Privacy Policy

Last updated February 1, 2023

At Yucca Technologies GmbH, we are committed to protecting and respecting your privacy. This privacy policy explains when and why we collect personal information about people who visit our website, how we use it, the conditions under which we may disclose it to others, and how we keep it secure. We may change this policy from time to time, so please check this page occasionally to ensure that you’re happy with any changes. By using our website, you’re agreeing to be bound by this policy.

Any questions regarding this policy and our privacy practices should be sent by email to

Alternatively, you can write to us at: Friedenstraße 67a, 40219 Düsseldorf, Germany.

Our privacy policy is structured as follows:

1. Information on the collection of personal data
2. Your rights
3. Collection of personal data
4. Data processing by third parties
5. Legal basis of processing personal data
6. Data storage, retention and transfer
7. Changes
8. Contact us

1. Information on the collection of personal data

(1) In the following we provide information about the collection of personal data when using our website or web app. Personal data are all data that can be related to you personally, e.g. name, and email address.=

(2) The person responsible in accordance with Art. 4 para. 7 of the EU Data Protection Regulation (EU) 2016/679 (GDPR) is Jure Skara, Yucca Technologies GmbH, Friedenstraße 67a, 40219 Düsseldorf, Germany. You can reach our Data Protection Officer at or at our postal address with the addition “the data protection officer”.

(3) When you contact us by email or via a contact form, we will store your email address and, if you have provided it, your name and telephone number in order to answer your questions. We delete the data arising in this connection after storage is no longer necessary or – in the case of legal storage obligations – restrict processing.

(4) When you visit this website or use our web application (”web app”), personal data will be processed in connection with your visit and with an inquiry to us. “Processing” means, inter alia, the collection, recording, organization, filing, storage, adaptation or alteration, use, disclosure by transmission, alignment or deletion of information which also relates to an identified or identifiable natural person (“personal data”).

(4) If we wish to use commissioned service providers for individual functions of our offer or to use your data for advertising purposes, we will inform you in detail about the respective processes below. We will also state the specified criteria for the storage period.

2. Your rights

(1) You have the following rights in relation to the personal data concerning you:
Right to information: Pursuant to Art. 15, paras. 1 and 2 of the GDPR, you have the right to obtain information about your personal data processed by us. In this context, you also have the right to receive a copy of the personal data processed by us in accordance with Article 15, paragraphs 3 and 4 of the DPA.
Right to access: You have the right to access your personal data that we hold about you free of charge in most circumstances.
Right of correction or deletion: In accordance with Art. 16 GDPR, you have the right to ask us to correct or complete your personal data. Pursuant to Art. 17, paras. 1 and 3 of the GDPR, you have the right to request that your personal data processed by us be deleted. If we have made this data public, you also have the right, in accordance with Art. 17, paras. 2 and 3 GDPR, to demand that we inform other responsible parties of your request to delete all links, copies or replications of this data.
Right to restriction of processing: You have the right to obtain restrictions on the processing of your personal data as described in Art. 18 GDPR.
Right to data portability: In accordance with Art. 20 Paragraphs 1 and 2 of the GDPR, you have the right to receive the personal data you have provided us with concerning your person in a structured, common and machine-readable format and to request that we transfer this data directly to another person responsible.
Right to object: Pursuant to Art. 21 paras. 1, 2, 5 and 6 GDPR, you have the right to object to the processing of your personal data by us if this is done for the purpose of direct advertising and/or on the basis of a “legitimate interest” within the meaning of Art. 6 para. 1 sentence 1 letter f) GDPR.
Revocation of your consent: If you have given us permission to process your personal data, you can revoke this permission at any time, in total or with regard to individual processing purposes, in each case without giving reasons.‍
Right not to be subject to solely automated decisions: You have the right to not be subject to solely automated decisions, including profiling, which have a legal or similarly significant effect upon you.

(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data in our company.

3. Collection of personal data

(1) When using the web app, we collect the personal data described below to enable convenient use of the functions. If you would like to use our web app, we collect the following data, which is technically necessary for us to offer you the functions of our web app and to ensure stability and security (legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR):

In general we process and store the following data:
- IP address (in abbreviated anonymous form)
- Date and time of the request
- Content of the request (concrete page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request comes
- Browser
- Operating system and its interface
- Language and version of the browser software.

