Privacy Policy

At NodeAxis, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

By using our website, you consent to the data practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not use our website.

NodeAxis is the data controller responsible for the collection, processing, and protection of your personal data when you use our website or engage with our services. We are committed to handling your data in a secure, transparent, and lawful manner, in accordance with the General Data Protection Regulation (GDPR) and applicable data protection laws.

We are the responsible entity for the processing of personal data collected through our website and related services.

We collect personal data that you provide voluntarily when using our website or requesting services. The types of personal data we collect include:

• Name
• Email address
• Company name
• Phone number
• IP address
• Browser and device information
• Information provided in messages or inquiry forms

This data is collected to help us provide consulting services, answer inquiries, and ensure smooth communication.

We use your personal data for the following purposes:

• Responding to service inquiries and providing information
• Delivering consulting services in DevOps, cloud architecture, and infrastructure automation
• Managing contracts, billing, and communication with clients
• Maintaining and improving the functionality and security of our website
• Complying with legal and regulatory requirements
• Preventing fraud, abuse, and unauthorized access
• Analyzing website usage to enhance user experience

We process personal data in accordance with GDPR provisions based on:

• Contractual necessity: To provide requested services and fulfill agreements
• Legitimate interests: For operational purposes such as service improvement and security
• Legal obligations: To comply with applicable laws and regulations
• Consent: Where explicitly obtained for certain services or communication

We retain personal data only as long as necessary for the purposes described above or to comply with legal obligations. Data is securely deleted or anonymized once it is no longer required.

We do not sell or rent your personal data to third parties. However, we may share data with trusted partners under strict agreements when required to:

Third-party providers are contractually obligated to protect your data and use it only as instructed.

• Fulfill service obligations (e.g., technical hosting providers)
• Process payments, manage contracts, or perform security tasks
• Comply with legal requests by law enforcement or regulators

Third-party providers are contractually obligated to protect your data and use it only as instructed.

If we transfer data outside of the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as standard contractual clauses, to protect your data in compliance with GDPR requirements.

We adhere to the following principles when handling personal data:

• Lawfulness, fairness, and transparency: We process data in a clear and lawful manner
• Purpose limitation: Data is used only for specified and legitimate purposes
• Data minimization: We collect only the necessary data required for service delivery
• Accuracy: We ensure data is kept accurate and up to date
• Storage limitation: Data is kept only as long as needed for operational or legal reasons
• Integrity and confidentiality: We apply appropriate security measures to protect your data

We implement a variety of technical and organizational measures to safeguard personal data from unauthorized access, disclosure, or misuse. These measures include:

• Encrypted data transmission (SSL/TLS)
• Regular security audits and vulnerability assessments
• Role-based access controls
• Secure data storage solutions
• Incident detection and response procedures

In the event of a personal data breach, we will:

• Assess the breach's scope and severity
• Notify the relevant supervisory authority within 72 hours, where required
• Inform affected individuals if the breach poses a high risk to their rights and freedoms
• Take corrective measures to prevent future occurrences

You have rights regarding your personal data, including:

• Right of access: Request information about data we process
• Right to rectification: Correct inaccurate or incomplete data
• Right to erasure: Request deletion of data where applicable
• Right to restrict processing: Limit how we use your data
• Right to object: Challenge data processing for specific purposes
• Right to data portability: Receive your data in a structured format
• Right to withdraw consent: Revoke consent where previously given

To exercise these rights, please contact us at aneez.rafeek@nodeaxis.de.

Our website may contain links to external websites. We are not responsible for the privacy practices or content of these third-party sites. We recommend reviewing their privacy policies before providing personal data.

Our services are intended for professional use only and are not directed at children. We do not knowingly collect personal data from minors.

We may update this Privacy Policy to reflect changes in laws, services, or technology. We encourage you to review this policy periodically. Any significant changes will be communicated on our website.

If you have any questions about this Privacy Policy or our data practices, please contact us: