Data Protection
Data Controller and EU Representative
The data controller responsible for the processing of personal data within the meaning of the General Data Protection Regulation (GDPR) and the Swiss Data Protection Act (revDSG) is:
Pathmate Technologies AG
Josefstr. 219
8005 Zürich
Switzerland
Email: datenschutz@pathmate.app
As the representative of Pathmate Technologies AG in the EU pursuant to Article 27 of the GDPR, you may contact:
Pathmate Technologies GmbH
Glücksteinallee 25
68163 Mannheim
Germany
Email: datenschutz@pathmate.app
Pathmate Technologies AG is hereinafter referred to as “Pathmate”.
Data Protection Officer
We have appointed a Data Protection Officer for our company. You can contact our Data Protection Officer:
- by email at datenschutz@pathmate.app or
- by post at the data controller’s postal address, marked “For the attention of the Data Protection Officer”.
Privacy Policy
We welcome you to our website and appreciate your interest. The protection of your personal data is of great importance to us. We therefore conduct our activities in accordance with the applicable legal provisions on the protection of personal data and data security. Below, we explain what data is collected during your visit and for what purposes it is used. If you have any further questions, please feel free to contact our Data Protection Officer by email at datenschutz@pathmate.app.
Note: This privacy policy applies to the manoa.app website. The separate privacy policy for the app applies to the processing of your data within the Manoa app.
1. What is personal data?
The term “personal data” is defined in the EU GDPR. According to this, it refers to information relating to the personal or factual circumstances of an identified or identifiable natural person. This includes, for example, your full name, your address, your telephone number or your date of birth.
2. Scope of data collection
Unless otherwise stated in the following sections, no personal data is collected, processed or used when you use our website. We process technically necessary data generated when the page is accessed (see Section 4 “Server Log Files”) solely for the purpose of providing the website and ensuring its security and stability. Fonts are delivered locally from our server; no connection to third-party servers is established and no data is transferred to third countries.
3. Legal basis for the processing of personal data
Where we obtain the data subject’s consent for the processing of personal data, Article 6(1)(a) of the GDPR serves as the legal basis.
Where the processing of personal data is necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) of the GDPR serves as the legal basis. This also applies to pre-contractual measures.
Where processing is necessary for compliance with a legal obligation to which the controller is subject, Article 6(1)(c) of the GDPR serves as the legal basis.
Where processing is necessary to pursue the legitimate interests of the controller or a third party, and the interests, fundamental rights and freedoms of the data subject do not override those interests, Article 6(1)(f) of the GDPR serves as the legal basis.
4. Server log files
Each time the website is accessed, technical access data is collected by an automated system and stored in the server’s log files. This data is not combined with any other personal data. The following data may be collected in this process:
(1) Browser type and version used (2) The user’s operating system (3) The user’s internet service provider (4) The user’s IP address (5) Date and time of access (6) Websites from which the user’s system accessed our website (referrer)
The legal basis is our legitimate interest in the secure and stable operation of the website (Article 6(1)(f) of the GDPR). The log files are deleted as soon as they are no longer required for these purposes.
Geolocation for language selection: In order to automatically redirect you to the localised version of our website appropriate for your country, we analyse your IP address to determine the country or region. The geodatabase used for this purpose (IP2Location LITE, see note at the bottom of this page) is operated on our own servers; your IP address is not transferred to third parties for this purpose. No individual location profile is stored. The legal basis is our legitimate interest in providing a user-friendly website in the appropriate language (Article 6(1)(f) of the GDPR).
Cookies: This website does not use cookies. No analytics, tracking or marketing cookies are used; a cookie consent banner is therefore not required.
5. Hosting
Our data processor for the hosting of this website is gridscale GmbH, Oskar-Jäger-Str. 173, 50825 Cologne, Germany. The website is operated within the European Union; no data is transferred to a third country. We have a contract with the provider for data processing in accordance with Article 28 of the GDPR. The legal basis is our legitimate interest in the secure and efficient provision of the website (Article 6(1)(f) of the GDPR).
6. Ways to contact us
You can contact us via the email address provided. If you contact us by email, the personal data you provide will be stored – solely for the purpose of processing your enquiry. The data will not be passed on to third parties.
The legal basis is our legitimate interest in responding to your enquiry (Article 6(1)(f) of the GDPR); if the purpose of the contact is to conclude a contract, Article 6(1)(b) of the GDPR also applies. Please note that emails are generally sent unencrypted.
The data will be deleted as soon as the relevant correspondence has been concluded and the underlying matter has been finally resolved, provided that there are no statutory retention obligations to the contrary.
7. Duration of storage
Personal data is stored only for as long as is necessary to fulfil the relevant purpose or as required by statutory retention periods. Once the purpose no longer applies or the retention period has expired, the data is routinely deleted.
8. Rights of the data subject
If your personal data is being processed, you are a data subject within the meaning of the GDPR and you are entitled to the following rights vis-à-vis the controller. To exercise your rights, simply send an informal message to the contact details provided at the beginning of this document (datenschutz@pathmate.app). We usually respond to enquiries within one month (Article 12(3) of the GDPR).
Your rights at a glance. Under the GDPR, you are entitled to the following rights:
- Right of access (Article 15 GDPR): Confirmation and information regarding the data processed about you, the purposes, recipients, retention period and origin, as well as any transfers to third countries and the safeguards in place for this.
- Rectification (Article 16 GDPR): Rectification of inaccurate data and completion of incomplete data.
- Erasure (Article 17 GDPR): Erasure of your data, provided that no statutory retention obligation or other grounds for exemption prevent this.
- Restriction of processing (Article 18 GDPR).
- Data portability (Article 20 GDPR): Receipt of the data you have provided in a structured, commonly used and machine-readable format, provided that the processing is based on consent or a contract and is carried out by automated means.
- Objection (Article 21 GDPR): The right to object to processing carried out on the basis of Article 6(1)(f) GDPR on grounds relating to your particular situation; and to object to direct marketing at any time.
- Withdrawal of consent (Article 7(3) GDPR): at any time with effect for the future; the lawfulness of processing carried out prior to withdrawal remains unaffected.
- No decisions based solely on automated processing (Article 22 GDPR) with legal or similarly significant effects.
- Right to lodge a complaint with a supervisory authority (Article 77 GDPR).
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes the GDPR. The competent supervisory authorities are:
- for Pathmate Technologies GmbH: State Commissioner for Data Protection and Freedom of Information in Baden-Württemberg (LfDI BW), Lautenschlagerstrasse 20, 70173 Stuttgart, Germany;
- for Pathmate Technologies AG: Federal Data Protection and Information Commissioner (FDPIC/EDÖB), Feldeggweg 1, 3003 Bern, Switzerland.
9. Information for users in Switzerland
As our services are also available in Switzerland, the Swiss Data Protection Act (revDSG) may apply to the processing of your personal data; Pathmate Technologies AG is responsible in this regard. In this case, the provisions of this privacy policy also apply mutatis mutandis within the scope of the revDSG (e.g. “special categories of personal data” correspond to “personal data requiring special protection”; “transfer to a third country” corresponds to “disclosure abroad”).
10. Security
We have implemented comprehensive technical and organisational safeguards to protect your data against accidental or deliberate manipulation, loss, destruction or access by unauthorised persons. Our security procedures are regularly reviewed and adapted to technological progress.
Pathmate reserves the right to amend and update this privacy policy.
Last updated: 26 June 2026 — Version 3.0