Privacy Policy
Status: February 2026
This Privacy Policy informs you how personal data is collected, processed and used when visiting our website.
1. Controller and Contact Person
Provider of the OpenSynergy web site www.opensynergy.com is OpenSynergy GmbH, Rotherstraße 20, 10245 Berlin, Germany (hereinafter referred to as "OpenSynergy" or "we"). OpenSynergy is responsible according to EU General Data Protection Regulation (GDPR) for the collection, processing and use of personal data of website´s visitors (hereinafter "you"). If you have any questions or suggestions regarding data protection, please do not hesitate to contact us. You are welcome to address your data protection concerns to us by e-mail at datenschutz(at)opensynergy.com. In addition, you always can contact our data protection officer by e-mail at the above stated address (keyword: "data protection officer").
We expressly point out that when using this e-mail address, the contents are not exclusively taken note of by our data protection officer. If you wish to exchange confidential information, we therefore ask that you first contact us directly via this e-mail address.
2. Data Processing when using our website
2.1 Visiting the site
Visiting our website is generally possible with only providing a minimum of personal data. Personal data is only collected if necessary for technical reasons for the use of our website or if you use certain functions or services offered on our website, such as contact form or newsletter registration.
The following data is automatically collected each time you access our website:
• IP address of the requesting device and geolocation;
• Address of the requested website and path of the requested file;
• If applicable, the previously accessed website/file (HTPP referrer);
• Information about the browser and operating system used;
• Version of the HTTP protocol, HTTP status code, size of the delivered file;
• Request information such as language, type of content, content coding, character sets;
• Cookies stored on the end device of the domain accessed.
Data processing of this information is necessary to enable you to visit the website and to ensure permanent operability, availability and security of our systems. For the purposes described above, access data is temporarily stored in internal log files in order to compile statistical data on the use of our website, to further develop our website with regard to the usage habits of our visitors (e.g. if the proportion of mobile devices used to access the pages increases) and for general administrative maintenance of our website.
Legal basis for this data processing is Art. 6 Para. 1 lit. b GDPR, insofar as the visit of our website occurs in the course of the initiation or execution of a contract, and otherwise Art. 6 Para. 1 lit. f DSGVO due to our legitimate interest in enabling the website visit as well as the permanent functionality and security of our website. Whereas the automatic transmission of the connection data and the log files developed from it do not constitute access to the information stored on the end device within the meaning of the implementation laws of the ePrivacy Directive of the EU member states, in Germany § 25 TDDDG. Otherwise, however, it would be absolutely necessary anyway.
The information stored in the log files do not allow any direct conclusion on your person - in particular, we only store IP addresses in truncated, anonymous form. Log files are stored for 7 days and archived after subsequent anonymization.
2.2 Newsletter
Y have the possibility to subscribe to our newsletter via our website. You can also subscribe by participating in a lottery organized by us, by visiting our webinars or by other means. With our newsletter we will inform you regularly about innovations regarding our technologies, products and solutions and their potential applications. When registering, we ask you to enter your name (optional) to be able to contact you and your e-mail address to be able to send you the newsletter. You also can provide further information voluntarily.
We use the so-called double opt-in option for subscription to our newsletter. We will only send you information by email if you confirm that you are the owner of the email address provided by clicking on a link in our notification email. If you confirm your e-mail address, we will store your e-mail address, the time of registration and the IP address assigned during registration until you unsubscribe from the newsletter. The aforementioned information on contact data and double-opt-in status will be stored by Wix.com LTD, Yunitsman 5 Tel Aviv, Israel. For the distribution of the newsletter we use our CRM, provided by salesforce.com Germany GmbH, Erika -Mann- Straße 31-37, 80636 Munich.
