Data Privacy

We, at Ximantix Software GmbH, take the protection of your personal data very seriously. . We handle your personal data confidentially and in compliance with the legal data protection requirements and this Privacy Policy at all times.

Responsible in terms of data protection law is:

Ximantix Software GmbH, Landsbergerstr. 402, 81241 Munich, Germany
Managing Director: Mr. Tim Rossky

You can usually use our website without providing any personal data. If personal data is collected on our website (e.g. name, postal address or email addresses), it always takes place on a voluntary basis as prescribed by data protection law. These data will not be passed on to third parties without your consent.

You can trust us with your personal data. It is encrypted by digital security systems and then transmitted to us. Technical measures are used to protect our websites against damage, destruction or unauthorised access. Despite this, we would like to point out to you that transferring data over the Internet (e.g. when communicating by email) can be vulnerable to security gaps. It is impossible for us to protect data fully against unauthorised access by third parties.

Who has access to or receives your data?

The data within our company is always accessible to the employees who are involved in the fulfilment

  • of our contractual obligations to you.
  • our legal obligations
  • of activities permitted to us in sales and marketing.


We use contract processors (other service providers) for the operation of our Internet pages and for the fulfilment of our contractually agreed services. In this case it can happen that an order processor gets knowledge of personal data. Therefor we carefully select our service providers – especially with regard to data protection and data security – and take all measures required under data protection law for permissible data processing.


This website is hosted by an affiliate company;, certified as a perennial health data host, ISO 27001, ISO 20000, ISO 27017 and ISO 27018, and therefore subject to regular security audits, by approved organizations (Hoster).
<!– Diese Website wird bei unserem Mutterkonzern gehostet (Hoster). CEGEDIM S.A – 137 rue d’Aguesseau, 92100 Boulogne-Billancourt, France

Telefon: +33 1 49 09 22 00–>

The personal data collected on this website is stored on the hoster’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contact information, names, website accesses and other data generated through a website.

The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO).


This website makes use of what are referred to as ‘cookies’. Cookies are small text files and do not harm your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser.

In some cases, cookies from third-party companies may also be stored on your end device when you enter our site (third-party cookies). These enable us or you to use certain services of the third party company (e.g. cookies for processing payment services).

Cookies have various functions. Numerous cookies are technically necessary, as certain website functions would not function without them (e.g. the shopping basket function or the display 6 / 11 of videos). Other cookies are used to evaluate user behaviour or display advertising.

Cookies that are necessary to carry out the electronic communication process (necessary cookies) or to provide certain functions requested by you (functional cookies, e.g. for the shopping basket function) or to optimise the website (e.g. cookies to measure the web audience) are stored on the basis of Art. 6 para. (1) f DSGVO, unless another legal basis is given. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimised provision of his services. If consent to the storage of cookies has been requested, the cookies in question will be stored exclusively on the basis of this consent (Art. 6 para. 1 lit. a DSGVO); consent may be revoked at any time.

If you do not wish to receive cookies from our site, you can inform us of your choices via the site’s Cookie Management panel.

You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you disable cookies, it may limit your ability to use this website to its full extent.

Insofar as cookies are used by third-party companies or for analysis purposes, we will inform you separately within the scope of this data protection information and, if necessary, request your consent.

Cookies used on this website

Source: Cegedim Group (XimantiX)
Purpose:This session cookie is used to enable the site to benefit from better availability. The cookie is set by our load balancing system to maintain a user session on only one of our web servers. It is deleted when you close your browser.

Name: wp-wpml_current_language
Source: Cegedim Group (XimantiX)
Purpose: Cookie of WPML-Plugin to store language settings.

Name: xinewsletterbox
Source: Cegedim Group (XimantiX)
Purpose: Cookie for user-friendly control of the newsletter popup.

Name: modernizr
Source: Cegedim Group (XimantiX)
Purpose: We use modernizr.js, a JavaScript library that allows to recognize HTML5 and CSS3 features in different browsers. For this purpose your IP address is transferred to a script on the server of the domain.

Name: _gd* _ga _gid _utma _utmb _utmc _utmt _utmz
Source: Google Analytics

Expiry: _gd* 1 year; _ga 2 years; _gid 1 day; _utma 2 years;_utmb 30 minutes; _utmc browser session; _utmt 10 Minutes; _utmz 6 months;

Type: HTTP Cookie
Purpose: We use the web analysis service Google Analytics (Google Inc.) in order to be able to analyse the use of our website by visitors and to suggest improvements.

