- Workshops
- AI Facilitator
- Transformation Journeys
- Explore all features
- New
  The planning tool for transformations
  With the 9 Spaces transformation journeys, you get a step-by-step guide to driving change within your team.
  Explore now
- Success stories
- Product Updates
- About 9 Spaces
- Success Story
  Niels-Stensen Clinics & 9 Spaces
  With 9 Spaces, a care team at the Niels-Stensen Clinics has brought new momentum to their collaboration. What used to remain unspoken is now addressed openly.
  Learn more
- DE
- EN
Try for free
Log in
- Workshops
  AI Facilitator
  Transformation Journeys
  Explore all features
  New
  The planning tool for transformations
  With the 9 Spaces transformation journeys, you get a step-by-step guide to driving change within your team.
  Explore now
- Leaders Consultants & Coaches Startups & Founders HR & Corporate Learning
  Automotive & Suppliers Energy Healthcare Skilled Trades Consumer Goods & E-Commerce Media & Communications NPOs & NGOs Public Sector Logistics & Tourism Insurance & Banking
  Meetings Feedback & Conflict Team Spirit & Collaboration Self-Organisation
- Success stories
  Product Updates
  About 9 Spaces
  Success Story
  Niels-Stensen Clinics & 9 Spaces
  With 9 Spaces, a care team at the Niels-Stensen Clinics has brought new momentum to their collaboration. What used to remain unspoken is now addressed openly.
  Learn more
Try for free
Log in
DE
EN

Privacy Policy

Here you’ll learn what happens to your data when you use 9 Spaces.

We take the protection of your personal data seriously and handle it responsibly and with care.

1. General information

Your privacy matters to us. We treat your data confidentially and in accordance with the applicable data protection laws—especially the General Data Protection Regulation (GDPR) and the German Telecommunications-Telemedia Data Protection Act (TTDSG).
In this privacy notice you’ll learn:

which data we collect,
what we use it for,
the legal basis we rely on,
which tools/service providers we use,
and which rights you have.

2. Controller

Controller responsible for data processing:

NN Publishing GmbH
Uferstr. 6
13357 Berlin
Germany
Email: datenschutz@neuenarrative.de

As the operator of the “9 Spaces” platform, NN Publishing GmbH is the controller within the meaning of the GDPR. It decides on the purposes and means of processing personal data.

Data Protection Officer:

The responsible contact for data protection on this website is:

PROLIANCE GmbH
www.datenschutzexperte.de
represented by Dominik Fünkner
Leopoldstr. 21
80802 Munich
Germany
Email: datenschutzbeauftragter@datenschutzexperte.de

PROLIANCE GmbH supports us in implementing data protection requirements and is appointed as our external Data Protection Officer. It is not the controller, but acts in an advisory and supervisory capacity on behalf of NN Publishing GmbH.

3. Definitions

Our privacy notice is intended to be easy and clear for everyone. It generally uses the official terms of the GDPR. The official definitions are explained in Article 4 GDPR.

4. Data collection on our website

Server log files

The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. The data automatically collected by the provider when you visit our website includes:

browser type and version
operating system used
referrer URL
hostname of the accessing device
time of the server request
IP address

We collect this data to ensure the functionality and security of our website and for error analysis. Legal basis is Article 6(1)(f) GDPR (legitimate interest in a technically stable and secure website). This data is not merged with other data sources.

Contact & enquiries by email

If you contact us by email, we store the data you provide (e.g. email address, name, content of your enquiry) to handle your request. Legal basis: Article 6(1)(a) GDPR (consent) or Article 6(1)(b) GDPR (pre-contractual steps).

5. Cookies & consent management with CookieFirst

Our website uses cookies. Cookies are small text files that are stored either only for the duration of your session (session cookies) or on a longer-term basis (persistent cookies).

Session cookies are automatically deleted after your visit ends.
Persistent cookies remain stored until you delete them yourself or they are automatically removed.

For technically necessary cookies, we rely on Article 6(1)(f) GDPR (legitimate interest in a functional website). **All other cookies **are set only with your consent (Article 6(1)(a) GDPR), which you can withdraw at any time via the cookie banner or adjust in the cookie settings.

