Do you have questions?
We are here to help!
You can reach us from Monday to Friday between 9 a.m. and 6 p.m. at
+496131 276 791 0
Do you need help?
Get in contact via mail!
New Business
info@apithinking.de
Arrange a consultation meeting
hello@apithinking.de
You can find us here, we look forward to your visit!
API Thinking GmbH
Mombacher Straße 68
55122 Mainz
Open in Google Maps
The data processing controller (“controller” as referred to in the GDPR) on this website is:
ApiThinking GmbH
Mombacher Str. 68
55122 Mainz
Germany
Phone: +49 (0) 6131 2767910
E-mail: privacy-policy@apithinking.de
We take data protection very seriously. However, we are not legally obliged to appoint a data protection officer and have not appointed a data protection officer.
In accordance with Art. 13 GDPR, we inform you about the legal basis of our data processing. If the legal basis is not specified in the data protection notice, the following applies:
The legal basis for obtaining consent is Art. 6 para. 1 lit. a in conjunction with. Art. 7 GDPR. The legal basis for processing for the fulfillment of our services and implementation of contractual measures, as well as answering inquiries is Art. 6 para. 1 lit. b GDPR. The legal basis for processing for the fulfillment of our legal obligations is Art. 6 para. 1 lit. c GDPR. If the processing of your data is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 (1) (f) GDPR serves as the legal basis for the processing. In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) (d) GDPR serves as the legal basis.
We adhere to the principles of data minimization according to Art. 5 para. 1 lit. c GDPR and storage limitation according to Art. 5 para. 1 lit. e GDPR. We store your personal data only for as long as is necessary to achieve the purposes stated here or as provided for by the retention periods stipulated by law. After the respective purpose ceases to apply or after the expiry of these retention periods, the corresponding data will be deleted as soon as possible.
Our website also includes tools from companies based in third countries (including the USA). If these tools are active, your personal data may be transmitted to the servers of the respective companies. The level of data protection in third countries generally does not correspond to EU data protection law. This means that there is a risk that your data will be passed on to authorities in these countries. We have no influence on these processing activities.
This website may contain links to third party websites or to other websites under our responsibility. If you follow a link to one of the websites outside our responsibility, please note that these websites have their own data protection information. We do not assume any responsibility or liability for these third-party websites and their privacy notices. Therefore, before using these websites, please check whether you agree with the data protection statements there.
You can recognize external links either by the fact that they are displayed in a different color from the rest of the text or underlined. Your cursor will display external links when you move it over such a link. Only when you click on an external link will your personal data be transferred to the target of the link. In doing so, the operator of the other website receives in particular your IP address, the time at which you clicked on the link, the page on which you clicked on the link, as well as further information, which you will find in the data protection notices of the respective provider.
Please also note that individual links may lead to data transfer outside the European Economic Area. This could give foreign authorities access to your data. You may not be entitled to any legal remedies against these data accesses. If you do not want your personal data to be transferred to the link destination or even undesirably exposed to access by foreign authorities, please do not click on any links.
For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption program. You can recognize an encrypted connection by checking whether the address line of the browser switches from “http://” to “https://” and also by the appearance of the lock icon in the browser line.
If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.
As a data subject within the meaning of the GDPR, you have the possibility to assert various rights. The data subject rights resulting from the GDPR are the right to information (Article 15), the right to rectification (Article 16), the right to erasure (Article 17), the right to restriction of processing (Article 18), the right to object (Article 21), the right to lodge a complaint with a supervisory authority and the right to data portability (Article 20).
Some data processing can only take place with your express consent. You have the option to revoke your consent at any time. However, the legality of the data processing until the revocation is not affected by this.
If the processing is based on Art. 6(1)(e) or (f) of the GDPR, you as the data subject may object to the processing of personal data relating to you at any time on grounds relating to your particular situation. You also have this right in the case of profiling based on these provisions iSd Art. 4 Z 4 GDPR. If we cannot demonstrate a legitimate interest for the processing that overrides your interests, rights and freedoms, or if the processing serves the assertion, exercise or defense of legal claims, we will refrain from processing your data after the objection has been made.
