1. Overview
Protecting your personal data is of utmost importance to CROMAN Group. This Privacy Policy explains what data we collect when you use our website (cromangroup.com), how we use it, and what rights you have regarding your data. We process personal data exclusively in compliance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
2. Controller
The controller responsible for data processing on this website is:
CROMAN Group
[Street Address]
[Postal Code, City]
Germany
Email: info@cromangroup.com
Phone: +49 176 6315 8812
3. Data We Collect
3.1 Server Log Files
When you visit our website, our hosting provider automatically collects and stores information in server log files, which your browser transmits to us. This includes:
- Browser type and version
- Operating system
- Referrer URL (the previously visited page)
- Hostname of the accessing computer
- Time of the server request
- IP address (anonymised)
This data is not combined with other data sources. The basis for data processing is Art. 6 (1) (f) GDPR, which allows the processing of data to fulfil a legitimate interest, specifically the technically error-free operation and optimisation of our website.
3.2 Contact Forms
When you submit a form on our website (booking request, partner application, or general inquiry), we collect the data you provide, including name, email address, phone number, company details, and any additional information you enter. This data is used exclusively to process your inquiry.
The legal basis for processing this data is Art. 6 (1) (b) GDPR (performance of a contract or pre-contractual measures) and Art. 6 (1) (f) GDPR (legitimate interest in responding to your inquiry).
3.3 Newsletter
If you subscribe to our newsletter, we collect your email address. This data is used solely for the purpose of sending you our newsletter. You can unsubscribe at any time by clicking the unsubscribe link in any newsletter email or by contacting us directly.
The legal basis for processing this data is Art. 6 (1) (a) GDPR (consent).
4. Cookies
Our website uses cookies — small text files stored on your device by your browser. Most cookies we use are "session cookies," which are automatically deleted when you leave our website. Other cookies remain on your device until you delete them.
These cookies allow us to recognise your browser when you next visit. You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie.
The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in the user-friendly design and optimisation of the website).
5. Third-Party Services
5.1 Google Fonts
This website uses Google Fonts for uniform font display. When you open a page, your browser loads the required fonts into its browser cache to display texts and fonts correctly. Your browser connects to Google's servers for this purpose. Google thereby becomes aware that our website was accessed via your IP address.
The use of Google Fonts is based on Art. 6 (1) (f) GDPR (legitimate interest in a uniform and appealing presentation of our website). For more information, see Google's Privacy Policy.
5.2 WhatsApp
Our website contains a link to WhatsApp for direct communication. When you click the WhatsApp button, you are redirected to the WhatsApp platform operated by Meta Platforms Ireland Limited. WhatsApp's own privacy policy applies to any data processed through WhatsApp. We do not transmit any data to WhatsApp from our website; the connection is only established when you actively click the link.
6. Your Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right of access (Art. 15 GDPR) — you may request information about your stored data
- Right to rectification (Art. 16 GDPR) — you may request correction of inaccurate data
- Right to erasure (Art. 17 GDPR) — you may request deletion of your data
- Right to restriction of processing (Art. 18 GDPR) — you may request limitation of data processing
- Right to data portability (Art. 20 GDPR) — you may request your data in a portable format
- Right to object (Art. 21 GDPR) — you may object to data processing based on legitimate interest
- Right to withdraw consent (Art. 7 (3) GDPR) — you may withdraw consent at any time
To exercise any of these rights, please contact us at info@cromangroup.com.
7. Data Security
We use industry-standard technical and organisational security measures to protect your data against accidental or intentional manipulation, loss, destruction, or access by unauthorised persons. Our security measures are continuously improved in line with technological developments.
8. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by legal retention obligations. Contact form data is typically retained for 6 months after the inquiry has been resolved, unless a contractual relationship is established.
9. Right to Lodge a Complaint
If you believe that the processing of your personal data violates data protection regulations, you have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR), in particular in the EU member state of your habitual residence, place of work, or the place of the alleged infringement.
10. Changes to This Policy
We reserve the right to update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The current version is always available on this page.
Last updated: April 2026