Skip to main content

GDPR Compliance

All Zeeg data is exclusively stored and processed on servers in Germany.

Written by Fernando Figueiredo
Updated over 6 months ago

Zeeg is built from the ground up as a German scheduling solution for complete compliance with the General Data Protection Regulation (GDPR). Privacy protection isn't just an afterthought—it's a core component of our platform. This article explains why Zeeg meets the highest European data protection standards and how we protect your sensitive scheduling data.

Have questions about Zeeg's GDPR compliance? Contact our Data Protection Officer at dpo@zeeg.me or reach out to our support team.

European hosting in certified data centers

All Zeeg data is exclusively stored and processed on servers in Germany. We use the Open Telekom Cloud, operated by Deutsche Telekom, which meets the highest security standards. Our data centers have the following certifications:

  • ISO 27001 (Information Security)

  • ISO 27017 (Cloud Security)

  • ISO 27018 (Cloud Privacy)

  • C5 Attestation from the German Federal Office for Information Security (BSI)

These certifications guarantee that your data is protected according to the strictest European standards.

Complete GDPR compliance in detail 🇪🇺

Legal basis under Art. 6 GDPR

We only process personal data based on legitimate legal grounds:

  • Contract performance (Art. 6 para. 1 lit. b): For providing scheduling services

  • Legitimate interests (Art. 6 para. 1 lit. f): For technical system optimization and security

  • Consent (Art. 6 para. 1 lit. a): For optional marketing functions

Privacy by Design and by Default

Zeeg follows the principles of "Privacy by Design":

  • Minimal data collection: We only collect data necessary for the service

  • Purpose limitation: Data is used exclusively for its original purpose

  • Automatic deletion: Outdated data is automatically removed

  • Pseudonymization: Where possible, data is anonymized or pseudonymized

Your rights as a data subject

Zeeg guarantees all GDPR rights:

  • Right of access (Art. 15): View all stored data

  • Right to rectification (Art. 16): Correct inaccurate data

  • Right to erasure (Art. 17): "Right to be forgotten"

  • Right to restriction (Art. 18): Block data processing

  • Data portability (Art. 20): Export your data in machine-readable format

  • Right to object (Art. 21): Object to certain processing activities

You can exercise all rights directly through your Zeeg account or by email to our Data Protection Officer.

Technical and organizational measures (TOMs)

Zeeg implements comprehensive security measures:

Encryption

  • TLS 1.3 encryption for all data transmissions

  • AES-256 encryption for data at rest

  • End-to-end encryption for sensitive appointment details

Access controls

  • Multi-factor authentication for all administrators

  • Role-based access control

  • Regular review and updating of permissions

Monitoring and logging

  • Continuous system monitoring

  • Comprehensive audit logs

  • Automatic anomaly detection

Data processing agreement under Art. 28 GDPR

Every Zeeg customer automatically receives a Data Processing Agreement (DPA) under Art. 28 GDPR. This covers:

  • Subject matter and duration of processing

  • Nature and purpose of processing

  • Categories of data subjects and personal data

  • Obligations and rights of the controller

Since all data is processed exclusively in Germany, complicated third-country transfers and additional protective measures are eliminated.

Cookie-free usage possible

Zeeg booking pages can operate completely without cookies:

  • No tracking cookies required

  • Optional analytics only with explicit consent

  • Cookie banner only when cookies are actually used

Transparent privacy policy

Our privacy policy explains in understandable language:

  • What data we collect

  • Why we collect it

  • How long we store it

  • Who we share it with (no one without your consent)

  • How you can exercise your rights

Data Protection Officer and support

Zeeg has an external Data Protection Officer who:

  • Monitors GDPR compliance

  • Serves as a contact for privacy questions

  • Conducts regular privacy audits

Our customer support in Germany understands local data protection requirements and can competently help with GDPR questions.

Regular compliance reviews

Zeeg regularly conducts:

  • Internal privacy audits

  • External security reviews

  • Penetration testing

  • Updates to privacy measures according to new case law

Have questions about Zeeg's GDPR compliance? Contact our Data Protection Officer at dpo@zeeg.me or reach out to our support team.

Related Articles
Legal Links and Data Processing Agreement
Managing your Zeeg CRM
How Company Objects Work
Using Zeeg for recruiting teams
How to Delete Your Zeeg Account
Did this answer your question?