Privacy Policy
Note: This is the English translation of our German privacy policy ("Datenschutzerklärung"). In case of discrepancies, the German version prevails.
A4VR GmbH
Agency for Virtual Reality
Inselstraße 34
40479 Düsseldorf
Germany
Represented by the managing directors Michael Albrecht and Jan Thiel
Phone: +49 211 8694 3684
Email: jt@flamecoach.de
Website: [DOMAIN OF THE PARTNER MICROSITE — insert before go-live]
Commercial register: Amtsgericht Düsseldorf, HRB 74836
VAT ID: DE815576046
A data protection officer has not been appointed, as the legal requirements for such an appointment are not met. Please direct any data protection inquiries to the contact details stated in Section 1.
3. General Information and Legal Bases
We process personal data only to the extent necessary to provide this website, to handle inquiries, to operate the Flamecoach partner program, to initiate and perform business relationships, or on the basis of consent.
Art. 6(1)(a) GDPR where consent has been given.
Art. 6(1)(b) GDPR for pre-contractual measures and the performance of a contract.
Art. 6(1)(c) GDPR for compliance with legal obligations.
Art. 6(1)(f) GDPR to safeguard legitimate interests, in particular the secure operation of the website, the handling of business inquiries and the documentation of sales activities.
4. Hosting and Server Log Files
When you access the website, data such as IP address, date and time, requested page or file, referrer URL, browser, operating system, transferred data volume and technical error messages may be processed. This processing serves the technically reliable provision, security, error analysis and prevention of misuse of the website. The legal basis is Art. 6(1)(f) GDPR.
Hosting provider: Hostinger International Ltd., 61 Lordou Vironos Street, 6023 Larnaca, Cyprus (servers located within the EU).
Retention period for server logs: 14 days, unless a longer retention is required for security reasons.
5. Cookies and Similar Technologies
Technically necessary cookies and comparable technologies may be used to enable basic functions, security, form transmission and language settings. Where access to your device is strictly necessary, it is based on Section 25(2) of the German TDDDG. Non-essential analytics, marketing or tracking technologies are used only with your prior consent pursuant to Section 25(1) TDDDG and Art. 6(1)(a) GDPR.
A consent management platform is currently not in use, as this website does not use any cookies or tracking technologies requiring consent.
6. Contact and Forms
If you contact us by email, phone or via a form, we process in particular your name, company, role, business contact details, the content of your inquiry and information about your product or partnership interest. The processing serves the handling of your inquiry. The legal basis is Art. 6(1)(b) GDPR where the inquiry relates to pre-contractual measures or a contract, and otherwise Art. 6(1)(f) GDPR.
7. HubSpot CRM, Forms and Meeting Scheduling
We may use HubSpot services for contact forms, CRM, meeting scheduling, the assignment of inquiries to partners, the documentation of sales activities and the organization of demonstrations.
Provider: HubSpot Ireland Limited, 2nd Floor, 30 North Wall Quay, Dublin 1, Ireland.
Data processed may include name, company, role, business contact details, product interest, appointment and communication data, partner assignment, processing status and technical log data.
The legal basis is Art. 6(1)(b) GDPR for contract-related inquiries and otherwise Art. 6(1)(f) GDPR.
To the extent HubSpot uses non-essential cookies or tracking, these are activated only with consent.
HubSpot processes data on the basis of a data processing agreement. Transfers to third countries take place only in accordance with Art. 44 et seq. GDPR, in particular on the basis of an adequacy decision or standard contractual clauses.
HubSpot functions actually in use: forms (transmission of inquiries via the HubSpot Forms API), meeting scheduling (HubSpot Meetings) and CRM. No HubSpot tracking code is embedded on this website.
Deletion period for unsuccessful prospects: 24 months after the last substantive contact.
8. Meeting Scheduling
When you book a call or demonstration, we process in particular your name, business email address, company, selected time slot, reason for the meeting, voluntary messages and technical log data. The legal basis is Art. 6(1)(b) GDPR where the booking serves the initiation of a contract, and otherwise Art. 6(1)(f) GDPR.
Scheduling service in use: HubSpot Meetings (HubSpot Ireland Limited, 2nd Floor, 30 North Wall Quay, Dublin 1, Ireland). For video conferences we use Zoom — provider: Zoom Video Communications, Inc., 55 Almaden Boulevard, San Jose, CA 95113, USA; the contracting entity for the EEA is Zoom Video Communications B.V., Netherlands. Transfers to the USA are based on the adequacy decision for the EU-U.S. Data Privacy Framework and supplementary standard contractual clauses.
