At Hive Capital GmbH, we take the protection of your personal data very seriously. This Privacy Policy explains, in a clear and transparent way, how we collect, use, and protect your personal data when you visit our website or contact us.

​

Personal data refers to any information relating to an identified or identifiable natural person, as defined under Article 4(1) of the General Data Protection Regulation (GDPR).

​

This policy applies exclusively to this website. We are not responsible for the privacy practices of third-party websites linked from our pages.

The entity responsible for data processing is:

​

Hive Capital GmbH
Konstanzer Str. 13
10707 Berlin, Germany
Email: info@hive-capital.com

​

The data controller determines the purposes and means of processing personal data.

a) Data you provide directly

When you contact us through the website or via email, you may provide:

• First name

• Last name

• Email address

• Company or organization

Any additional information included in your message

b) Data collected automatically

When you access our website, technical data is automatically collected, including:

• IP address

• Browser type and version

• Operating system

• Date and time of access

• Previously visited pages

• HTTP status code

This data is collected automatically in accordance with Art. 6(1)(f) GDPR to ensure the proper functioning and security of the website.

We process your data for the following purposes:

• To respond to your inquiries and requests

• To provide our services or pre-contractual information

• To ensure the proper functioning and security of the website

• To analyze usage and improve our website

Data processing on behalf of third parties: we have entered into a data processing agreement (DPA) for the use of the service mentioned above. This is a contract required under data protection legislation, which ensures that the service processes the personal data of our website visitors exclusively in accordance with our instructions and in compliance with the GDPR.

Depending on the context, we process your data based on:

• Consent (Art. 6(1)(a) GDPR)

• Contract or pre-contractual measures (Art. 6(1)(b) GDPR)

• Legal obligations (Art. 6(1)(c) GDPR)

• Legitimate interests (Art. 6(1)(f) GDPR)

If special categories of data are processed, this is based on Art. 9(2)(a) GDPR (explicit consent).

Where consent is given (e.g. cookies or forms), it can be withdrawn at any time.

Our website is hosted by GoDaddy, which processes technical data such as IP addresses and server logs. GoDaddy may use cookies and similar technologies necessary for:

• Website functionality

• Security

• Performance

The use of hosting services is based on Art. 6(1)(f) GDPR (legitimate interest in reliable website operation) and, where applicable, Art. 6(1)(a) GDPR (consent).

​

GoDaddy is certified under the EU–U.S. Data Privacy Framework, which provides a lawful basis for data transfers to the United States.

​

We have concluded a Data Processing Agreement (DPA) with our hosting provider

As our website is accessible globally, your data may be transferred outside the European Economic Area (EEA), including to the United States.

Such transfers are safeguarded through:

• Standard Contractual Clauses (SCCs)

• EU adequacy decisions

• EU–U.S. Data Privacy Framework

As part of our business activities, we work with various external parties. In such cases, it is sometimes necessary to transfer personal data to these external parties. We only transfer personal data to external parties if this is necessary for the performance of a contract, if we are legally obliged to do so (e.g. transfer of data to tax authorities), if we have a legitimate interest in the transfer pursuant to Article 6(1)(f) of the GDPR, or if another legal basis permits the transfer of data. Where we engage data processors, we only transfer our customers’ personal data on the basis of a valid data processing agreement. In the case of joint processing, a joint processing agreement is concluded.

Your personal data is stored only as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations.

​

If you request deletion or withdraw consent, your data will be deleted unless legal retention obligations apply.

You have the following rights under Articles 15–22 GDPR:

• Right of access

• Right to rectification

• Right to erasure

• Right to restriction of processing

• Right to data portability

• Right to object (Art. 21 GDPR)

• Right to withdraw consent

You also have the right to lodge a complaint with a supervisory authority.

​

Competent authority in Berlin:
Berlin Commissioner for Data Protection and Freedom of Information
Alt-Moabit 59-61, 10555 Berlin
Email: mailbox@datenschutz-berlin.de

If you are a resident of certain U.S. states (e.g. California), you have the right to:

• Know what personal data is collected

• Request deletion of your data

• Opt out of data sharing (we do not sell personal data)

• Receive equal service regardless of exercising your rights

Requests can be sent to: contact@hive-capital.com

We use appropriate technical and organizational measures, including:

• SSL/TLS encryption

• Secure hosting infrastructure

• Access restrictions

However, data transmission over the internet may have security gaps.

If you contact us via email or contact form, your data will be processed solely to handle your request

Legal basis:

• Art. 6(1)(b) GDPR (contract/pre-contract)

• Art. 6(1)(f) GDPR (legitimate interest)

• Art. 6(1)(a) GDPR (consent, if applicable)

​

Your data will be retained until your request is resolved or you request deletion.

In accordance with the applicable legal provisions, you have the right at any time to obtain, free of charge, information about your stored personal data, its origin and recipients, and the purpose of the data processing, and where applicable, the right to have this data rectified or erased. You may contact us at any time regarding this matter or with any further questions concerning personal data.

You have the right to request that the processing of your personal data be restricted. You may contact us at any time to do so. The right to restriction of processing applies in the following cases:

​

• If you dispute the accuracy of your personal data stored by us, we generally need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.

• If the processing of your personal data was or is unlawful, you may request the restriction of data processing instead of erasure.

• If we no longer require your personal data, but you require it to exercise, defend or assert legal claims, you have the right to request the restriction of the processing of your personal data instead of erasure.

• If you have lodged an objection under Article 21(1) of the GDPR, a balancing of interests between yours and ours must be carried out. Until it is determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

​

If you have restricted the processing of your personal data, such data – apart from its storage – may only be processed with your consent or for the purpose of establishing, exercising or defending legal claims, or to protect the rights of another natural or legal person, or for reasons of substantial public interest of the European Union or a Member State.

We expressly object to the use of our contact details for unsolicited advertising. Legal action may be taken in case of spam or misuse.

​

Right to object to data collection in specific cases and to direct marketing (Article 21 of the GDPR)

OBJECTION UNDER ARTICLE 21(1) OF THE GDPR:
Pursuant to Article 21(1) of the GDPR, you have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) or (f) of the GDPR; this also applies to profiling based on these provisions. If you exercise such a right to object, we ask you to state the reasons why we should not process your personal data in the manner we have been doing. In the event of your objection, we will examine the situation and either cease or adjust the data processing, or explain to you our compelling legitimate grounds on the basis of which we will continue the processing.

OBJECTION UNDER ART. 21(2) GDPR:
If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purposes of such marketing. This also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data
will subsequently no longer be used for the purposes of direct marketing.

We may update this Privacy Policy at any time to reflect legal or operational changes.