HitchHiker Logo Contact

Privacy Policy

Your data, our commitment to transparency and security.

1. Data Controller

HitchHiker GmbH Berner Str. 81, 60437 Frankfurt am Main, Germany Phone: +49 69 50 70 30 Fax: +49 69 50 70 3 111 Email: datenschutz@HitchHiker.net

2. Data Protection Officer

You can contact our Data Protection Officer at: mip Consult GmbH Attorney Asmus Eggert Wilhelm-Kabus-Str. 9, 10829 Berlin Email: datenschutz@HitchHiker.net Web: www.sofortdatenschutz.de

3. Sources and Categories of Personal Data

We process personal data that we receive directly from you (for example, when you contact us), as well as technically required access data when visiting our website. This may include IP address, date/time, requested page, referrer URL, browser type/version, operating system, and submitted content in contact requests.

4. Purposes and Legal Bases of Processing

We process data under the GDPR and BDSG, in particular on the following legal bases: - Art. 6(1)(a) GDPR (consent), where consent has been given. - Art. 6(1)(b) GDPR (pre-contractual/contractual communication), e.g. for concrete inquiries. - Art. 6(1)(f) GDPR (legitimate interests), especially for IT security, stable website delivery, error analysis, and efficient communication.

5. Website Delivery and Server Log Files

When you use the website for informational purposes only, we process only the data your browser transmits to our server. This data is technically necessary to display the website correctly and to ensure stability and security. Legal basis: Art. 6(1)(f) GDPR.

6. Contact Requests (Form, Email, Phone)

When you contact us, we process the data you provide (e.g. name, email, phone number, message) to handle your request. The legal basis is generally Art. 6(1)(b) GDPR (pre-contractual communication) and/or Art. 6(1)(f) GDPR.

7. Chatbot / AI-Supported Communication (BlueShift/OpenAI)

A chatbot is integrated on this website. When used, your chat content and a technical user identifier are processed. Browser requests are sent to our BlueShift backend; from there, a server-side request may be sent to OpenAI. Important: There is no direct browser call to the OpenAI API. Legal bases: Art. 6(1)(b) GDPR and Art. 6(1)(f) GDPR. Please do not submit unnecessary sensitive personal data in chat messages.

8. Local Browser Storage (Local Storage)

We use Local Storage for: - theme preference (light/dark), - technical chatbot ID (key: blueshift-user-guid). Legal basis: Art. 6(1)(f) GDPR. You can delete this data at any time in your browser settings.

9. Third-Party Content and External Services

The website currently includes the following external sources/services: - Locally hosted fonts (no external Google Fonts requests) - Google Maps iframe (contact page) - external logo image sources on the homepage, especially: - commons.wikimedia.org - de.wikipedia.org / en.wikipedia.org / sco.wikipedia.org - cdn.brandfetch.io When such content is loaded, technical connection data (e.g. IP address) may be transmitted to the respective provider. Legal basis: Art. 6(1)(f) GDPR.

10. Recipients of Data

Within our company, only departments that need the data to perform their tasks have access. In addition, service providers used by us (processors under Art. 28 GDPR) may receive data, e.g. in hosting/IT, communication, and support. Data is only shared within the legally permissible framework.

11. Transfers to Third Countries

In individual cases, processing may also take place in countries outside the EU/EEA (e.g. USA), where required for integrated services. Where necessary, appropriate safeguards pursuant to Art. 44 et seq. GDPR are implemented (e.g. EU Standard Contractual Clauses).

12. Storage Period

We store personal data only as long as necessary for the stated purposes or as required by statutory retention obligations. Log file data is stored for a limited period for security purposes. Local storage data can be deleted by you at any time.

13. Your Rights

You have, in particular, the following rights: - access (Art. 15 GDPR) - rectification (Art. 16 GDPR) - erasure (Art. 17 GDPR) - restriction of processing (Art. 18 GDPR) - data portability (Art. 20 GDPR) - objection to processing under Art. 6(1)(e)/(f) GDPR (Art. 21 GDPR) - withdrawal of consent with future effect

14. Right to Lodge a Complaint

Under Art. 77 GDPR, you have the right to lodge a complaint with a data protection supervisory authority.

15. Automated Decision-Making / Profiling

At present, no exclusively automated decision-making within the meaning of Art. 22 GDPR takes place on this website.

16. Cookies, Tracking, and Newsletter

Based on the current implementation, no separate marketing/analytics tools such as Google Analytics are actively used on this website. A newsletter subscription process is also not currently active on these pages. If such functions are introduced in the future, this privacy policy will be updated accordingly.

17. Data Security and Updates

We implement technical and organizational security measures to protect data against loss, manipulation, and unauthorized access. We reserve the right to update this privacy policy where legal, technical, or organizational changes make this necessary. Status: March 17, 2026.