We store this information for the sole purpose of sending you the newsletter and to approve your registration. You can unsubscribe from the newsletter at any time. A corresponding link can be found in every e-mail. A message to the contact details stated above or in individual e-mails (e.g. by e-mail or letter) is sufficient to unsubscribe. Legal basis for data processing is your consent in accordance with Art. 6 Para. 1 lit. a GDPR. When unsubscribing from our newsletter list, we store a limited amount of your data for a period of 3 years in order to be able to prove that we have processed the data lawfully when a request of a data subject or authority arises.
2.3 Contact form
We offer you the opportunity to send us messages directly via contact form. Hereby it is necessary to enter your name, company and e-mail address where we can contact you. We process the data you provide in the contact form to answer your request. To properly process your inquiry, we may transfer data provided in the contact form to one of the regional sister companies or sales partners mentioned on the contact page, in case the sales company responsible for your region or the subject mentioned in the inquiry can answer your inquiry more appropriately. Legal basis of data processing is Art. 6 Para. 1 lit. b GDPR, insofar as your information is required to answer your enquiry or to initiate or execute a contract, and otherwise Art. 6 Para. 1 lit. f GDPR based on our legitimate interest in providing an answer to your inquiry. Data collected when using the contact form will be automatically deleted after processing your inquiry, unless we still need your request to fulfil contractual or legal obligations.
2.4 Application via the online form
You can apply for open vacancies by using our online form. The purpose of data processing is to select applicants for possible employment. We collect the following data for reception and processing of your application: First and last name, telephone number, job title, e-mail address, application documents (e.g. certificates, curriculum vitae, cover letter). Legal basis for processing of your application documents is art. 6 Para. 1 lit. b GDPR.
We store your personal data upon receipt of your application. If we accept your application and an employment relationship is established, we will store your data for as long as necessary for the employment relationship and as legal regulations provide obligation for retention. If we reject your application, we will store your applicant data for a maximum of six months after rejection of your application, unless you grant us consent to store the data for a longer period. If you have given us your separate consent, we will store the data you have submitted in your application in our applicant pool for additional twelve months after the end of the application process to identify any other vacancies of interest to you and to contact you again if necessary. The data will be deleted after this period. You can revoke this consent for the future at any time by sending us an e-mail to jobs(at)opensynergy.com.
We use the technical support of the Software of Personio for our application process. Personio is provided to us by Personio SE & Co. KG Seidlstraße 3, 80335 Munich. The data you submitted will be processed by Personio on our behalf for the purpose of carrying out and processing the application process. We have concluded a Data Processing Agreement with Personio according to the requirements of Art. 28 Para. 3 GDPR.
2.5 Download whitepaper
We offer you the opportunity to receive further technical documentation on our products by registering on our website to download our whitepaper. In this processing activity we need to process your contact data (e-mail address, name, information about your company) to automatically send the whitepaper to the e-mail address you have provided. The aforementioned information on contact data will be processed and stored by Wix.com LTD, Yunitsman 5 Tel Aviv, Israel, and - depending on the following communication - we may use our CRM, provided by salesforce.com Germany GmbH, Erika -Mann- Straße 31-37, 80636 Munich, for storage of you contact data. The legal basis for the processing is Art. 6 Para. 1 lit. b GDPR, as you enter into a contractual relationship with us through your request and provision of your data. Data collected when downloading the whitepaper will be automatically deleted after processing your request, unless we still need your request to fulfil contractual or legal obligations.
3. Cookies and Usage analysis
3.1 General use of cookies
When you visit and use our website, different cookies are installed. Cookies are small text files that are stored in the memory of your web browser and contain information that enable web servers to recognize you when you visit our website later. Cookies cannot execute programs or transfer viruses to your computer. The main purpose of our own cookies is rather to make the use of our services technically as time-saving and user-friendly as possible.
