Logo ServiceOcean

Banking Insurances Energy Trade Other
Banking Insurances Energy Trade Other
All Branches
Request demo

Privacy Policy

Only the German version of the privacy policy is legally binding. The English translation is provided for informational purposes only.

1. Who is responsible for data processing?
The parties responsible for data processing under data protection law, within the framework of joint responsibility, are generally ServiceOcean AG, Multergasse 11, 9000 St. Gallen, Switzerland, and ServiceOcean SalesDE GmbH, Habsburger Ring 2, 50674 Cologne, Germany, jointly.

We have appointed a data protection officer/consultant for both companies. You can contact her if you have any questions regarding the processing of personal data in connection with either company:

Dr. iur. Franziska Pertek
thalhammer.bossart. von rohr
Schmiedgasse 28, 9000 St. Gallen, Switzerland
Phone: +41 71 222 31 35
Email: Datenschutz@ServiceOcean.com

Joint responsibility
In principle, both companies share joint responsibility for data processing (e.g., processing of employee data, customer data, and data from service providers). If there are exceptions in specific cases (e.g., occupational safety, company pension schemes), we will point these out separately.

A joint responsibility agreement has been concluded between ServiceOcean AG and ServiceOcean SalesDE GmbH. This agreement specifically outlines which data processing activities are carried out by both companies and who bears the primary responsibility for each.

The agreement can be reviewed by contacting the data protection officer/consultant at Datenschutz@ServiceOcean.com

2. What personal data do we process and for what purpose?

Personal data refers to information relating to an identified or identifiable natural person. This may include your name, email address, postal address, or telephone number.

We collect, process, and store your personal data only for the purposes you provided it. Your personal data will not be passed on to third parties without your explicit consent unless it is necessary for providing the service or fulfilling a contract, or we are legally obliged to do so.

3. Processing of Children’s Personal Data

Children (under the age of 18) should not transmit personal data to us without the consent of their parents or guardians. We strongly advise all parents and guardians to educate their children on the safe and responsible handling of personal data online and elsewhere. We do not knowingly collect, use, or disclose personal data from children.

4. How do we collect personal data?

4.1 Data collection on this Webseite

Data collection on this website occurs in two ways: some data is provided directly by you, for example via a contact form. Other data is automatically collected by our IT systems when you visit the website. This includes technical data such as the browser type, operating system, or the time of the page request.

Server Log Files
We collect data when you access our website and store it in ‘server log files.’ This includes:

– Browser type and version
– Operating system used
– Referrer URL
– Hostname of the accessing computer
– Time of the server request
– IP address

These files are used for technical reasons, system security, and error diagnosis. The data is used exclusively for statistical purposes and to improve the quality of our website. We do not associate this data with any identified or identifiable person nor assign third parties to do so. This data will not be used to create personal user profiles. However, we reserve the right to review server logs if there is concrete evidence of unlawful use. The data is deleted immediately after use.

Cookies:
Our websites use cookies. Learn more about cookies at:

https://www.serviceocean.com/en/cookies/

Contact Form
When you send us inquiries via the contact form, we store your data (including contact details) in Salesforce for the purpose of processing your request and for follow-up questions. We do not share this data without your consent.

Salesforce.com Germany GmbH, located in Munich, Germany, hosts our data in Germany.

Processing is based on the necessity for contract initiation or fulfillment. Otherwise, it is based on our legitimate interest in efficiently processing your request. Data is stored until you request deletion, withdraw your consent, or the purpose no longer applies. Legal retention requirements remain unaffected.

Downloads on Our Website
On our website, you can download whitepapers, presentations, one-pagers, or brochures. For this, you must provide your personal data, which is stored in Salesforce, similar to the contact form.

Processing is based on our legitimate interest in effectively handling your request. Data is stored until deletion is requested, consent is revoked, or the purpose ceases to exist. Statutory retention requirements remain unaffected.

Online Applications
If you are interested in a job at our company, you can apply online. We treat your submitted data confidentially.

Processing is based on the necessity for potential contract initiation. Your data is stored with Personio SE & Co.KG in Germany.

Data remains with us until deletion is requested, consent is withdrawn, or the purpose ceases. Legal retention obligations remain unaffected.

