Scyfyn AG

Who We Are

Scyfyn AG is a business plan creation service based in Fürstenfeldbruck, Deutschland. We're registered with BaFin under ID 10155353, and we take your privacy seriously. This policy explains how we collect, use, and protect your personal information when you work with us on developing your business plans and financial projections.

When we say "personal data," we mean any information that can identify you as an individual. This includes everything from your name and contact details to the specific business information you share with us during our consultation process.

Information We Collect

Business Information You Provide

When you engage our services, you'll naturally share business-related information with us. This helps us create comprehensive business plans tailored to your specific needs and market situation.

Contact information including name, email, phone number, and business address

Business concept details and market analysis requirements

Financial information necessary for business plan development

Industry-specific data relevant to your business model

Communication records from our consultations and meetings

Documentation you provide to support the business planning process

Technical Information

Our website automatically collects certain technical information to ensure proper functionality and security. This includes your IP address, browser type, and basic usage patterns. We don't use this information for marketing purposes – it's purely operational.

How We Use Your Information

Your information serves specific purposes related to delivering quality business planning services. We don't sell your data or use it for unrelated marketing activities.

We use your business information to develop comprehensive business plans, create financial projections, and provide strategic advice. This might involve researching market conditions relevant to your business and analyzing industry trends that could affect your success.

Sometimes we need to verify certain information or consult with industry experts to ensure our recommendations are sound. When this happens, we only share the minimum information necessary and always maintain confidentiality agreements.

Your Rights Under GDPR

As individuals in the EU, you have specific rights regarding your personal data. We've designed our processes to make exercising these rights straightforward.

Access Your Data

Request a copy of all personal information we hold about you, including how we're using it and who we've shared it with.

Correct Inaccuracies

Ask us to update or correct any personal information that's inaccurate or incomplete.

Delete Your Data

Request deletion of your personal information, though we may need to retain certain records for legal compliance.

Restrict Processing

Limit how we use your data while we address any concerns you might have about accuracy or processing.

To exercise any of these rights, simply contact us at info@skyfyn.org. We'll respond within 30 days and guide you through the process. There's no charge for most requests, though we might ask you to verify your identity first.

Data Security Measures

Protecting your business information is crucial to our relationship. We've implemented multiple security layers to prevent unauthorized access, disclosure, or loss of your data.

Encrypted data transmission using TLS 1.3 protocol for all communications between your devices and our systems

Secure cloud storage with end-to-end encryption and multi-factor authentication for all team access

Regular security audits and vulnerability assessments conducted by independent security professionals

Limited access controls ensuring only authorized team members can view client information

Secure backup systems with geographic redundancy to protect against data loss

While we implement strong security measures, no system is completely immune to threats. We monitor our systems continuously and will notify you promptly if any security incident affects your personal data.

Data Retention and Deletion

We keep your information only as long as necessary to provide our services and meet legal requirements. Different types of data have different retention periods based on their purpose and legal obligations.

Data Retention Schedule

Active business planning projects and related communications

2 years after project completion

Financial records and business plan documentation

7 years (German commercial law requirement)

Marketing communications and newsletter subscriptions

Until you unsubscribe

Website analytics and technical logs

13 months maximum

When retention periods expire, we securely delete your information using industry-standard data destruction methods. You can also request earlier deletion of your data, though we may need to retain certain records for legal compliance or legitimate business purposes.

Sharing Your Information

We don't sell or rent your personal information to third parties. However, we sometimes need to share limited information with trusted partners to deliver our services effectively.

For example, we might consult with industry experts or market research firms to ensure our business plans reflect current market conditions. In these cases, we share only the minimum information necessary and require all partners to maintain strict confidentiality.

We also use reputable cloud service providers for data storage and processing. These providers are located within the EU and operate under strict data protection agreements that meet GDPR requirements.

In rare cases, we might need to disclose information to comply with legal obligations, court orders, or to protect our legitimate business interests. We'll always try to notify you beforehand unless legally prohibited from doing so.

International Data Transfers

We primarily process your data within the European Union to ensure full GDPR protection. Occasionally, we might need to transfer data to countries outside the EU for specific business purposes, such as consulting with international market experts.

When international transfers occur, we implement appropriate safeguards including Standard Contractual Clauses approved by the European Commission. We carefully evaluate the privacy laws and practices of any country receiving your data to ensure adequate protection.

Cookies and Website Technology

Our website uses essential cookies to function properly and provide you with a smooth browsing experience. These cookies remember your preferences and help us understand how visitors use our site.

We don't use advertising cookies or tracking technologies for marketing purposes. The cookies we do use are strictly necessary for website functionality or help us improve our services based on anonymous usage patterns.

You can control cookie settings through your browser preferences. However, disabling certain cookies might affect your ability to use some website features.

Changes to This Policy

We review and update this privacy policy periodically to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we'll notify you by email or through prominent notices on our website.

Minor updates, such as clarifications or formatting changes, might not trigger individual notifications. We recommend reviewing this policy occasionally to stay informed about how we protect your information.

The "Last updated" date at the top of this policy indicates when changes were last made. Previous versions of this policy are available upon request.

Privacy Policy