We collect the following data trough our website:
- Date and time of consent (Consent Management Protocol).

When you use our website contact form, we store the following data:
- First name, last name, e-mail address, telephone number (optional), message.

By using our web app:
- From all users that use the our web app, we only save the Microsoft Teams user ID which is generated by the tenant.
- From all users, that participate in and receive matches from the yuccaHR bot in Microsoft Teams we store the user ID which is generated by the tenant.
- We store user created content (messaging in matching campaigns) – not necessarily personal, but may be, depending on the use of the web app.

(2) In addition to the data mentioned above, cookies are stored on your computer when you use our website and web app. Cookies are small text files that are stored in the device memory of your mobile device and assigned to the web app you are using. Cookies allow certain information to flow to the party that sets the cookie (here: us). Cookies cannot execute programs or transfer viruses to your mobile device. They serve to make web apps more user-friendly and effective overall.
This web app uses the following types of cookies, the scope and functionality of which are explained below:
Persistent cookies: Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. You can configure the settings of your mobile operating system and the web app according to your wishes and, for example, refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all functions of our web app.

4. Data processing by third parties

The operator of the other tools uses web tracking methods. The web tracking can also be carried out independently of whether you are logged in or registered on the other’s tool platform. We have no influence on the web-tracking methods of the other’s tool platform. For example, we cannot switch them off.
Please be aware that it cannot be ruled out that the provider of the other’s tool platform will use your profile and behavioral data to evaluate your habits, personal relationships, preferences, etc. In this respect we have no influence on the processing of your data by the provider of the other’s tool platform.
More detailed information on data processing by the provider of the other’s tool platform and further options for objection can be found in the provider’s data protection declaration.

Google services
We use the Google services Google Analytics, Google Analytics Remarketing, Google Ads, Google Search Ads 360, Google Tag Manager and Google Forms. These services are provided by Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA, “Google”). Google has its headquarters in the so-called third country USA, which means that a level of data protection equivalent to that in the EU is generally lacking. However, Google is certified under the EU-U.S. Privacy Shield and thus offers an adequate level of data protection in accordance with Art. 45 GDPR.
You can find more information about Google in the Google Privacy Policy:

Google Analytics
Google Analytics uses cookies. The information collected by these cookies is usually sent to a Google server in the USA and stored there. IP anonymization is used on this website. The IP address of the website visitors is shortened. Only in individual cases is the IP address initially transmitted in full to a Google server in the USA and shortened there. By this shortening the personal reference of the IP address is omitted. The IP address transmitted by the browser is not combined with other data stored by Google.
Within the framework of the agreement on commissioned data, which the website operator has concluded with Google Inc., the latter uses the information collected to create an evaluation of website use and website activity and provides associated services.
The data collected by Google on behalf of the website operator is used to evaluate the use of the online offer by individual users, e.g. to create reports on the activity on the website and to improve our online offer.

Google Analytics Remarketing
Google Analytics Remarketing allows you to link the created advertising target groups with the cross-device functions of Google Ads and Google Campaign Manager. In this way, interest-based, personalized advertising messages that have been adjusted on one device depending on the previous usage and surfing behavior of the website visitor can also be displayed on another device of the website visitor. This presupposes that the website visitor has given Google permission to do so. If such consent is given, Google will link the web and app browsing history to the personal Google Account for this purpose.
To support this feature, Google Analytics collects Google-authenticated visitor IDs that are temporarily linked to Google Analytics data to define and create target groups for cross-device advertising.
Visitors who have a Google Account can permanently opt-out of cross-device remarketing/targeting by deactivating personalised advertising in their Google Account (