To manage your consents, we use the CookieFirst consent management platform (Digital Data Solutions B.V., Plantage Middenlaan 42A, 1018 DH Amsterdam, Netherlands). CookieFirst stores your consent decision to document it and to activate only the cookies you have allowed.

You can change or withdraw your consent at any time. You can adjust your cookie settings via this link.

This cookie policy was created and updated by the company Cookie Banner - CookieFirst.

6. General data processing on the website

Here you’ll find the key information on how we process your data on the website—beyond cookies, web tracking, newsletters, and social media.

6.1 Contact by email

If you contact us by email, we store the data you send (e.g. email address, name, message) solely to respond to your enquiry. Legal basis: Article 6(1)(b) GDPR (pre-contractual steps) or Article 6(1)(f) GDPR (legitimate interest in communication).

6.2 Registration

If you create an account with 9 Spaces, we store your registration data (e.g. name, email address, organisation, address). Legal basis: Article 6(1)(b) GDPR (performance of a contract).

6.3 Forms for newsletters, onboarding, user management, feedback & surveys

On our website we use forms provided by Typeform S.L., Carrer Bac de Roda, 163 (Local), 08018 Barcelona, Spain, to collect information from you—for example for newsletter sign-up, onboarding forms, feedback surveys, surveys, or for user management in the Business and Enterprise plan (e.g. when admins create new team members).

The personal data collected in this process (e.g. email address, name, and, where applicable, answers in free-text fields) is transmitted to Typeform via a secure connection and processed there on our behalf.

Legal basis: your consent under Article 6(1)(a) GDPR or, if the request is required for performance of a contract or pre-contractual steps, Article 6(1)(b) GDPR.

We have concluded a data processing agreement (DPA) with Typeform in accordance with Article 28 GDPR to ensure the protection of your data.

Further information on data protection at Typeform: https://admin.typeform.com/to/dwk6gt?typeform-source=www.google.com

6.4 AI facilitator chatbot

Within the protected login area of our platform, we provide an AI-supported assistant (“AI facilitator”) to help you use our content and tools. When you use it, your text inputs and technically necessary metadata are processed. Chat histories are not stored permanently.

The technical service is provided via a Flowise instance operated by us on servers in Germany (hosted by Hetzner). To generate responses, we use language models provided by OpenAI Inc., USA. Data transfers take place on the basis of Standard Contractual Clauses (SCCs) under Article 46 GDPR.

Legal basis: Article 6(1)(b) GDPR (performance of a contract).

Further information on data processing by OpenAI: https://openai.com/policies/privacy-policy

6.5 Payment processing and payment service providers

To process orders and subscriptions, we work with various payment service providers and billing systems. Your data is processed solely for payment processing and performance of the contract under Article 6(1)(b) GDPR.

Stripe Payments Europe, Ltd.
For credit card payments and SEPA direct debit, we use Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. Stripe processes, among other things, name, address, account number/IBAN, bank code/BIC, credit card number (if provided), invoice amount, currency, transaction number and, where applicable, SEPA mandate data solely for the purpose of payment processing. Legal basis: Article 6(1)(b) GDPR (performance of a contract). More information: https://stripe.com/de/privacy

PayPal (Europe) S.à r.l. et Cie, S.C.A.
If you pay via PayPal, credit card via PayPal, direct debit via PayPal, or—if offered—“purchase on invoice” or “instalment payment” via PayPal, payment data is transmitted to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22–24 Boulevard Royal, L-2449 Luxembourg.

For certain payment methods, PayPal may carry out a creditworthiness check. This check may include probability values (score values) which may also take address data into account. Legal bases: Article 6(1)(b) GDPR (performance of a contract) and Article 6(1)(f) GDPR (PayPal’s legitimate interest in assessing ability to pay). More information: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

Chargebee Inc.
To manage subscriptions, we use Chargebee Inc., 340 S Lemon Ave #1537, Walnut, CA 91789, USA. Chargebee stores, among other things, billing data, payment status and subscription terms. Transfers to the USA take place on the basis of the EU Standard Contractual Clauses. More information: https://www.chargebee.com/privacy/

Purchase on invoice
If you choose the “purchase on invoice” payment method, we process the data required to handle the payment (name, billing address, if applicable delivery address, invoice amount, customer number). Processing is based on Article 6(1)(b) GDPR (performance of a contract).

