Privacy Policy

Cloud Dream Team GmbH
Bahnhofstr. 7, 82166 Gräfelfing, Germany
Email: hello@CloudDream.Team
Phone: +49 (0)89 99018500

1. Responsible Party

Cloud Dream Team GmbH (“we,” “us,” “our”) is committed to protecting your personal data. This Privacy Policy explains the types of data we collect, how we use it, and your rights regarding your data.

2. Data We Collect

We collect and process personal data provided by you during our business relationship or through your use of our services. This may include:

• Name and contact details (email, phone number, company address)
• Company information (company name, business address)
• Technical information (IP address, device data, usage statistics)

3. Purpose of Data Processing

We process your data for the following purposes:

• To provide our cloud consulting services (e.g., Microsoft 365, Azure Virtual Desktop, Intune)
• To provide technical support and customer service
• To improve and optimize our services
• To comply with legal obligations
• To communicate with you for marketing purposes (only with your consent)

4. Legal Basis for Processing

We process your data based on the following legal grounds:

• Article 6(1)(b) GDPR: to fulfill a contract or perform pre-contractual actions.
• Article 6(1)(f) GDPR: to protect our legitimate interests, such as improving our services or IT security.
• Article 6(1)(a) GDPR: based on your consent for marketing activities.

5. Access to Customer Systems and Confidentiality

To provide our services, we may access your systems and data. Access is granted only to authorized employees and only to the extent necessary to fulfill our contractual obligations.

Employee Confidentiality Agreements: All employees with access to customer data are bound by confidentiality agreements and adhere to strict security standards.

Data Minimization and Access Limitation: We restrict access to only the necessary data and ensure that only authorized personnel can access your information.

6. Data Processing Agreement (DPA)

We offer a Data Processing Agreement (DPA) that outlines the contractual measures to protect personal data. This ensures GDPR compliance, especially when accessing customer systems and data.

7. Sharing Data with Third Parties

We do not share your personal data with third parties, except under specific conditions:

• Consent: When you have provided explicit consent (Art. 6(1)(a) GDPR).
• Legal Claims: For asserting, exercising, or defending legal claims (Art. 6(1)(f) GDPR) when no overriding privacy interest is at risk.
• Legal Obligations: When legally required under Art. 6(1)(c) GDPR.
• Contract Fulfillment: For executing our contractual obligations to you (Art. 6(1)(b) GDPR).

8. Security Standards and Technical/Organizational Measures (TOMs)

We implement strict technical and organizational measures (TOMs) to ensure the security of your data, including:

• Access controls and access logging
• Multi-factor authentication (MFA)
• Encrypted data transmission
• Regular training and audits for employees

9. Data Transfer to Third Countries

If your data must be transferred outside the EU/EEA to fulfill contractual obligations or with your explicit consent, we ensure GDPR-compliant safeguards are in place, such as EU Standard Contractual Clauses, to protect your data.

10. Data Retention and Deletion

Unless a more specific storage period is outlined in this privacy policy, your personal data will remain with us until the purpose for which it was collected no longer applies. Once the processing purpose or any legal retention period expires, your data will be securely deleted in accordance with data protection regulations.

If you submit a justified request for deletion or withdraw your consent for data processing, your data will be deleted unless other legally permissible reasons for retention apply (e.g., tax or commercial law obligations); in such cases, deletion will occur after these reasons cease to apply.

Contact Form and Microsoft Bookings

If you submit inquiries via our contact form, any information provided, including contact details, will be stored by us to process your inquiry and respond to further questions. We also use Microsoft Bookings to manage appointments when requested through our site, where your data is handled solely for communication purposes.

This processing is based on Art. 6(1)(b) GDPR for contract-related inquiries or pre-contractual actions, and otherwise on our legitimate interest in effective communication (Art. 6(1)(f) GDPR) or with your explicit consent (Art. 6(1)(a) GDPR). You may withdraw consent anytime.

Please note that we have no influence on the duration of storage of your data that is stored by the operators of the conference tools for their own purposes. For details, please directly contact the operators of the conference tools.

11. Your Rights

You have the right to:

• Request information about the data we process.
• Request the correction or completion of inaccurate or incomplete data.
• Request deletion of your data, provided there are no legal obligations to retain it.
• Request restriction of data processing under certain conditions.
• Withdraw your consent for data processing with future effect.
• Object to data processing if it is based on a legitimate interest.

To exercise these rights, please contact us using the contact information above.

12. Data Security

We implement technical and organizational measures to protect your data from unauthorized access, loss, manipulation, or destruction, including encryption and regular security audits.

13. Cookies and Tracking Technologies

SSL and/or TLS Encryption

For security and to protect the transmission of confidential content, such as inquiries you submit to us as the website operator, this website uses SSL or TLS encryption. An encrypted connection can be recognized by “https://” in the browser address line and the lock icon.

When SSL or TLS encryption is active, data you transmit to us cannot be accessed by third parties.

Microsoft Clarity

On our website, we use the Microsoft Clarity service for statistical analysis of the use of our website. The provider of Microsoft Clarity is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052 USA (“Microsoft”).

Microsoft Clarity uses cookies and a tracking code to analyze website usage. The information collected, such as your IP address, location, or frequency of visits, is transmitted to Microsoft. This processing is based on your consent according to Art. 6(1)(a) GDPR, which you can withdraw at any time.

Further information: Microsoft Privacy Statement and Microsoft Clarity Terms.

14. Changes to this Privacy Policy

We reserve the right to update this Privacy Policy as necessary to reflect changes to our services or legal requirements. The latest version of this policy can always be found on our website.

Current version October 2024

Contact

If you have any questions regarding data privacy, please contact us using the information provided above.