If the processing of personal data serves the purpose of direct marketing, you also have the right to object at any time. The same applies to profiling that is associated with direct advertising. Here, too, we will no longer process personal data as soon as you raise an objection.
If you consider that the processing of personal data concerning you infringes the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged infringement, without prejudice to any other administrative or judicial remedy.
If your data is processed automatically on the basis of consent or fulfillment of a contract, you have the right to receive this data in a structured, common and machine-readable format. In addition, you have the right to request that the data be transferred and made available to another controller, insofar as this is technically feasible.
You have the right to receive information about your processed personal data regarding the purpose of the data processing, the categories, the recipients as well as the duration of the storage. If you have any questions on this topic or on other topics regarding personal data, you can of course contact us using the contact options provided in the imprint.
You can assert the restriction of the processing of your personal data at any time. To do so, you must meet
one of the following requirements:
Restriction of processing means that the personal data, apart from storage, may only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.
When you visit our website, we automatically collect and store information in so-called server log files. Your browser automatically transmits this information to our server or to the server of our hosting company.
These are:
This data is not merged with other data sources.
The legal basis for the processing of this data is Art. 6 para. 1 lit. f GDPR. Our legitimate interest is the technically error-free presentation and optimization of this website.
Instead of operating this website on our own server, we can also have it operated on the server of an external service provider (hosting company). In this case, the personal data collected on this website will be stored on the servers of the hosting company. In addition to the data mentioned above, this may include, for example, contact requests, contact data, names, website access data, meta and communication data, contract data and other data generated via a website.
As a further legal basis, the purpose of pre-contractual or contractual performance vis-à-vis the data subject is cited. (Art. 6 para. 1 lit. b GDPR).
In the event that we have contracted a hosting company, there is an order processing contract with this service provider.
Our website uses local storage items, session storage items and/or cookies. Local storage is a mechanism that allows data to be stored within the browser on your device. This data usually includes user preferences, such as the "day" or "night" mode of a web page, and is retained until you manually delete the data. Session Storage is very similar to Local Storage, whereas the storage duration lasts only during the current session, i.e. until you close the current tab. After that, Session Storage items are deleted from your terminal. Cookies are pieces of information that a web server (server that provides web content) stores on your device in order to identify that device. They are either stored temporarily for the duration of a session (session cookies) and deleted at the end of your visit to a website or permanently (permanent cookies) on your end device until you delete them yourself or until they are automatically deleted by your web browser.
These objects may also be stored by third party companies on your terminal device when you enter our site (third party requests). This enables us, as the operator, and you, as a visitor to this website, to use certain services provided by third parties installed on this website. Examples include the processing of payment services or the display of videos.
These mechanisms have a variety of uses. They can improve the functionality of a website, control shopping cart functions, increase the security and convenience of website use, and perform analyses of visitor flows and behavior. Depending on the individual functions, these must be classified in terms of data protection law. They are necessary for the operation of the website and intended to provide certain functions (shopping cart function) or serve to optimize the website (e.g. cookies to measure visitor behavior), then their use is based on Art. 6 (1) lit. f GDPR. As a website operator, we have a legitimate interest in storing cookies, local storage items and session storage items for the technically error-free and optimized provision of our services. In all other cases, cookies, local storage items and session storage items are only stored with your express consent (Art. 6 para. 1 lit. a GDPR).
Insofar as cookies, local or session storage are used by third-party companies or for analysis purposes, we will inform you about this separately within the scope of this data protection notice. Your required consent will be requested and can be revoked at any time.
External services are used on our website. External services are third-party services that are used on our website. This can be done for various reasons, for example, for embedding videos or for the security of the website. When using these services, personal data is also passed on to the respective providers of these external services. If we do not have a legitimate interest in using these services, we will obtain your consent as a visitor to our website, which can be revoked at any time, before using them (Art. 6 para. 1 lit. a GDPR).