If an external service provider is used to process purchase on invoice (e.g. PayPal or a debt collection service provider), data is shared solely for this purpose.

7. Newsletter

If you would like to receive the newsletter offered on our website with regular information about our offers and products, we require your email address as a mandatory detail.

Sign-up takes place via a form embedded in our website provided by Typeform S.L., Carrer Bac de Roda, 163 (Local), 08018 Barcelona, Spain.

To send the newsletter, we use the double opt-in procedure. This means you will only receive our newsletter after you have explicitly confirmed that you consent to receiving it. You will receive an email with a link that you can use to confirm that, as the owner of the email address provided, you would like to receive the newsletter in future.

By confirming, you give us your consent under Article 6(1)(a) GDPR to use your personal data for the purpose of sending the newsletter.

For sending the newsletter, we use Mailchimp, a service provided by The Rocket Science Group LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.

Mailchimp stores your email address, the time of sign-up and technical data (e.g. IP address at the time of confirmation) to document your consent.

Mailchimp also analyses user behaviour in relation to our newsletter. This includes whether a newsletter was opened, which links were clicked (if any), and when. In addition, Mailchimp collects technical information (e.g. time of retrieval, IP address, browser type, operating system).

This information is used solely for the statistical evaluation of our newsletter campaigns so we can tailor content more closely to recipients’ interests in future.

You can unsubscribe from the newsletter at any time via the unsubscribe link included in every newsletter or by emailing the controller named above. After you unsubscribe, your email address is removed from our mailing list without undue delay. Data stored by us for other purposes (e.g. in the members’ area) is not affected.

Further information on data protection:

Typeform: https://admin.typeform.com/to/dwk6gt?typeform-source=www.google.com
Mailchimp: https://mailchimp.com/legal/privacy

8. Web analytics and advertising tools

We use various tools on our website to analyse how our services are used and to optimise our marketing. In doing so, personal data may be processed and cookies may be set. Depending on the tool, processing is based on your consent (Article 6(1)(a) GDPR) or our legitimate interest in statistical analysis and reach measurement (Article 6(1)(f) GDPR). You can object to processing at any time or withdraw your consent in the cookie settings.

Google Analytics and Google Tag Manager

We use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as well as Google Tag Manager to manage website tags.

Google Analytics uses cookies that enable an analysis of how you use our website. The information generated by these cookies about your use of this website is generally transmitted to a Google server in the USA and stored there. Google uses this information on our behalf to evaluate your use of the website, compile reports on website activity, and provide other services related to website use. The transmitted IP address is not merged with other Google data.

Google Tag Manager itself does not store personal data, but it triggers other tags that may collect data.

Legal basis: Google Analytics is used exclusively on the basis of your consent under Article 6(1)(a) GDPR. You can give this consent via our consent banner or withdraw it at any time with future effect by adjusting your cookie settings.

The collected data may also be transferred to servers of Google LLC in the USA. For transfers to the USA, an adequate level of protection may exist if Google is certified under the EU–US Data Privacy Framework (DPF). Otherwise, transfers take place on the basis of Standard Contractual Clauses (SCCs) under Article 46 GDPR. It cannot be ruled out that US authorities may access the transferred data.

You can prevent cookies from being stored by adjusting your browser settings, or use a browser plug-in that prevents Google from collecting the data generated by the cookie (including your IP address): https://tools.google.com/dlpage/gaoptout?hl=de
Further information can be found in Google’s privacy policy: https://policies.google.com/privacy

9. Social media

We are present on social networks to provide information there and to stay in touch with users.

Please note that when you use our social media presences, personal data may also be processed outside the European Union. This can create risks, for example because enforcing your rights may be more difficult.

For US providers that are certified under the EU–US Data Privacy Framework or provide comparable safeguards (e.g. by concluding EU Standard Contractual Clauses), we note that they commit to complying with EU data protection standards.

9.1 Links to social media

If we only provide external links to our social media presences on our website (e.g. via icons or text links), social media providers do not set cookies as long as you do not follow these links. Only when you click the link and are redirected to the relevant platform may data (e.g. your IP address) be processed by the providers.

