en | de

Privacy Policy

1. Data Controller

Data controller pursuant to Art. 4 No. 7 GDPR:

Edventure Capital GmbH

Robert-von-Haug-Straße 10

85221 Dachau

Germany

Represented by: Edmund Frey, Managing Director

E-mail: datenschutz@edventure-capital.com

2. General Information

Protecting your personal data is important to us. We treat your personal data confidentially and in accordance with the statutory data protection regulations (GDPR, TTDSG) and this Privacy Policy.

This statement explains which data we collect, how we use it, and what rights you have in relation to your data.

Children’s Privacy

Our website and community services are not directed at children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have inadvertently collected such data, we will delete it without delay.

3. Data Collection on Our Website

a) Hosting and Technical Infrastructure

Our website is hosted by an external service provider (web host). Personal data collected through this website are processed on the host’s servers to ensure secure and efficient website operation. The hosting provider processes data such as server logs, IP addresses, form submissions, and consent records.

Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in reliable and secure website provision).

A data processing agreement pursuant to Art. 28 GDPR has been concluded with the hosting provider.

b) Server Log Files

When you visit our website, the provider automatically collects and stores data in so-called server log files. The following data are recorded:

• Browser type and version

• Operating system used

• Referrer URL

• Host name of the accessing computer

• Time of the server request

• IP address

These data are not merged with other data sources.

Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in secure website operation).

Log data are deleted after no more than seven days.

c) Cookies and Consent Management

Our website uses cookies. Technically necessary cookies are required for operation. All other cookies (e.g. analytics or marketing cookies) are stored only after we obtain your consent.

We use the Cookiebot consent management system to obtain and record user consents. The following data are processed: consent ID, timestamp, user preferences, and device information. These data are stored to meet legal documentation requirements (Art. 7 (1) GDPR) and are automatically deleted after 12 months.

Legal bases:

• Art. 6 (1) (c) GDPR in conjunction with Art. 7 GDPR

• § 25 (1) TTDSG (German Telecommunications-Telemedia Data Protection Act)

You may withdraw your consent at any time via the cookie symbol displayed on the website.

d) Contact Form and E-mail Contact

If you contact us via a form or by e-mail, the information you provide will be stored for the purpose of processing your inquiry and any follow-up questions.

Legal bases:

• Art. 6 (1) (b) GDPR (pre-contractual or contractual measures)

• Art. 6 (1) (f) GDPR (legitimate interest in effective communication)

Your data will be deleted once your inquiry has been fully processed.

4. Newsletter

If you subscribe to our newsletter, we store your e-mail address and, optionally, your name.

Registration takes place using a double opt-in process. Your consent is recorded in accordance with Art. 7 (1) GDPR.

Legal basis: Art. 6 (1) (a) GDPR (consent).

You can revoke your consent at any time via the unsubscribe link included in each newsletter.

5. Web Analytics and Marketing Tools

a) Google Analytics 4

This website uses Google Analytics 4, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses cookies to analyze website usage. IP anonymization is enabled, ensuring that your IP address is truncated within the EU before transmission.

Legal basis: your consent under Art. 6 (1) (a) GDPR in conjunction with § 25 (1) TTDSG.

Data transfers to the USA are based on the EU Standard Contractual Clauses (SCCs) pursuant to Art. 46 GDPR.

Further information: https://policies.google.com/privacy

b) HubSpot

We use HubSpot (HubSpot Inc., 25 First Street, Cambridge, MA 02141, USA; HubSpot Ireland Ltd., Dublin). HubSpot supports our marketing, CRM, form management, and analytics activities.

Data processed may include your name, e-mail address, IP address, page views, and interactions.

Legal basis: consent (Art. 6 (1) (a) GDPR).

Data transfer to the USA takes place under the EU Standard Contractual Clauses (Art. 46 GDPR).

More information: https://legal.hubspot.com/privacy-policy

c) LinkedIn Insight Tag

Our website uses the LinkedIn Insight Tag from LinkedIn Ireland Unlimited Company, Wilton Plaza, Dublin 2, Ireland, for campaign analytics and optimization.

LinkedIn collects data such as URL, referrer, IP address, device and browser characteristics.

Legal basis: consent under Art. 6 (1) (a) GDPR.

Transfers to the USA are based on Standard Contractual Clauses (Art. 46 GDPR).