Google Ads (formerly AdWords) and conversion tracking
In the context of Google Ads, this website uses the so-called conversion tracking. When visitors click on an ad served by Google, a conversion tracking cookie is set. These cookies expire after 30 days and are not used to personally identify site visitors. If the user visits certain pages of this website and the cookie hasn’t expired, we can tell that the user clicked on the ad and was redirected to that page. The information collected using the conversion cookie is used to compile conversion statistics for us as AdWords customers. This tells us the total number of website visitors who clicked on an ad we placed and were redirected to a page with a conversion tracking tag. However, we do not receive any information that personally identifies website visitors.
We use Google AdWords Remarketing to advertise us across the Internet and to advertise on third party websites (including Google) to previous visitors of the website. AdWords remarketing will display ads to Users based on what parts of the our website they have viewed by placing a cookie on the Users’ web browser. It could mean that our advertises to previous visitors who haven’t completed a task on the site or this could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. This cookie does not in any way identify the User or give access to the Users’ computer or mobile device. The cookie is only used to indicate to other websites that the User has visited a particular page on the website, so that they may show the User ads relating to that page. If Users do not wish to participate in Google AdWords Remarketing, they can opt out by visiting Google’s Ads Preferences Manager:

Google Search Ads 360 (formerly DoubleClick Search)
Similar to the previous paragraph; the use of Search Ads 360 allows Google and its partner sites to serve ads based on previous visits to our or other sites on the Internet. The data collected in this context may be transferred by Google to a server in the USA for evaluation and stored there. In contrast to Google Ads, which is limited to the Google Search Network, Google Search Ads 360 enables the exchange of ads and keywords with several supported search engines.

Google Tag Manager
To manage the Google Analytics tracking (see above) we use the Google Tag Manager service. The Google Tag Manager itself does not collect any personal data.

Google Forms
We use the services of Google Forms to conduct surveys. The data collected with a Google Forms form is stored on a cloud storage provided by Google for us, “Google Drive”. Further information on data processing in connection with Google Forms and Google Drive can be found in Google’s data protection information:

Microsoft Identity Platform
To authenticate users in our web application we use the Microsoft Identity Platform to identify users with our system. Microsoft Identity Platform is provided by Microsoft Corporation, One Microsoft Way Redmond, Washington 98052-6399. For this purpose, authentication details are securely transmitted to Microsoft.
For further information please see:

5. Legal basis of processing personal data

(1) We process your personal data in accordance with Art. 6 para. 1 lit. a), b), c) and f) GDPR. This means that we process personal data only if you have given your consent (lit. a)), to the extent necessary for the performance of a contract or pre-contractual measures (lit. b)), if we are legally obliged to do so (lit. c)) or if we have a legitimate interest in the processing (lit. f)).

(2) In the following reasons and purposes are given for processing your data:
- To personalize the experience.
- To improve our website.
- To identify someone as a contractor.
- To enable a quick registration.
- To set up a primary communication channel.
- To enable the automated handling of subscriptions.
- To create and display cookie statements for end users and store and display scan reports for you.
- To send emails at certain intervals (The email address you provide for order processing can be used to send you information and updates regarding your order. In addition, if you have accepted, you will occasionally receive company news, updates, information about related products or services, etc.). If at any time you wish to unsubscribe from receiving future emails, you can opt-out or cancel your account by sending us a request in a reply to that email.

6. Data storage, retention and transfer

We securely store your data on the Azure Germany West Central datacenter, located in Frankfurt, Germany, where your data is securely kept in accordance with GDPR and complies with ISO 27001, ISO 27018, SOC 1 Type 2, SOC 2 Type 2, and SOC 3 standards, as well as company policies and procedures.

We do not store any personal data outside the EU.

We will keep your personal data until you request its deletion or until we no longer require such data for the purpose for which it was collected. Please email us at to delete any personal data we hold. Once this time period has expired or upon your request, we will delete secure your data.

7. Changes

We reserve the right to change this privacy policy at any time in accordance with the applicable data protection regulations. We keep our privacy policy under regular review and place any updates on this web page. We recommend that you check this page regularly for any changes.

This privacy policy was last updated on February 1, 2023.

8. Contact us

If you have any questions about Yucca Technologies GmbH’s privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.

Email us at:

Or write to us at: Friedenstraße 67a, 40219 Düsseldorf, Germany.

Immer up-to-date mit unserem Newsletter

Vielen Dank für Ihre Anmeldung zu unserem Newsletter 🙌
😰 Oops! Etwas hat nicht geklappt, bitte wiederholen Sie die Eingabe.