_ga cookie stores a unique customer identifier (ClientID), a randomly generated number. As soon as the identifier is generated, it is stored in the cookie and is used for each click/submission to Google Analytics.
_gid cookie registers a unique ID that is used to generate statistical data on how the visitor uses the website.
_gd* cookies are used to distinguish users.
_utma cookie keeps track of the number of times a visitor has been to the site, when their first visit was, and when their last visit occurred.
_utmb cookie helps calculate how long a visit takes by collecting a timestamp of the exact moment in time when a visitor enters the site.
_utmc cookie helps calculate how long a visit takes by collecting a timestamp of the exact moment in time when a visitor leaves the site.
_utmt cookie is used to throttle request rate.
_utmz cookie keeps track of where the visitor came from, what search engine was used, what link was clicked on, what keywords used, and where in the world the site was accessed from.

Further information:

Vendor without cookies:

Vendor: Google General
Domain: *,

Vendor: Google Maps

Contact Form

If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provided there, will be stored in our CRM system (Sales Force) and in our e-mail system for the purpose of processing the enquiry and in case of follow-up questions. We use the data solely for the purpose of communicating with you. We do not disclose this data without your consent.

Access data when you visit our website

When you visit our website, personal data is processed in order to be able to display the contents of our website on your device.

The IP address for the device you are using needs to be processed in order for the pages to be displayed in your browser. More information about the browser your device is using is also processed.

In terms of data protection, we are also committed to ensuring the confidentiality and integrity of personal data processed using our IT systems.

The data is also used to detect and correct errors on our website.

For this purpose and based on a balance of interests, the following data is logged for a maximum of 14 days:

  • IP address of the querying computer
  • Operating system of the querying computer
  • Browser version of the querying computer
  • Name of the file retrieved
  • The date and time of retrieval
  • Volume of data transferred
  • Referring URL

The log files containing the aforementioned data are deleted from all systems used in connection with operating this website after 3 months.

This data is not merged with other data sources.

These data are collected on the basis of Article 6 para. (1) (f) DSGVO. The website operator has a legitimate interest in the technically error-free presentation and optimisation of his website.

Newsletter Data

If you would like to receive the newsletter offered on the website, we need an e-mail address from you, which allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. The contact details your provide in our newsletter subscription form are saved for selecting newsletter recipients according to topic, and in our CRM system (Sales Force), for the purpose of communicating with you when you show an interest in our services.

To ensure that the newsletter is sent with your consent, we use what is known as the double opt-in procedure. The course of the double opt-in procedure allows the potential recipient to be included in a mailing list. Subsequently, the user receives a confirmation email with the option of confirming their subscription in a legally certain manner. Only when the user does so, is the address included in the mailing list as an active address.

We use this data exclusively for the purpose of delivering the requested information and offerings.

We use the newsletter software Newsletter2Go. Your data is transmitted to Newsletter2Go GmbH as part of the newsletter mailing procedure. Newsletter2Go is prohibited from selling your data and using it for purposes other than sending out our newsletter. Newsletter2Go is a certified German service provider selected according to the requirements of the General Data Protection Regulation and the Federal Data Protection Act.

You can find more information on this topic here:

You can revoke the consent you have given us to your data, email address and the use of the same being stored for sending out the newsletter at any time, for example, by clicking on the “Unsubscribe” link in the newsletter.

Lead Forensics

The Lead Forensics software tool of Lead Forensics, Building 3000, Lakeside, North Harbour, Portsmouth, PO6 3EN, UK, is active on our website. This software doesn’t use cookies, it only collects the IP address when you visit our website. This IP address is then transmitted to Lead Forensics, where it is compared with their own databases. As soon as the data matching has taken place, the IP address is anonymised by Lead Forensics.

After such a data match, we receive from Lead Forensics the information regarding the company from their database that could be assigned to the IP address in question. This way we know which company was interested in our products and services.

Our legitimate interest lies in the data processing described above. Accordingly, the data processing is governed by Art. 6 para. (1) f GDPR justified.

LinkedIn Insight Tag

This website uses the “LinkedIn Insight Tag”, an analysis and tracking tool of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

The LinkedIn Insight tag enables the collection of data about visits to this website, including URL, referrer URL, IP address, device and browser characteristics, timestamps, and page views. This data is encrypted, anonymised within seven days and the anonymised data is deleted within 90 days.

LinkedIn does not share any personally identifiable information with the owner of this website, but only provides aggregate reports on website audience and ad performance.

LinkedIn also provides retargeting for website visitors so that the owner of that website can use this data to display targeted advertising outside of their website without identifying the member.