To protect our website from spam and abuse, we use “Google reCAPTCHA,” a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. reCAPTCHA helps verify whether interactions on our website are performed by humans. Various data (e.g., IP address, user behavior) are transmitted to Google as part of this process. The processing is based on Article 6(1)(f) of the GDPR, reflecting our legitimate interest in ensuring the security of our website. Data may be transferred to servers in the USA. For more information, please refer to Google’s privacy policy: https://policies.google.com/privacy.
We currently do not use cookies or external services that are not technically necessary. For this reason, we do not require consent management.
We use a Content Delivery Network (CDN) to optimize the performance and availability of our website. For this purpose, this service provider, which provides this network, processes your IP address and the information about when you visited our website. All further information on data processing by this service provider can be found in its privacy policy.
We base this processing on a legitimate interest (Art. 6 para. 1 lit. f GDPR).
Our legitimate interest in using a content delivery network is to be able to present our website as quickly, securely and reliably as possible.
We use the Amazon CloudFront service on our website. The provider of the service is Amazon Web Services EMEA S.à r.l., 38 Avenue John F. Kennedy L-1855, Luxembourg.
The use of the service may result in data transfer to a third country (USA).
Further information can be found in the provider's privacy information at the following URL: https://aws.amazon.com/en/privacy/.
Hosting is the provision of web space and the hosting of web pages. In order for our website to be displayed, it must be hosted by a web host. This involves the transfer and storage of personal data on the host's servers. In particular, the IP addresses, meta and communication data of the users as well as data about the website accesses are processed. When a website visitor accesses the page, a connection to the web host's servers is established. This results in the processing of personal data of the website visitor.
We base this processing on a legitimate interest (Art. 6 para. 1 lit. f GDPR).
Our legitimate interest is to be able to present our website and make it available on the Internet.
We use the Webflow Hosting service on our website. The provider of the service is Webflow Inc, 398 11th Street, 2nd Floor San Francisco, CA 94103, USA.
The use of the service may result in data transfer to a third country (USA).
Further information can be found in the provider's privacy information at the following URL: https://webflow.com/legal/eu-privacy-policy.
We have concluded a contract on order processing (AVV), so-called standard contractual clauses / standard data protection clauses, with the above-mentioned provider. This is a contract required by data protection law, which ensures that this provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
This site uses so-called web fonts provided by Adobe for the uniform display of fonts. The Adobe fonts are installed locally. A connection to Adobe servers does not take place.
This website may contain links to third party websites or to other websites under our responsibility. If you follow a link to one of the websites outside our responsibility, please note that these websites have their own data protection information. We do not assume any responsibility or liability for these third-party websites and their privacy notices. Please check this data protection information before you voluntarily provide personal data to this website.
You can recognize external links either by the fact that they are displayed in a color slightly different from the rest of the text or underlined. Your cursor will display external links when you move your cursor over such a link. Only when you click on an external link will your personal data be transferred to the link destination. In doing so, the operator of the other website receives in particular your IP address, the time at which you clicked on the link, the page on which you clicked on the link, as well as further information that you will find in the data protection notices of the respective provider.
Please also note that individual links may lead to a data transfer to non-European countries. This could result in foreign authorities or security agencies receiving connection data.
You may not have any legal remedies against these data accesses. If you do not want your personal data to be transferred to the link destination or even undesirably subject to access by foreign authorities or even security authorities, please do not click on any links.
We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services there.
We would like to point out that user data may be processed outside the European Union. This may result in risks for you as a user because, for example, the enforcement of users' rights could be made more difficult.
Furthermore, user data is usually processed for market research and advertising purposes. For example, usage profiles can be created from the usage behavior and resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements within and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users' computers, in which the usage behavior and interests of the users are stored. Furthermore, data independent of the devices used by the users may also be stored in the usage profiles (especially if the users are members of the respective platforms and are logged in to them).