Note: You can find more information on how your personal data is handled when using social media platforms in the respective providers’ privacy notices.

9.2 Social media plug-ins

We do not use social media plug-ins on our website that transmit personal data as soon as the page loads. A connection to social media providers is only established when you click the relevant links.

9.3 Services and providers used

Instagram
Service provider: Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA
Website: https://www.instagram.com
Information on data processing by Instagram can be found here: https://instagram.com/about/legal/privacy
Information on joint controllership for Instagram Insights can be found here: https://www.facebook.com/legal/terms/page_controller_addendum

Facebook
Service provider: Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland (parent company: Meta Platforms, Inc., USA)
Website: https://www.facebook.com
Information on data processing by Facebook can be found here: https://www.facebook.com/about/privacy
Information on joint processing for Facebook pages can be found here: https://www.facebook.com/legal/terms/page_controller_addendum

LinkedIn
Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Website: https://www.linkedin.com
Information on data processing by LinkedIn can be found here: https://www.linkedin.com/legal/privacy-policy

10. Data sharing and recipients

As a rule, we do not share your personal data with third parties. Exceptions apply only if:

we explicitly point this out in this privacy notice,
you have given us your consent under Article 6(1)(a) GDPR,
disclosure is necessary under Article 6(1)(f) GDPR (e.g. for the establishment, exercise or defence of legal claims) and no overriding legitimate interests oppose it,
there is a legal obligation under Article 6(1)(c) GDPR, or
processing is necessary under Article 6(1)(b) GDPR to perform a contract with you.

As part of our services, we also use various service providers that process personal data on our behalf. These include, among others:

10.1 Cloudflare

We use Cloudflare as a content delivery and security service to deliver our website quickly and protect it from attacks. The provider is Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA.

For this purpose, technical data such as IP address, URLs accessed, browser/device information and log data are processed via Cloudflare servers. Cloudflare also sets technically necessary security cookies (e.g. __cf_bm, _cfuvid), which are listed as “Necessary” or “Functional” in our cookie overview.

Cloudflare does not create personal user profiles. The processed data is used solely for security and performance purposes.

Some services integrated by us (e.g. hCaptcha, HubSpot or Vimeo) also use Cloudflare infrastructure. This may result in additional Cloudflare cookies appearing, but these are purely technically necessary.

Legal basis is Article 6(1)(f) GDPR (legitimate interest in a website that is provided securely and with strong performance). Data may be processed in data centres inside and outside the EU. For transfers to the USA, Cloudflare relies, among other things, on the EU–US Data Privacy Framework and Standard Contractual Clauses.

More information on data processing can be found in Cloudflare’s privacy policy: https://www.cloudflare.com/privacypolicy/

10.2 Freshdesk

We use Freshdesk, a support and ticketing system provided by Freshworks Inc., 2950 S. Delaware Street, Suite 201, San Mateo, CA 94403, USA.

Freshdesk is used to handle your support and service enquiries in a structured way and to provide a help centre. When you contact us (e.g. by email or via the help centre), details such as your name, email address, phone number (if applicable), company affiliation, as well as the content of your enquiry and attachments are processed in Freshdesk. In addition, technical metadata (e.g. IP address, browser information, timestamps) and, where applicable, voluntary feedback (e.g. star ratings for a ticket) are processed.

Legal basis for processing is Article 6(1)(b) GDPR (performance of a contract or pre-contractual steps) as well as Article 6(1)(f) GDPR (legitimate interest in efficiently handling support and service enquiries).

Transfers to the USA take place on the basis of Freshworks’ certification under the EU–U.S. Data Privacy Framework (DPF). In addition, Standard Contractual Clauses (SCCs) have been concluded.

More information on data processing can be found in Freshworks’ privacy policy: https://www.freshworks.com/privacy/

10.3 HubSpot

We use HubSpot as a CRM system to manage contacts, track leads, and enable meeting bookings. For this purpose, a HubSpot widget is embedded on our website that allows you to schedule appointments with us directly.

In this process, your contact details (e.g. name, email address, phone number, company, role) as well as interaction information (e.g. meeting bookings, content of email correspondence, website activities) are processed.

Data is stored in data centres in the EU or the USA. HubSpot is certified under the EU–US Data Privacy Framework; in addition, we have concluded Standard Contractual Clauses.

