Data Protection Declaration

1) General Information and Controller

We appreciate your interest in our website. In this policy, we explain how we process personal data when you use our online services. Personal data refers to any information that can identify you directly or indirectly.

The party responsible under the General Data Protection Regulation (GDPR) is:

LightBlaze GmbH
Gladbacher Str. 43
50672 Cologne, Germany
Tel.: +49 151 240 75373
Email: service@lightblaze.de

For security reasons, this website uses SSL/TLS encryption. You can recognize an encrypted connection by “https://” and the lock icon in your browser.

2) Hosting and Infrastructure

Our website is operated using third-party providers to ensure fast and secure delivery:
  • Webflow, Inc. (San Francisco, USA) provides website hosting and content delivery. Personal data such as IP addresses and log files may be processed on servers outside the EU. Transfers to the USA rely on EU Standard Contractual Clauses (Art. 46 GDPR).
  • united-domains AG (Starnberg, Germany) manages our domain services and DNS.
The legal basis for this processing is our legitimate interest in stable and secure website operation (Art. 6 (1) f GDPR).

3) Data Collected When Visiting the Website

Each time you access our website, technical data is automatically logged by our servers. This includes:
  • the page visited
  • date and time of the request
  • data volume transferred
  • referring source (e.g. previous website or search engine)
  • browser type and version
  • operating system used
  • anonymized IP address
These server log files are processed to guarantee functionality, security, and troubleshooting. The legal basis is Art. 6 (1) f GDPR.

4) Cookies and Consent

We use Cookiebot to manage cookie consent. When you visit our site, a banner allows you to select which categories of cookies you permit.
  • Essential cookies are required for the operation of the website and are processed based on Art. 6 (1) f GDPR.
  • Analytics and marketing cookies are set only if you give your consent (Art. 6 (1) a GDPR).
You can adjust or withdraw your consent at any time using the Cookiebot interface.

5) Contact Options

If you contact us via email, form, or telephone, the information you provide (e.g. name, email, request details) will be processed to handle your inquiry.
  • Legal basis: Art. 6 (1) f GDPR (legitimate interest in communication).
  • If the request is related to a contract: Art. 6 (1) b GDPR.
We delete your data once the inquiry is closed, unless statutory retention periods apply.

6) Customer Support via Help Scout

We use Help Scout (Boston, USA) to manage customer communications and live chat. Information you provide is processed and may be stored on servers in the USA.
  • Legal basis: Art. 6 (1) f GDPR (efficient handling of support requests).
  • Data transfer to the USA takes place under Standard Contractual Clauses (Art. 46 GDPR).

7) Appointment Scheduling with Calendly

For online appointments, we use Calendly (Atlanta, USA). When booking, you provide details such as your name, email address, and meeting preferences.
  • Legal basis: Art. 6 (1) b GDPR (arranging and preparing contractual discussions).
  • Data may be processed on servers in the USA under SCCs.

8) Email Marketing with Pardot

We use Pardot (Salesforce Marketing Cloud Account Engagement) for newsletters and automated email campaigns. If you subscribe, we process your email address and, if provided, additional details.
  • Subscriptions are confirmed via double opt-in.
  • Legal basis: Art. 6 (1) a GDPR (consent).
  • For existing customers, we may send information about our own products and services based on Art. 6 (1) f GDPR in connection with Section 7 (3) UWG.
  • Pardot stores data in the USA; transfers are based on SCCs.
You may unsubscribe at any time by clicking the link in the email.

9) Embedded YouTube Videos

We embed videos from YouTube (Google Ireland Ltd.) using privacy-enhanced mode. No personal data is transferred until you start playback.
  • Legal basis: Art. 6 (1) a GDPR (consent).
  • When playback starts, data may be transmitted to Google LLC in the USA under SCCs.
More information: Google Privacy Policy.

10) Analytics and Marketing Technologies

Google Analytics 4 (GA4)

We use GA4 to understand visitor interactions. GA4 uses cookies and anonymizes IP addresses.
  • Legal basis: Art. 6 (1) a GDPR (consent).
  • Transfers to Google LLC in the USA are based on SCCs.

Google Ads Conversion Tracking

We use Google Ads to measure campaign performance. When you click an ad, a cookie records whether you completed an action (conversion).
  • Legal basis: Art. 6 (1) a GDPR (consent).

Google Ads Remarketing

We use remarketing to display ads tailored to your interests. This involves setting a pseudonymous ID in your browser.

Facebook Pixel

We use the Facebook Pixel (Meta Ireland Ltd.) to track conversions and build custom audiences for advertising.
  • Legal basis: Art. 6 (1) a GDPR (consent).
  • Transfers to Meta Platforms Inc. (USA) are based on SCCs.
  • More info: Facebook Privacy Policy.

LinkedIn Insight Tag

We use the LinkedIn Insight Tag for analytics and tailored LinkedIn ads.

11) Google Web Fonts

For consistent font display, we use Google Web Fonts. Your browser connects to Google servers when fonts are loaded.
  • Legal basis: Art. 6 (1) f GDPR (interest in a uniform and appealing website).
  • Data may be transferred to Google LLC in the USA under SCCs.
If your browser does not support web fonts, a default font will be used.

12) Rights of Data Subjects

Under GDPR, you have the following rights:
  • Access to your personal data (Art. 15 GDPR)
  • Rectification of inaccurate data (Art. 16 GDPR)
  • Erasure of data (“right to be forgotten”, Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Withdrawal of consent at any time (Art. 7 (3) GDPR)
  • Complaint to a supervisory authority (Art. 77 GDPR)

Right to Object (Art. 21 GDPR)

If your data is processed based on legitimate interests (Art. 6 (1) f GDPR), you have the right to object at any time for reasons arising from your situation.
If data is processed for direct marketing, you may object at any time without giving reasons.

13) Storage Periods

We retain personal data only for as long as necessary to fulfill the stated purposes or as required by law (e.g. tax and commercial obligations). Once these periods expire, data is deleted unless further retention is justified (e.g. ongoing legal claims).
Product
BlogPricingGet StartedBook a Demo
Company
Contact
Contact
Partner ProgramClient Referral Program
Help Center
ImprintPrivacy PolicyDocumentationTerms & Conditions
© 2020-2025 Campaign Audience Builder. All rights reserved.