top of page

Privacy Policy

(Last updated: December 11, 2025) 
 
The ProperBird GmbH(hereinafter referred to as "we", "us") is pleased about your visit to our website www.properbird.com (hereinafter referred to as "Website"). 
Our principle is to collect only what we need and to process this information solely to provide you with the service you expect. 


1. Controller 
The controller responsible for processing personal data on our website within the meaning of the General Data Protection Regulation (hereinafter referred to as "GDPR") is: 
 
ProperBird GmbH
Amalienstr 45
80799 Munich
Phone: +49 151 42381876

For data protection-related inquiries or to exercise your rights as a data subject, you can contact us anytime via email at privacy@properbird.com.

 

2. Data Protection Officer 
Our appointed data protection officer is: 
 
Kertos GmbH 
Briennerstraße 41 
80333 Munich 
Germany 
Email: dsb@kertos.io 

​

3. What are personal data? 
Personal data are all information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, phone number, date of birth, email address, or IP address. Information that we cannot (or only with disproportionate effort) relate to your person, such as through anonymization of the information, is not considered personal data. The processing of personal data (e.g., collecting, querying, using, storing, or transmitting) always requires a legal basis such as your consent. 

 

4. Data processing on our website

  • Provision and use of the website 

    • Scope and purpose of data processing 
      We collect and use personal data of our users only to the extent that it is technically necessary to provide a functional website and our content and services or information. 
      When you access and use our website, we collect personal data that your browser automatically transmits to our server. This information is temporarily stored in a so-called log file. 
       
      The following information is collected without your intervention and stored until it is automatically deleted: 

      • IP address of the requesting computer, 

      • Date and time of access, 

      • Name and URL of the retrieved file, 

      • Website from which the access is made (referrer URL), the browser used and, if applicable, the operating system of your computer as well as the name of your access provider. 

      • We process the aforementioned data for the following purposes: 

      • Ensuring a smooth connection to the website 

      • Ensuring comfortable use of our website 

      • For IT security purposes 

    • Legal basis 
      Art. 6 para. 1 lit. f GDPR serves as the legal basis. The processing of the aforementioned data is necessary for the provision of a website and to enable safe and comfortable use and thus serves to protect a legitimate interest of our company.

    • Storage duration and data deletion 
      As soon as the aforementioned data are no longer required for the display of the website, they are deleted (at the latest after 30 days). The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. The user therefore has no possibility to object. Further storage is carried out in individual cases if this is required by law.

    • Third parties 
      To provide our website and services securely and efficiently, we use external service providers. We transfer data to these third parties solely for the purpose of fulfilling our contractual obligations and providing the requested services.

  • Website Hosting & CMS
    We use Wix to host and display our website.

    • Provider: Wix.com Ltd., Namal 40, 6350671 Tel Aviv, Israel.

    • Purpose: Hosting of the website, content delivery, and ensuring site security.

    • Legal Basis: Art. 6 para. 1 lit. f GDPR (Legitimate interest in a secure and efficient website).

    • Note on International Transfer: Israel is recognized by the EU Commission as providing an adequate level of data protection.

  • Cloud Infrastructure & Server Hosting
    For the technical operation of our applications, databases, and backend services, we utilize the following cloud infrastructure providers:

    • Hetzner

      • Provider: Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany.

      • Purpose: Dedicated server hosting and computing infrastructure.

      • Location: Germany/Finland (EU).

    • Heroku

      • Provider: Salesforce.com, Inc., Salesforce Tower, 415 Mission Street, San Francisco, CA 94105, USA.

      • Purpose: Platform-as-a-Service (PaaS) for hosting application code and databases.

    • Vercel

      • Provider: Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA.

      • Purpose: Hosting of frontend web applications and serverless functions.

  • Data Aggregation & Technical Services
    ​​To enable specific functionalities of our service—particularly regarding data aggregation, routing, and automated retrieval of information—we use specialized technical providers. These vendors assist us in managing data traffic and ensuring the availability of our data processing operations.

    • Bright Data (Israel/USA)

    • Scrapefly (France)

    • Massive (USA)

    • Scrapingbee (France)

    • ScraperAPI (USA)

    • Oxylabs (Lithuania)

    • Packetstream (USA)

    • Takion Technologies (USA)

 

Legal Basis: The use of these providers is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in ensuring the technical functionality, scalability, and performance of our services.

International Data Transfers: Some of the providers listed above are located in the USA or other countries outside the European Union (Third Countries). Data transfers to third countries are carried out in compliance with legal requirements.


