Privacy Policy – Product Calvah


The contractual language is German. German law shall apply exclusively. The German version of the translation and privacy policy shall prevail. The English version is for information purposes only.

Calvah, a product of Kollektiv MFG GmbH 

The responsible party within the meaning of the EU General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is: 


Kollektiv MFG GmbH  

Represented by the management: Jennifer Meier and Susann Fischer 

Papierstrasse 1, 13409 Berlin, Germany 

E-mail address: 

Commercial register: HRB 238358 B

Registergericht: Charlottenburg Local Court 

VAT-IdNr: DE351406839 


General information 

When you use Calvah, a product of Kollektiv MFG GmbH (hereinafter referred to as Kollektiv MFG, we, our) or interact with Kollektiv MFG GmbH’s product Calvah, we process personal data about you in order to provide you with access to Calvah and to offer you an improved experience and support. This includes collecting, recording, using, transferring, storing, sharing and deleting your data. 

This Privacy Policy describes how Kollektiv MFG GmbH processes your data for the use of Calvah and explains the choices you have regarding your data. Please note that this Privacy Policy does not apply to the processing of your data by third parties when you use the integrated services of third parties available through our services. Please visit these third parties’ websites for more information about their privacy practices (e.g., data transfer for email communications and data transfer for support requests). 


We collect and use the personal information described below to provide Calvah to you in a reliable and secure manner. In addition, we collect and use personal data for our legitimate business needs. We process your personal data in compliance with the relevant provisions of the EU Data Protection Regulation (DSGVO), the German Federal Data Protection Act (BDSG) and all other applicable laws. 

The collection and use of personal data is generally only carried out with your consent. An exception applies if consent is not possible for actual reasons and the processing of the data is permitted by legal regulations. 

We collect personal data (individual details about personal or factual circumstances of a specific or identifiable natural person) only to the extent provided by you. 

Where we use third party services to provide our services, we take appropriate legal precautions and technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal requirements. 

This may involve transferring personal data to servers located outside the EU or to trusted third parties located outside the EU. You should be aware that many countries do not offer the same legal protection for personal information as you enjoy in the EU. While your personal information is located in another country, it may be accessed by courts, law enforcement and national security authorities of that country in accordance with its laws. Subject to your explicit consent or contractually or legally required transfers, we will only process or allow the processing of data outside the EU in third countries with a recognised level of data protection, contractual obligations through so-called standard data protection clauses of the EU Commission in the presence of certifications or binding internal data protection regulations (Art. 44 to Art. 49 DSGVO).  

As new technologies and the constant further development of this website may result in changes to this data protection declaration, we recommend that you read through the data protection declaration again at regular intervals. Definitions of the terms used (e.g. “personal data” or “processing”) can be found in Art. 4 DSGVO. 


1. To whom our data protection declaration applies. 

Once companies or individual users are subject to our SaaS License Agreement or Enterprise Framework Agreement for the use of Calvah, Kollektiv MFG acts as a service provider (processor) to process personal data on behalf of or at the instruction of the client. The Privacy Policy also applies to Unlicensed Users (individuals invited by Licensed Users to use Calvah, agree to the Privacy Policy and use Calvah). Our customers and users usually belong to a company or organization, they are the data controllers. They make decisions about the data they provide to Kollektiv MFG when using Calvah. In all other cases, Kollektiv MFG is responsible for the data. 

Calvah can be used by companies as well as by individual users. If you use Calvah through your company, public entity or with your business email address, the Calvah administrator of your company or public entity is responsible for the accounts associated with that company or entity and may: restrict, suspend or terminate your access to or authorisation to use the Services, access data about you, access or store data held by us (including the content of your meetings, meeting statistics and log data about your use of Calvah) and restrict your authority to process, restrict, amend or delete data relating to your use of our products and services. 

2.What sources and data do we receive and process? 

Kollektiv MFG processes data that we receive directly from you, that is collected automatically when you use Calvah or visit one of our websites, as well as data collected by Kollektiv via third parties (e.g. support requests via a third-party platform).


