Privacy Policy

1. Data Protection at a Glance

General Information: This section provides a brief overview of what happens with your personal data when you visit our website. “Personal data” means any information that can identify you as an individual. For detailed information, please read our full Privacy Policy below.

Data Collection on this Website: Data processing on this site is carried out by the website operator (BeyondPart). We collect personal data that you actively provide (e.g. by filling out a contact form or subscribing to our newsletter), as well as some data automatically collected by our IT systems when you visit (such as your browser type, operating system, IP address, and the time of page access).

Purposes of Data Collection: Part of the data is collected to ensure the website functions properly and securely, and another part may be used for analytics to improve our services or for marketing purposes. If you contact us or request a quote, we use your data to communicate with you and process your request.

Your Rights: You have various rights regarding your personal data (see Your Rights below for more details). These include the rights to access your data, to have it corrected or deleted, to restrict or object to its processing, and to withdraw any consent you have given. You also have the right to lodge a complaint with the relevant data protection supervisory authority.

Analysis Tools and Third-Party Tools: When you visit our website, your browsing behavior may be analyzed statistically via analytics or tracking tools. This analysis is generally performed anonymously and will not be used to identify you personally. You can object to such analysis or prevent it by not consenting to non-essential cookies (see our Cookie Policy) – detailed information is provided in the sections below.

2. Data Controller and Contact Information

The “data controller” (the responsible entity determining the purposes and means of processing personal data) for this website is:

BeyondPart – Jan Hinnerk Pagel
Burgwedel 50b, 22457 Hamburg, Germany
Phone: +49 40 30724171
Email: sales@beyondpart.com

If you have any questions about this Privacy Policy or about how we handle your data, you can contact us at the above address or email.

3. Data Processing Overview

Legal Basis for Processing: We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and other applicable laws. This means your data is processed only if permitted by law or if you have given consent. In particular, processing may be justified by one of the following legal bases:

Consent (Art. 6(1)(a) GDPR): When you have given us explicit consent to process your data for specific purposes, for example when subscribing to our newsletter.

Contract (Art. 6(1)(b) GDPR): When processing is necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract (e.g. processing a spare parts inquiry or order).

Legal Obligation (Art. 6(1)(c) GDPR): When we have to process data to comply with a legal obligation (for instance, maintaining records for tax purposes).

Legitimate Interests (Art. 6(1)(f) GDPR): When processing is necessary for our legitimate interests (or those of a third party), provided your interests or fundamental rights and freedoms do not override those interests. This may include ensuring IT security and the proper functioning of the website, responding to inquiries, or improving our services.

We will indicate in the sections below which legal basis applies to each type of processing.

Storage Duration: We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal retention requirements. For example, if you contact us, we will process your data for the time it takes to handle your request and any follow-up questions. If you subscribe to our newsletter, we process your data until you unsubscribe. We may also retain data to fulfill contractual or legal obligations (e.g. record-keeping laws) – once those obligations cease, the data is deleted or anonymized.

Data Security: We take appropriate technical and organizational security measures to protect your personal data against unauthorized access, loss, alteration, or destruction. This includes using SSL/TLS encryption on our website (you can recognize this by the padlock symbol in your browser’s address bar and the "https://" prefix). Despite our efforts, please note that no data transmission or storage can be guaranteed 100% secure. We continuously improve our security measures in line with technological developments.

4. Your Rights as a Data Subject

Under the GDPR, you have the following rights regarding your personal data:

Right of Access: You have the right to request confirmation of whether we are processing personal data about you, and if so, you can request details of that data and a copy of it (Art. 15 GDPR).

Right to Rectification: You have the right to request correction of inaccurate personal data concerning you, and to have incomplete data completed (Art. 16 GDPR).

Right to Erasure: You have the right to deletion of your personal data ("right to be forgotten") under certain conditions – for example, if the data are no longer necessary for the purposes for which they were collected or if you withdraw consent and no other legal basis for processing applies (Art. 17 GDPR).

Right to Restrict Processing: You have the right to request that we restrict the processing of your data under certain circumstances, e.g. while we verify the accuracy of your data or if processing is unlawful but you oppose deletion (Art. 18 GDPR).

Right to Data Portability: When processing is based on your consent or a contract and carried out by automated means, you have the right to receive your personal data from us in a structured, commonly used, machine-readable format, and to have it transmitted to another controller where technically feasible (Art. 20 GDPR).

Right to Object: You have the right to object at any time, on grounds relating to your particular situation, to processing of your personal data that is based on our legitimate interests (Art. 21 GDPR). If you object, we will cease processing your data unless we demonstrate compelling legitimate grounds for the processing that override your interests, or if the processing is for the establishment, exercise, or defense of legal claims. Where your personal data are processed for direct marketing purposes, you have an unconditional right to object at any time (Art. 21(2) GDPR).

Right to Withdraw Consent: If you have given consent to any data processing, you can revoke that consent at any time with effect for the future. Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal.

Right to Lodge a Complaint: If you believe our processing of your personal data violates data protection laws, you have the right to file a complaint with a data protection supervisory authority, particularly in the EU member state of your habitual residence, place of work, or the place of the alleged infringement (Art. 77 GDPR). In Germany, you can contact the Data Protection Commissioner of the relevant federal state.