5. International data transfer
We primarily process your data within the European Union (EU) and the European Economic Area (EEA). However, some of our service providers may be located outside the EEA in so-called "third countries". The General Data Protection Regulation imposes high demands on the transfer of personal data to third countries. All our data recipients must meet these requirements. Before we transfer your data to a service provider in a third country, each service provider is initially checked for their level of data protection. A service provider is only selected if they can demonstrate an adequate level of data protection outside the EEA. Regardless of whether our service providers are located within the EEA or in third countries, each service provider must conclude a data processing contract with us. For service providers outside the EEA, additional requirements must be met. According to Art. 44 ff. GDPR, personal data can be transferred to service providers who meet at least one of the following conditions: 

  • The European Commission has decided that the third country ensures an adequate level of protection (e.g., USA and UK). 

  • Standard contractual clauses have been included in our contract with the data recipient (including any additional measures, if necessary). 

  • Further appropriate safeguards according to Art. 46 GDPR are provided (e.g., Binding Corporate Rules). 

  • In special exceptional cases according to Art. 49 GDPR

 

6. Recipients of personal data 
Within our company, only those persons who need your personal data for the respective purposes have access to it. Your personal data will only be shared with external recipients if we are legally permitted to do so or if you have consented. Below you will find an overview of the respective recipients: 

  •  Processors: Group companies or external service providers, e.g., in the areas of technical infrastructure and processing, maintenance and payment processing, who are carefully selected and monitored. The processors may only use the data according to our instructions. 

  • Public authorities: Authorities and state institutions, such as tax authorities, prosecutors, or courts, to which we transmit personal data (must), e.g., to fulfill legal obligations or to protect legitimate interests 

 

7. Cloud Services

To provide our technical infrastructure, specifically for the hosting of our databases and application data, we use the services of the cloud infrastructure provider Hetzner Online GmbH (Industriestr. 25, 91710 Gunzenhausen, Germany).

We rent dedicated servers from Hetzner, which we manage and administer ourselves ("self-managed"). This means that while Hetzner provides the physical hardware and network connection, they do not have direct access to the software layer or the data stored within our databases unless necessary for physical maintenance.

Data Location: Our servers and the data stored on them are located exclusively in data centers in Finland. Finland is a member of the European Union (EU) and the European Economic Area (EEA); therefore, your data remains protected by the high standards of the GDPR and is not transferred to a third country in this context.

Data Processing Agreement: We have concluded a Data Processing Agreement (DPA) with Hetzner Online GmbH pursuant to Art. 28 GDPR. This serves as a guarantee that Hetzner processes data only in accordance with our instructions and complies with EU data protection regulations.

 

8. Tracking

  • Scope and Purpose of Data Processing
    Various tracking technologies are used on our website. These include setting cookies, creating a recognizable value by combining different device and browser information (device fingerprinting), or using so-called "universal IDs". The generic term "cookies" is used below for any tracking technology. Cookies are data records that are stored on your computer when you visit our website and that allow your browser to be reassigned. Cookies store information such as your language settings, for the duration of your visit to our website or the entries you make there. 
    There are different types of cookies. Session cookies are temporary cookies that are stored in the user's internet browser until the browser window is closed and the session cookies are deleted. Permanent or persistent cookies are used for repeated visits and stored in the user's browser for a predefined period. First-party cookies are set by the website the user visits. Only this website is authorized to read information from the cookies. Third-party cookies are set by organizations that do not operate the website the user visits. 
    It can also be distinguished between technically necessary, functional, and advertising cookies. The former are necessary to ensure basic functions of the website (e.g., the storage of language settings). Functional cookies collect information about the user's behavior and whether they receive error messages. Advertising cookies, on the other hand, are used to offer the user tailored advertising. 

  • Legal Basis
    The legal basis for processing personal data using technically necessary cookies is Art. 6 para. 1 lit. f GDPR, as we have an interest in presenting our website in a user-friendly manner. If you have given us your consent to use functional and advertising cookies by means of a notice provided by us on the website ("cookie banner"), the lawfulness of the use is also based on Art. 6 para. 1 sentence 1 lit. a GDPR. 

  • Storage Duration and Data Deletion
    As soon as the data transmitted to us via cookies is no longer required to fulfill the purposes described above, this information is deleted. Further storage only occurs in individual cases if this is required by law. 