The purpose of the data collection is to analyse visits to our website and campaign results in order to provide you with interesting information. The legal basis for the processing of personal data is Art. 6 (1) (f) DSGVO.

LinkedIn members can control the use of their personal data for advertising purposes in their account settings.

For more information about privacy on LinkedIn, please see LinkedIn‘s privacy policy.


We use Leadsbridge to enable registration for webinars to take place directly in LinkedIn. This simplifies the registration process for prospects. XimantiX can thus make its range of webinars around document exchange more easily accessible. The legal basis for this is Art. 6 (1) f) DSGVO.

“Leadsbridge” is a service provided by a US provider. Processing of personal data thus takes place in a third country.
We have concluded a contractual processing agreement with the provider of “Leadsbridge”, which complies with the requirements of Art. 28 DSGVO and includes the EU standard contractual clause.

Privacy statement concerning the use of Google Analytics

If you have given your consent, this website uses Google Analytics, a web analytics service provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Use also includes the operating mode “Universal Analytics”. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and by doing so analyse the activities of a user across devices.

Google Analytics uses what are known ‘cookies’, which are small text files that are stored on your computer that facilitate the analysis of how you use our website. The information that the cookie generates on how you use our website is usually transferred to a Google server in the USA and stored there. . If IP anonymisation is enabled on this website your IP address will be truncated by Google, if it is located within the member states of the European Union or other parties to the agreement on the European Economic Area. We would like to point out that on this website Google Analytics has been extended by IP-anonymisation in order to guarantee an anonymised collection of IP-addresses (so-called IP-Masking).

As a part of the Google Analytics service, the IP address transferred by your browser is not merged with other data from Google. Further information on terms of use and data protection can be found at or

Purpose of the processing

Google uses this information to evaluate how you use this website on behalf of its operator, in order to compile reports on website activity to provide the website operator with website and internet-related services. Our legitimate interest in processing the data lies in these purposes.

Legal basis

The legal basis for the use of Google Analytics is your consent in accordance Art. 6 para. (1) a DSGVO.

Recipients / categories of recipients

The recipient of the collected data is Google.

Storage period

The data we send which is linked to cookies, user IDs or advertising IDs is automatically deleted after 14 months. Data for which the retention period has been reached is deleted automatically once a month.

Rights of data subjects

You can revoke your consent at any time with effect for the future through the Cookie Management Panel; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
<!– Sie können darüber hinaus die Erfassung der durch das Cookie erzeugten und auf Ihre Nutzung der Website bezogenen Daten (inkl. Ihrer IP-Adresse) an Google sowie die Verarbeitung dieser Daten durch Google verhindern, indem Sie das Browser-Add-on herunterladen und installieren. Opt-Out-Cookies verhindern die zukünftige Erfassung Ihrer Daten beim Besuch dieser Website.
To prevent Universal Analytics capture across multiple devices, you must opt-out on all systems in use by denying the cookie consent through the Cookie Management Panel on each device and browser you use.

This data protection notice was supplemented on the basis of

Datenschutzhinweise für die Nutzung von Google Web Fonts:

Diese Seite nutzt zur einheitlichen Darstellung von Schriftarten so genannte Web Fonts, die von Google bereitgestellt werden. Beim Aufruf einer Seite lädt Ihr Browser die benötigten Web Fonts in ihren Browsercache, um Texte und Schriftarten korrekt anzuzeigen. Wenn Ihr Browser Web Fonts nicht unterstützt, wird eine Standardschrift von Ihrem Computer genutzt.

Weitere Informationen zu Google Web Fonts finden Sie unter und in den Datenschutzhinweisen von Google:

Datenschutzhinweise für die Nutzung von YouTube

Beim Besuch unserer Webseite bzw. im Rahmen eines Newsletters oder einer E-Mail-Kommunikation kann unser YouTube Kanal besucht werden.

Betreiber der Seiten ist die Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Irland. Wenn Sie eine unserer mit einem YouTube-Plugin ausgestatteten Seiten besuchen, wird eine Verbindung zu den Servern von YouTube hergestellt. Dabei wird dem Youtube-Server mitgeteilt, welche unserer Seiten Sie besucht haben.

Wenn Sie in Ihrem YouTube-Account eingeloggt sind ermöglichen Sie YouTube, Ihr Surfverhalten direkt Ihrem persönlichen Profil zuzuordnen. Dies können Sie verhindern, indem Sie sich aus Ihrem YouTube-Account ausloggen.

Weitere Informationen zum Umgang von Nutzerdaten finden Sie in den Datenschutzhinweisen von YouTube unter:


Privacy policy for online meetings, conference calls and webinars via “Zoom”

We would like to inform you in the following about the processing of personal data in connection with the use of “Zoom”.