Further information can be found in HubSpot’s privacy policy: https://legal.hubspot.com/de/privacy-policy

10.4 Hyvor Talk

We use Hyvor Talk, operated by Hyvor EURL, 10 Rue de Penthièvre, 75008 Paris, France, to enable comments, ratings, and interactions on our platform.

If you’re logged in, you can post comments using your 9 Spaces account.

In this process, your details (e.g. name, email address, username, profile information) as well as your content (comments, ratings, reactions) are processed. Optionally, you can add more details to your profile (e.g. bio, links, profile picture). Hyvor also collects technical connection data such as browser and device information as well as timestamps—IP tracking is disabled.

If you cancel your 9 Spaces account, your comments in Hyvor are automatically anonymised.

Legal basis is Article 6(1)(b) GDPR (use within the scope of the contract) as well as Article 6(1)(f) GDPR (our legitimate interest in a user-friendly comment and rating function).

Your data is processed exclusively within the EU.

Further information can be found in Hyvor’s privacy policy: https://talk.hyvor.com/privacy

10.5 Slack

For internal organisation, communication, and tracking of projects, feedback, and orders, we use Slack, operated by Slack Technologies Limited, Salesforce Tower, 60 R801 North Dock, Dublin, Ireland (a Salesforce company).

This involves processing in particular contact data (e.g. name, email address, company affiliation), usage data (e.g. user licences, comments, information on transformation journeys), as well as technical metadata (e.g. IP address, browser and device information, log files).

Legal basis is Article 6(1)(f) GDPR (legitimate interest in efficient internal communication and organisation).

The recipient of the data is Slack (Salesforce). A transfer to the USA may take place. This is based on Salesforce’s certification under the EU–U.S. Data Privacy Framework (DPF) and, subsidiarily, on Standard Contractual Clauses (SCCs) under Article 46 GDPR.

More information on data processing by Slack can be found at: https://slack.com/intl/de-de/trust/compliance/gdpr

10.6 Trustpilot

To invite reviews and to embed and display reviews, three widgets (TrustBoxes) from Trustpilot A/S, Pilestræde 58, 5., 1112 Copenhagen, Denmark, are integrated on our website.

When the widget loads, Trustpilot processes the following data: IP address, date and time of access, referrer URL, browser type, device type, operating system, log files, and interactions with the widget (e.g. impressions, clicks, redirects to trustpilot.com).

If a review is submitted, Trustpilot also processes the data provided by users (e.g. name, email address) as well as the review content (text, star rating). This processing is carried out solely under Trustpilot’s responsibility.

Legal basis is Article 6(1)(f) GDPR (legitimate interest in displaying reviews and offering review functions). If cookies or similar technologies are used when the widget is used, this is based on Article 6(1)(a) GDPR (consent via the consent banner).

Further information on data processing can be found in Trustpilot’s privacy policy: https://legal.trustpilot.com/for-reviewers/end-user-privacy-terms

10.7 VideoAsk

We use VideoAsk, a product by Typeform S.L., Carrer Bac de Roda, 163, 08018 Barcelona, Spain.

VideoAsk enables us to provide interactive video forms that you can use to send us support and service enquiries. Use is exclusively within the Business plan.

If you fill out a VideoAsk form, personal data such as your name, your email address, and your entries in the form (e.g. video, audio, or text messages about your request) are processed. In addition, VideoAsk collects technical connection data such as your IP address, browser and device information, and timestamps.

Legal basis is Article 6(1)(b) GDPR (performance of the contract or carrying out pre-contractual steps) as well as Article 6(1)(f) GDPR (our legitimate interest in efficient handling of support and service enquiries).

Your data is processed exclusively within the EU (Spain).

The data processing agreement concluded with Typeform applies accordingly to VideoAsk.

Further information on data processing by VideoAsk can be found at: https://www.videoask.com/help/data-protection

10.8 Vimeo

To embed and provide videos, we use Vimeo, operated by Vimeo.com, Inc., 330 West 34th Street, 5th Floor, New York, NY 10001, USA.

When you access a page with an embedded Vimeo player, technically necessary data is transmitted to Vimeo, including in particular IP address, date and time of access, referrer URL, browser type, device type, operating system, and log files. In addition, cookies or similar technologies may be set.

