Privacy Policy

1. Data Protection at a Glance

These notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally.

2. Controller

The controller responsible for data processing on this website is:

HEART ’n’ Thrust GmbH
Langenstücken 29
D-22393 Hamburg, Germany
Email: info@heart.gmbh

3. Hosting

This website is hosted by IONOS SE. When you visit this website, IONOS processes connection data on our behalf (e.g., IP address, date/time, pages accessed, browser information) in so-called server log files in order to ensure the secure operation of the website.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the secure and stable operation of the website).
We have concluded a data processing agreement (DPA) with the hosting provider.

4. Contact Form / Contact

If you send us inquiries via the contact form, the information you provide in the form, including the contact details you provide there, will be stored by us for the purpose of processing your request and in case of follow-up questions.

Legal basis:

  • Art. 6(1)(b) GDPR (processing for the performance of pre-contractual measures / a contract) or
  • Art. 6(1)(f) GDPR (legitimate interest in processing inquiries)

Storage period: We store the data only for as long as necessary to process your inquiry and thereafter in accordance with statutory retention periods, or delete it if no obligations prevent deletion.

5. Cookies

This website may use technically necessary cookies that are required for the operation of the website.

Legal basis: Art. 6(1)(f) GDPR and/or Section 25(2) No. 2 TTDSG (provided only technically necessary cookies are used).

6. Your Rights

Within the scope of the applicable legal provisions, you have the right at any time to:

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Object to processing (Art. 21 GDPR)

If you have given consent, you may withdraw your consent at any time with effect for the future.

7. Right to Lodge a Complaint with a Supervisory Authority

You also have the right to lodge a complaint with a data protection supervisory authority.

The competent authority is generally the supervisory authority of the federal state in which your company has its registered office, e.g.:
The Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI).

8. SSL/TLS Encryption

This site uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content.

9. Status

05 March 2026