Data protection information

The following data protection information explains which personal data Natango Invest GmbH collects, processes and uses as well as which rights the persons concerned are entitled to with regard to the collection, processing and use of personal data.

The confidentiality and protection of your personal data are particularly important to us. Our guideline for the handling of your data is to create and maintain a basis for trusting business relationships with you as our customer, as an interested party or as any other business partner.

Responsible body for data processing

Natango Invest GmbH (hereinafter referred to as “Natango Invest”, “we” or “us”), Freiherr-vom-Stein-Str. 7, 60323 Frankfurt am Main, Germany, is the responsible body within the meaning of the EU Basic Data Protection Regulation (hereinafter referred to as “DSGVO”) for the processing of your personal data. We are based in Frankfurt am Main.

If you have any questions regarding the use of your personal data by us, please do not hesitate to contact us. You can reach us either via our contact data above or via the e-mail address:

When we collect and process your personal data

We collect and process your personal data in the following situations, among others:

  • if you request information about our services (e.g. via the contact form on our website, by telephone, e-mail or post);
  • if you contact us directly with any other request (e.g. via the contact form on our website, by telephone, e-mail or post);
  • if your personal data is transferred to us by third parties (e.g. customers or other business partners), if and to the extent that your consent has been obtained or you have not objected to the transfer of your data to us in full knowledge of your right to object;
  • if companies within our group of companies transfer your personal data to us in accordance with data protection provisions

For which purposes and on what legal basis do we process your personal data?

We only process your personal data if a legal provision allows us to do so, or if you have consented to the processing of your data. For example

  • 6 Paragraph 1 S. 1 lit. a), Art. 7 DSGVO / Art. 9 para. 2 lit. a), Art. 7 DSGVO in case of your consent. We will process certain data only on the basis of your express and voluntary consent given before. You have the right to revoke your consent at any time with effect for the future.
  • 6 Paragraph 1 S. 1 lit. b) DSGVO for the fulfilment of contracts and pre-contractual measures. This is because we require certain data to initiate or execute contracts. This is in particular your contact data.
  • 6 Paragraph 1 S. 1 lit. c) DSGVO) for the fulfilment of legal obligations. We also have to process certain data from you in order to fulfil our legal obligations (e.g. storage obligations).
  • 6 Paragraph 1 S. 1 lit. f) DSGVO) to protect legitimate interests. However, this only applies if your interests do not predominate in the individual case.

Where your personal data is processed

The processing of personal data takes place exclusively within the EU or the European Economic Area. We do not transfer your personal data to international organizations.

How we protect your data

We take the protection of your data very seriously and maintain current technical measures to ensure data security. Among other things, we use the following measures:

  • Encryption of our website with SSL certificate
  • End-to-end encryption for the most secure e-mail communication possible;
  • Regular review of the technical measures taken and adaptation to the current state of the art.

Despite the measures we have taken, we consider it our duty to inform you that we cannot guarantee absolute protection against unauthorized access during data transmission on the Internet or on a website.

How long we keep your data

For example, we keep your data for the purpose of fulfilling contractual obligations for the duration of the contract as well as for 6 or 10 years, depending on the respective legal storage obligations.

Your rights as a person concerned

If we process your data, you are entitled to certain rights in accordance with the DSGVO and other data protection regulations, which you can assert against us. Your rights as a data subject include:

  • the right to information (Art. 15 DSGVO);
  • the right to rectification (Art. 16 DSGVO);
  • the right to cancellation (Art. 17 DSGVO);
  • the right to limit the processing (Art. 18 DSGVO);
  • the right to data transferability (Art. 20 DSGVO);
  • the right to object to the processing of your data (Art. 21 DSGVO).

If you wish to exercise your rights or have any questions regarding the processing of your data, please do not hesitate to contact us at any time. You will find our contact details above under the heading “Responsible office for data processing“.

Complaints to supervisory authorities

We take our responsibility with regard to the processing of your data, your rights as a data subject and complaints in this regard very seriously. However, if you believe that we do not sufficiently acknowledge your rights and/or concerns, you have the right to file a complaint with an appropriate data protection authority.

The supervisory authority responsible for us is the Hessian Commissioner for Data Protection and Freedom of Information, Postfach 3163, 65021 Wiesbaden.

The contact details of all German supervisory authorities can be found under the following link at the Federal Commissioner for Data Protection and Freedom of Information (BFDI):


Like many other websites, we also use so-called “cookies”. Cookies are small text files that are transferred from a website server to your hard drive. This automatically provides us with certain data such as IP address, browser used, operating system and your connection to the Internet.

Cookies cannot be used to start programs or transfer viruses to a computer. The information contained in cookies enables us to make navigation easier for you and to display our web pages correctly.

Under no circumstances will the data collected by us be passed on to third parties or linked to personal data without your consent.

Of course, you can also view our website without cookies. Internet browsers are regularly set to accept cookies. In general, you can deactivate the use of cookies at any time via the settings of your browser. Please use the help functions of your Internet browser to find out how you can change these settings. Please note that individual functions of our website may not work if you have deactivated the use of cookies.

SSL encryption

In order to protect the security of your data during transmission, we use state-of-the-art encryption procedures (e.g. SSL) via HTTPS.

Contact form

If you contact us with any questions by e-mail or contact form, give us your voluntary consent for the purpose of making contact. For this purpose, a valid e-mail address is required. This is used to assign the request and then answer it. The entry of further data is optional. The information you provide will be stored for the purpose of processing your enquiry and for possible follow-up questions. Personal data will be deleted automatically after your request has been processed.

Use of script libraries (Google Web Fonts)

In order to display our content correctly and graphically appealing across browsers, we use script libraries and font libraries such as Google Web-fonts ( on this website. Google web fonts are transferred to your browser’s cache to avoid multiple loading. If the browser does not support Google Web Fonts or does not allow access, content will be displayed in a default font.

Calling script libraries or font libraries automatically triggers a connection to the library operator. It is theoretically possible – but currently also unclear whether and for what purposes – for the operators of such libraries to collect data.

The privacy policy of the library operator Google can be found here:

Use of Google Maps

This website uses Google Maps API to visually display geographic information. When Google Maps is used, Google also collects, processes and uses data relating to the use of map functions by visitors. For more information about data processing by Google, please refer to the Google Privacy Notice. There you can also change your personal data protection settings in the data protection center.

Detailed instructions on how to manage your own data in connection with Google products can be found here.