You may exercise your rights by contacting us via the contact information provided above. We will respond to requests in accordance with applicable data protection laws.

5. Data Collection on Our Website

Cookies: When you visit our site, we may store “cookies” on your device. Cookies are small text files that enable core site functionality, remember your preferences, and collect anonymous analytics data (see our separate Cookie Policy for details). Some cookies are essential for the website to operate (these are set based on our legitimate interest in providing a functional site, Art. 6(1)(f) GDPR), while others (such as analytics or marketing cookies) are only set with your consent (Art. 6(1)(a) GDPR). On your first visit, you will be asked via our cookie consent banner to choose which non-essential cookies you accept. You can change your preferences at any time through the Cookie Settings on our site or via your browser settings. For more information on how we use cookies and similar technologies, please refer to our Cookie Policy.

Server Log Files: The server that hosts our website automatically collects and stores certain information in log files, which your browser automatically transmits. This may include your IP address, the date and time of the request, pages visited, the amount of data transferred, the referrer (the page from which you came), and your browser type/version and operating system. We process these log file data for technical purposes: to ensure the smooth delivery of the website, optimize performance, and maintain security (e.g. to detect and investigate unauthorized access or attacks). This processing is based on our legitimate interest in the security and functionality of our online services (Art. 6(1)(f) GDPR). Server log data are not combined with other data sources, and we do not use them to identify individuals. Log files are typically kept for a short period and then automatically deleted or anonymized, unless some data need to be retained longer for incident investigation.

Contact Forms and Communication: If you send us inquiries via contact form, email, or phone, we will collect the information you provide (such as your name, company, contact information, and the content of your inquiry). This data is used exclusively to answer your question, process your request, and for related technical administration. Depending on the nature of your request, the legal basis for this processing is either to take steps at your request prior to entering into a contract or to perform a contract (Art. 6(1)(b) GDPR) – for example, if you request a quote or have an issue regarding an existing contract – or our legitimate interest in effectively responding to inquiries (Art. 6(1)(f) GDPR). We will not use the data from your inquiry for marketing unless you separately consent to it. Communication data (including the inquiry and our response) are stored as long as necessary to fully address your matter and any follow-up, and may be archived for a certain time thereafter based on our legitimate interests or legal obligations (e.g. business correspondence retention requirements).

6. Social Media Integration

Our website may incorporate features from social media platforms (for example, an Instagram feed or LinkedIn share button) to enhance user experience and engagement. These features will typically be clearly marked by the social network’s logos and are subject to the privacy policies of those providers. We currently include a feed or link to Instagram on our site.

When you actively click on or use a social media feature on our site, a direct connection may be established between your browser and the servers of the respective social network (e.g. Instagram). This will transmit certain data, such as your IP address and, if you are logged into that social network, possibly information that the social network can link to your profile. We do not transmit personal data to social platforms automatically by merely loading our site; data transfer occurs only when you actively interact with the social media plugin (such as clicking the Instagram icon). If you do engage, the legal basis for data processing is your consent (Art. 6(1)(a) GDPR) implied by clicking the share/login button, or our legitimate interest (Art. 6(1)(f) GDPR) in providing a convenient way for users to share and follow our content. However, once you leave our site or the plugin activates, the respective social network’s terms and privacy policy apply. We have no control over how these platforms handle your data. For details, please consult the privacy policy of the social network (e.g. Instagram’s Data Policy).

7. Newsletter and Marketing Emails

If you subscribe to our email newsletter or opt in to receive updates, we will collect your email address (and possibly your name or company, if you provide it) in order to send you periodic news about BeyondPart, industry updates, or marketing communications. We will only send you the newsletter with your explicit consent (Art. 6(1)(a) GDPR) – for example, through a sign-up form where you confirmed your subscription. We use a double opt-in process if required (meaning you’ll receive an email asking you to confirm your subscription). You can unsubscribe at any time by using the “Unsubscribe” link provided in every newsletter email or by contacting us directly, and we will immediately remove you from the mailing list. Upon revocation of consent, we will stop sending you the newsletter and will delete or anonymize your contact data, except to the extent it is retained in suppression lists to ensure we respect your opt-out.

We may use an external email service provider to manage our newsletter. If so, we will ensure that any such provider is GDPR-compliant and, if it operates outside the EU, that appropriate safeguards (such as EU standard contractual clauses) are in place for data transfer. We will not share your email address with any other third parties for their own marketing.

8. Hosting and Third-Party Services

External Hosting: Our website is hosted by an external service provider (hoster). The personal data collected on this website (such as website usage data and communications) are stored on the hoster’s servers. This may include IP addresses, contact form submissions, website traffic data, and other data generated through the website. We have chosen a hosting provider in Germany for reliable service and data security:

Hosting Provider: united-domains AG, Gautinger Straße 10, 82319 Starnberg, Germany.