We use tools necessary for website operation on the basis of our legitimate interest pursuant to Art. 6 Para. 1 lit. f GDPR in order to provide the basic functions of our website. In certain cases, these tools may also be necessary for the performance of a contract or for the implementation of pre-contractual measures, in which case the processing is carried out in accordance with Art. 6 Para. 1 lit. b GDPR. Access to and storage of information in the end device is necessary in these cases and is carried out on the basis of the implementation laws of the ePrivacy Directive of the EU member states, in Germany according to § 25 Para. 2 TDDDG.
The deactivation of essential cookies is not offered.
You can prevent the storage of cookies on your terminal device at any time by changing the settings of your browser. However, we would like to point out that you cannot access all functions of this website without restrictions.
We use different types of cookies: So-called: “session cookies” contain an identification in the form of a so-called session ID and are automatically deleted when you close the browser. The session ID can be used to assign various requests from your browser to the shared session. The session cookies are deleted when you log out or if close the browser.
Permanent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. However, you can also delete the cookies prematurely at any time in the security settings of your browser.
3.2 Essential Cookies
Essential cookies enable basic functions and are necessary for the proper function of the website.
3.2.1 Usercentrics Cookie
Our website uses the Usercentrics for Wix cookie plugin called “uc_settings and/or ucString”, “uc_user_interaction“, “uc_ui_version“ and “uc_user_country“, provided by Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich, Germany, to manage and obtain your consent for the use of cookies on our website. Usercentrics cookie enables us to ask for your consent before placing non-essential cookies, such as those used for advertising and analytics purposes.
When you first visit our website, Usercentrics cookie will display a consent banner that allows you to manage your preferences for the use of cookies. Basically, we only store essential cookies on our website. Only if you provide consent to Marketing Cookies, YouTube embedded video services will be enabled and allow Google Analytics to use cookies to collect and process data based on your preferences. If you do not consent, no data collection by Google will happen accordingly.
When you decide in the consent banner to only accept essential cookies, records of your consent or rejection by creating a random user ID along with your consent data (consent ID, consent number, timestamp of the consent, opt-in or opt-out, banner language, customer setting, template version), device data (HTTP agent, HTTP referrer), IP address, and geolocation, will be stored for one year, locally on your device.
The banner will (re-)appear on subsequent visits to our website if you have deactivated the storage of cookies or the cookies or information in the local storage have been deleted or have expired.
This data processing is necessary in order to provide you with the legally required consent management and to comply with our documentation obligations. The legal basis is Art. 6 Para. 1 lit. f GDPR (although the cookie banner states Art. 6 Para. 1 lit. a GDPR), justified by our interest in fulfilling the legal requirements for consent management. Access to and storage of information in the end device is necessary in these cases and is carried out on the basis of the implementation laws of the ePrivacy Directive of the EU member states, in Germany according to § 25 Para. 2 TDDDG.
3.2.2 Wix essential cookies
◦ 'hs' (session): Security Cookie for Hive (legacy)
◦ 'server-session-bind' (session): Cookie for API protection
◦ 'client-session-bind' (session): Cookie for API protection
◦ 'SSR-caching' (24 hours): Performance cookie for rendering the services
◦ 'svSession' (12 months): Cookie for security, stability, and core site function
◦ 'XSRF-TOKEN' (session): Cookie for fraud detection of calls
◦ 'fedops.logger.sessionId' (session): Tracking session errors and issues (resilience)
The above-mentioned cookies process information on your IP address, browser information, referrer URL, internet service provider, operating system, device identifiers, usage data, click path, websites visited, screen resolution, timestamp, and geolocation. Legal basis for the processing of your data is Art. 6 Para. 1 lit. f GDPR (although the cookie banner states Art. 6 Para. 1 lit. a GDPR). Access to and storage of information in the end device then takes place on the basis of the implementation laws of the ePrivacy Directive of the EU member states, in Germany according to § 25 Para. 1 TDDDG.
