As of: 13.07.2025

We are very delighted that you have shown interest in our Leaplytics Gantt Chart Power BI Visual. Data protection is of a particularly high priority for the management of LeapLytics GmbH.

Complete Data Independence: Our Power BI visual operates completely independently within your Power BI environment. We do not receive, collect, store, or have access to any data from the visual. All data processing occurs locally within Power BI, and no information is transmitted to LeapLytics GmbH.

The use of our Power BI visual is possible without any indication of personal data; however, if a data subject wants to use special enterprise services via our website or support channels, processing of personal data could become necessary. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain consent from the data subject.

The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be inline with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to us. By means of this data protection declaration, our enterprise would like to inform the general public of the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed, by means of this data protection declaration, of the rights to which they are entitled.

As the controller, we have implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through our Power BI visual and associated services. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed. For this reason, every data subject is free to transfer personal data to us via alternative means, e.g. by telephone.

Definitions

The data protection declaration of LeapLytics GmbH is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used.

In this data protection declaration, we use, inter alia, the following terms:

a) Personal data

Personal data means any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) Data subject

Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.

c) Processing

Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) Controller or controller responsible for the processing

Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

e) Consent

Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Name and Address of the Controller

Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:

LeapLytics GmbH
Stefan Preusler & Dominik Galsheimer
Teutonenweg 18
63128 Dietzenbach
Deutschland

E-Mail: info@leaplytics.de
UST-ID/Tax-ID: DE344747402

Power BI Visual Operation

Nature of Our Power BI Visual

Our Leaplytics Gantt Chart Power BI Visual is a data visualization component that operates entirely within Microsoft Power BI. The visual processes data locally within your Power BI environment to create interactive Gantt chart visualizations for project management and timeline analysis.

Independent Operation Within Power BI

When you use our Power BI visual:

1. Local Processing Only: The visual processes your data entirely within your Power BI environment
2. No Data Transmission to LeapLytics: No data from the visual is transmitted to LeapLytics GmbH servers or systems
3. Microsoft Infrastructure Only: All processing occurs on Microsoft's Power BI infrastructure
4. Complete Data Independence: LeapLytics GmbH does not receive, access, or store any data from your use of the visual

Data Processing Scope

Important Clarification: LeapLytics GmbH does not process any data from the Power BI visual itself. The visual operates independently within your Power BI environment, and we have no access to:

• Your project data (tasks, timelines, dependencies, resources)
• Visual configuration settings (colors, formatting, layout options)
• Usage patterns or analytics
• Any information about your use of the visual

Legal Basis for Visual Operation

The visual operates under your existing Microsoft Power BI license and terms of service. LeapLytics GmbH does not process any personal data through the visual functionality itself.

Microsoft Power BI Integration

Data Processing by Microsoft Only

When you use our visual within Power BI:

• Microsoft Corporation processes all data through their Power BI service according to their privacy policy
• LeapLytics GmbH provides only the visual software component and does not process any user data
• All data processing is governed exclusively by Microsoft's Privacy Policy for the visual functionality

Microsoft's Sole Role in Data Processing

For information about how Microsoft processes your data within Power BI, please refer to:

• Microsoft Privacy Statement: https://privacy.microsoft.com/privacystatement
• Microsoft Power BI Privacy: https://powerbi.microsoft.com/privacy/

Note: LeapLytics GmbH is not involved in any data processing related to your use of the Power BI visual.

Website and Support Services

Collection of General Data and Information

Our website collects a series of general data and information when a data subject or automated system calls up the website. This general data and information are stored in the server log files. Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the sub-websites, (5) the date and time of access to the Internet site, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) any other similar data and information that may be used in the event of attacks on our information technology systems.

When using these general data and information, LeapLytics GmbH does not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack.

Contact Possibility via the Website

Our website contains information that enables a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.

Hosting

The hosting services used by us serve the provision of the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services as well as technical maintenance services which we use for the purpose of operating our online services.

We or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors of our online services on the basis of our legitimate interests in the efficient and secure provision of these services in accordance with Art. 6 Para. 1 lit. f GDPR i.V.m. Art. 28 GDPR (conclusion of a contract for the processing of orders).

No Data Collection from Visual

LeapLytics GmbH does not collect, receive, or have access to any data through the Power BI visual, including:

• No usage analytics or telemetry data
• No user behavior information
• No performance metrics or diagnostic data
• No project data (tasks, timelines, dependencies, milestones, resources)
• No visual configuration settings (colors, formatting, layout preferences)
• No information about visual usage patterns

The visual operates as a completely independent software component within your Power BI environment. All data remains within Microsoft's Power BI infrastructure and is never transmitted to LeapLytics GmbH.

Routine Erasure and Blocking of Personal Data

The data controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject to.

If the storage purpose is not applicable, or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data are routinely blocked or erased in accordance with legal requirements.

