Privacy Policy

If you visit this website or use our webapp, some of your personal data will be processed in connection with your visit and with an inquiry to us. “Processing” means, inter alia, the collection, recording, organisation, organisation, filing, storage, adaptation or alteration, use, disclosure by transmission, alignment or deletion of information which also relates to an identified or identifiable natural person (“personal data”). With this privacy policy we would like to inform you about which personal data is collected, processed and/or used in the context of the use of the website.

We would like to point out that data transmission over the Internet (e.g. communication by e-mail) may have security gaps. A complete protection of data against access by third parties is not possible. The security and confidentiality of your data is very important to us. Therefore, we take the utmost care and apply the necessary security standards to ensure the protection of your personal data.

The following privacy policy is intended to inform you in particular about the type, scope, purpose, duration, and legal basis for the processing of such data either under our own control or in conjunction with others. We also inform you below about the third-party components we use to optimize our website and improve the user experience which may result in said third parties also processing data they collect and control.


1. Information on the collection of personal data
2. Your rights
3. Collection of personal data when using our webapp
4. Data processing by the operator(s) of other tools
5. Legal basis of the processing
6. Changes

1. Information on the collection of personal data

(1) In the following we provide information about the collection of personal data when using our website or webapp. Personal data are all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour.
(2) The person responsible in accordance with Art. 4 para. 7 of the EU Data Protection Regulation (EU) 2016/679 (GDPR) is Florian Baum, Yucca Technologies GmbH, Kokkolastraße 5, 40882 Ratingen, Germany (see our imprint). You can reach our data protection officer at or at our postal address with the addition “the data protection officer”.
(3) When you contact us by e-mail or via a contact form, we will store your e-mail address and, if you have provided it, your name and telephone number in order to answer your questions. We delete the data arising in this connection after storage is no longer necessary or – in the case of legal storage obligations – restrict processing.
(4) If we wish to use commissioned service providers for individual functions of our offer or to use your data for advertising purposes, we will inform you in detail about the respective processes below. We will also state the specified criteria for the storage period.

2. Your rights

(1) You have the following rights in relation to the personal data concerning you:
- Right to information, Pursuant to Art. 15, paras. 1 and 2 of the GDPR, you have the right to obtain information about your personal data processed by us. In this context, you also have the right to receive a copy of the personal data processed by us in accordance with Article 15, paragraphs 3 and 4 of the DPA.
- Right of correction or deletion, In accordance with Art. 16 GDPR, you have the right to ask us to correct or complete your personal data. Pursuant to Art. 17, paras. 1 and 3 of the GDPR, you have the right to request that your personal data processed by us be deleted. If we have made this data public, you also have the right, in accordance with Art. 17, paras. 2 and 3 GDPR, to demand that we inform other responsible parties of your request to delete all links, copies or replications of this data.
- Right to object to the processing, Pursuant to Art. 21 paras. 1, 2, 5 and 6 GDPR, you have the right to object to the processing of your personal data by us if this is done for the purpose of direct advertising and/or on the basis of a “legitimate interest” within the meaning of Art. 6 para. 1 sentence 1 letter f) GDPR.
- Right to data portability In accordance with Art. 20 Paragraphs 1 and 2 of the GDPR, you have the right to receive the personal data you have provided us with concerning your person in a structured, common and machine-readable format and to request that we transfer this data directly to another person responsible.
- Revocation of your consent: If you have given us permission to process your personal data, you can revoke this permission at any time, in total or with regard to individual processing purposes, in each case without giving reasons.
(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data in our company.

3. Collection of personal data when using our webapp

(1) When using the app, we collect the personal data described below to enable convenient use of the functions. If you would like to use our webapp, we collect the following data, which is technically necessary for us to offer you the functions of our webapp and to ensure stability and security (legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR):

In general we process and store the following data:
- IP address (in abbreviated anonymous form)
- Date and time of the request
- Content of the request (concrete page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request comes
- Browser
- Operating system and its interface
- Language and version of the browser software.