3.3 External media
Our website may contain links to the websites and online offers of other providers not affiliated with us. If you use these links, we naturally have no influence on which data is collected by respective providers and which data is collected by them. You will find detailed information on the collection and use of data in the privacy policy of the respective provider. Since the collection and processing of data by third parties is beyond our control, we do not accept any responsibility for this. Legal basis for data processing in connection with the external cookies is your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke your consent by clicking on Cookie Preferences in the bottom left corner of our website and changing the corresponding selection.
3.3.1 Integration of Vimeo videos
We have integrated YouTube videos on our website that are stored on the YouTube platform and can be viewed directly from our website. YouTube is a video player service provided by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("YouTube"). For the purpose of displaying our product video(s), YouTube retrieves information from your end device, and uses cookies, which are stored on your end device. YouTube therefore processes the following data: device information, Ip address, referrer URL and which videos you have viewed, irrespective of whether you have logged in your YouTube account or not. .
YouTube sets the following cookies:
◦ ‘YEC’ (13 months): storage of visitors’ video player preferences using embedded YouTube video
◦ ‘CONSENT’ (2 years): storage of visitors’ choice to accept the marketing category in the cookie banner
◦ ‘DEVICE_INFO’ (>6 months): tracking of visitors’ interaction with embedded content
◦ ‘remote_sid’ (session): implementation and functionality of YouTube video content on the website
◦ ‘test_cookie’ (1 day): test for cookie setting permissions in visitor's browser
◦ ‘VISITOR_INFO1_LIVE’ (<6 months): measure the visitors’ bandwidth to determine whether they get the new or old player interface
◦ ‘YSC‘ (session): functionality on YouTube video services on pages with embedded YouTube videos
◦ ‘PREF‘ (8 months): store information such as preferred page configuration and playback settings
◦ ‘pm_sess‘ (30 minutes): to maintain visitors’ browsing session
◦ ‘CGIC‘ (<6 months): search results by auto-completing search queries based on a visitors’ initial input
◦ ‘UULE‘ (360 minutes): to determine visitors’ geolocation
◦ ‘_Secure-YEC‘ (13 months): storage of visitors’ video player preferences using embedded YouTube videos
Legal basis for integration is your consent which you may have given for data processing pursuant to Art. 6 Para. 1 lit a DSGVO. The access to and storage of information in the terminal device is carried out based on the implementation laws of the ePrivacy Directive of the EU member states, in Germany according to § 25 Para. 1 TDDDG. Without your consent, there is no connection to the YouTube servers. You can revoke your consent at any time or adjust your selection in our Cookie Preferences in the bottom left corner of our website. Please refer to the section “Data transfer to third countries” of this Privacy Policy, for the risks associated with data transfer to third countries.
YouTube may use this data for purposes of advertising, market research, and the design of its websites to meet your needs. If you watch videos on our website while you are logged in to your Vimeo profile, Vimeo can also link this event to your Vimeo profile. If you do not want this association to occur, you will need to log out of Vimeo before accessing our website. For more information, please refer to the YouTube privacy policy (https://policies.google.com/privacy) and their cookie policy (https://policies.google.com/technologies/cookies?hl=en).
4. Online presence in social networks
We maintain various online presences in social networks in order to communicate with interested parties and to inform them about our products and services.
User data is generally processed by the social networks concerned for market research and advertising purposes. This allows user profiles to be created based on the interests of the users. Cookies and other identifiers are stored on the computers of the data subjects for this purpose. Based on these user profiles, advertisements are then placed within the social networks and on third-party websites, for example.
As part of the operation of our online presences, we may have access to information such as statistics on the use of our online presences provided by the social networks. These statistics are aggregated – meaning that this information cannot be related to individuals – and may contain, in particular, demographic information (e.g. age, gender, region, country) as well as data on interaction with our online presence (e.g. likes, subscriptions, sharing, viewing images and videos) and the posts and content distributed via it. This may also provide information about the interests of users and which content and topics are particularly relevant to them. This information can also be used by us to adapt the design and our activities and content on the online presence and to optimize it for our audience.
