1. General Information
The following information provides a clear overview of what happens to your personal data when you visit this website. Personal data refers to any information that can personally identify you. Detailed information on data protection can be found in the full privacy policy below.

2. Data Collection on This Website
Who is responsible for data collection?
Data processing on this website is carried out by the website operator:

Cloud7 Capital
Reichenbachstraße 2, 85737 Ismaning Germany
[email protected]

How do we collect your data?
Data you provide:
This includes information you enter into contact forms or voluntarily submit.
Automatically collected data:
When visiting the website, technical data such as browser type, operating system, and access time may be collected automatically.
Why do we collect your data?

To ensure the proper functioning of the website
To analyze user behavior and improve our services

3. Your Rights under GDPR

4. Use of Analytics Tools and Third‑Party Services
Your browsing behavior may be statistically evaluated using analytics tools. These tools help us understand how visitors interact with our website. Details can be found in the full privacy policy.

5. Data Retention
Unless a specific retention period is stated, personal data is stored only as long as necessary to fulfill its purpose. If you request deletion or revoke consent, the data will be deleted unless legal obligations (e.g., tax or commercial laws) require otherwise.

6. Legal Basis for Data Processing
We process your data based on:

Consent: Art. 6(1)(a) GDPR and, if applicable, Art. 9(2)(a) GDPR
Contractual necessity: Art. 6(1)(b) GDPR
Legal obligation: Art. 6(1)(c) GDPR
Legitimate interest: Art. 6(1)(f) GDPR
If you have consented to the use of cookies or device fingerprinting, processing may also be based on § 25(1) TTDSG. Consent can be withdrawn at any time.

7. Data Protection

Note on data transfers to the U.S. and other third countries
We use tools provided by companies based in the U.S. or other countries that may not guarantee an adequate level of data protection under EU standards. When such tools are active, your personal data may be transferred to and processed in these countries.
For example, U.S. companies may be required to disclose data to security authorities without allowing affected individuals to seek legal remedies. It cannot be ruled out that U.S. authorities (e.g., intelligence agencies) may process, analyze, or store your data for surveillance purposes.
We have no control over such data processing.
Withdrawal of your consent
Certain processing activities require your explicit consent. You may withdraw such consent at any time. Processing prior to withdrawal remains lawful.
Right to object under Art. 21 GDPR
You have the right to object at any time to the processing of your personal data based on Art. 6(1)(e) or (f) GDPR, including profiling on those grounds.
If you object, we will stop processing your data unless we can demonstrate compelling legitimate grounds overriding your interests, rights, and freedoms, or if the processing serves the establishment, exercise, or defense of legal claims (Art. 21(1) GDPR).
If your data is processed for direct marketing, you may object at any time. Your data will then no longer be used for such purposes (Art. 21(2) GDPR).
Right to lodge a complaint
If you believe your GDPR rights have been violated, you may lodge a complaint with a supervisory authority in the EU member state of your residence, workplace, or the place of the alleged infringement.
Right to data portability
You have the right to receive the personal data we process based on consent or contract in a machine-readable format and request its transfer to another controller where technically feasible.
SSL/TLS encryption
This site uses SSL/TLS encryption for security and to protect the transmission of confidential information. You can recognize an encrypted connection by the change from “http://” to “https://” and the lock icon in your browser.
When SSL/TLS is enabled, transmitted data cannot be read by third parties.
Access, deletion, and correction
Within legal provisions, you have the right to free information about your stored personal data, its origin, recipients, and the purpose of processing, as well as the right to correct or delete your data.
Right to restrict processing
You have the right to request the restriction of processing of your personal data. This applies in the following cases:

You contest the accuracy of your data
Processing is unlawful, and you prefer restriction over deletion
We no longer need the data, but you require it for legal claims
You have objected under Art. 21(1) GDPR and a balancing of interests is pending

If processing is restricted, your data may only be processed with your consent or for legal claims, protection of others’ rights, or important public interests.
Objection to advertising emails
The use of contact details published in our legal notice for unsolicited advertising is prohibited. The website operator reserves the right to take legal action against unsolicited marketing, such as spam emails.