We collect the following data trough our website:
- Date and time of consent (Consent Management Protocol).

When you use our contact form, we store the following data:
- First name, last name, e-mail address, telephone number (optional), message.

By using our webapp:
- From all users that use the backend/webapp of yuccaHR, we only save the Microsoft Teams ID and authorization type.
- From all employees, that get connected and are targeted by the yuccaHR bot within the Microsoft Teams environment we save store the user ID.
- Created content (text in the matching campaigns) – not necessarily personal, but may be, depending on the use of the webapp.

(2) In addition to the data mentioned above, cookies are stored on your computer when you use our webapp. Cookies are small text files that are stored in the device memory of your mobile device and assigned to the webapp you are using. Cookies allow certain information to flow to the party that sets the cookie (here: us). Cookies cannot execute programs or transfer viruses to your mobile device. They serve to make webapps more user-friendly and effective overall.
This webapp uses the following types of cookies, the scope and functionality of which are explained below:
- Persistent cookies:
Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. You can configure the settings of your mobile operating system and the webapp according to your wishes and, for example, refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all functions of our webapp.

4. Data processing by the operator(s) of other tools

The operator of the other tools uses web tracking methods. The web tracking can also be carried out independently of whether you are logged in or registered on the other´s tool platform. We have no influence on the webtracking methods of the other´s tool platform. For example, we cannot switch them off.
Please be aware that it cannot be ruled out that the provider of the other´s tool platform will use your profile and behavioral data to evaluate your habits, personal relationships, preferences, etc. In this respect I have no influence on the processing of your data by the provider of the other´s tool platform.
More detailed information on data processing by the provider of the other´s tool platform and further options for objection can be found in the provider’s data protection declaration.

Google services

We use the Google services Google Analytics, Google Analytics Remarketing, Google Ads, Google Search Ads 360, Google Tag Manager and Google Forms. These services are provided by Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA, “Google”). Google has its headquarters in the so-called third country USA, which means that a level of data protection equivalent to that in the EU is generally lacking. However, Google is certified under the EU-U.S. Privacy Shield and thus offers an adequate level of data protection in accordance with Art. 45 GDPR.
You can find more information about Google in the Google Privacy Policy:

Google Analytics

Google Analytics uses cookies. The information collected by these cookies is usually sent to a Google server in the USA and stored there. IP anonymization is used on this website. The IP address of the website visitors is shortened. Only in individual cases is the IP address initially transmitted in full to a Google server in the USA and shortened there. By this shortening the personal reference of the IP address is omitted. The IP address transmitted by the browser is not combined with other data stored by Google.
Within the framework of the agreement on commissioned data, which the website operator has concluded with Google Inc., the latter uses the information collected to create an evaluation of website use and website activity and provides associated services.
The data collected by Google on behalf of the website operator is used to evaluate the use of the online offer by individual users, e.g. to create reports on the activity on the website and to improve our online offer.

Google Analytics Remarketing

Google Analytics Remarketing allows you to link the created advertising target groups with the cross-device functions of Google Ads and Google Campaign Manager. In this way, interest-based, personalized advertising messages that have been adjusted on one device depending on the previous usage and surfing behavior of the website visitor can also be displayed on another device of the website visitor. This presupposes that the website visitor has given Google permission to do so. If such consent is given, Google will link the web and app browsing history to the personal Google Account for this purpose.
To support this feature, Google Analytics collects Google-authenticated visitor IDs that are temporarily linked to Google Analytics data to define and create target groups for cross-device advertising.
Visitors who have a Google Account can permanently opt-out of cross-device remarketing/targeting by deactivating personalised advertising in their Google Account (