If you have an account with the social network, it is possible that we can see your publicly available information and media when we access your profile. In addition, the social network may allow us to contact you. This can take place, for example, via direct messages or posted contributions. The content of communication via the social network and the processing of content data is the responsibility of the social network as a messenger and platform service.
As soon as we transfer personal data from you to our own systems or process it further (by way of an application, for example), we are independently responsible and this is done to carry out pre-contractual measures and to fulfill a contract in accordance with Art. 6 Para. 1 lit. b GDPR.
The legal basis for the data processing carried out by the social networks on their own responsibility can be found in the data protection information of the respective social network. The links below will also provide you with further information on the respective data processing and the options to object:
• LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland (“LinkedIn”)
◦ Operation of the LinkedIn company page under joint responsibility on the basis of an agreement on the joint processing of personal data (so-called Page Insights Joint Controller Addendum): https://legal.linkedin.com/pages-joint-controller-addendum
◦ Information on the Page Insights data processed and how to contact us in the event of data protection inquiries: https://legal.linkedin.com/pages-joint-controller-addendum
◦ Privacy policy: https://www.linkedin.com/legal/privacy-policy
◦ Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
◦ With regard to the subscription to our newsletter via LinkedIn Ads: see sect. 2.2 of this privacy notice.
• Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Irland (“X”)
◦ Privacy policy: https://twitter.com/de/privacy
◦ Opt-Out: https://twitter.com/personalization.
• Vimeo is a service offered by Vimeo Inc. 555 West 18th Street, New York 10011, USA (“Vimeo”) where we host videos about our products and services
◦ Privacy policy: https://vimeo.com/legal/privacy/policy
◦ Opt-Out: n./a.
5. Disclosure of data
A transfer of the data collected by us will only occur if:
• you have given your explicit consent in accordance with Art. 6 Para. 1 lit. a GDPR,
• the disclosure pursuant to Art. 6 Para. 1 lit. f GDPR is necessary for the assertion, execution or defense of legal claims and there is no reason to assume that an overriding interest worthy of protection in not disclosing the data persists,
• we are legally obliged to transfer data in accordance with Art. 6 Para. 1 lit. c GDPR or
• it is legally permissible and, according to Art. 6 Para. 1 lit. b GDPR, necessary for the processing of contractual relationships with you or for the implementation of pre-contractual measures which are carried out at your request.
Parts of data processing described in this data protection declaration may be carried out by our service providers. In addition to service providers mentioned in this data protection declaration, in particular computer centers that store our website and databases, IT service providers maintaining our systems, and consulting companies. If we transfer data to our service providers, they use the data exclusively for the fulfilment of their tasks. The service providers have been carefully selected and commissioned by us. They are contractually bound by our instructions, have suitable technical and organizational measures in place to protect the rights of persons concerned, guarantee an appropriate level of data protection and are carefully monitored by us. In addition, data may be transferred in connection with official inquiries, court orders and legal proceedings if necessary for legal prosecution or enforcement.
6. Data transfer to third-party countries
As explained in this privacy policy, we use services whose providers are partly located in so-called third-party countries, i.e. countries whose level of data protection does not correspond to that of the European Union. Where this is the case and the European Commission has not issued an adequacy decision (Art. 45 GDPR) for these countries, we have taken appropriate precautions to ensure an adequate level of data protection for any data transfers. These include, among others, the standard contractual clauses of the European Union or binding internal data protection regulations.
Where this is not possible, we base the transfer of data on exceptions to Art. 49 DSGVO, in particular your express consent or the necessity of the transfer for the performance of the contract. If a third country transfer is provided and no adequacy decision or appropriate safeguards are in place, it is possible and there is a risk that authorities in the respective third country (e.g. intelligence services) may gain access to the transferred data in order to collect and analyze it and that enforceability of your data subject rights cannot be guaranteed. When obtaining your consent via the consent banner, you will also be informed of this.