Privacy Policy

1. Controller & Contact

The controller pursuant to Art. 4(7) GDPR is Build.One GmbH, Friedrichstr. 15, 70174 Stuttgart, Germany. Tel.: +49 711 9253920, E-Mail: info@build.one. For privacy enquiries contact datenschutz@build.one.

2. Scope of Processing

This policy covers the build.one website, marketing communications, customer enquiries, webinars, events, and recruiting. We process identification data (name, contact details, company), usage and device data, contract data, and application data as required for providing services, responding to enquiries, delivering webinars, measuring reach, and managing recruiting workflows.

Legal bases: Art. 6(1)(b) GDPR (performance of contract), Art. 6(1)(f) GDPR (legitimate interests such as secure operations, product improvement, marketing analytics), Art. 6(1)(c) GDPR (statutory obligations), and Art. 6(1)(a) GDPR for consent-based processing (e.g., newsletter, cookies, tracking).

3. Cookies & Tracking

This marketing site intentionally ships with no cookies, pixels, fingerprinting scripts, or consent banners. Pages are static and only load the assets required to render the UI. If essential cookies become necessary—such as for secure demos—we will disclose them in advance and keep them disabled until you opt in.

To render brand and technology logos we make a small number of direct requests to third-party CDNs when you visit the relevant sections. These requests are required for the page to display correctly and are triggered automatically when the component loads, without additional consent management. Each call transmits the usual HTTP metadata (including IP address, device and browser identifiers, referrer, and timestamp) to the respective provider.

• jsDelivr CDN (Fastly Inc., USA): serves static SVG icons for technology stacks. Transfer is based on Art. 6(1)(f) GDPR (legitimate interest in performant asset delivery) combined with EU Standard Contractual Clauses for data export.
• GitHub, Inc. (USA): provides the public Build.One MCP avatar image hosted on githubusercontent.com under Art. 6(1)(f) GDPR. GitHub participates in the EU-U.S. Data Privacy Framework.
• PrimeVue CDN (PrimeTek Informatics, served via Cloudflare CDN): delivers the PrimeVue partner logo. Processing relies on Art. 6(1)(f) GDPR with cross-border transfers protected through Standard Contractual Clauses.

4. Processors & International Transfers

This landing page is delivered from EU-based hosting and CDN infrastructure and does not embed HR, CRM, analytics, or marketing automation tools. The only external processors currently engaged are the static asset CDNs listed in Section 3, which we use to keep page weight low and brand imagery up to date. Should future experiences (for example, gated demos or recruiting forms) require additional processors, they will be disclosed in product flows and documented here before activation.

Where partners operate outside the EU/EEA, Build.One relies on EU Standard Contractual Clauses, adequacy decisions (such as the EU-U.S. Data Privacy Framework), and case-by-case risk assessments pursuant to Art. 44 et seq. GDPR to ensure appropriate safeguards.

5. Storage & Deletion

Personal data is retained only as long as necessary for the respective purpose. Once contractual and statutory retention periods (e.g., in accordance with HGB or AO) expire, the data is deleted or anonymised. Applicant data is erased after conclusion of the recruitment process unless statutory retention or explicit consent requires a longer period.

6. Your Rights

• Access, rectification, erasure, restriction, and data portability (Art. 15–20 GDPR).
• Withdrawal of consent and objection to processing carried out under Art. 6(1)(e) or 6(1)(f) GDPR, including profiling.
• Right to lodge a complaint with a supervisory authority.

Please direct requests to datenschutz@build.one.

7. Third-Party Links

External websites accessible via build.one links operate under their own privacy policies. Review third-party notices before submitting personal information.