Privacy Policy
We take the protection of your personal data very seriously. Below we inform you about the processing of your data within ShotShift in accordance with the General Data Protection Regulation (GDPR).
1. DATA PROTECTION AT A GLANCE
The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data by which you can be personally identified. Data Recording on our Website: The data processing on this website is carried out by the website operator. You can find their contact details in the section 'Controller & Data Collection' of this privacy policy. How do we collect your data? Your data is collected when you communicate it to us (e.g., by registering for the waitlist). Other data is collected automatically by our IT systems when you visit the website (e.g., technical data such as browser, operating system, or time of page call).
2. CONTROLLER & DATA COLLECTION
The controller responsible for data processing on this website is: Black Ice Events UG (haftungsbeschränkt) Rechener Straße 2A 44787 Bochum, Germany E-Mail: info@blackiceevents.de
For security reasons and to protect the transmission of confidential content, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the browser's address line changes from 'http://' to 'https://' and by the lock symbol in your browser line.
3. HOSTING & SERVER LOG FILES
We host our website with Vercel Inc. (USA). The provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are: browser type/version, operating system used, referrer URL, hostname of the accessing computer, time of the server request, and IP address. Legal Basis & Retention: The processing is based on Art. 6 (1) (f) GDPR. We have a legitimate interest in the technically error-free presentation and optimization of our website. The data will be deleted after 14 days, unless further storage is required for evidentiary purposes due to security incidents. Data Processing Agreement: We have concluded a Data Processing Agreement (DPA) with Vercel to ensure compliance with European data protection standards. Vercel is certified under the EU-U.S. Data Privacy Framework (DPF).
4. WAITLIST REGISTRATION (NEWSLETTER)
If you register for our waitlist, we process your email address exclusively to inform you about the product launch and updates regarding ShotShift. Double Opt-In: To ensure that the registration is actually made by the owner of the email address, we use the 'Double Opt-In' procedure. After registration, you will receive an email asking you to confirm your registration. Without this confirmation, your data will be deleted automatically. Legal Basis: The processing of your data is based on your consent (Art. 6 (1) (a) GDPR). You can withdraw this consent at any time (e.g., via the 'Unsubscribe' link in the email).
Your data will be stored by us until you unsubscribe from the newsletter or the waitlist and will be deleted from the distribution list after you unsubscribe.
5. THIRD-PARTY SERVICES (PROCESSORS)
We use the following service providers to process data on our behalf. We have concluded Data Processing Agreements (DPA) with all providers.
Hosting and deployment of the platform.
Vercel is certified under the EU-U.S. Data Privacy Framework (DPF).
Sending newsletters, managing the waitlist, and analyzing open rates.
Beehiiv processes data in accordance with Standard Contractual Clauses (SCCs) and ensures an adequate level of data protection.
Serverless database (Redis/Kafka) for temporarily storing waitlist data and state management.
Data is stored in data centers within the EU (Frankfurt/Ireland) whenever possible.
Automation of data transfers between our forms and databases.
Hosting: Self-hosted / Cloud (Processing takes place on servers within the EU).
6. ANALYTICS & ADVERTISING
Important Note on Consent: We use a Consent Management Platform (Cookie Banner). The services listed below (Meta, LinkedIn, Google) are only loaded if you have given your explicit consent via our banner (Art. 6 (1) (a) GDPR).
- Google Tag Manager
We use the Google Tag Manager. This service allows website tags to be managed via an interface. The Google Tag Manager itself (which implements the tags) does not set cookies and does not collect personal data. However, it triggers other tags, which may in turn collect data.
- Meta Pixel
We use the 'Meta Pixel' from Meta Platforms Ireland Ltd. Purpose: Conversion measurement, creating Custom Audiences, and retargeting. Joint Controllership: For the collection of data and transmission to Meta, we and Meta act as 'Joint Controllers' under Art. 26 GDPR.
- LinkedIn Insight Tag
We use the Insight Tag from LinkedIn Ireland Unlimited Company. Purpose: Reporting, retargeting, and conversion tracking. Joint Controllership: We are jointly responsible with LinkedIn for the collection of data (Art. 26 GDPR).
7. YOUR RIGHTS (DATA SUBJECT RIGHTS)
You have the following rights under the GDPR regarding your personal data: Right of access (Art. 15), Right to rectification (Art. 16), Right to erasure (Art. 17), Right to restriction of processing (Art. 18), Right to data portability (Art. 20), Right to object (Art. 21).
Withdrawal of consent: You can withdraw consent already given at any time. An informal message by email to us is sufficient.
Automated decision-making: We do not use automated decision-making or profiling according to Art. 22 GDPR.
Right to lodge a complaint: In the event of violations of the GDPR, you have the right to lodge a complaint with a supervisory authority (e.g. LDI NRW).
8. VALIDITY AND CHANGES
This privacy policy is currently valid and is as of February 2026. Due to the further development of our website or due to changed legal or official requirements, it may become necessary to change this privacy policy.