8. Cookies
This website uses cookies, which may be temporary (session cookies) or permanent (persistent cookies). Session cookies are deleted automatically; persistent cookies remain until deleted manually or by your browser.
Third-party cookies may also be stored to enable specific services (e.g., payment processing).
Cookies serve various purposes:

Essential functions (e.g., shopping cart, video playback)
Analytics or advertising

Necessary cookies are stored based on Art. 6(1)(f) GDPR unless another legal basis applies.
You can configure your browser to manage cookies, but disabling cookies may limit website functionality.
If third‑party or analytics cookies are used, we will inform you and request your consent.
Server Log Files
The website provider automatically collects and stores the following data:

Browser type and version
Operating system
Referrer URL
Hostname of the accessing device
Time of server request
IP address

This data is not merged with other data sources and is collected based on Art. 6(1)(f) GDPR.
Contact Form
Data submitted through our contact form (including contact details) is stored for processing your inquiry. It is not shared without your consent.
Processing is based on:

Art. 6(1)(b) GDPR if related to a contract
Otherwise, Art. 6(1)(f) GDPR or Art. 6(1)(a) GDPR if consent applies
Data is stored until deletion is requested, consent is revoked, or the purpose no longer applies.
Requests via Email, Phone, or Fax
If you contact us through these channels, personal data involved in your inquiry will be processed for response purposes and not shared without consent.
Processing follows Art. 6(1)(b), (f), or (a) GDPR, depending on the situation.
Data is retained until deletion is requested or the purpose ends.

9. Analytics and Advertising Tools
Google Tag Manager
Provided by Google Ireland Limited.
The Tag Manager itself does not analyze users or store cookies but loads other tools and processes your IP address, possibly in the U.S.
Processing is based on Art. 6(1)(f) GDPR or Art. 6(1)(a) GDPR if consent is required

10. Plugins

Matomo

We use Matomo to perform statistical analysis of our website.
Matomo is operated without cookies, so no personal data is stored through recognition features or tracking IDs. IP addresses are anonymized (at least 2 bytes), ensuring that no personal identification is possible.
All data processing is carried out entirely anonymously and exclusively on our own server.
No data is shared with third parties.

Rank Math SEO
Our website uses Rank Math SEO to optimize content for search engines. Rank Math does not collect personal data from visitors directly but may process anonymized usage data in accordance with data protection laws.

WooCommerce

We use the WooCommerce shop system to operate our online store. WooCommerce processes personal data that is required to handle orders, including:

Name
Address
Payment information
Cart contents
Order history

WooCommerce is built on WordPress and provides essential functions for processing customer data. Since WooCommerce was originally developed for the US market, additional adjustments are necessary to meet European and German data protection requirements. These include legal notices, checkout adaptations, consent management, and other GDPR‑related measures.

The processing of data is based on Art. 6 (1) lit. b GDPR (performance of a contract), as this information is required for order handling and delivery.
We only store order‑related data for as long as legally required or necessary for contractual purposes.
We have implemented technical and organizational measures — including supplementary plugins and consent tools — to ensure WooCommerce operates in a GDPR‑compliant manner, as recommended for legal compliance in online shops.

Booking and Rental Manager (WpRently)

We use the plugin
“Booking and Rental Manager for Bike | Car | Resort | Appointment | Dress | Equipment”
also known as WpRently, to manage booking and rental processes.
The plugin processes personal data relevant to reservations, such as:

Name
Contact details
Booking and reservation information
Rental timeframes
Payment data (processed via WooCommerce)

This data is processed for the purpose of handling booking requests or rental contracts. The legal basis is Art. 6 (1) lit. b GDPR (performance of a contract).
The plugin integrates closely with WooCommerce and stores booking data on our own server. 
According to the available documentation, the plugin does not transmit personal data to third‑party providers. All data remains within our WordPress installation unless required for payment processing.

Payment Providers (Stripe)

If you choose to pay using Stripe, your personal and payment‑related information will be transmitted to Stripe for the purpose of processing your payment. This may include data such as your name, email address, billing address, payment method details, and transaction information.
Stripe processes this data under its own privacy and security policies and acts in accordance with its GDPR obligations. Data is transmitted exclusively for payment processing under Art. 6 (1) lit. b GDPR (performance of a contract).
For more information, please refer to Stripe’s Privacy Policy:
https://stripe.com/privacy

Data Rentention