We link to our social media profiles (LinkedIn, Xing, Instagram) on our website. No data is collected by us when you follow these links. We use these platforms to communicate with you based on mutual interest. Be aware that these platforms may use web tracking, even if you are not logged in. Please refer to the providers’ privacy policies:

LinkedIn: https://www.linkedin.com/legal/privacy-policy
Xing: https://privacy.xing.com/de/datenschutzerklaerung
Instagram: https://help.instagram.com/155833707900388

4.2 Other data collection

Email or Phone Inquiries
If you contact us via email or phone, your request and related personal data (name, inquiry) will be stored and processed for handling your request. We do not share this data without your consent.

Please do not send confidential information by email, as it is not secure. We use Microsoft 365 (data stored in the EU).

Processing is based on contract initiation or fulfillment. Otherwise, it relies on our legitimate interest in efficient communication. Data is retained until deletion is requested, consent is withdrawn, or the purpose no longer applies. Legal retention requirements remain unaffected.

Appointment Booking

You can book an appointment with our sales team via our website. This uses Microsoft’s booking tool. Your data is stored as with email usage (see above).

Advertising to Existing Customers

Wir nutzen Ihre personenbezogenen Daten auf Grundlage unseres berechtigten Interesses für folgende Zwecke:We use your personal data, based on legitimate interest, to:

– Maintain customer relationships
– Inform business customers (B2B) about industry topics, services, or offers
– Recommend products or services of potential interest

You can object to this processing at any time by sending an email to datenschutz@serviceocean.com with the subject ‘Please stop data processing for advertising purposes’.

Contractual Services
We process your data as necessary to provide our contractual or pre-contractual services. Data processed depends on the contract and includes:

– Master data (e.g., name, address)
– Contact data (e.g., email, phone)
– Contract data (e.g., services, content, communication, contact persons)
– Payment data (e.g., bank details, history)

Data is deleted once it is no longer required. Retention requirements are reviewed regularly. Legal retention periods apply.

5. Use of AI in Our Company

We use artificial intelligence (AI) solely for optimization and innovation purposes, especially for product development. We do not use personal data. Employees are regularly trained in the responsible use of AI.

6. Website Hosting

Our website is hosted by Homepage Helden GmbH in Hamburg, Germany. Data collected through the website is stored on their servers. This includes:

– IP addresses
– Contact inquiries
– Metadata and communications
– Contract, contact, and usage data

The host processes data only as instructed and only as necessary to fulfill its duties. We have a data processing agreement in place.

7. Status Page

Our status page shows operational availability of ServiceOcean systems. Visiting this site temporarily stores your IP to deliver the page. Data is deleted after the session. For notifications on incidents or maintenance, you can subscribe via email (opt-in required).

Status Page is a product of Atlassian Pty Ltd. We have a data processing agreement in place.

This privacy policy also applies to the status page.

8. Disclosure to Third Parties

We treat your data confidentially and only disclose it if you have consented, we are legally obligated or entitled to do so, or to enforce our rights. We may share data when necessary for service provision, including through third-party processors.

We ensure that processors meet legal requirements for data protection. If processing occurs outside Switzerland or the EU/EEA, we ensure adequate protection, e.g., via EU Standard Contractual Clauses.

9. Storage Duration

We store your personal data only as long as necessary or as required by law. Once the purpose ceases or retention periods expire, data is blocked or deleted.

10. Data Security

We implement appropriate technical and organizational measures to protect your data. Access is encrypted via SSL/TLS. However, data transmission over the internet can involve security risks for which we assume no liability.

11. Recording of data on this website

Cookies

Our websites and pages use what the industry refers to as “cookies.” Cookies are small data packages that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain archived on your device until you actively delete them, or they are automatically eradicated by your web browser.

Cookies can be issued by us (first-party cookies) or by third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services of third-party companies into websites (e.g., cookies for handling payment services).

Cookies have a variety of functions. Many cookies are technically essential since certain website functions would not work in the absence of these cookies (e.g., the shopping cart function or the display of videos). Other cookies may be used to analyze user behavior or for promotional purposes.

