Book a Call

Privacy Policy

Data Protection Declaration of StraightONE GmbH for Insightmatic™ Services

Introduction

We welcome you to our website and thank you for your interest in our company. We take the protection of your personal data very seriously. We process your data in accordance with applicable legal provisions for the protection of personal data, in particular the EU General Data Protection Regulation (EU-GDPR) and the country-specific implementing laws applicable to us. With this privacy policy, we comprehensively inform you about the processing of your personal data by StraightONE GmbH through the Insightmatic™ platform and the rights you are entitled to.

Personal data is information that makes it possible to identify a natural person. This includes in particular name, date of birth, address, telephone number, email address, and also your IP address.

Anonymous data exists when no personal reference to the user can be established.

Responsible Entity and Data Protection Officer

Address: StraightONE GmbH, Sandsteinstr. 1, 91077 Neunkirchen am Brand, Germany
Website: www.straight.one
Phone: +49-911-2177380
Data Protection Officer: Bastian Verdel – bastian.verdel@straight.one – +49 911 217738-0

Your Rights as a Data Subject

First, we would like to inform you about your rights as a data subject. These rights are standardized in Articles 15 – 22 EU-GDPR. This includes:

  • The right to information (Art. 15 EU-GDPR)
  • The right to deletion (Art. 17 EU-GDPR)
  • The right to rectification (Art. 16 EU-GDPR)
  • The right to data portability (Art. 20 EU-GDPR)
  • The right to restriction of data processing (Art. 18 EU-GDPR)
  • The right to object to data processing (Art. 21 EU-GDPR)

To assert these rights, please contact us at: mail@straight.one. The same applies if you have questions about data processing in our company. You also have the right to complain to a data protection supervisory authority.

Right of Objection

Please note the following regarding rights of objection: If we process your personal data for the purpose of direct marketing, you have the right to object to this data processing at any time without giving reasons. This also applies to profiling insofar as it is connected with direct marketing.

If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes. The objection is free of charge and can be made informally, preferably to: mail@straight.one.

Data Categories and Processing Purposes

Website Visit Data

When visiting our website and using the Insightmatic™ platform, we collect and process the following data:

  • Name of the Internet Service Provider
  • Information about the website from which you visit us
  • Web browser and operating system used
  • IP address assigned to you by your Internet Service Provider
  • Requested files, amount of data transferred, downloads/file export
  • Information about the web pages you access with us including date and time

For technical security reasons (particularly to ward off attack attempts on our web server), this data is stored according to Art. 6 para. 1 lit. f EU-GDPR. After no later than 7 days, anonymization takes place by shortening the IP address so that no reference to the user is established.

Contact Inquiries

In the context of contact inquiries through Insightmatic™, we collect and process:

  • Name, first name
  • Company
  • Position
  • Contact details
  • Phone number
  • Email address
  • Salutation
  • Information about wishes and interests

Service Usage Data

When using Insightmatic™ services, we may process:

  • Research project parameters
  • Usage analytics and platform interaction data
  • Service performance and outcome data
  • Billing and subscription information

Data Storage and Retention

We store your data as long as it is needed for the respective processing purpose. Please note that numerous retention periods require that data continues to be stored (must be). This particularly affects commercial or tax retention obligations (e.g., Commercial Code, Tax Code, etc.). If no further retention obligations exist, the data is routinely deleted after the purpose is achieved.

In addition, we may retain data if you have given us permission to do so or if legal disputes arise and we use evidence within the framework of statutory limitation periods, which can be up to thirty years; the regular limitation period is three years.

Data Security

To protect the data stored with us as best as possible against accidental or intentional manipulation, loss, destruction or access by unauthorized persons, we employ appropriate technical and organizational security measures. The security levels are continuously reviewed in cooperation with security experts and adapted to new security standards.

Data exchange from and to our website takes place encrypted. We offer HTTPS as a transmission protocol for our web presence, using current encryption protocols. In addition, we offer our users content encryption within the framework of contact forms and applications. The decryption of this data is only possible for us.

Third Party Data Sharing

We will only pass on your data to third parties within the framework of legal provisions or with appropriate consent. Otherwise, data is not passed on to third parties unless we are obliged to do so due to mandatory legal provisions (transfer to external bodies such as supervisory authorities or law enforcement agencies).

Within our company, we ensure that only those persons receive your data who need it to fulfill contractual and legal obligations. In many cases, service providers support our specialist departments in fulfilling their tasks. The necessary data protection contractual work has been concluded with all service providers.

International Data Transfers

Data transmission to third countries (outside the European Union or the European Economic Area) only takes place insofar as this is necessary for the fulfillment of the contractual relationship, required by law, or you have given us your consent.

Compliance with the data protection level is ensured through: EU standard contractual clauses or binding corporate data protection rules, as applicable.

Cookies and Tracking

We use cookies and similar technologies to improve your user experience on our website and Insightmatic™ platform. You can manage your cookie preferences through our cookie consent banner and adjust your settings at any time. For more information about cookies, see our cookie policy integrated into this privacy policy.

Necessary Cookies

These cookies are essential for the basic functions of the website and cannot be deactivated.

Analytics Cookies

These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously.

Marketing Cookies

These cookies are used to show you relevant advertising based on your interests.

Contact Form and Email Contact

A contact form is available on our website that can be used for electronic contact. If you write to us via the contact form, we process your data provided in the contact form for contact and answering your questions and requests.

The principle of data minimization and data avoidance is observed by only requiring the data we absolutely need for contact from you. This is your email address and the message field itself. Your IP address is also processed for technical necessity and legal security. All other data are voluntary fields and can optionally be provided (e.g., for more individual answering of your questions).

Newsletter

A free newsletter can be subscribed to on our website. The email address provided during newsletter registration as well as your name and company are used for sending the personalized newsletter.

You can of course end the subscription at any time via the unsubscribe option provided in the newsletter and thus revoke your consent. Furthermore, you can also unsubscribe directly from newsletter delivery via our website at any time.

Legal Basis for Processing

We process your personal data based on the following legal bases:

  • Consent (Art. 6(1)(a) GDPR): For newsletter subscriptions, marketing communications, and optional data processing
  • Contract Performance (Art. 6(1)(b) GDPR): For providing Insightmatic™ services and fulfilling contractual obligations
  • Legitimate Interests (Art. 6(1)(f) GDPR): For website operation, security, and business operations
  • Legal Obligations (Art. 6(1)(c) GDPR): For compliance with legal requirements

Contact for Privacy Matters

StraightONE GmbH
Sandsteinstr. 1, 91077 Neunkirchen am Brand, Germany
Phone: +49 911 217738-0
Email: mail@straight.one
Data Protection Officer: Bastian Verdel – bastian.verdel@straight.one – +49 911 217738-0

Insightmatic™ is a product of StraightONE GmbH, Germany's leading consultancy for Behavioral Economics and decision psychology.

Last updated: September 2025

Hello, I'm Katja, your Customer Service Avatar

Your AI expert for Decision Intelligence. Ask me any questions about customer behavior, market research, or how Insightmatic™ can help you!