Rights of the Data Subject

a) Right of confirmation

Each data subject shall have the right granted by the European legislator to obtain from the controller the confirmation as to whether or not personal data concerning him or her are being processed. If a data subject wishes to avail himself of this right of confirmation, he or she may, at any time, contact any employee of the controller.

b) Right of access

Each data subject shall have the right granted by the European legislator to obtain from the controller free information about his or her personal data stored at any time and a copy of this information. Furthermore, the European directives and regulations grant the data subject access to the following information:

• the purposes of the processing;
• the categories of personal data concerned;
• the recipients or categories of recipients to whom the personal data have been or will be disclosed;
• where possible, the envisaged period for which the personal data will be stored;
• the existence of the right to request rectification or erasure of personal data;
• the existence of the right to lodge a complaint with a supervisory authority;
• where the personal data are not collected from the data subject, any available information as to their source;
• the existence of automated decision-making, including profiling

c) Right to rectification

Each data subject shall have the right granted by the European legislator to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

d) Right to erasure (Right to be forgotten)

Each data subject shall have the right granted by the European legislator to obtain from the controller the erasure of personal data concerning him or her without undue delay, and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies, as long as the processing is not necessary:

• The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
• The data subject withdraws consent and where there is no other legal ground for the processing.
• The data subject objects to the processing and there are no overriding legitimate grounds for the processing.
• The personal data have been unlawfully processed.
• The personal data must be erased for compliance with a legal obligation.

e) Right of restriction of processing

Each data subject shall have the right granted by the European legislator to obtain from the controller restriction of processing where one of the following applies:

• The accuracy of the personal data is contested by the data subject.
• The processing is unlawful and the data subject opposes the erasure of the personal data and requests instead the restriction of their use.
• The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for legal claims.

f) Right to data portability

Each data subject shall have the right granted by the European legislator, to receive the personal data concerning him or her, which was provided to a controller, in a structured, commonly used and machine-readable format, and to transmit those data to another controller without hindrance.

g) Right to object

Each data subject shall have the right granted by the European legislator to object, on grounds relating to his or her particular situation, at any time, to processing of personal data concerning him or her, which is based on point (e) or (f) of Article 6(1) of the GDPR.

LeapLytics GmbH shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject.

h) Right to withdraw data protection consent

Each data subject shall have the right granted by the European legislator to withdraw his or her consent to processing of his or her personal data at any time.

If the data subject wishes to exercise the right to withdraw the consent, he or she may, at any time, contact any employee of LeapLytics GmbH.

Legal Basis for the Processing

Important: The following legal basis applies only to our website and support services, as LeapLytics GmbH does not process any personal data through the Power BI visual itself.

Art. 6(1) lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case for inquiries concerning our products or services, the processing is based on Article 6(1) lit. b GDPR. The same applies to such processing operations which are necessary for carrying out pre-contractual measures, for example in the case of inquiries concerning our products or services.

Finally, processing operations could be based on Article 6(1) lit. f GDPR. This legal basis is used for processing operations which are not covered by any of the abovementioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

The Legitimate Interests Pursued by the Controller

Note: This section applies only to our website and support services, as we do not process any personal data through the Power BI visual itself.

Where the processing of personal data is based on Article 6(1) lit. f GDPR our legitimate interest is to:

• Provide customer support and technical assistance through our website and support channels
• Carry out our business in favor of the well-being of all our employees and shareholders

Period for Which Personal Data Will Be Stored

For Power BI Visual: LeapLytics GmbH does not store any personal data related to your use of the Power BI visual, as we do not receive or collect any data from the visual.

For Website and Support Services Only: If you contact us through our website or support channels, the criteria used to determine the period of storage of personal data is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment of the contract or the initiation of a contract.

Existence of Automated Decision-Making

As a responsible company, we do not use automatic decision-making or profiling in our Power BI visual or related services.

Third-Party Services

Microsoft Power BI Platform

Our visual operates within Microsoft Power BI. Please refer to Microsoft's privacy policy for information about their data processing practices:

• Microsoft Privacy Statement: https://privacy.microsoft.com/privacystatement

Note: Our visual does not integrate with any third-party analytics or data collection services beyond the Microsoft Power BI platform itself.

Contact Information for Privacy Matters

For any questions regarding this privacy policy or the processing of your personal data, please contact:

LeapLytics GmbH
Data Protection Officer
Teutonenweg 18
63128 Dietzenbach
Deutschland

E-Mail: [Privacy Email Address]

Changes to This Privacy Policy

We reserve the right to update this privacy policy to reflect changes in our data processing practices or legal requirements. We will notify users of material changes through appropriate channels.

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

Summary: Complete Data Independence

Power BI Visual: Our Leaplytics Gantt Chart Power BI Visual operates with complete data independence. LeapLytics GmbH does not receive, collect, store, access, or process any data through the visual. All data processing occurs within your Power BI environment under Microsoft's privacy policies.

Website/Support Only: This privacy policy primarily addresses data processing that may occur if you contact us through our website or support channels – not through the visual itself.

This privacy policy was last updated on 13.07.2025 and applies to the Leaplytics Gantt Chart Power BI Visual and related services provided by LeapLytics GmbH.