Privacy Statement

In accordance with Art. 12 of the General Data Protection Regulation (hereinafter referred to as the GDPR), we are obliged to inform you about the processing of your data when you use our website. This Privacy Statement informs you about the type of personal data that is collected and received through all pages of (“website”), and about how we use, share, retain and protect such personal data.

Who we are

We are the German company Twineworks GmbH (“we”, or “us”) and have our registered office at Helmholtzstr. 28, 10587 Berlin, Germany. VAT number: DE293085796. We are the controller responsible for the processing of personal data through the website.

How we obtain personal data

We collect and receive personal data through the website. Personal data means any information relating to an identified or identifiable natural person.

Use of website

First of all, we collect personal data that You choose to voluntarily provide to us for your use of the website.


In addition, we collect certain personal data by using cookies, including similar technologies such as local storage when you visit the website.

Cookies are bits of text that are placed on your computer’s hard drive or mobile device when you visit certain websites. Cookies hold information that may be accessible by the party that places the cookie, which is either the website itself (first-party cookie) or a third party (third-party cookies). You do have control over cookies, and can refuse the use of cookies by selecting the appropriate setting on your browser. Most browsers will tell you how to stop accepting new cookies, how to be notified when You receive a new cookie, and how to disable or delete existing cookies. Please note, however, that by not accepting or deleting the use of cookies, you may not be able to use the website.

On the website, we use cookies for the following purposes:

  1. To gather website statistical data to analyze how our users use the website, such as which pages are visited, how long pages were visited and the paths taken by visitors to our website as they move from page to page. These cookies are placed by the domain;

For the purpose listed under 1. we use Google Analytics. Google Analytics is a web analytics service provided by Google, Inc. ( (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA), which uses cookies to help. The information generated by the cookie about Your use of our website (such as your IP address, the URL visited, the date and time the page was viewed) will be transmitted and stored by Google on servers in the United States or any other country in which Google maintains facilities. Your IP address will be masked by setting the last octet of your IP address to zero before it is stored by Google. Google will use this information to monitor your use of our website, and to compile reports on website activity for us. Based on our agreement with Google, Google is not allowed to use this information for their own purposes and may only transfer this information to third parties where required by law, or where such third parties process information on Google’s behalf.

Contacting us

When contacting us (e.g. by email), your details are stored for the purpose of processing the enquiry and, if applicable, follow-up questions based on your consent (legal basis Art. 6 (1) a. GDPR).


You have the possibility to subscribe to our email newsletter on our website, which we use to inform you regularly about our website, Twineworks GmbH or our Twineworks GmbH Software.

In order to receive the newsletter, you need to give us a valid email address.This email address will be transmitted to and stored by us (or a provider). After registration, you will receive an email to expressly confirm your subscription (“double opt-in”). Via clicking the registration link you have given your consent to the processing of your personal data for receiving our newsletter according to Art. 6 (1) a. GDPR and we may process such data accordingly. In case of registration for the newsletter we (or our provider) also store the ID of the form used to subscribe, IP address, Your first and last name and the exact moment of subscription. You can revoke your consent to the processing of your email address for receiving the newsletter at any time, either by sending us a message (see “How to contact us”) or by clicking directly on the unsubscribe link in the newsletter. We delete this data when the newsletter subscription ends. We use the services provided by convertkit for the newsletter subscription.

Google Fonts

We use web fonts provided by Google. When you retrieve a page, the browser loads the required web font into your browser cache in order to display texts and fonts. To do so, the browser must connect to Google’s servers. For this purpose, Google becomes aware that our website has been accessed via your IP address. Our use of Google Fonts is in the interest of a visually appealing presentation of our website and services, which constitutes a legitimate interest. We have no knowledge of how long Google stores data and have no way of influencing this. (legal basis Art. 6 (1) 1 f. GDPR).

You can object to the processing by changing your browser settings in such a way that the browser does not support web fonts – then your device will use the default font.

Please refer to Google Fonts Developers and Google’s Privacy Policy for further information

The types of personal data we may obtain

We may collect and receive the following personal data from you:

  1. Name and contact details (such as name, address, email address, phone numbers, company, job title, date/time of contact);

  2. Payment information (such as bank account information);

  3. Information on your use of the website such as:

  • Browser type and version
  • User’s operating system
  • Language and version of browser software
  • Referrer URL (website visited before)
  • IP address and requesting provider
  • Name and content of accessed website
  • Date and time of the server request
  • Volume of data transferred
  • Notification of successful access
  1. Information whether you would like to receive our newsletter such as:
  • Valid email address
  • Your consent of receiving the newsletter
  • IP address
  • Your first name and last name
  • ID of the form You used to subscribe
  • The exact moment of beginning of subscription
  1. Any other information that you have provided us (such as comments you leave on our discussion boards, blogs or messages you have provided in our communication channels).

In addition, we may collect other types of personal data if required under applicable law or if necessary for the purposes listed below. We will then inform you and ensure that there is a valid legal basis for doing so.

