HALIBLU Logo

Privacy Policy for our SaaS Solution “HALIBLU”

1. Data Controller

The entity responsible for processing your personal data within the scope of using our SaaS solution “HALIBLU” is:

Haliblu GmbH Goetenkamp 30 22927 Grosshansdorf Phone: +49 40 734491430

Email: info@haliblu.com

2. Data Collected

When using our SaaS solution “HALIBLU,” we collect and process the following types of personal data:

  • Account Information: Name, email address, phone number, company information.
  • Usage Data: IP address, login data, software features used, timestamps.
  • Technical Data: Browser type, operating system, log files.
  • Content Data: Data you enter or upload into the SaaS solution.

3. Purposes of Data Processing

We collect and process your data for the following purposes:

  • Management of diving schools and diving centers.
  • Provision and operation of the SaaS solution.
  • Administration of your user account.
  • Optimization and further development of our SaaS solution.
  • Ensuring the security and stability of the SaaS platform.
  • Compliance with legal obligations.

The processing of your personal data is based on the following legal grounds:

  • Article 6(1)(b) GDPR: Necessity for the performance of a contract.
  • Article 6(1)(c) GDPR: Compliance with legal obligations.
  • Article 6(1)(f) GDPR: Legitimate interests (e.g., IT security and software improvement).

5. Data Sharing

Your personal data will generally not be shared with third parties, unless:

  • You have expressly consented.
  • It is legally required.
  • Data is shared with service providers (e.g., hosting providers) acting on our behalf and contractually obligated to comply with data protection regulations.

Hosting by

Hetzner Online GmbH Industriestr. 25 91710 Gunzenhausen Deutschland https://www.hetzner.com

Our SaaS solution is hosted by Hetzner. Hetzner is subject to GDPR and has been contractually bound by us to comply with applicable data protection regulations.

6. Retention Period

We retain your personal data only as long as necessary to fulfill the purposes mentioned above or as required by statutory retention periods. After these periods expire, the data will be deleted.

7. Your Rights

You have the following rights regarding your personal data:

  • Right of Access (Article 15 GDPR): Obtain information about the data we process about you.
  • Right to Rectification (Article 16 GDPR): Correct inaccurate or incomplete data.
  • Right to Erasure (Article 17 GDPR): Request deletion of your data, provided no legal obligations prevent this.
  • Right to Restriction of Processing (Article 18 GDPR): Restrict processing under certain conditions.
  • Right to Data Portability (Article 20 GDPR): Receive your data in a commonly used format.
  • Right to Object (Article 21 GDPR): Object to processing based on legitimate interests.

To exercise your rights, please contact us using the contact details above.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data from loss, misuse, and unauthorized access. These include encryption technologies and access restrictions.

9. Changes to the Privacy Policy

We reserve the right to update this privacy policy as necessary to reflect changes in legal, technical, or business conditions. The latest version will always be available on our website.

10. Contact for Privacy Questions

If you have any questions regarding the processing of your personal data or wish to exercise your rights, you can contact us using the contact details above.

This privacy policy was last updated on 2025-Jan-30