Data that Kollektiv MFG receives directly from you  

Account information: Data that Kollektiv MFG needs to create a Calvah account for you, facilitate payment transactions and manage your ability to sign in and out of Calvah. This includes:  

  • Identifiers (such as first and last name and email address).  
  • Your password for Calvah (hashed)  
  • User ID – data related to a third party identity authentication provider  
  • Billing data (such as name, address and phone number) 
  • Financial data (such as credit card information collected by our payment processors on our behalf)  
  • Contract information and number of licenses selected 

Your content: This is data that you provide to us through your use of Calvah. This includes data you provide as part of the meeting planning process (e.g. objectives, descriptions, links to further information, data you provide in written feedback during a meeting). Any other data you provide in the course of using Calvah that identifies or can reasonably be associated with you. Profile-related data (such as email, profile picture, name, gender pronouns, occupation or employment details such as your job title or role in your company) and other data that you provide to describe yourself and that is only collected when you provide it. As a meeting organizer, you also have the option to create profiles for meeting participants inside and outside your organization. If you do so, we will store these contact details and user ID on our server. 

Use without an account: If you use Calvah without registering, you are a so-called “anonymous user”. In addition to the data required for server operation, only your feedback and the Meeting Organizer’s name and pronoun will be saved. When saving the contribution, this string is then loosely saved with the contribution. There is no assignment to an identity. By sending your feedback, you agree to the storage. Since we cannot later trace who wrote the contribution, you have no right to delete it, since there is no proof of authorship. 

Usage information: We collect information about how you use Calvah. This includes actions you take in your account (e.g. creating and editing meetings, using the meeting timer, viewing statistics). We use this information to provide, improve and market our services and to protect Calvah users.  

Cookies: We use so-called session cookies on our pages. Session cookies are technically necessary cookies that ensure the basic functionality of the website. Cookies are data packets that your browser stores in your end device at our instigation. Session cookies are temporary and are valid until the user logs out or until the lifetime of the cookie is reached. Other cookies are not used. 

After leaving our website, the cookies remain stored on your terminal device and enable us to recognise your internet browser on your next visit.  

You can set your internet browser so that you are informed when cookies are set and decide individually whether to accept them or generally exclude the acceptance of cookies for certain cases. Cookies that have already been stored can be deleted at any time. This can be done automatically. If you do not accept cookies, the functionality of our website may be limited. 

Device information: We collect data from and about the devices you use to access Calvah. This includes IP addresses, the type of browser and device you use and the identifiers associated with your devices. Depending on your device settings, your devices may also transmit location data to the Services. For example, we use device information to identify misuse and to detect and correct errors. 

Data from communications with Kollektiv MFG: Other data you may provide to us when you interact with Kollektiv MFG in other ways. This includes, for example, data from emails you forward to mail addresses of or You may voluntarily provide us with data when you interact with us, such as when you interact directly with Kollektiv MFG staff, such as our sales, support or research groups. Kollektiv MFG may process: Your enquiry, questions and feedback that you submit to us via forms or email. Data you provide in connection with sweepstakes, contests or research studies run by Kollektiv MFG if you choose to participate, data to verify your identity, your audio and video data if you participate in a sales call or user research study and do not opt out of having the calls recorded. 

3. Use of your data  

Kollektiv MFG processes your data to perform our contracts with you (Art. 6 para. 1 sentence 1, lit. b DSGVO). The purposes of the data processing depend in detail on the basis of the contract. Kollektiv MFG uses your data to provide Calvah and related services, to communicate with you, to process transactions when you change your Calvah plan, to maintain security and prevent fraud, and to comply with legal requirements. 

Data access: Within our organization, your personal data will only be disclosed to those individuals and bodies who need it to fulfill our contractual and legal obligations. In addition, the following bodies may receive your data (if necessary): the tax advisor for advice on tax matters and the auditor for the preparation of the annual financial statements. 

Contractual warranties: providing services to you and operating our business; maintaining, providing and improving our products and services; improving our understanding of user interests and needs so that we can tailor Calvah for you; and analyzing and evaluating how you interact with our websites and Calvah.  

Contacting us for support, communications etc: We use information about your use of Calvah to:  

  • Account information (e.g. your email address and name).  
  • Data related to integrated third-party services to contact you about Calvah (by phone, text message, email or chat)  
  • To share notices and updates, product changes and other necessary communications such as security and fraud alerts, and to provide webinars or public presentations and demonstrations of Calvah and to gather your opinions through surveys, research studies and questionnaires.  
  • Providing support, obtaining feedback, responding to your requests for information.  
  • Helping you identify and resolve issues with your account and answering your questions. 

