Let's talk
ENDELet's talk

Privacy policy

Last updated: June 2026

1. Controller

The controller within the meaning of the GDPR is:

t-next GmbH
Heidenkampsweg 58, 20097 Hamburg, Germany
Email: info@t-next.de
Phone: +49 40 / 6077 6172

2. Principle & overview of processing

Protecting your personal data matters to us. We process data solely on the basis of the applicable law (GDPR, BDSG, TDDDG). This website is a largely static company presentation and only collects the technically necessary data. We essentially process:

  • Usage and meta data (e.g. IP address, time, page requested) when the site is accessed,
  • Contact data (e.g. name, email, phone number) when you contact us,
  • Statistics data for web analytics — only after your consent.

3. Legal bases

  • Art. 6(1)(a) GDPR (consent) — e.g. for web analytics,
  • Art. 6(1)(b) GDPR (contract / pre-contract) — e.g. for a project enquiry,
  • Art. 6(1)(f) GDPR (legitimate interest) — e.g. for secure, stable operation,
  • for storing or reading information on your device, additionally § 25 TDDDG.

4. Hosting & server logs (Amazon Web Services)

This website is hosted with Amazon Web Services. The provider is Amazon Web Services EMEA SARL,38 Avenue John F. Kennedy, L-1855 Luxemburg (“AWS”). Content is delivered via the Amazon CloudFront content delivery network and the Amazon S3 storage service; the origin server location is Frankfurt am Main (Region eu-central-1).

When the site is accessed, AWS processes technically necessary access data on our behalf (including IP address, date and time, requested URL, volume of data transferred, referrer, and browser/operating system identifiers). The purpose is the secure, stable and performant delivery of the website. The legal basis is our legitimate interest in a reliable web presence (Art. 6(1)(f) GDPR). Where server logs are stored, this is only short-term and they are deleted regularly unless needed to investigate faults or security incidents.

A data processing agreement under Art. 28 GDPR is in place with AWS. Where data may be transferred to the parent company Amazon.com, Inc. in the USA, it is certified under theEU-US Data Privacy Framework; the EU Commission’s standard contractual clauses apply in addition.

5. SSL/TLS encryption

For security reasons this website uses TLS encryption. You can recognise an encrypted connection by “https://” in the address bar and the padlock symbol in your browser.

6. Fonts

Web fonts are served locally from our own server. There is no connection to third-party servers (e.g. Google Fonts); no data is transferred to third parties for this purpose when the page is loaded.

7. Cookies & consent

By default this website only sets technically necessary cookies. Your cookie decision is stored locally in your browser (entry tn-consent in local storage, retained for up to 6 months); no consent is required for this (§ 25(2) TDDDG, Art. 6(1)(f) GDPR). Cookies for web analytics are only set after your explicit consent (§ 25(1) TDDDG). You can change or withdraw your choice at any time with effect for the future:

8. Web analytics with Google Analytics 4

If you consent, we use Google Analytics 4, a service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google Analytics uses cookies (including _ga and_ga_<ID>, retained for up to 2 years each) to analyse how the website is used. IP anonymisation is active; advertising features, “Google Signals” and personalised ads are disabled.Before your consent, no analytics cookies are set and no data is sent to Google (Google Consent Mode v2).

The legal basis is your consent (Art. 6(1)(a) GDPR, § 25(1) TDDDG). A transfer to the USA may take place; Google LLC is certified under the EU-US Data Privacy Framework. A data processing agreement is in place with Google. You can withdraw your consent at any time via the cookie settings.

9. Contacting us

If you contact us by email or phone, your details are processed to handle the enquiry and any follow-up questions (Art. 6(1)(b) and (f) GDPR). We do not pass this data on without your consent and delete it once it is no longer required; statutory retention periods remain unaffected.

10. Recipients & third-country transfers

As processors (Art. 28 GDPR) we use: Amazon Web Services (hosting/CDN) and — only after consent — Google (web analytics). Any further disclosure only takes place where we are legally obliged to do so. Transfers to third countries (USA) are safeguarded by the EU-US Data Privacy Framework and supplementary standard contractual clauses.

11. Your rights

You have the right at any time to:

  • access (Art. 15 GDPR), rectification (Art. 16), erasure (Art. 17),
  • restriction of processing (Art. 18) and data portability (Art. 20),
  • object to processing based on legitimate interests (Art. 21),
  • withdraw a consent given, with effect for the future (Art. 7(3)).

An informal message to info@t-next.de is sufficient to exercise these rights. You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR). The authority responsible for us is:

Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
Ludwig-Erhard-Straße 22, 20459 Hamburg, Germany
datenschutz-hamburg.de

12. No automated decision-making

No automated decision-making or profiling within the meaning of Art. 22 GDPR takes place on this website.

13. Changes

We update this privacy policy whenever changes in the law or in our services require it. The version published here applies at any given time.