Privacy Policy

Last updated: 9.3.2026

This Privacy Policy explains how we process personal data when you visit our website, contact us, subscribe to our newsletter, or register for our events.

1. Controller and contact

Controller (Art. 4(7) GDPR):
DAIN Studios GmbH
Ritterstrasse 12–14
10969 Berlin, Germany

Data protection contact:
Marco Koehler
privacy(a)dainstudios.com

2. What personal data we process

Depending on how you use the website, we may process:
• Technical and usage data (e.g., IP address, device and browser information, pages visited, timestamps, referrer URL, error logs)
• Contact and form data (e.g., name, email address, company, message contents, and any information you include in free-text fields)
• Newsletter data (e.g., email address; optional name/company; consent and double opt-in confirmation logs)
• Event data (e.g., registration details and attendance/RSVP status, depending on the registration channel)

This website and our services are intended for business users and are not directed at children.

3. Purposes and legal bases

We process personal data for the following purposes and legal bases:
1. Operating, securing, and delivering the website

• Purpose: ensure functionality, stability, security, abuse prevention, and performance
• Legal basis: legitimate interests (Art. 6(1)(f) GDPR)

2. Cookie consent management

• Purpose: store and apply your cookie preferences
• Legal basis: legitimate interests (Art. 6(1)(f) GDPR) and/or necessity to provide the requested service

3. Website analytics

• Purpose: measure website usage and improve content and user experience
• Legal basis: consent (Art. 6(1)(a) GDPR), where required for non-essential cookies/identifiers

4. Handling enquiries and requests (forms, email)

• Purpose: respond to enquiries, provide information, and manage pre-contractual communication
• Legal basis: contract / pre-contract steps (Art. 6(1)(b) GDPR) and/or legitimate interests (Art. 6(1)(f) GDPR)

5. Newsletter

• Purpose: send updates and marketing communications to subscribers
• Legal basis: consent (Art. 6(1)(a) GDPR) via double opt-in

6. Events

• Purpose: registration management and event communication
• Legal basis: contract / pre-contract steps (Art. 6(1)(b) GDPR) and/or legitimate interests (Art. 6(1)(f) GDPR), depending on the event setup

7. Direct B2B marketing (non-newsletter)

• Purpose: communicate about our services, content, and events with business contacts
• Legal basis: generally legitimate interests (Art. 6(1)(f) GDPR), while respecting applicable national rules for electronic marketing and always offering an easy opt-out (see Section 10)

4. Hosting, security, and content delivery

Hosting
Our website is hosted by Linevast. For this purpose, Linevast processes technical data necessary to deliver and operate the website (e.g., IP address, request data, and server log information).

Security and content delivery
We use Cloudflare to support website security, performance optimisation, and content delivery. This may involve processing technical data (including IP address, request metadata, and security-related signals) to protect the website, prevent abuse, and deliver content reliably.

5. Cookies and consent management

We use cookies and similar technologies. A cookie is a small text file stored on your device. Some cookies are necessary for the website to function and for storing your preferences. Others are used for analytics.

We manage cookie preferences using a consent tool (Webtoffee). You can change or withdraw your cookie consent at any time via the “cookie preferences” / “set preferences” link on the website.

6. Website analytics

We use Google Tag Manager to manage tags on our website. Where enabled, we use Google Analytics 4 to measure website usage and understand how visitors interact with our content.

Typical data processed for analytics may include: pages visited, approximate location (derived from IP at a general level), device/browser information, and interactions (e.g., clicks). We use this information in aggregated form to improve our website and marketing.

7. Contact and website forms

All forms on our website are handled via Fluent Forms. When you submit a form, we process the data you provide to handle your request (e.g., replying to an enquiry, providing requested information, or following up on a meeting request).

Please do not submit sensitive information via website forms unless we explicitly request it.

8. Newsletter

If you subscribe to our newsletter, we process your email address (and any optional details you provide) to send the newsletter via Smaily. We use double opt-in: you will receive a confirmation email and only after confirmation will you be subscribed.

You can unsubscribe at any time using the link in each newsletter. After you unsubscribe, we will stop sending the newsletter and will delete or suppress your address for newsletter sending (to ensure we respect your choice).

9. Events

We may organise events using Meetup. If you register or RSVP via Meetup, Meetup processes registration and event participation data under its own terms and privacy information. We also process the data we receive or access for event administration and communication.

Photos, recordings, and event materials

At some events (virtual or in-person), we may take photos or record audio/video for documentation and promotion (e.g., website, social media, recap content). Where required, we will provide event-specific information and choices.

If you do not wish to appear in event media, you can notify us before or during the event. We will make reasonable efforts to accommodate your request.

Sharing with partners / co-hosts

If an event is co-hosted with partners, we may share limited participant information only where necessary to run the event (e.g., attendance lists, logistics, speaker communication). Where this applies, we aim to make this clear at registration or in event communications.

10. Direct marketing (Germany and Finland)

We may contact business professionals using work contact details where the message is relevant to their role (e.g., service updates, invitations, content).

