Privacy Policy

Last updated: 15 January 2026

This Privacy Policy explains how CosmicBridge AG ("we", "us", or "our") collects, uses, and protects your personal information when you visit our website or use our services. We are committed to protecting your privacy and ensuring transparency in our data processing practices.

Data Controller Information

CosmicBridge AG is the data controller responsible for your personal data. We are registered in Germany with registration number HRB647139 and VAT number DE618529743.

CosmicBridge AG

Parkstraße 128, 44653 Dortmund

North Rhine-Westphalia, Germany

Email: privacy@cosmicbridge.world

Phone: +49 2312812514

Data We Collect

We collect and process the following types of personal data when you interact with our website and services. Our data collection practices are designed to provide you with the best possible service whilst respecting your privacy rights.

Information You Provide Directly

  • Contact information (name, email address, phone number)
  • Company or restaurant name and details
  • Messages and inquiries sent through our contact forms
  • Communication preferences and consent records

Information Collected Automatically

  • IP address and location data
  • Browser type, version, and operating system
  • Pages visited, time spent on pages, and navigation patterns
  • Referral sources and search terms used to find our website
  • Device information and screen resolution

How We Use Your Information

We process your personal data for specific, legitimate purposes in accordance with applicable data protection laws. Here's how we use your data and the legal basis for each type of processing:

Service Provision and Communication

  • Responding to your inquiries and providing requested information about our services
  • Processing consultation requests and scheduling appointments
  • Delivering our beverage cost control services and support
  • Maintaining customer relationships and providing ongoing assistance

Website Improvement and Analytics

  • Analysing website usage to improve user experience and functionality
  • Understanding visitor behaviour and preferences
  • Optimising our content and services based on user feedback
  • Ensuring website security and preventing fraud or misuse

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, their purposes, and how to manage them, please visit our Cookie Policy.

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Consent: When you provide explicit consent for specific processing activities, such as marketing communications or certain cookies
  • Contract Performance: When processing is necessary to provide our services or respond to your service requests
  • Legitimate Interests: For website analytics, security, and business development, where our interests don't override your rights
  • Legal Obligation: When we must process data to comply with legal requirements

Data Sharing and Third Parties

We do not sell, trade, or rent your personal information to third parties. We may share your data with trusted service providers who assist us in operating our website and providing our services, subject to strict confidentiality agreements.

Service Providers We Work With

  • Web hosting and content delivery network providers
  • Email communication and customer relationship management systems
  • Analytics providers (such as Google Analytics) for website performance analysis
  • Advertising platforms (such as Google Ads) for marketing and remarketing campaigns

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal obligations. Our data retention periods are as follows:

  • Contact inquiries: Retained for 3 years from last contact to maintain service history
  • Service contracts: Retained for 7 years as required by German commercial law
  • Website analytics data: Anonymised after 26 months in accordance with Google Analytics settings
  • Marketing communications: Until consent is withdrawn or 3 years of inactivity
  • Legal compliance data: As required by applicable laws and regulations

Your Rights

Under GDPR and applicable data protection laws, you have several rights regarding your personal data. These rights include the ability to control how your information is processed and used.

Your Data Protection Rights

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for marketing purposes
  • Right to Withdraw Consent: Withdraw consent for processing based on consent at any time

To exercise any of these rights, please contact us at privacy@cosmicbridge.world or +49 2312812514. We will respond to your request within one month of receipt.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest using industry-standard protocols
  • Regular security assessments and vulnerability testing
  • Access controls and authentication mechanisms for our systems
  • Staff training on data protection and security best practices
  • Incident response procedures for potential data breaches

International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). When we transfer your data to countries outside the EEA, we ensure appropriate safeguards are in place, such as:

  • European Commission adequacy decisions for countries with adequate data protection
  • Standard Contractual Clauses approved by the European Commission
  • Certification schemes and codes of conduct recognised under GDPR

Contact Information

If you have any questions about this Privacy Policy, our data processing practices, or wish to exercise your rights, please contact us using the following information:

Data Protection Contact

CosmicBridge AG

Parkstraße 128, 44653 Dortmund, Germany

Email: privacy@cosmicbridge.world

Phone: +49 2312812514

Business Hours: Monday - Friday, 8:00 - 17:00 CET

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data violates applicable data protection laws. In Germany, you can contact:

Federal Commissioner for Data Protection and Freedom of Information

Graurheindorfer Str. 153, 53117 Bonn, Germany

Website: bfdi.bund.de

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

  • Update the "Last updated" date at the top of this policy
  • Notify you of significant changes through our website or direct communication
  • Provide clear information about what has changed and why

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.