How we may use personal data

We may use the personal data we collect and receive for the following purposes:

  1. To analyze how the website is used, such as which pages are visited, how long pages were visited and the paths taken by visitors to our website as they move from page to page;

  2. To verify compliance with applicable legal requirements and our policies.

  3. To contact you, such as by sending personalized emails about our website, products, services and company information or to send you our newsletter.

We process personal data if and to the extent necessary for the initiation, creation, execution and/or termination of a legal transaction or the performance of the contract between you and us, for our compliance with our legal obligations and for the purpose of our legitimate interests. In particular, our legitimate interests are our commercial company interest (e.g. to improve our products and services), our interest to make use of direct marketing, our interest to prevent fraud and our interest to report possible criminal acts or threats to competent authorities. Some of the personal data that we process is required for us to meet our legal obligations, for example we cannot create sell Software licenses to you if you choose not to share your personal data with us. (legal basis Art. 6 (1)a. GDPR).

How we may share personal data

We may share the personal data we collect and receive on a need to know basis with the following third parties:

  1. Service providers, who need this data for the creation, execution or termination of legal transaction with our company (e.g. when transmitting data to a payment service provider/a shipping company to process a contract with you) (Art. 6(1) Sentence 1(b) GDPR), or

  2. Service providers or parties which we use exclusively to perform our obligations and within the framework of providing the offers or services requested by you, need this data (unless you are expressly informed otherwise).

  3. Competent public authorities or other third parties, if required by law (Art. 6(1) Sentence 1(c) GDPR) or reasonably necessary to protect the rights, property and safety of ourselves or others. (Art. 6(1) Sentence 1(d) GDPR) or if we are authorised or even obliged to pursue overriding legitimate interests (Art. 6(1) Sentence 1(f) GDPR).

  4. We may also transfer your personal data in the event that we sell or transfer all or a portion of our business or assets on a need to know basis. Should such a sale or transfer occur, we will use reasonable efforts to direct the transferee to use personal data you have provided to us in a manner that is consistent with applicable law and this Privacy Statement.

We do not sell, rent or trade your personal data.

Data transfers outside the EEA

We may transfer the personal data we obtain to third parties in countries outside the European Economic Area (EEA). The laws in those countries may not offer an adequate level of data protection. In particular, personal data may be transferred to the United States.

When we transfer your personal data outside the EEA, we will protect your personal data as described in this Privacy Statement and in accordance with applicable law, such as by entering into the European Commission’s Standard Contractual Clauses for the transfer of personal data to a processor located outside of the European Union.

How we protect personal data

In order to ensure the best possible protection of the user’s data, we use a secure SSL connection between the User’s server and the browser, i.e. the data is transmitted in the highest encryption level your browser supports. Whether an individual website of our internet offer is transmitted encrypted or not is evident by the closed display of the key or lock symbol in the lower status bar of your browser.

We maintain appropriate technical and organizational security safeguards designed to protect your personal data against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. However, due the inherent open nature of the Internet, we cannot guarantee that communications between you and us or the personal information stored is absolutely secure. We will notify you of any data breach that is likely to have unfavorable consequences for your privacy in accordance with applicable law.

How long we retain personal data

We retain personal data for as long as necessary to fulfil the purposes for which we collect or receive the personal data, except if required otherwise by applicable law. Typically, we will retain most of the personal data for the duration of your use of the website and Software, unless a longer applicable statutory retention period applies. Note that after the deletion of your account comments may be left on our discussion boards. If you would like to us remove your comments, please contact us as described below.

Your rights

You have the following rights in relation to your personal data:

  1. The right to obtain (Art. 15 GDPR), at reasonable intervals and free of charge, information on whether or not your personal data are being processed and to receive the personal data that is being processed in an intelligible form;

  2. The right to request rectification (Art. 16 GDPR) or erasure (Art 17 GDPR) of personal data or restriction (Art. 18 GDPR) of or objection to processing (Art 21 GDPR) of your personal data.

  3. The right to withdraw your consent (Art. 7(3) GDPR) once given to us towards us at any time. This has the consequence that we may no longer continue the data processing activities that were based on this consent in future.

  4. You may also request us to provide you your data in a structured, commonly used and machine readable format which can be transmitted to another controller. (Art. 20 GDPR)

To exercise these rights, please contact us using our contact details set out below. We may request you to provide a copy of your ID card or otherwise evidence your identity. We will respond to your request within the applicable statutory term.

Moreover, subject to this Privacy Statement, you have the right to lodge a complaint with the competent supervisory authority. (Art. 77 GDPR)

Updates to this privacy statement

We may update this Privacy Statement from time to time. We will notify you of any significant changes to this Privacy Statement on the website or through other appropriate communication channels. All changes shall be effective from the date of publication, unless otherwise provided in the notification.

How to contact us

If you have any comments or inquiries about the information in this Privacy Statement, if you would like us to update your personal data, or to exercise your rights, please contact us by email at