Because we operate mainly in Germany and Finland, practical rules for electronic B2B outreach can differ. Our approach is:
• Germany: we apply a more conservative standard for email outreach and prioritise consent, existing relationships, and clear relevance.
• Finland: we may use role-relevant B2B outreach practices where permitted, while still applying strict relevance and easy opt-out.

In all cases: you can object to direct marketing at any time (see Section 14). If you object, we will stop using your data for direct marketing.

11. Recipients and processors

Depending on the purpose, personal data may be processed by:
• Linevast (website hosting)
• Cloudflare (security/CDN)
• Google Tag Manager and Google Analytics 4 (analytics, where enabled)
• Webtoffee (cookie consent management)
• Fluent Forms (forms)
• Smaily (newsletter)
• Meetup (events)
• Selected IT/website administrators and service providers who support operation and maintenance of the website

We do not sell personal data.

12. International transfers

Some of our service providers may process data outside the EU/EEA (for example in the United States). Where this happens, we rely on appropriate safeguards such as the EU Standard Contractual Clauses (SCCs) and, where applicable, additional technical and organisational measures.

13. Retention

We keep personal data only as long as needed for the purposes described above, for example:
• Server/security logs: retained for a limited period for security and troubleshooting
• Enquiries via forms/email: retained as long as necessary to handle the request and for reasonable follow-up/documentation
• Newsletter data: retained until you unsubscribe (plus minimal suppression data to respect your choice)
• Event data: retained as needed to manage the event and reasonable follow-up, unless longer retention is required

If you want details on retention for a specific processing activity, contact us and we will provide the relevant information.

14. Your rights

Subject to the conditions of the GDPR, you have the right to:
• access (Art. 15)
• rectification (Art. 16)
• erasure (Art. 17)
• restriction (Art. 18)
• data portability (Art. 20)
• withdraw consent at any time (Art. 7(3))
• lodge a complaint with a supervisory authority (Art. 77)

Right to object (Art. 21 GDPR)

If we process your personal data based on legitimate interests, you can object at any time on grounds relating to your particular situation.

If we process your personal data for direct marketing, you can object at any time. If you object, we will stop processing your data for direct marketing.

15. Updates to this policy

We may update this Privacy Policy to reflect changes to our website or processing activities. The “Last updated” date at the top shows when this policy was last revised.

Cookie	Duration	Description
__cfduid	1 month	The cookie is used by cdn services like CloudFlare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information.
ARRAffinity	session	ARRAffinity cookie is set by Azure app service, and allows the service to choose the right instance established by a user to deliver subsequent requests made by that user.
ARRAffinitySameSite	session	This cookie is set by Windows Azure cloud, and is used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session.
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-non-necessary	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Non-necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
elementor	never	This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time.
JSESSIONID	session	The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	1 year	LinkedIn sets this cookie to store performed actions on the website.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
li_gc	5 months 27 days	Used to store consent of guests regarding the use of cookies for non-essential purposes.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
tableau_locale	session	We embed Tableau charts and interactivity on some of our pages. These cookies expire at the end of your session.
tableau_public_negotiated_locale	session	We embed Tableau charts and interactivity on some of our pages. These cookies expire at the end of your session.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Cookie	Duration	Description
_dc_gtm_UA-111640802-1	1 minute	This cookie is used by Google Tag Manager to support Google Analytics on our Sites. It helps us monitor the use and performance of our Sites.
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_ga_JWW0KP3X8Q	2 years	This cookie is installed by Google Analytics 4.
_gat_UA-111640802-1	1 minute	This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
ai_session	30 minutes	This is a unique anonymous session identifier cookie set by Microsoft Application Insights software to gather statistical usage and telemetry data for apps built on the Azure cloud platform.
ai_user	1 year	A unique user identifier cookie, set by Microsoft Application Insights software, that enables counting of the number of users accessing the application over time.
AnalyticsSyncHistory	1 month	Used to store information about the time a sync with the lms_analytics cookie took place for users in the Designated Countries
prism_252943399	1 month	This cookie is used by Active Campaign for site tracking purposes.
visitorId	1 year	By default, the visitor ID is supplied to Coveo UA using the visitor (string) query parameter and kept in the local storage of the user browser. A third-party cookie can also be used to store the visitor ID if the current user browser accepts these kinds of cookies.
WFESessionId	session	These cookies are used by Microsoft Azure Application Insights, which collects site telemetry information, allowing us to analyze how some of our Sites are performing and to perform optimization.
YSC	session	This cookies is set by Youtube and is used to track the views of embedded videos.

Cookie	Duration	Description
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
LinkedIn
muc_ads	2 years	Collects data on user behaviour and interaction in order to optimize the website and make advertisement on the website more relevant.
personalization_id	2 years	Twitter sets this cookie to integrate and share features for social media and also store information about how the user uses the website, for tracking and targeting.

Cookie	Duration	Description
CONSENT	16 years 7 months 20 days 16 hours 15 minutes	No description
GetLocalTimeZone	session	No description
hid	session	No description available.

Privacy Policy

DAIN Studios

Studio HELSINKI

Studio BERLIN

Studio MUNICH