More information: https://www.linkedin.com/legal/privacy-policy

d) YouTube

Our website embeds videos hosted by YouTube, a service of Google LLC (USA). A connection to YouTube’s servers is established only after you give consent.

Legal basis: Art. 6 (1) (a) GDPR and § 25 (1) TTDSG (consent).

Data transfers to the USA are based on Standard Contractual Clauses (Art. 46 GDPR).

e) Meta (Facebook / Instagram)

Our website may integrate social media plugins from Meta Platforms Ireland Ltd. When activated, a connection to Meta’s servers is established.

Legal basis: consent under Art. 6 (1) (a) GDPR. Meta and we are joint controllers pursuant to Art. 26 GDPR.

Details: https://www.facebook.com/legal/controller_addendum

f) Cross-Domain Analytics and Subdomains

When you access our community subdomain (e.g. community.crocommunity.com) or event registration pages, analytics and tracking tools such as HubSpot, LinkedIn Insight, or Google Analytics 4 may also operate across those domains. The same consent settings apply to all domains and can be changed at any time via the consent preferences centre.

6. Use of the Community Platform “Circle”

We operate our closed community via the online platform Circle.so, provided by Circle Labs Inc., 228 Park Ave S, PMB 62382, New York, NY 10003-1502, USA. The Circle platform is accessible both via web browser (e.g. community.crocommunity.com or app.circle.so) and through the Circle mobile applications available in the Apple App Store and Google Play Store. Both versions use the same infrastructure and data-processing framework provided by Circle Labs Inc. and are covered by the same data-protection safeguards described below.

Circle enables an interactive community with member profiles, posts, comments, messages, and events. The following personal data are processed:

• First and last name, e-mail address

• Profile picture and optional profile information

• Communication content (posts, messages, comments)

• Technical data (IP address, device type, browser, timestamp)

Processing is carried out for the purpose of providing the community platform and fulfilling the user agreement pursuant to Art. 6 (1) (b) GDPR, and based on our legitimate interest in maintaining a functional online community under Art. 6 (1) (f) GDPR.

Circle Labs Inc. acts as our data processor under Art. 28 GDPR. An appropriate level of data protection is ensured through EU Standard Contractual Clauses (SCCs). Further information: https://app.circle.so/privacy.

Data are stored on servers located in the USA. Transfers to the USA occur solely on the basis of the Standard Contractual Clauses (Art. 46 GDPR) and your consent when registering on Circle. To delete your user account, please contact us at datenschutz@edventure-capital.com.

7. Automated Decision-Making / Profiling

We do not use automated decision-making including profiling within the meaning of Art. 22 GDPR that produces legal effects concerning you or similarly significantly affects you.

8. Data Security and Encryption

For security reasons and to protect the transmission of confidential content, this website uses SSL/TLS encryption. You can recognize an encrypted connection by the “https://” prefix and the padlock symbol in your browser’s address bar. When SSL/TLS encryption is activated, data you transmit to us cannot be read by third parties.

9. Data Transfers to Third Countries

If personal data are transferred to countries outside the EU / EEA, this occurs only if the European Commission has confirmed an adequate level of protection, or the transfer is based on Standard Contractual Clauses (Art. 46 GDPR), or you have given your explicit consent (Art. 49 (1) (a) GDPR).

10. Rights of Data Subjects

Under Art. 15 et seq. GDPR, you have the following rights:

• Access to your stored data

• Rectification of inaccurate data

• Erasure (“right to be forgotten”)

• Restriction of processing

• Data portability

• Objection to processing (Art. 21 GDPR)

• Withdrawal of previously granted consent (Art. 7 (3) GDPR)

To exercise your rights, please contact datenschutz@edventure-capital.com.

11. Right to Lodge a Complaint

You have the right to lodge a complaint with the competent supervisory authority:

Bavarian State Office for Data Protection Supervision (BayLDA)

Promenade 18, 91522 Ansbach, Germany

Website: https://www.lda.bayern.de

12. Data Retention Period

Personal data are stored only as long as necessary for the stated purposes or as required by statutory retention obligations.

13. Objection to Unsolicited E-mails

We hereby object to the use of the contact details published in our legal notice for sending unsolicited advertising or informational materials. We reserve the right to take legal action in the event of unsolicited advertising, such as spam e-mails.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or business developments. The current version is indicated by the “Last updated” date below.

Last updated: 09 November 2025