Privacy Policy

These are the data protection notices of GmbH. Please contact us if you have any kind of question about the topic of data protection.

You can contact us at any time on all topics concerning data protection and exercising your rights: GmbH
c/o Lufthansa Innovation Hub
Rosenthaler Str. 32
10178 Berlin

Use of the services offered on our website:
We offer various services on our website. To inform you about our service and supply you with CO2 calculations or climate contributions, we must collect and process certain data.

Data processing when viewing pages / web hosting / logs:
In order to provide our service to you, we process addressing information (such as the IP address and the selected resource). For optimal presentation on your device, we also process some device information (such as the browser, resolution and operating system version). For registered users, we process the stored customer data in order to provide our service. Our service is operated on the servers of our hosting provider. We create server logs to detect and fix possible bugs. These logs are kept for 30 days and then deleted. The legal basis for this processing is Article 6 (1) (f) of the GDPR.

Website usage analysis via Google
The website uses functions of Google Analytics and Google Tag Manager. Both services are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics is a tool for analyzing websites. We use Google Analytics to collect aggregated, anonymous data. This data allows us to understand how customers use our platforms and identify opportunities for improvement. In addition, the data performs important platform functions such as detecting errors and fraudulent usage, and it provides operational data. We use this information to improve the quality, effectiveness, and performance of our platforms so that you can get the most out of them. The Google Analytics script is used to assign values to the cookies required to collect this information. In order for this to work, Google Analytics sets cookies on your computer. Google is not authorized to access this data. Google Analytics anonymizes your IP address to protect your data. No other personal data is collected to allow identification. Google Analytics is used only after their consent (Art. 6 sect. 1 lit. a DSGVO) and the setting can be used at any time. You can find Google's data policies at

Change cookie settings

Font display via Google Fonts
To make the font available on your device, Google Fonts needs your IP address. We use this service based on our legitimate interest in providing a better website experience. As part of this, the IP address is transmitted to the tool operator, so that the service can be provided correctly on your device. Google temporarily stores this information and uses it solely for the correct representation of the fonts on your device.

Website display and contact form via Webflow
To get in touch with us, we ask the user to provide all relevant contact data. Our website as well as the included contact forms are built by our website provider Webflow. If you get in touch with us, we will ask you to provide personal data, such as name and email address, so we can start communicating. This is done on the basis of Art. 6 para. 1 lit. f DSGVO and is necessary to provide the service. Without providing the contact data, we are not able to reply to the users request and display information.

Email communication via SendGrid
We process your e-mail address in order to be able to offer you the user account function on the one hand and to provide you with confirmations of your purchases on the other. This is done on the basis of the usage or purchase contract (Art. 6 para. 1 lit. b DSGVO) and is necessary for the fulfillment of the contract. In addition, we process your e-mail address to inform you about news regarding the service on the basis of our legitimate interest. You can object to receiving marketing emails at any time in the user account. The e-mails are sent by our service provider SendGrid. If you contact us by e-mail about a purchase or your account, we process your e-mail address and the contents of the e-mail either on the basis of the contract concluded with you or on the basis of our legitimate interest in communicating with you. We keep the email communication for 12 months, unless legal retention periods apply. In this case, we keep the email communication for 6 or 10 years according to the legal regulation. If you have an account, your e-mail address is stored with us until your account is deleted.

CRM-System Zendesk
We use the CRM system "Zendesk", of the provider Zendesk, Inc., 989 Market Street #300, San Francisco, CA 94102, USA, in order to be able to process user inquiries more quickly and efficiently (legitimate interest pursuant to Art. 6 para. 1 lit. f. DSGVO ). Zendesk is certified under the Privacy Shield agreement and thereby offers an additional guarantee of compliance with European data protection law ( Zendesk uses the users' data only for the technical processing of the requests and does not pass them on to third parties. To use Zendesk, at least a correct e-mail address is required. Pseudonymous use is possible. In the course of processing service requests, it may be necessary to collect further data (name, address). The use of Zendesk is optional and serves to improve and accelerate our customer and user service. If users do not agree to data collection via and data storage in Zendesk's external system, we offer them alternative contact options for submitting service requests by email, phone, fax or mail. For more information, users should refer to Zendesk's privacy policy:

HR management via Join
For our application management, we use the HR management and recruiting tool Join, which is integrated on our job page. Applicant information and uploaded documents are transferred directly to the SQUAKE Join account and can only be viewed by our HR responsible persons. The Join Privacy Policy is available at the following link:

Payment via Stripe or PayPal
Your payment data is processed when you make a payment. We accept the payment so that we can offer you the service you have paid for. This data is processed on the basis of Article 6 (1) (b) of the GDPR in order to fulfill the contract concluded during the purchase. As part of this, the data is sent to the respective payment provider, either Stripe or PayPal. The law stipulates that payment data must be stored for 10 years. We also anonymously process the choice of project, the amount of CO2 offset and the transaction totals.

Rights of the data subject and right of appeal:

It is an important concern for SQUAKE to ensure that our processing procedures are fair and transparent. They are entitled to the following rights:
- Right to information, Art. 15 DSGVO
- Right to rectification, Art. 16 DSGVO
- Right to cancellation ("right to be forgotten"), Art. 17 DSGVO
- Right to limitation of processing, Art. 18 DSGVO
- Right to data transferability, Art. 20 DSGVO
- Right of objection according to Art. 21 DSGVO

If you have given us permission to process your personal data, we hereby inform you that you can revoke this permission at any time. To exercise your rights, you can contact us by e-mail at

In order to process your application and for identification purposes, we would like to point out that we process your personal data in accordance with Art. 6 Para. 1 lit. c DSGVO and delete it after a period of 3 years.
In addition, you have the right to complain to a supervisory authority. You can find out which supervisory authority is responsible for you on the website of the Federal Commissioner for Data Protection and Freedom of Information under the following link: