Privacy

This Privacy Policy clarifies the nature, scope and purpose of the processing of personal data (hereinafter referred to as “Data”) within our online offering and the related websites, features and content, as well as external online presence, e.g. our social media profiles on. (collectively referred to as “online offer”). With regard to the terminology used, e.g. “Processing” or “Responsible”, we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

1. Name and contact details of the controller and the company data protection officer

This privacy policy applies to data processing by:

Responsible:

Grobmeier Solutions GmbH
GF: Christian Grobmeier
Viktor-von-Scheffel-Str. 7 86853 Langerringen Germany Email: cg@grobmeier.de
Telephone: ++4981913318186

2. Collection and storage of personal data and the nature and purpose of their use

a) When visiting the website

When you visit our website https://www.timeandbill.de/, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information will be collected without your intervention and stored until automated deletion:

IP address of the requesting computer,
date and time of access,
name and URL of the retrieved file,
website from which access is made (referrer URL),
The browser used and, if applicable, the operating system of your computer and the name of your access provider.

The data mentioned are processed by us for the following purposes:

ensuring a smooth connection of the website,
ensuring comfortable use of our website,
Evaluation of system security and stability as well
for further administrative purposes.

The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. In no case we use the collected data for the purpose of drawing conclusions about you. In addition, we use cookies and analysis services when visiting our website. Further details can be found under no. 4 and 5 of this privacy policy.

b) Registration / Registration

Users can create a user account. All you need to do is enter an e-mail address and a password. The data entered during registration will be used for the purpose of using the offer. Users can record working hours in their user account. If users have terminated their user account, their data will be deleted with regard to the user account, subject to their retention is for commercial or tax law reasons according to Art. 6 para. 1 lit. c DSGVO necessary. It is the responsibility of the users to secure their data upon termination before the end of the contract. We are entitled to irretrievably delete all user data stored during the term of the contract.

As part of the use of our Regsitrierungs- and registration functions and the use of user accounts, the IP address and the time of the respective user action will save. The storage is based on our legitimate interests, as well as the user’s protection against misuse and other unauthorized use. A transfer of these data to third parties does not take place, unless it is necessary for the prosecution of our claims or there is a legal obligation in accordance with. Art. 6 para. 1 lit. c DSGVO. The IP addresses will be anonymized or deleted after 7 days at the latest.

3. Disclosure of data

A transfer of your personal data to third parties for purposes other than those listed below does not take place. We only share your personal information with third parties if:

You your according to Art. 6 para. 1 p. 1 lit. a GDPR have given express consent to this - disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data, - in the event that disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR is a legal obligation, as well - as permitted by law and according to Art. 6 para. 1 sentence 1 lit. b GDPR is required for the settlement of contractual relationships with you.

Grobmeier Solutions uses the MailChimp service provided by The Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA, to send newsletters.

MailChimp allows Grobmeier Solutions to manage a database of email contacts and communicate with users via email.

MailChimp may collect information about whether and when emails are opened and whether links within the email are clicked. This information is collected using so-called web beacons or tracking pixels. These are small image files that enable the analysis of user interaction with the email.

Users can object to this tracking at any time by unsubscribing from the newsletter. Tracking may also be prevented if images are disabled in the user’s email client. In this case, however, the newsletter may not be displayed in full and some functions may not be available.

Further information about MailChimp’s privacy practices can be found at: https://mailchimp.com/legal/privacy/

(b) Hetzner – Hosting of the Application

Time & Bill is hosted on servers operated by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany.

Application data is stored in data centers located in Germany. Hetzner operates its infrastructure according to high security standards and is subject to European data protection regulations.

(c) Amazon Web Services – Infrastructure and Email Delivery

For certain infrastructure and communication services, Grobmeier Solutions uses services provided by Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855 Luxembourg.

This includes, in particular, the delivery of system emails (for example invitations or password reset emails). In this context, email content and recipient addresses may be processed through infrastructure provided by Amazon Web Services.

Amazon Web Services provides extensive security and privacy measures and commits to complying with applicable European data protection standards.

Further information about AWS privacy practices can be found at: https://aws.amazon.com/privacy/

7. Affected rights

You have the right:

in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you can provide information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right to rectification, deletion, limitation of processing or opposition, the existence of a The right to complain, the source of their data, if not collected from us, and the existence of automated decision-making including profiling and, where appropriate, meaningful information about their details;
in accordance with Art. 16 GDPR, immediately demand the correction of incorrect or complete personal data stored with us;
in accordance with Art. 17 GDPR, to demand the deletion of your personal data stored by us, unless the processing for the exercise of the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest or for the assertion, exercise or defense of Legal claims is required;
to demand the restriction of the processing of your personal data according to Art. 18 GDPR, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject its deletion and we no longer need the data, but you assert this, Exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
in accordance with Art. 20 GDPR, to receive your personal data provided to us in a structured, standard and machine-readable format or to request transmission to another person responsible;
according to Art. 7 para. 3 GDPR, to revoke your once given consent to us at any time. As a result, we are not allowed to continue the data processing based on this consent for the future and
to complain to a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our office.

8. Right to object

If your personal data are based on legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR are processed, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct mail. In the latter case, you have a general right of objection, which is implemented by us without specifying any particular situation. If you would like to exercise your right of revocation or objection, please send an e-mail to cg@grobmeier.de.

9. Data security

We use the popular SSL (Secure Socket Layer) method within the site visit, in conjunction with the highest level of encryption supported by your browser. In general, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we’ll use 128-bit v3 technology instead. Whether a single page of our website is encrypted is shown by the closed representation of the key or lock icon in the lower status bar of your browser.

We also take appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

10. Updating and changing this privacy policy

This privacy policy is currently valid and is valid as of March 2026.

As a result of the further development of our website and offers thereof or due to changed legal or official requirements, it may be necessary to change this privacy policy. The current privacy policy can be viewed and printed by you at any time on the website at https://www.timeandbill.de.