Google Ads (formerly AdWords) and conversion tracking

In the context of Google Ads, this website uses the so-called conversion tracking. When visitors click on an ad served by Google, a conversion tracking cookie is set. These cookies expire after 30 days and are not used to personally identify site visitors. If the user visits certain pages of this website and the cookie hasn’t expired, we can tell that the user clicked on the ad and was redirected to that page. The information collected using the conversion cookie is used to compile conversion statistics for us as AdWords customers. This tells us the total number of website visitors who clicked on an ad we placed and were redirected to a page with a conversion tracking tag. However, we do not receive any information that personally identifies website visitors.
We use Google AdWords Remarketing to advertise us across the Internet and to advertise on third party websites (including Google) to previous visitors of the website. AdWords remarketing will display ads to Users based on what parts of the our website they have viewed by placing a cookie on the Users’ web browser. It could mean that our advertises to previous visitors who haven’t completed a task on the site or this could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. This cookie does not in any way identify the User or give access to the Users’ computer or mobile device. The cookie is only used to indicate to other websites that the User has visited a particular page on the website, so that they may show the User ads relating to that page. If Users do not wish to participate in Google AdWords Remarketing, they can opt out by visiting Google’s Ads Preferences Manager:

Google Search Ads 360 (formerly DoubleClick Search)

Similar to the previous paragraph; the use of Search Ads 360 allows Google and its partner sites to serve ads based on previous visits to our or other sites on the Internet. The data collected in this context may be transferred by Google to a server in the USA for evaluation and stored there. In contrast to Google Ads, which is limited to the Google Search Network, Google Search Ads 360 enables the exchange of ads and keywords with several supported search engines.

Google Tag Manager

To manage the Google Analytics tracking (see above) we use the Google Tag Manager service. The Google Tag Manager itself does not collect any personal data.

Google Forms

We use the services of Google Forms to conduct surveys. The data collected with a Google Forms form is stored on a cloud storage provided by Google for us, “Google Drive”. Further information on data processing in connection with Google Forms and Google Drive can be found in Google’s data protection information:


We use JOIN to carry out our services by our webapp. Join is brought to you by JOIN Solutions GmbH, Schönhauser Allee 36, 10435 Berlin, Germany.
The data processing by JOIN can essentially be divided into two categories:
- For the purpose of contract processing or for the provision of our platform, all data required for the execution of the platform usage agreement with JOIN is processed. If external service providers are also involved in the processing of the contract, e.g. companies that advertise jobs, optimization services, hosters, CRM tools, etc., your data will be passed on to them to the extent necessary in each case.
- When you access our platform, various information is exchanged between your terminal device and our server. This may also involve personal data. The information collected in this way is used, among other things, to further optimise our offer.
For further information please see JOIN´s privacy polivy:

Microsoft Identity Platform

To authenticate users in our web application we use the Microsoft Identity Platform to identify users with our system. Microsoft Identity Platform is provided by Microsoft Corporation, One Microsoft Way Redmond, Washington 98052-6399. For this purpose, authentication details are securely transmitted to Microsoft.
For further information please see:

5. Legal basis of the processing

(1) We process your personal data in accordance with Art. 6 para. 1 lit. a), b), c) and f) GDPR. This means that we process personal data only if you have given your consent (lit. a)), to the extent necessary for the performance of a contract or pre-contractual measures (lit. b)), if we are legally obliged to do so (lit. c)) or if we have a legitimate interest in the processing (lit. f)).
(2) In the following reasons and purposes are given for processing your data:
- To personalize the experience.
- To improve our website.
- To identify someone as a contractor.
- To enable a quick registration.
- To set up a primary communication channel.
- To enable the automated handling of subscriptions.
- To create and display cookie statements for end users and store and display scan reports for you.
- To send emails at certain intervals (The email address you provide for order processing can be used to send you information and updates regarding your order. In addition, if you have accepted, you will occasionally receive company news, updates, information about related products or services, etc.). If at any time you wish to unsubscribe from receiving future emails, you can cancel your account by clicking “Delete My Account” after logging in.

6. Changes

We reserve the right to change this privacy policy at any time in accordance with the applicable data protection regulations.

See how to get your people connected in just seconds

Book demo