Status: February 21, 2026
Andre Genze
to be announced shortly
to be announced shortly
Germany
Email: hello@beardfriends.com
Imprint: https://beardfriends.com/imprint
The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects concerned.
Relevant legal bases under the GDPR: Below you will find an overview of the GDPR legal bases on which we process personal data. Please note that, in addition to the GDPR, national data protection regulations may apply in your and/or our country of residence or establishment. If more specific legal bases are applicable in individual cases, we will inform you in this Privacy Policy.
In addition to the GDPR, national data protection regulations apply in Germany, in particular the German Federal Data Protection Act (Bundesdatenschutzgesetz â BDSG). The BDSG contains special provisions, among others, on the right of access, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes and transfers as well as automated individual decision-making including profiling. State data protection laws of the German federal states may also apply.
These privacy notices serve both as information under the Swiss Federal Act on Data Protection (Swiss FADP) and under the GDPR. For this reason, please note that, due to the broader territorial application and comprehensibility, the terms used in the GDPR are used. In particular, instead of âprocessingâ of âpersonal dataâ under the GDPR, the Swiss terms may differ; however, the legal meaning of the terms is determined according to Swiss law where applicable.
In accordance with legal requirements, taking into account the state of the art, implementation costs and the nature, scope, circumstances and purposes of processing as well as the varying likelihood and severity of risks to the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.
Measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data, access rights, input, disclosure, availability safeguards and segregation. We have also established procedures to ensure data subject rights, deletion of data and responses to data threats. Furthermore, we consider the protection of personal data already during the development or selection of hardware, software and procedures in accordance with the principle of privacy by design and privacy by default.
To protect user data transmitted via our online services, we use TLS/SSL encryption. HTTPS is shown in the URL when a website is secured by an SSL/TLS certificate.
In the course of processing personal data, it may happen that data is disclosed or transferred to other entities, companies, legally independent organizational units or persons. Recipients may include, for example, service providers commissioned with IT tasks or providers of services and content integrated into a website. In such cases, we comply with legal requirements and, in particular, conclude appropriate contracts or agreements with recipients that serve to protect your data.
Processing in third countries (i.e., outside the EU/EEA) or disclosures/transfers to recipients in third countries only take place in compliance with legal requirements. Where the level of data protection has been recognized by an adequacy decision (Art. 45 GDPR), this serves as the basis. Otherwise, transfers only take place where protection is ensured in other ways, in particular via Standard Contractual Clauses (Art. 46(2) lit. c GDPR), explicit consent, or where required for contractual/legal reasons (Art. 49(1) GDPR).
Under the âData Privacy Frameworkâ (DPF), the EU Commission recognized an adequate level of protection for certain US companies by adequacy decision of July 10, 2023. A list of certified companies and further information can be found at https://www.dataprivacyframework.gov/.
We delete personal data in accordance with legal requirements as soon as consents are revoked or other permissions cease to apply (e.g., when the purpose no longer applies or data is not required). If data is not deleted because it is required for other legally permissible purposes, processing is restricted to those purposes (i.e., the data is blocked and not processed for other purposes). This applies, for example, to data that must be retained for commercial or tax reasons or for the assertion, exercise or defense of legal claims or for the protection of rights of another person.
As data subjects, you have various rights under the GDPR, in particular arising from Articles 15 to 21 GDPR:
Cookies are small text files or similar storage notes that store information on end devices and read information from them, e.g., to store login status, shopping cart contents, pages visited or functions used. Cookies may also be used for functionality, security and convenience and for analyzing visitor flows.
We use cookies in accordance with legal regulations. Therefore, we obtain prior consent unless not legally required. Consent is not necessary if storing/reading information is strictly necessary to provide a service expressly requested by the user. Strictly necessary cookies generally include cookies for displaying and operating the online offering, load balancing, security, storing preferences, or similar purposes related to providing core functions of the service.
The legal basis depends on whether we request consent. If users consent, the legal basis is consent. Otherwise, processing is based on our legitimate interests (e.g., economic operation and improving usability) or on contractual necessity.
Users can withdraw consent at any time and object in accordance with legal requirements. Users can restrict cookies in browser settings (which may limit functionality). An opt-out for online marketing cookies may also be declared via https://optout.aboutads.info and https://www.youronlinechoices.com/.
We process data of our contractual and business partners (customers and prospects; âcontract partnersâ) within contractual and comparable legal relationships and related measures and communication, e.g., to answer inquiries.
We process this data to fulfill contractual obligations, including providing agreed services, update duties, and remedies in case of performance issues. We also process data to safeguard our rights and for administrative tasks and organization, as well as based on legitimate interests in proper business management and security measures to protect partners and operations from misuse and threats.
We delete data after statutory warranty and comparable obligations, generally after 4 years, unless data is stored in a customer account or must be retained for legal archiving. Statutory retention periods include ten years for tax-relevant documents and accounting records, and six years for received/issued business letters, starting at the end of the calendar year in which the relevant event occurred.