The processing of the users' personal data is based on our legitimate interests in effective information of the users and communication with the users pursuant to Art. 6 (1) lit. f) GDPR. If the users are asked by the respective providers of the platforms for consent to the aforementioned data processing, the legal basis of the processing is Art. 6 (1) lit. a) GDPR.
For a detailed description of the respective processing and the opt-out options, please refer to the information of the providers linked below:
Any forwarding to providers of social media services such as Xing takes place exclusively via link, so that data about your visit to our offer (e.g. IP address, time, URL) or data available on your terminal device (e.g. cookie information) are only transmitted to the respective providers when you consciously use the link.
If you send us inquiries via the contact form, your data from the inquiry form (first and last name, e-mail, your message to us) including the further data you provide there, including contact data, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.
The processing of this data is based on Art. 6 para. 1 lit. b) GDPR, provided that your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures.
In all other cases, the processing is based on our legitimate interest in the efficient handling of the requests addressed to us (Art. 6 (1) f) GDPR) or on your consent (Art. 6 (1) a) GDPR) if this has been requested. This consent can be revoked at any time by sending us a short message.
The data entered by you in the contact form or provided by e-mail will remain with us for 6 months, unless you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after processing your request has been completed). If a contractual relationship arises, we are subject to the statutory retention periods under the German Commercial Code (up to 10 years) and delete your data after these periods have expired.
If you contact us by e-mail or telephone, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.
The processing of this data is based on Art. 6 (1) lit. b) GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the efficient handling of the requests addressed to us (Art. 6 (1) (f) GDPR) or on your consent (Art. 6 (1) (a) GDPR) if this has been requested. This consent can be revoked at any time by sending us a short message.
The data you provide to us via contact requests will remain with us for 6 months, unless you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). If a contractual relationship arises, we are subject to the statutory retention periods under the German Commercial Code (HGB) and delete your data after these periods have expired (up to 10 years).
The use of contact data published within the framework of the imprint obligation to send advertising and information materials not expressly requested is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
We offer website visitors the opportunity to submit job applications to us (e.g., via e-mail, via postal services on by submitting the online job application form). Below, we will brief you on the scope, purpose and use of the personal data collected from you in conjunction with the application process. We assure you that the collection, processing, and use of your data will occur in compliance with the applicable data privacy rights and all other statutory provisions and that your data will always be treated as strictly confidential.
If you submit a job application to us, we will process any affiliated personal data (e.g., contact and communications data, application documents, notes taken during job interviews, etc.), if they are required to make a decision concerning the establishment or an employment relationship. The legal grounds for the aforementioned are § 26 BDSG according to German Law (Negotiation of an Employment Relationship), Art. 6(1)(b) GDPR (General Contract Negotiations) and – provided you have given us your consent – Art. 6(1)(a) GDPR. You may revoke any consent given at any time. Within our company, your personal data will only be shared with individuals who are involved in the processing of your job application.
If your job application should result in your recruitment, the data you have submitted will be archived on the grounds of § 26 BDSG and Art. 6(1)(b) GDPR for the purpose of implementing the employment relationship in our data processing system.
If we are unable to make you a job offer or you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted on the basis of our legitimate interests (Art. 6(1)(f) GDPR) for up to 6 months from the end of the application procedure (rejection or withdrawal of the application). Afterwards the data will be deleted, and the physical application documents will be destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the expiry of the 6-month period (e.g., due to an impending or pending legal dispute), deletion will only take place when the purpose for further storage no longer applies.
Longer storage may also take place if you have given your agreement (Article 6(1)(a) GDPR) or if statutory data retention requirements preclude the deletion.
This privacy policy is currently valid and has the status 02-Dec-2024.
Due to the further development of our website and offers on it or due to changed legal or regulatory requirements, it may become necessary to change this privacy policy.