top of page

Privacy Policy

for the web offers of the CBA Synergy GmbH


The provider takes the protection of your personal data very seriously. He treats the personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.


Public area and contact form

The free and freely accessible content of the provider's website has been created with the greatest possible care. However, the provider of these web offers does not guarantee the accuracy and timeliness of the free and freely accessible information provided. Contributions identified by name reflect the opinion of the respective author and not always the opinion of the provider. Simply by calling up the free and freely accessible content, no contractual relationship is established between the user and the provider, in so far there is no legal commitment on the part of the provider. The use of the provider's web offers is possible in the public area without providing personal data. Exceptions to this are active contact by the user with the provider e.g. via contact forms. If you send us inquiries via the contact form, your details from the contact form, including the contact details you provided there, will be stored by us for the purpose of processing the request and in the event of follow-up questions. This data will not be passed on without your consent.


In order to access the protected area or to be able to use the provider's cloud services, registration and registration is necessary. Authentication takes place via an authentication system of the provider or the customer. The provider's authentication system is a simple authentication system that is only designed for the use of the protected public area. The SAML-2 protocol is used to use customer-specific authentication systems, i.e. the data required for authentication is only in the customer's system and is managed by him. The operator of the authentication system used is responsible for data protection and the security of the personal data required for authentication.


The provider's web offerings use an authorization system to implement role-based access rights. The role system itself does not contain any personal data, but refers to the user profile.

User profile

For the use of the protected area or the cloud services of the provider, the user can store a user profile with information about the person, the affiliation to companies / organizations as well as communication data and a picture. Only the user can enter, change and delete this data in SelfService.

All advertisements and processing functions only access the user profile as personal data online. All personal data will not be passed on to third parties without your express consent. If no user profile has been recorded or deleted, this personal data is not accessible to other users.

The right to information, the right to correction and deletion in accordance with the GDPR is thus fulfilled.The personal data are used exclusively for advertisements and communication functions of the protected area or the cloud services of the provider.Any further use of personal data is possible via business applications actively ordered by the customer. The type and scope of processing is described in the documentation for the respective business application. All obligations under the GDPR pass to the provider of these business applications.Please note that the lack of a user profile can lead to functional restrictions.

Transaction processing

The protected area or the cloud services of the provider process data of any kind in a transaction-oriented manner. References to the user profile of the users who initiate the transactions are stored.

This data is only displayed or processed in the business application if it is imperative to provide evidence or to be named by the author. In these cases, the type and scope of processing is described in the documentation of the business application. All obligations under the GDPR pass to the provider of these business applications.

No further consolidation of this data with other data sources is undertaken. We reserve the right to check this data retrospectively if we become aware of specific indications of illegal use.

Right to information, deletion, blocking

You have the right to free information about your stored personal data, its origin and recipient and the purpose of data processing as well as the right to correct, block or delete this data at any time. To do this, please use the SelfService of the user profile.

You can contact us at any time at the address given in the imprint if you have any further questions about personal data.

Place of data processing

The contractually agreed processing takes place exclusively in a member state of the European Union or in another contracting state of the Agreement on the European Economic Area.

Other regulations must be agreed in writing.

External Links

The provider's web offers contain links to third-party websites ("external links"). These websites are the responsibility of the respective operators. When the external links were first linked, the provider checked the third-party content to determine whether there were any legal violations. No violations of the law were evident at the time. The provider has no influence on the current and future design and on the content of the linked pages.

The setting of external links does not mean that the provider makes the content behind the reference or link their own. A permanent control of the external links is not reasonable for the provider without concrete indications of legal violations. With knowledge of legal violations, however, such external links will be deleted immediately.

Copyright and ancillary rightsThe content published on the provider's website is subject to German copyright and ancillary copyright. Any use not permitted by German copyright and ancillary copyright law requires the prior written consent of the provider or the respective rights holder. This applies in particular to the duplication, editing, translation, storage, processing or reproduction of content in databases or other electronic media and systems. Contents and rights of third parties are marked as such.

The unauthorized reproduction or distribution of individual content or entire pages is not permitted and is punishable by law. Only the production of copies and downloads for personal, private and non-commercial use is permitted.The presentation of the provider's web offerings in external frames is only permitted with written permission.

Disclaimer of liability

The provider expressly points out that data transmission on the Internet (e.g. when communicating by email) has security gaps and cannot be completely protected from access by third parties.


Final provisions

The use of the contact details of the imprint for commercial advertising is expressly not desired, unless the provider has given his prior written consent or there is already a business relationship.

The provider and all persons named on this website hereby object to any commercial use and disclosure of their data.

bottom of page