We process user data to provide our online services. For this purpose, we process the userâs IP address, which is necessary to transmit content and functions to the userâs browser/device.
Access to our online offering is logged in server log files. These may include the address/name of accessed pages/files, date/time, transferred data volume, successful retrieval, browser type/version, operating system, referrer URL, and usually IP addresses and requesting provider. Log files may be used for security (e.g., preventing overload / DDoS attacks) and to ensure server utilization and stability. Log file information is stored for a maximum of 30 days and then deleted or anonymized, unless further retention is required for evidence purposes.
Our hosting services also include sending, receiving and storing emails. For these purposes, recipient/sender addresses and additional information regarding email delivery and contents may be processed. Data may also be processed for spam detection. Emails are generally encrypted in transit, but not end-to-end encrypted by default; therefore we cannot assume responsibility for the transmission path between sender and our server.
CONTABO: Services in the field of providing IT infrastructure and related services (e.g., storage and/or computing capacity). Provider: Contabo GmbH, Aschauer StraĂe 32a, 81549 Munich, Germany. Website: https://www.contabo.com â Privacy Policy: https://contabo.com/de/legal/privacy/ â Data processing agreement provided by the provider.
Users can create a user account. During registration, required information is communicated and processed for providing the user account based on contractual performance. Processed data includes login information (username, password and email address).
When using registration/login features and the user account, we store the IP address and time of user actions based on legitimate interests (and usersâ interests) in protection against misuse. Data is generally not disclosed to third parties unless required for pursuing claims or legal obligations. Users may be informed by email about account-relevant processes, e.g., technical changes.
When contacting us (e.g., by mail, contact form, email, phone or social media) and within existing user/business relationships, the information provided by the inquiring persons is processed to answer the inquiry and any requested measures.
We send newsletters, emails and other electronic notifications (ânewslettersâ) only with recipientsâ consent or a legal permission. Registration typically only requires an email address; we may request a name for personal addressing or additional information if necessary.
Newsletter registration uses a double opt-in procedure. After signup, you will receive an email requesting confirmation. This prevents unauthorized signups. We log the signup/confirmation time and IP address and changes at the sending service provider to prove compliance.
You can cancel the newsletter at any time (withdraw consent / object). An unsubscribe link is provided in each newsletter or you can contact us (preferably by email).
Information about us, our services, promotions and offers. We also send email notifications when a new job posting goes live, after a positive skill test, and after application documents are provided. Users (registered applicants and employers) can change notification settings in their account.
Web analytics (âreach measurementâ) evaluates visitor flows and can include pseudonymous information about visitor behavior and interests. We may also use testing methods (e.g., A/B tests) to optimize our offering.
Unless otherwise stated, profiles may be created, and information stored/read in a browser or device. Collected information includes pages visited and elements used, technical details (browser/system), and usage times. Location data may be processed if users consent. IP addresses are processed; we use IP masking (shortening) for user protection. Generally, no clear data (e.g., names/emails) is stored, only pseudonyms.
We use Google Analytics to measure and analyze use of our online offering based on a pseudonymous user ID. This ID does not contain identifying data such as name/email. It is used to assign analysis information to a device and to understand which content was accessed and how users interacted. Google provides coarse geolocation data derived from IP metadata. For EU traffic, IP address data is used only for geolocation derivation and is then deleted; it is not logged or used for other purposes. Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Privacy Policy: https://policies.google.com/privacy. Data processing terms: https://business.safety.google/adsprocessorterms/. Opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=de and ad settings: https://adssettings.google.com/authenticated.
We maintain online presences within social networks and process user data to communicate with active users or to provide information about us. Data may be processed outside the EU, which can create risks (e.g., enforcement of rights may be more difficult). Social networks often process data for market research and advertising; usage profiles may be created and used to display interest-based ads.
Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Website: https://www.instagram.com â Privacy Policy: https://instagram.com/about/legal/privacy.
We are jointly responsible with Meta Platforms Ireland Limited for the collection (but not further processing) of data of visitors to our Facebook page (âPage Insightsâ). Facebook processes device information and user interactions for analytics. Agreement: https://www.facebook.com/legal/terms/page_controller_addendum and further info: https://www.facebook.com/legal/terms/information_about_page_insights_data. Provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. Website: https://www.facebook.com â Privacy Policy: https://www.facebook.com/about/privacy. Transfers may be based on the EUâUS DPF and Standard Contractual Clauses: https://www.facebook.com/legal/EU_data_transfer_addendum.
Please check the contents of our Privacy Policy regularly. We adapt the Privacy Policy as soon as changes to our data processing make this necessary. We will inform you as soon as a user action (e.g., consent) or an individual notification becomes necessary due to changes.
Created with the free Datenschutz-Generator.de by Dr. Thomas Schwenke (translated to English).