9. Application and Participation in the Flamecoach Partner Program
When you apply for or inquire about the partner program, we process in particular your name, company, address, position, website, fields of activity, target region, sales, demo and service competencies as well as communication and appointment data. The processing serves the review, initiation and, where applicable, performance of a partnership. The legal basis is Art. 6(1)(b) GDPR; Art. 6(1)(f) GDPR may additionally apply to the selection of suitable and reliable partners.
Deletion period where no partnership is concluded: 12 months.
10. Lead Registration by Flamecoach Partners
Authorized Flamecoach partners may register potential business customers via a form, partner portal or other electronic procedure provided by Flamecoach. Not every partner receives their own HubSpot account for this purpose.
Data processed may include company, contact person, business role and contact details, product or project interest, information on prior contact, planned demonstrations, the responsible partner and the processing status.
If a partner transmits your data to us, the information originates from that partner. The processing serves the handling of the business inquiry, assignment, contact, organization of a demonstration and possible contract initiation.
The legal basis is Art. 6(1)(b) GDPR where the processing is based on an inquiry or potential contractual relationship, and otherwise Art. 6(1)(f) GDPR.
Partners generally only have access to data they registered themselves, that is assigned to them or that has been expressly released to them. Access to data of other partners or to unassigned existing Flamecoach customers is not intended.
Flamecoach and the respective partner generally act as independent controllers, each determining the purposes and means of their own processing. Where joint controllership exists in an individual case, it is governed separately in accordance with Art. 26 GDPR.
Retention period for unsuccessful leads: 24 months after the last substantive contact.
11. Product Demonstrations, Events and Training
For registrations for demonstrations, events or training sessions, we process in particular name, company, role, business contact details as well as appointment and organizational data. The legal basis is Art. 6(1)(b) GDPR for contract-related processes and otherwise Art. 6(1)(f) GDPR. Photo, video or audio recordings are made only on a separate legal basis and after appropriate information.
12. Analytics, Marketing and External Media Services
We currently do not use any analytics, marketing or external media services on this website.
Should such services be used in the future, this will only occur with prior consent; this policy will then be supplemented with the provider, purpose, data categories, retention period, withdrawal options and any third-country transfers.
13. Recipients and Processors
Where necessary, personal data may be transferred to hosting and IT service providers, CRM and communication providers, calendar services, authorized Flamecoach partners, sales and service partners, logistics providers, banks, tax advisors, auditors, legal advisors, authorities and, in the event of a restructuring, to affiliated companies or legal successors. Where required, data processing agreements pursuant to Art. 28 GDPR are concluded with processors.
14. Third-Country Transfers
Certain IT, CRM, analytics or communication services may involve processing outside the European Union or the European Economic Area. Transfers take place only under the conditions of Art. 44 et seq. GDPR, in particular on the basis of an adequacy decision, appropriate safeguards such as standard contractual clauses, or a statutory exception.
15. Retention Period
We store personal data only for as long as necessary for the respective purpose. Beyond this, statutory commercial and tax retention obligations, contractual lead protection periods, statutory limitation periods and the necessity to establish, exercise or defend legal claims may justify longer storage. Once the purpose ceases to apply and the relevant periods have expired, the data is deleted or anonymized.
16. Data Security
We take appropriate technical and organizational measures to protect personal data. These include in particular encrypted data transmission, role and authorization concepts, restricted partner access, data backups, logging of security-relevant events and organizational confidentiality obligations.
17. Your Rights
Subject to the statutory requirements, you have in particular the right of access, rectification, erasure, restriction of processing and data portability. You may withdraw any consent given at any time with effect for the future.
Right to object: You may object to processing based on Art. 6(1)(e) or (f) GDPR on grounds relating to your particular situation. You may object to processing for direct marketing purposes at any time without stating reasons.
18. Right to Lodge a Complaint
You have the right to lodge a complaint with a data protection supervisory authority. The authority responsible for our registered office is the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia (Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen), Kavalleriestraße 2–4, 40213 Düsseldorf, Germany. You may also contact the supervisory authority of your habitual residence, place of work or the place of the alleged infringement.
Access-Restricted Partner Area
Access to this website is provided via personal access codes issued to selected prospects. When you use the site, we log — associated with your access code — in particular logins, pages and page sections viewed, use of interactive features (e.g. the points calculator), clicks on contact and booking elements, time spent, IP address and browser information. This processing serves the support of prospects in the context of initiating a partnership, needs-based follow-up and the prevention of misuse. The legal basis is Art. 6(1)(b) GDPR and otherwise Art. 6(1)(f) GDPR. Usage data is deleted no later than 24 months after the last substantive contact.
19. Changes to this Privacy Policy
We may amend this privacy policy if legal requirements, our website, the services used or our processing operations change. The version published on the website at the relevant time applies.
As of: July 2026