Purpose of processing

We use the “Zoom” tool to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter: “Online Meetings”). “Zoom” is a service of Zoom Video Communications, Inc. which is based in the USA.


Responsible for data processing, which is in direct connection with the execution of “online meetings”, is the Ximantix Software GmbH.

Note: If you access the “Zoom” website, the provider of “Zoom” is responsible for data processing. However, it is only necessary to call up the website to use “Zoom” in order to download the software for using “Zoom”.

You can also use “Zoom” by entering the respective meeting ID and, if necessary, additional access data for the meeting directly in the “Zoom” app.

If you do not want to or cannot use the “Zoom” app, the basic functions can also be used via a browser version, which you can also find on the “Zoom” website.

Which data are processed?

When using “Zoom”, different types of data are processed. The scope of the data also depends on what information you provide before or during participation in an “online meeting”.

The following personal data are subject to processing:

User information: first name, last name, phone (optional), e-mail address, password (if Single-Sign-On is not used), profile picture (optional), department (optional)

Meeting metadata: Topic, description (optional), participant IP addresses, device/hardware information

For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of online meeting chat.

When dialling in by phone: information on incoming and outgoing telephone number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be saved.

Text, audio and video data: You may be able to use the chat, question or survey functions in an “online meeting”. In this respect, the text entries you make are processed in order to display them in the “online meeting” and, if necessary, to log them. To enable the display of video and the playback of audio, the data from the microphone of your end device and from any video camera on the end device are processed for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time using the “Zoom” applications.

In order to participate in an “online meeting” or enter the “meeting room”, you must at least provide information about your name.

Scope of processing

We use “zoom” to carry out “online meetings”. If we want to record “online meetings”, we will inform you transparently in advance and – if necessary – ask for your consent. The fact of the recording is also displayed in the “Zoom” app.

If necessary for the purposes of logging the results of an online meeting, we will log the chat content. However, this will usually not be the case.

In the case of webinars, we can also process the questions asked by webinar participants for the purposes of recording and follow-up of webinars.

If you are registered as a user at “Zoom”, reports on “online meetings” (meeting metadata, phone dial-in data, questions and answers in webinars, survey function in webinars) can be stored for up to one month at “Zoom”.

Automated decision-making within the meaning of Art. 22 DSGVO is not used.

Legal basis of data processing

As far as personal data of employees of Ximantix Software GmbH are processed, § 26 BDSG is the legal basis of the data processing. If, in connection with the use of “Zoom”, personal data are not required for the establishment, execution or termination of the employment relationship, but are nevertheless an elementary component of the use of “Zoom”, Art. 6 para. (1) f) DSGVO the legal basis for the data processing. In these cases we are interested in the effective implementation of “online meetings”.

Moreover, the legal basis for the processing of data during “online meetings” is Article 6 para. (1) b) DSGVO, insofar as the meetings are held within the framework of contractual relationships.

In the absence of a contractual relationship, the legal basis is Article 6 para. (1) f) DSGVO. In this context we are also interested in the effective implementation of “online meetings”.

Recipient / transfer of data

Personal data that is processed in connection with participation in “online meetings” is generally not passed on to third parties unless it is specifically intended to be passed on. Please note that content of “online meetings” as well as personal meetings often serves precisely to communicate information with customers, interested parties or third parties and is therefore intended for disclosure.

Other recipients: The provider of “Zoom” necessarily obtains knowledge of the above-mentioned data to the extent that this is provided for in our contract processing agreement with “Zoom”.

Data processing outside of the European Union

“Zoom” is a service provided by a provider from the USA. Personal data is therefore also processed in a third country. We have concluded an order processing contract with the provider of “Zoom” which meets the requirements of Art. 28 DSGVO and includes the EU standard contract clause.

Right to appeal to a competent supervisory authority

In the event of violations of data protection law, the data subject has the right of appeal to a competent supervisory authority. The competent supervisory authority in matters of data protection law is the state data protection officer in the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following link:

Right to information, deletion, blocking

You have the right to receive information free of charge at any time about your stored personal data, its origin and recipients and the purpose of data processing, as well as the right to correct, block or delete this data. You can contact us at any time at the address given in the imprint for this and other questions on the subject of personal data.

Links to other web sites

Our websites may contain links to other websites. XimantiX Software GmbH is not responsible for the privacy policies or contents of these other websites.

Data Protection Officer

In case you have questions or concerns regarding the protection of your personal data, please contact our Data Protection Officer