However, we have enabled the “Do Not Track” function so Vimeo does not carry out tracking for analytics or marketing purposes.

Legal basis for processing is Article 6(1)(f) GDPR (legitimate interest in an appealing presentation of our online content).

The recipient of the data is Vimeo.com, Inc. A transfer to the USA takes place. This is based on the European Commission’s Standard Contractual Clauses (SCCs) under Article 46 GDPR as well as the Data Processing Agreement (DPA) concluded with Vimeo.

Further information on data processing by Vimeo can be found at: https://vimeo.com/privacy

10.9 Zapier

We use Zapier, a service provided by Zapier Inc., 548 Market St. #62411, San Francisco, CA 94104-5401, USA, to automate workflows between different tools (e.g. Slack, Mailchimp, Google Drive/Sheets).

This may involve data such as your email address, name, message content, or other information you enter into our forms or services being automatically forwarded between systems.

Data processing takes place in the USA on the basis of the EU Standard Contractual Clauses (SCCs) and under certification pursuant to the EU–U.S. Data Privacy Framework (DPF).

Further information can be found in Zapier’s privacy policy: https://zapier.com/privacy

Already described in other sections

The following services are already described in detail in other sections of this privacy notice and are not repeated here:

CookieFirst (consent management, see section 5)
Typeform (forms & surveys, see section 6.3)
Stripe, PayPal, Chargebee (payment processing, see section 6.5)
Mailchimp (newsletter sending, see section 7)

11. How long we store personal data

How long we store your personal data depends on the applicable statutory retention obligations, for example under commercial or tax law. After these periods expire, we automatically delete the relevant data.

If data is required to perform a contract or to initiate a contract, or if we have a legitimate interest in continued storage, we delete it as soon as it is no longer needed for these purposes or you have exercised your right to withdraw consent or to object.

12. Your rights

As a data subject, you have the following rights regarding our processing of your personal data:

Right of access (Article 15 GDPR)
You can request information at any time about which personal data we process about you. This includes, among other things, the purposes of processing, the categories of data, the recipients to whom data has been or will be disclosed, the planned storage period, the existence of your rights (rectification, erasure, restriction of processing, or objection), the source of your data (if it was not collected from you), and whether automated decision-making, including profiling, takes place.

Right to rectification (Article 16 GDPR)
You can request that we correct inaccurate data or complete incomplete data that we have stored about you at any time.

Right to erasure (Article 17 GDPR)
You can request that we erase your personal data unless statutory obligations, public interests, or legal claims prevent this (e.g. for the defence or assertion of legal claims).

Right to restriction of processing (Article 18 GDPR)
You can request restriction of processing if you contest the accuracy, the processing is unlawful (but you do not want erasure), we no longer need the data, or you have objected to the processing.

Right to data portability (Article 20 GDPR)
You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format, or to request that it be transmitted to another controller.

Right to lodge a complaint (Article 77 GDPR)
You can lodge a complaint with a supervisory authority at any time—either with the authority responsible for our registered office or the authority at your place of residence or work.

Right to withdraw consent (Article 7(3) GDPR)
You can withdraw consent you have given at any time with effect for the future. The lawfulness of processing up to the withdrawal remains unaffected.

Right to object (Article 21 GDPR)
If we process your personal data on the basis of legitimate interests (Article 6(1)(f) GDPR), you have the right to object at any time for reasons arising from your particular situation. If your objection relates to the processing of personal data for direct marketing purposes, you have a general right to object without giving reasons.

If you want to exercise your rights, an email to datenschutz@neuenarrative.de is sufficient.

13. Updates and version of this privacy notice

We update this privacy notice when needed—always in compliance with the applicable data protection rules. This ensures it meets current legal requirements and reflects changes to our services, for example when we introduce new services. For your visit, the version currently in force always applies.

Status of this privacy policy: 16 February 2026

This privacy policy is available in German and English. In case of discrepancies between the language versions, the German version shall prevail.

Data protection

Do you need a DPA?

A data processing agreement (DPA) is available on request only for Business or Enterprise plan customers. Just send us an email.

Write an email

The planning tool for transformations

Niels-Stensen Clinics & 9 Spaces