  • Configuration of Browser Settings
    Most browsers are set to accept cookies by default. However, you can configure your browser to accept only certain cookies or no cookies at all. However, we would like to point out that you may not be able to use all functions of our website if you deactivate cookies in your browser settings. You can also delete cookies already stored in your browser or view the storage duration via your browser settings. It is also possible to set your browser to notify you before cookies are stored. Since the various browsers can differ in their respective functions, we ask you to use the respective help menu of your browser for the configuration options. 

  • Cookielist – refer to Wix Cookie Banner
    Consent Management and Current Cookie List (Usercentrics) We use the consent management service provided by Usercentrics GmbH (Sendlinger Str. 7, 80331 Munich, Germany) via the "Usercentrics for Wix" integration to manage your preferences and document your consent for the storage of certain cookies on your terminal device.
    Because the technologies and cookies used on our website may change to improve functionality, we do not list them individually in this static text. Instead, you can view the complete, up-to-date list of all cookies and tracking technologies currently in use directly within our Consent Banner.
    You can access this list, view detailed information about the provider and purpose of each cookie, and change or revoke your consent settings at any time by clicking the fingerprint icon (Privacy Settings) displayed on our website.

 

9. Analysis
We use tracking and analysis tools to ensure continuous optimization and tailored design of our website. With the help of tracking measures, we are also able to statistically record the use of our website by visitors and, using the insights gained, further develop our online offering for you. If you have given us your consent to the use of cookies via a notice provided by us on the website (“cookie banner”), the legality of the use is also in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. The following description of the tracking and analysis tools also shows the respective processing purposes and the data processed.

In this context, we specifically use the standard analysis functions provided by our website host, Wix (Wix.com Ltd.). These integrated tools allow us to analyze visitor flows, page views, and technical performance directly through the platform's infrastructure to ensure the website functions correctly and to improve user experience.

 


10. Data Security and Security Measures
We are committed to treating your personal data confidentially. To prevent manipulation, loss, or misuse of your data stored with us, we take extensive technical and organizational security precautions, which are regularly reviewed and adapted to technological progress.
However, we point out that due to the structure of the Internet, it is possible that the rules of data protection and the above-mentioned security measures are not observed by other persons or institutions outside our area of responsibility. In particular, unencrypted data - e.g., during transmission by e-mail - can be viewed by third parties. We have no technical influence on this. It is your responsibility as a user to protect the data you provide against misuse by encryption or other means.

 

11. Data Storage
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage can also take place if this has been provided for by the European or national legislator in EU regulations, laws, or other provisions to which the controller is subject. Blocking or deletion of the data also takes place if a storage period prescribed by the aforementioned standards expires, unless further storage of the data is necessary for the conclusion or fulfillment of a contract.

 

12. Rights of the Data Subject
With regard to your personal data, you have the following legal rights against us:

  • Right of Access
    You have the right to request confirmation as to whether we are processing personal data concerning you. If this is the case, you have the right to information about this personal data and to further information, e.g., about the processing purposes, the recipients, and the planned duration of storage or the criteria for determining the duration.

  • Right to Rectification 
    You have the right to request the rectification of inaccurate data without undue delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete data.

  • Right to Erasure (“Right to be Forgotten”) 
    You have the right to request erasure if the processing is not necessary. This is the case, for example, if your data is no longer needed for the original purposes, if you have withdrawn your consent under data protection law or if the data has been unlawfully processed.

  • Right to Restriction of Processing 
    You have the right to request the restriction of processing, e.g., if you believe that the personal data is incorrect.

  • Right to Data Portability 
    You have the right to receive the personal data concerning you in a structured, commonly used, and machine-readable format.

  • Right to Object  
    You have the right to object, on grounds relating to your particular situation, at any time to the processing of certain personal data concerning you. In the case of direct marketing, you as the data subject have the right to object at any time to the processing of personal data concerning you for such marketing; this also applies to profiling, insofar as it is related to such direct marketing.

  • Right to Withdraw Your Data Protection Consent 
    You can withdraw your consent to the processing of your personal data at any time with effect for the future. However, this does not affect the lawfulness of the processing carried out up to the withdrawal.

 Notwithstanding these rights, you have the right to lodge a complaint with a supervisory authority at any time if you believe that the processing of your personal data violates data protection regulations.

​

Change History

  • 11.12.2025, version 2.0, Second version of the revised privacy policy in the new format

  • 01.04.2022, version 1.0,  First version of the revised privacy policy.​​​​

+49 151 42381876

info@properbird.com
Amalienstr. 45, 80799 Munich

Imprint

Data Privacy

Subscribe to Our Newsletter

Thanks for Subscribing!

Connect With Us

  • LinkedIn

© 2023 ProperBird. All rights reserved.

bottom of page