General Information

As website operator CYTENA GmbH is committed to ensuring the security and protection of the personal data that we process and treat these in compliance with existing law. The following privacy policy is intended to inform you in particular about type, scope, purpose, duration and legal basis for the processing of such data either under our own control or in conjunction with others. We also inform you below about the third-party components we use to optimize our website and improve the user experience which may result in said third parties also processing data they collect and control. As novel technologies and new webpage features may appear in the future, we would recommend reading this privacy statement in regular intervals. If we provide addresses and contact information of companies and organizations in this data protection declaration, please note that the addresses can change over time and ask you to check the information before contacting us.
The definition of used technical terms (such as “personal data” and “processing”) can be found invArticle 4 of the EU General Data Protection Regulation (hereinafter referred to as “GDPR”).
Per Article 4 No. 1 of the GDPR, “processing” refers to any operation or set of operations such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data, whether by automated means or not.

1) Contact details of the responsible person

The person responsible for data processing on this website within the meaning of the GDPR is
Julian Riba
Zollhallenstr. 5
79106 Freiburg, Germany
Tel.: +49 761 21 63 2000
E-Mail: [email protected]
The person responsible for processing personal data is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data.

2) Data Acquisition when visiting our website

The use of our homepage does not depend on the user providing personal data. We only process personal data of our users if this is necessary to provide a functional website as well as our contents and services. The use of personal data only takes place after obtaining consent of the user (Article 6 Section 1 a) of the GDPR) with the exception of cases where previous consent for practical reasons cannot be obtained and the data processing follows current regulations. We would like to point out that security gaps can occur during data exchange via internet (e.g. communication by e-mail). A complete protection of data against third persons is not possible.

3) SSL encrypting

We use SSL encryption to protect your data transmitted via our online offer. You can recognize such encrypted connections by the prefix https: // in the address line of your browser.

4) Cookies

In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your end device. We only use cookies that are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). If cookies are set, they collect and process certain user information such as browser and location data as well as IP address values to an individual extent. If individual cookies used by us also process personal data, the processing is carried out in accordance with Art. 6 Para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit. Please note that you can set your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies in certain cases or in general. Each browser differs in the way it manages the cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. A complete de-activation of cookie storage could impair certain features of the homepage.

5) Use of your data for direct marketing purposes

5.1 Subscribing to our e-mail newsletter

If you subscribe to our e-mail newsletter, we will regularly send you information about our company. Your e-mail address is the only mandatory information for sending the newsletter. The provision of further data is voluntary and is used to address you personally. We use the so-called double opt-in procedure to send the newsletter. This means that we will only send you an e-mail newsletter after you have expressly confirmed that you agree to receive the newsletter. We will then send you a confirmation e-mail asking you to confirm that you wish to receive the newsletter in the future by clicking on the appropriate link. By activating the confirmation link, you consent to the use of your personal data in accordance with Art. 6 para. 1 lit. a GDPR.
When you register for the newsletter, we store your IP address entered by the Internet Service Provider (ISP) as well as the date and time of registration in order to be able to track any possible misuse of your e-mail address at a later point in time. The data collected by us when you register for the newsletter will be used exclusively for the purposes of advertising in the newsletter. You can unsubscribe from the newsletter at any time via the link provided for this purpose in the newsletter or by sending a corresponding message to the responsible person named at the beginning. After you have unsubscribed, your e-mail address will be immediately deleted from our newsletter distribution list unless you have expressly consented to the further use of your data or unless we reserve the right to make further use of your data which is permitted by law and about which we inform you in this declaration.

5.2 Newsletter dispatch via MailChimp

Our e-mail newsletters are sent via the technical service provider The Rocket Science Group, LLC d/b/a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (, to whom we forward the data you provided when registering for the newsletter. This disclosure is made in accordance with Art. 6 Para. 1 lit. f GDPR and serves our legitimate interest in the use of an effective, secure and user-friendly newsletter system.
Please note that your data is usually transferred to a MailChimp server in the USA and stored there.
MailChimp uses this information for the dispatch and statistical evaluation of the newsletter on our behalf. For the evaluation, the e-mails sent contain so-called web beacons or tracking pixels, which represent one-pixel image files stored on our website. This enables us to determine whether a newsletter message has been opened and which links have been clicked. Mailchimp uses web beacons to automatically generate general, non-personal statistics about the response behaviour to newsletter campaigns. On the basis of our justified interest in the statistical evaluation of the newsletter campaigns for the optimisation of communication and the better orientation towards recipient interests, the web beacons in accordance with Art. 6 Para. 1 lit f GDPR also collect and process data of the respective newsletter recipient (e-mail address, time of retrieval, IP address, browser type and operating system). These data allow an individual conclusion to be drawn about the newsletter recipient and are processed by Mailchimp for the automated generation of statistics that show whether a certain recipient has opened a newsletter message.
If you wish to deactivate data analysis for statistical evaluation purposes, you must unsubscribe from the newsletter.
MailChimp can also use this data in accordance with Art. 6 Para. 1 lit. f GDPR itself on the basis of its own legitimate interest in the needs-based design and optimisation of the service as well as for market research purposes, for example to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write to them itself or to pass them on to third parties.
In order to protect your data in the USA, we have concluded a data processing agreement with MailChimp based on the standard contractual clauses of the European Commission to enable the transfer of your personal data to MailChimp. If you are interested, this data processing agreement can be viewed at the following Internet address:
In addition, MailChimp is certified under the us European data protection agreement “Privacy Shield” and is thus committed to complying with EU data protection regulations. You can view the privacy policy of MailChimp here:

6) Contact and Sales force contact form

Within the scope of contacting us (e.g. via sales force contact form or e-mail), personal data is collected. Which data is collected in the case of the contact form, is apparent from there. These data are stored and used exclusively for the purpose of answering your request or for establishing contact and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in responding to your request pursuant to Art. 6 Para. 1 lit. f GDPR. If the purpose of your contact is to conclude a contract, the additional legal basis for the processing is Art. 6 Para. 1 lit. b GDPR. Your data will be deleted after final processing of your request. This is the case if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided there are no legal obligations to retain data.

7) Google Analytics

These websites use Google Analytics, a web analysis service from Google Inc. (“Google”). Information about your use of the website is collected, including Browser type and version, operating system used, referrer URL (previously visited page), IP address or date / time of the request. Google Analytics uses so-called “cookies”, text files that are stored on your computer and that enable your use of the website to be analysed. The information generated by the cookies about your use of this website is usually transferred to a Google server in the USA and stored there. Because IP anonymization is activated on this website, your IP address will be shortened by Google within member states of the European Union or the EEA (European Economic Area) and only transmitted anonymously. The full IP address will only be sent to a Google server in the USA and shortened there in exceptional cases. This transmission