Data protection FAQ

Common questions from Legal & Compliance about the axite Tag — the impact-tracking script. For the platform as a whole (hosting, encryption, model handling), see Security & data protection.

What data does the axite Tag collect?

Exclusively text-related performance data: page views, visits, conversion events (e.g. "add to cart"), the displayed text content, and page context (URL path, referrer). No user profiles are created, and no device- or user-related data is collected.

Is personal data processed?

No. The axite Tag focuses on text tracking, not user tracking. IP addresses, which are inevitably transmitted via the TCP/IP protocol, are anonymized immediately on receipt and not stored. Identification of individual users is therefore excluded.

Does the axite Tag need to be in the cookie banner?

No. Under § 25(2) TDDDG no consent is required, because the tag uses only functional / strictly necessary cookies and sets no analytics or marketing cookies. It can therefore be loaded before the cookie banner.

Do we need a Data Processing Agreement (DPA / AVV)?

Since the tag does not collect personal data and IP addresses are anonymized immediately, there is no obligation to conclude a DPA under Art. 28 GDPR. If your legal team would still like a simplified DPA, we provide one on request.

On what legal basis does tracking run without consent?

On the website operator's overriding legitimate interest (Art. 6(1)(f) GDPR) — improving content — combined with strict data minimization. The interest is concrete (measuring and improving content performance), and no more data is processed than necessary: the TCP/IP protocol transmits the IP address, which is then anonymized in memory before any further processing.

Where is the data stored?

All data is processed and stored exclusively on servers within the EU. There is no transfer to third countries.

Is data shared with third parties?

No. axite does not share data with third parties. Processing is carried out solely on behalf of the customer (the website operator), not for our own purposes.

What cookies does the axite Tag set?

Only functional / strictly necessary cookies. For impact tracking, securely hashed session tokens are assigned server-side. The optional personalization function uses a first-party cookie processed exclusively in the user's browser — no personal data is transmitted to the axite Cloud.

How does IP anonymization work?

The full IP address is anonymized immediately on receipt, before any further processing, and never stored in full. Further reduction is not technically possible, since TCP/IP requires the IP address to be transmitted in the first place.

Does our privacy policy need updating?

For transparency we recommend a short notice in your website's privacy policy. A German/English template text is available from your axite contact.

How can a visitor object to tracking?

At any time — e.g. via cookie blockers or browser settings. Because no user-based tracking takes place, this has no impact on website functionality.

Content Hosting — what data is processed?

Content Hosting is an optional premium function where axite serves text content (e.g. product texts) via a CDN, embedded directly on the site, avoiding changes to your CMS or shop. It is pure content delivery — no personal data is processed.

Content Experiments (A/B testing) — are user profiles created?

No. The tag swaps text variants directly in the browser. The variant assignment is stored only in the visitor's browser and is not sent to the server — only the displayed variant is reported to axite, never the assignment criteria.

How does personalization (Motivational Typologies) work?

Visitors are classified by on-site behavior into motivational typologies (e.g. Researcher, Comparer, Buyer, Inspirational). This classification happens entirely in the browser. Only pre-generated text variants are selected; only the decision taken and its effect on text performance is sent to axite. The data is not de-anonymizable.