The controller within the meaning of the General Data Protection Regulation (GDPR) is:
costeo GmbH
Hanauer Landstraße 289, 60314 Frankfurt, Germany
Phone: 069 8700777 - 0
Email: [datenschutz@costeo.com]
We process personal data only insofar as this is necessary to provide a functional website as well as our content and services, or where you have given your consent. The legal bases are, in particular, Art. 6 (1) (a) (consent), (b) (contract or pre-contractual measures) and (f) (legitimate interest) GDPR. Personal data is deleted as soon as the purpose of storage no longer applies and no statutory retention obligations conflict with deletion.
This website is hosted on a server operated by netcup GmbH, Daimlerstraße 25, 76185 Karlsruhe, Germany (server location: Germany). A data processing agreement pursuant to Art. 28 GDPR is in place with the provider.
On every access, the server automatically collects information that your browser transmits and stores it in so-called server log files: IP address, date and time of access, requested page/file, volume of data transferred, referrer URL as well as browser type and operating system. The legal basis is Art. 6 (1) (f) GDPR; our legitimate interest lies in the secure, stable and functional provision of the website. The log files are deleted after [period, e.g. 7-14 days], unless they are required to investigate security incidents.
If you contact us via the "Request a demo" form, we process the data you provide: first name, last name, company, email address, your area of interest and an optional message. We use this data solely to handle your request and to get in touch with you. The legal basis is Art. 6 (1) (b) GDPR (performance of pre-contractual measures) or (f) GDPR (legitimate interest in responding to enquiries).
Transmission to our system is encrypted; the data is stored [storage location, e.g. "in our backend system" / CRM]. We delete the data as soon as your enquiry has been conclusively handled and no statutory retention obligations conflict with deletion.
This website uses fonts (Inter, Poppins) provided locally on our own server. No data is transferred to third parties when they are displayed; in particular, no connection to Google servers is established.
This website uses only technically necessary cookies that are required for the operation of the site. A consent banner is not required for this. [If further cookies or tracking are used, this section must be adapted and, where applicable, a consent solution (consent banner) integrated.]
You have the following rights vis-à-vis us regarding your personal data:
You also have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data (Art. 77 GDPR). The supervisory authority responsible for us is, among others: [The Hessian Commissioner for Data Protection and Freedom of Information].
Insofar as we process your data on the basis of legitimate interests (Art. 6 (1) (f) GDPR), you have the right to object at any time to this processing on grounds relating to your particular situation.
We use TLS/SSL encryption for transmission. You can recognise an encrypted connection by "https://" in the address bar of your browser.
This privacy policy is currently valid. As our website evolves or due to changed legal or regulatory requirements, it may become necessary to amend it.
Last updated: July 2026