytics tools used, their purposes, and the processed data.

Sentry

Purpose: To monitor and improve the stability and technical performance of the website by detecting and analyzing errors.

Recipient: Functional Software, Inc. d/b/a Sentry, 1501 Mariposa St #408, San Francisco, CA 94107, USA.

Categories of data processed:

• Access data (e.g., IP address, time of error occurrence) 

• Event data (e.g., crash reports, error logs) 

• Usage data (e.g., general usage statistics, page views at the time of error) 

• Device information (e.g., device type, operating system) 

• Browser data (e.g., browser type, version) 

• Location data (e.g., country based on IP address) 

Legal basis: Legitimate interest in accordance with Article 6(1)(f) GDPR. The legitimate interest is the monitoring, error diagnosis, and ensuring the technical stability and security of the website.

Retention period: Data is stored for up to 90 days and then deleted or anonymized.

International data transfer: Data may be transferred to the USA based on the EU-U.S. Data Privacy Framework (Article 45 GDPR).

Further information: https://sentry.io/privacy/

Framer Analytics

Purpose: Collect usage data to improve website performance, user experience, and functionality of Framer-powered websites.

Recipient: Framer B.V., Planciusstraat 75, 1013 MR Amsterdam, The Netherlands

Processed data:

• Usage information (e.g. pages visited, features used)

• Device information (e.g. browser type, operating system)

• Performance metrics (e.g. load times, interaction events)

• Approximate location (e.g. country derived from IP address)

Legal basis: Legitimate interest pursuant to Art. 6(1)(f) GDPR (optimizing our website's performance and user experience)

Storage duration: Data is retained for 12 months, after which it is aggregated and anonymized.

Further information: https://www.framer.com/legal/privacy-statement/https://www.framer.com/legal/privacy-policy/

Web Analytics with Plausible Analytics (self-hosted)

Purpose: Analysis of user behavior to improve our website and the usability

Recipient: Exclusively us as the website operator. The data is processed on our own servers in Germany.

Processed data:

• Accessed pages and paths (e.g., homepage, product pages)

• Referrer (e.g., search engine, social media)

• Used browser and operating system (e.g., Chrome, Windows)

• Screen resolution (e.g., 1920x1080)

• Anonymized IP address (truncated)

• Time of access (e.g., date, time)

Legal basis: Legitimate interest pursuant to Art. 6(1)(f) GDPR (improvement of our website and the usability)

Storage duration: Maximum of 13 months, after which data is completely deleted or anonymized