Cookies, which are required for the performance of electronic communication transactions, for the provision of certain functions you want to use (e.g., for the shopping cart function) or those that are necessary for the optimization (required cookies) of the website (e.g., cookies that provide measurable insights into the web audience), shall be stored on the basis of Art. 6(1)(f) GDPR, unless a different legal basis is cited. The operator of the website has a legitimate interest in the storage of required cookies to ensure the technically error-free and optimized provision of the operator’s services. If your consent to the storage of the cookies and similar recognition technologies has been requested, the processing occurs exclusively on the basis of the consent obtained (Art. 6(1)(a) GDPR and § 25 (1) TDDDG); this consent may be revoked at any time.

You have the option to set up your browser in such a manner that you will be notified any time cookies are placed and to permit the acceptance of cookies only in specific cases. You may also exclude the acceptance of cookies in certain cases or in general or activate the delete-function for the automatic eradication of cookies when the browser closes. If cookies are deactivated, the functions of this website may be limited.

Which cookies and services are used on this website can be found in this privacy policy.

Consent with Usercentrics

This website uses the consent technology of Usercentrics to obtain your consent to the storage of certain cookies on your device or for the use of specific technologies, and to document the former in a data protection compliant manner. The party offering this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 München, Germany, website: https://usercentrics.com/ (hereinafter referred to as “Usercentrics”).

Whenever you visit our website, the following personal data will be transferred to Usercentrics:

  • Your declaration(s) of consent or your revocation of your declaration(s) of consent
  • Your IP address
  • Information about your browser
  • Information about your device
  • The date and time you visited our website
  • Geolocation

Moreover, Usercentrics shall store a cookie in your browser to be able to allocate your declaration(s) of consent or any revocations of the former. The data that are recorded in this manner shall be stored until you ask us to eradicate them, delete the Usercentrics cookie or until the purpose for archiving the data no longer exists. This shall be without prejudice to any mandatory legal retention periods.

The Usercentrics banner on this website has been configured with the assistance of eRecht24. This can be identified by the eRecht24 logo. To display the eRecht24 logo in the banner, a connection to the image server of eRecht24 will be established. In conjunction with this, the IP address is also transferred; however, is only stored in anonymized form in the server logs. The image server of eRecht24 is located in Germany with a German provider. The banner as such is provided exclusively by Usercentrics.

Usercentrics uses cookies to obtain the declarations of consent mandated by law. The legal basis for the use of specific technologies is Art. 6(1)(c) GDPR.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

Consent with Cookiebot

Our website uses consent technology from Cookiebot to obtain your consent to the storage of certain cookies on your end device or for the use of certain technologies and to document this in a data protection-compliant manner. The provider of this technology is Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter “Cookiebot”).

When you enter our website, a connection is established with the Cookiebot servers to obtain your consent and provide you with other explanations regarding the use of cookies. Cookiebot will then store a cookie in your browser to identify the consent you have given or its revocation. The data collected in this way is stored until you request us to delete it, delete the Cookiebot cookie itself or the purpose for which the data is stored no longer applies. Mandatory legal storage obligations remain unaffected.

Cookiebot is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6(1)(c) GDPR.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

12. Cloudflare

We use the “Cloudflare” service provided by Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA. (hereinafter referred to as “Cloudflare”).

Cloudflare offers a content delivery network with DNS that is available worldwide. As a result, the information transfer that occurs between your browser and our website is technically routed via Cloudflare’s network. This enables Cloudflare to analyze data transactions between your browser and our website and to work as a filter between our servers and potentially malicious data traffic from the Internet. In this context, Cloudflare may also use cookies or other technologies deployed to recognize Internet users, which shall, however, only be used for the herein described purpose.

The use of Cloudflare is based on our legitimate interest in a provision of our website offerings that is as error free and secure as possible (Art. 6(1)(f) GDPR).

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details and further information on security and data protection at Cloudflare can be found here: https://www.cloudflare.com/privacypolicy/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/5666.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

13. Your Rights

You have the following rights regarding your personal data:

– Access to your stored data
– Request correction or restriction of processing
– Request deletion of your data
– Data portability (structured, machine-readable format)
– Objection to data processing
– Withdrawal of consent
– Right to lodge a complaint with a supervisory authority

Contact: Datenschutz@ServiceOcean.com

Final Provisions

We may update this privacy policy at any time. Changes will be communicated appropriately on our website.

Effective: February 2026