Privacy Policy of Hetzner Online GmbH
This Privacy Policy informs you about the processing of personal data in the context of direct communication with us, such as:
- Contact by email, telephone, or post
- Personal meetings, for example at events, trade fairs, or similar occasions.
For information on the processing of personal data in connection with our websites and online services, please refer to our Privacy Policy at https://www.hetzner.com/legal/privacy-policy.
1. Who is officially responsible for processing the data?
Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Germany
You can find more information about our company in our Legal Notice.
2. Who can you contact if you have questions regarding data protection?
You can reach out directly to our data protection officer using one of these methods:
Email:
data-protection@hetzner.com
Post:
Hetzner Online GmbH
Data Protection
Industriestr. 25
91710 Gunzenhausen
Germany
Telephone:
+49 (0)9831 505216
Fax:
+49 (0)3745 744472361
3. How do we process your personal data?
What data will be processed and how does it reach Hetzner?
In the context of communication with us, we may process the following personal data:
- Contact details: e.g. name, email address, telephone number, postal address
- Content of the communication
We receive this data directly from you.
Why does Hetzner process my data and what is the legal basis for it?
- Contractual or pre-contractual measures: The communication is directly related to an existing or intended business relationship. (Legal basis: Art. 6 para. 1 lit. b GDPR)
- Legitimate interests: In some cases, we process personal data to protect our legitimate interest in efficient communication and in establishing and maintaining business relationships. This includes, for example, networking at events, trade fairs, or similar occasions. (Legal basis: Art. 6 para. 1 lit. f GDPR)
- Compliance with legal obligations: In certain cases, we are legally obliged to store and process personal data, for example due to statutory tax or commercial retention obligations. (Legal basis: Art. 6 para. 1 lit. c GDPR)
Who will have access to my data and will it be sent to any third parties?
Only authorised employees who need the data for the purposes of communication will have access to it.
Data will only be shared with third parties if:
- It is necessary for fulfilling a contract (e.g. payment service providers),
- There is a legal obligation (e.g. tax authorities) or
- You have given us your explicit consent
Your data is processed and stored exclusively within the EU. There is no transfer to third countries.
How long will my data be stored?
Your personal data will generally be stored for a period of three years (Legal basis: Art. 6 para. 1 lit. c GDPR in conjunction with §§ 195, 199 German Civil Code (BGB)).
If statutory commercial retention obligations apply, storage for up to six years may be required (Legal basis: Art. 6 para. 1 lit. c GDPR in conjunction with § 257 German Commercial Code (HGB)).
After these periods expire, the data will be deleted unless it is still required for the establishment, exercise, or defence of legal claims, or unless legal retention obligations require longer storage.
4. What rights do I have when it comes to my data?
The GDPR grants you the following rights regarding your data:
- Right of access:
You can request information at any time about whether and which personal data we process about you. - Right to rectification:
If the data we have stored about you is incorrect or incomplete, you can request its correction or completion. - Right to erasure ("right to be forgotten"):
You can request the deletion of your data if it is no longer required for its original purpose. However, please note that immediate deletion may not be possible in some cases due to legal or contractual retention obligations. - Right to restriction of processing:
If, for example, you dispute the accuracy of your data or believe that the processing is unlawful, you can request that we restrict the processing of your data. - Right to data portability:
You have the right to receive your data in a structured, commonly used, and machine-readable format. You can also request that we transfer the data directly to a third party, if technically feasible. - Right to object:
You can object to the processing of your personal data unless there are compelling legitimate reasons for the processing. - Right not to be subject to automated decision-making, including profiling:
We do not make any automated decisions regarding your person. If we did, you would have the right not to be evaluated solely by algorithms.
If you would like to make use of any of these rights, please contact our data protection officer directly.
5. Making complaints to the relevant data protection authority
If you believe that we are violating any data protection laws by processing personal data, you also have the right to make a complaint to the data protection authority responsible for our company.
However, we encourage you to first contact our data protection officer. We always strive to resolve any possible disagreements as quickly and smoothly as possible so that we can avoid conflicts.
General note
We reserve the right to update this Privacy Policy from time to time. If you visit this page again, the updated Privacy Policy will apply.
Status: August 11, 2025