All data processing by our hosting provider is done under our instructions and in compliance with GDPR. We have signed a Data Processing Agreement (DPA) with the hoster to ensure they handle personal data in accordance with EU data protection laws. Hosting services are utilized based on our legitimate interest in a secure and efficient provision of our online offer (Art. 6(1)(f) GDPR) and/or for the performance of a contract (Art. 6(1)(b) GDPR) if applicable. The hoster may only access personal data to the extent necessary to fulfill its hosting duties and is contractually obliged to maintain confidentiality and security of your data.

Analytics: At present, we do not use any third-party analytics service that directly collects personal data (such as Google Analytics) on our website. However, we do collect anonymous statistical data about how visitors use our site (e.g. aggregated page views, time on site) through essential cookies and our web hosting logs as described above. If in the future we employ any analytics or tracking service that processes personal data, we will update this Privacy Policy accordingly and request your consent if required. You always have the option to opt out of non-essential analytics by adjusting your cookie settings.

Google Maps: We use Google Maps on our contact page to show our business location and help you with directions. Google Maps is a map service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) for EU users, or by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA, USA) for other regions. When you view a page on our site that includes Google Maps, your browser may directly connect to Google’s servers. Google will receive some data such as your IP address and device info, and will set cookies or similar technologies to process location and usage information. This happens only after you have given consent via our cookie consent banner for loading external map content (classified as a functional/analytics cookie). The use of Google Maps is in our legitimate interest (presenting our office location in an interactive map for user convenience, Art. 6(1)(f) GDPR); however, we ensure that it is only activated with your consent due to the data transfer involved (consent under Art. 6(1)(a) GDPR). Google may process your data on servers in the USA. We have no influence on this data transmission. For details on how Google handles user data, please see Google's Privacy Policy. If you prefer not to have your data processed by Google in this way, do not interact with the map on our site.

YouTube Videos: On some pages, we may embed videos hosted on YouTube (a service by Google Ireland/Google LLC). Our embedded videos are in "privacy-enhanced mode" if available, meaning that YouTube will not store cookies or track usage unless you play the video. When you press play, the video content is streamed from YouTube, which acts like visiting the YouTube website. This will send certain information to YouTube, including your IP address, the specific video you are watching, and possibly technical details of your device. If you are logged into your Google/YouTube account, this information may be associated with your account. We embed YouTube videos to make our site more informative, based on our legitimate interest in providing engaging content (Art. 6(1)(f) GDPR). However, the video will only load and process your data if you click on it (implying your consent, Art. 6(1)(a) GDPR). To prevent data exchange with YouTube, simply do not play the videos. For more information, review YouTube’s Privacy Policy on how they handle data.

hCaptcha (Spam Protection): We utilize the hCaptcha service on forms (such as our contact or newsletter signup forms) to verify that input is made by a human and not by an automated bot. hCaptcha is provided by Intuition Machines, Inc. (USA). The captcha mechanism serves our legitimate interest in protecting our site from abusive automated scraping and spam (Art. 6(1)(f) GDPR). When the hCaptcha is executed, it may collect and process certain user information (such as IP address, mouse movements, time spent on the page, or other behavioral data) to determine whether the user is human. This data is transmitted to hCaptcha's servers for analysis. hCaptcha may set cookies for this purpose. By using our forms protected by hCaptcha, you acknowledge and accept that the data you submit (including the interaction data) will be sent to hCaptcha and used for this security purpose. If you do not wish this data transfer to occur, please refrain from using our form and contact us through alternative means (e.g. directly via email or phone). For more details, see hCaptcha’s own privacy policy. We have implemented hCaptcha in a manner that only runs when necessary (typically when you attempt to submit a form), and it is not used for any other purpose than anti-bot verification.

Other Third-Party Services: Beyond the services listed above, if we integrate any additional third-party plugins or tools in the future (such as analytics scripts, chat widgets, etc.), we will disclose them here along with their purpose and legal basis. We strive to minimize the use of external services that process personal data unless truly necessary.

International Data Transfers: If any third-party service we use processes data outside the European Union (for example, on servers in the United States), we will ensure that appropriate safeguards are in place for such data transfers. Typically, this means the service providers are either certified under the EU-US Data Privacy Framework (if applicable) or have signed Standard Contractual Clauses (SCCs) with us to contractually guarantee a level of data protection equivalent to the EU standard. Despite these measures, when data is outside the EU, there may be risks (e.g., access by foreign authorities under local laws). By consenting to use of these third-party services (via our cookie banner or otherwise), you acknowledge these potential risks. You have the right to request more information about such safeguards – feel free to contact us.

9. No Sale of Personal Data

We do not sell, trade, or rent personal data to third parties for their marketing purposes. We may share data with third-party processors or service providers strictly for the purposes outlined in this policy (for example, our hosting company, or an email newsletter service), and always under contractual arrangements that protect your data. Any sharing with authorities will only occur if we are legally obligated to do so.

10. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements or our data processing practices. The updated policy will be posted on this page with a new "Last updated" date. We encourage you to review the Privacy Policy periodically. If changes are significant, we may provide a more prominent notice or seek your consent where required by law. By continuing to use our website after those changes become effective, you agree to the revised policy.

Last updated: January 2026.