Privacy Policy

Last updated: June 2026

1. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

Sefeto Security UG (haftungsbeschränkt)
Königsallee 63–65, 40215 Düsseldorf, Germany
Managing Director: Laura Fliegner
E-mail: info@sefeto.com

2. General information

We process personal data only insofar as this is necessary to provide a functional website and our content, or where another legal basis applies. Data is disclosed to third parties only in the cases described below.

3. Hosting and server log files

This website is operated on servers within the European Union; access is partly routed through an upstream reverse proxy within the EU. Each time the site is accessed, information is automatically stored in server log files:

The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure, stable and trouble-free operation of the website and in defending against attacks. The log files are deleted as soon as they are no longer required for these purposes (generally within a few weeks).

4. Cookies and tracking

No analytics or marketing cookies are set in the public area of this website, and no third-party tracking services (e.g. Google Analytics) are integrated. Technically necessary cookies may be set only in the login or administration area.

5. Contact by e-mail

If you contact us by e-mail, we process the data you provide (in particular your e-mail address and the content of your message) in order to handle your request. The legal basis is Art. 6(1)(b) or (f) GDPR. The data is deleted once it is no longer required.

6. Password-protected investor area

Parts of this website are password-protected and are made available to selected persons (e.g. potential investors) on request. To grant access, we process the contact and access data required for this purpose on the basis of Art. 6(1)(b) or (f) GDPR.

7. SSL/TLS encryption

To protect the transmission of your data, this website uses TLS encryption. You can recognise an encrypted connection by the padlock symbol in your browser’s address bar.

8. Recipients and processing on our behalf

To provide the website, we use service providers (in particular for hosting and infrastructure) within the EU as processors pursuant to Art. 28 GDPR. No personal data is transferred to third countries outside the EU/EEA.

9. Your rights

Subject to the statutory requirements, you have the right of access (Art. 15 GDPR), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20) and the right to object (Art. 21 GDPR). You may withdraw any consent given at any time with effect for the future (Art. 7(3) GDPR).

10. Right to lodge a complaint

You have the right to lodge a complaint with a data protection supervisory authority. The competent authority is:

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia (LDI NRW)
Kavalleriestraße 2–4, 40213 Düsseldorf, Germany
www.ldi.nrw.de

Note: This privacy policy has been prepared with care but does not constitute legal advice. We recommend a legal review before the public go-live.