Information for Data Subjects (Art. 14 GDPR)

Last updated: May 2026

On this page, we inform persons whose business contact data is processed in our lead database about the processing of their data in accordance with Art. 14 of the General Data Protection Regulation (GDPR). This information is intended for persons who are not customers of the Leadscraper platform themselves, but whose professional and business-related data we process as part of our B2B lead research service.

1. Controller

The controller within the meaning of the GDPR is:
Deimann Com GmbH
Randstraße 75, 22525 Hamburg
Germany
Phone: upon request
Email: info@leadscraper.de
Managing Director: Janik Deimann

2. Contact for data protection matters

For questions regarding the processing of your data or the exercise of your rights, please contact:
datenschutz@leadscraper.de

3. Which data we process

We process only data that relates to a professional context:

  • First and last name in a business function
  • Professional position
  • Business contact details (business email address, business phone number)
  • Company-related information (company name, address, website, industry, size category)

We do not process any data from the private sphere, any sensitive data within the meaning of Art. 9 GDPR, or any data from non-public sources.

4. Where the data comes from

All data is obtained exclusively from publicly accessible sources, in particular:

  • Company websites and legal notices / impressums
  • Public industry and company directories
  • Public registers, such as commercial registers
  • Map services with publicly available business information

5. Purpose of the processing

We collect, structure, verify and make the above-mentioned data available to business customers. These customers use the data under their own responsibility for B2B business development — for example, to contact you regarding your company or a request that is relevant to you in a business context.

6. Legal basis

The legal basis for the processing is Art. 6(1)(f) GDPR (legitimate interest). Our legitimate interest consists in providing a tool for structured business development in the B2B sector. The processed data was actively published in business dealings by you or your company and is limited exclusively to the business context. A detailed explanation of our balancing of interests can be provided upon request.

7. Recipients of the data

Recipients of the data are our business customers, who use the data under their own responsibility for business development. These customers are independent controllers within the meaning of the GDPR and are themselves responsible for any further processing — in particular for making contact.

In addition, we use processors, in particular for hosting in an EU region and for database/backend services, with whom a contract pursuant to Art. 28 GDPR has been concluded in each case. The complete list can be requested at datenschutz@leadscraper.de.

8. Storage period

Datasets that have not been updated or verified for more than 24 months are deleted or anonymised. In the event of an objection pursuant to Art. 21 GDPR, deletion will take place without undue delay, at the latest within 30 days of receipt of the objection.

9. Transfers to third countries

Data processing generally takes place within the European Union. Where, by way of exception, data is transferred to recipients outside the European Economic Area, this is carried out exclusively on the basis of appropriate safeguards pursuant to Art. 46 GDPR, in particular EU Standard Contractual Clauses, or an adequacy decision pursuant to Art. 45 GDPR. For transfers to the USA, where applicable, we rely on the adequacy decision for the EU-US Data Privacy Framework.

10. No automated individual decision-making

No automated individual decision-making with legal effect or similarly significant impairment within the meaning of Art. 22 GDPR takes place.

11. Your rights

You have the following rights against us at any time:

  • Access to the data stored about you (Art. 15 GDPR)
  • Rectification of inaccurate or incomplete data (Art. 16 GDPR)
  • Erasure of your data (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection to processing based on legitimate interest (Art. 21 GDPR)

11.1 Objection (Art. 21 GDPR)

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you. In the event of an objection, we will remove your data from our database without undue delay, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms.

11.2 Easy exercise of your rights

To exercise your rights, an informal message — preferably by email — is sufficient:
datenschutz@leadscraper.de

For identification purposes, please provide your name and your professional reference, such as company or business email address, so that we can reliably locate you in our database. Processing is free of charge and takes place within the statutory deadlines.

12. Right to lodge a complaint

You have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). The authority responsible for us is:
Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
Ludwig-Erhard-Straße 22, 20459 Hamburg
datenschutz-hamburg.de

LeadScraper: AI-powered B2B leads that truly convert. GDPR compliant. Results-driven.

Still have questions? Feel free to contact us at info@leadscraper.uk

Navigation
HomeBenefitsHow it worksIndustries
Knowledge Base
TestimonialsBlogIndustriesFacts
Company
Privacy PolicyCookie PolicyData Subject InformationLegal NoticeTerms
Ask the AI about Leadscraper:
© 2025 LeadScraper – Generate GDPR-compliant B2B Leads with AI Technology. All rights reserved.