Enabling reporting and analysis of Calvah’s performance: we may aggregate and/or anonymise data relating to your use of Calvah (for example, how many meetings you have created or the average meeting duration) so that such data can no longer be associated with you or your device. We may use such aggregated and anonymised data for any purpose, including, but not limited to, research and marketing purposes, and may also share such data with third parties, including advertisers, sponsors, event organizers and/or others.  

Law and order and public interest: In individual cases, we process your data to protect legitimate interests of us or of third parties (e.g. public authorities). This applies in particular to the investigation of criminal offenses (legal basis Art. 6 para. 1 sentence 1 lit. f DSGVO in conjunction with § 26 para. 1 sentence 2 BDSG) or the exchange of data within the group for administrative purposes or to protect Kollektiv MFG from fraud or abuse. 


4. How we protect our users’ data 

The protection of your data: Is secured by SSL encryption (https), storage of encrypted passwords, regular updating of the website. 

Retention of your data: Through your registered account, we retain stored information from you as follows:  

  • for as long as your account exists or we need it to provide the Services to you
  • After your account has been deleted, all personal data – if applicable – will first be stored in accordance with tax and commercial law retention periods and then deleted after expiry of the period, unless you have consented to further processing and use. On the other hand, we initiate the deletion of this information after 30 days. 

Please note:  

  1. It may take some time to delete this information from our servers and from our backup; and  
  1. We may retain this information as necessary to comply with our legal obligations, resolve disputes or enforce our contracts. 
  1. Where we store and process our users’ data 

Kollektiv MFG engages third party sub-processors to assist in the provision of services to our clients:in. A sub-processor is a third party processor engaged by Kollektiv MFG to receive data from Kollektiv MFG and process personal data on behalf of our clients. 

Third Party Processor List  

Sub-processors of Kollektiv MFG 



Type of sub-processing 


Hetzner Online GmbH 

Cloud Service Provider



Payment Service Provider



Payment function. We have integrated the online payment service provider Stripe to process the payment for the fulfillment of the contract. Stripe offers the option of processing payments via credit cards.   

If you select payment via Stripe, the payment data you enter (name, purchase amount, e-mail, bank details) will be transmitted to Stripe. By selecting this payment option, you consent to the transmission of your personal data required for payment processing.  

The transmission of your data to Stripe is based on Art. 6 para. 1, sentence.1 lit. a DSGVO and Art. 6 para. 1, sentence.1 lit. b DS-GVO. You have the option to revoke your consent to data processing at any time. A revocation does not affect the validity of past data processing operations. This also applies to personal data that must be processed, used or transmitted for the purpose of processing payments.  

The transfer of the data is for the purpose of payment processing and fraud prevention.  

We will also transfer other personal data to Stripe if there is a legitimate interest for the transfer. The personal data exchanged between us and Stripe may be transferred by Stripe to credit reference agencies. The purpose of this transfer is to check your identity and creditworthiness. Stripe may share your personal data with affiliates and service providers or subcontractors to the extent necessary to fulfill its contractual obligations or to process data on its behalf.  

The transfer of personal data to third countries is based on the standard contractual clauses approved by the EU Commission.  

You can access Stripe’s privacy policy, which you accept by using credit card payment via Stripe, at the following link:  

Hosting of the Calvah website is hosted on servers of Hetzner Online GmbH in Germany. For further information, please refer to the website of Hetzner Online GmbH (  

We have concluded a data processing contract with Hetzner Online GmbH, which protects our customers and obliges Hetzner not to pass on the collected data to third parties. 

Information on data transfer to the USA and other third countries 

Among others, we use the service provider stripe, which is based in the USA. Your personal data may be transferred to these third countries and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as the data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities. 

We require your express consent to transfer data to the USA (legal basis Art. 49 para. 1 sentence 1 lit. a DSGVO).  


In the context of a possible restructuring, a merger, a takeover or a sale of our assets, your data may be transferred. In this case, we will inform you of this, for example by email to the address linked to your account, and explain all your options.  

We reserve the right to change this privacy policy from time to time. The current version is available on our website. If any change materially restricts your rights, we will notify you.

What rights do I have? 

You have the following rights in relation to us in respect of personal data relating to you: 

  • Right to information 
  • Right of revocation 
  • Right to rectification or deletion 
  • Right to restriction of processing 
  • Right to object to processing 
  • Right to data portability 

If you are dissatisfied with how we handle your data, you can lodge a complaint with the relevant data protection supervisory authority.  

Get in touch!

We are looking forward to your message.

   +49 176 14670876

7 + 1 =