We are pleased about your visit to our website. The protection and security of your personal data are of the highest priority for Ensorium UG (haftungsbeschränkt) - hereinafter referred to as "Ensorium". We always process your personal data confidentially and in strict accordance with the applicable legal data protection regulations, in particular the European General Data Protection Regulation (GDPR), the Telecommunications Digital Services Data Protection Act (TDDDG), and the provisions of this privacy policy.
The use of our website is generally possible without any active, manual entry of personal data by you. If personal data (such as IP addresses to maintain technical system stability) is nevertheless processed on our pages, this is done without exception on the basis of clear legal permissions.
This privacy policy serves the purpose of fully, transparently, and comprehensibly informing you in accordance with Art. 13 GDPR about the nature, scope, purpose, and legal basis of the processing of personal data within our online offering.
The controller within the meaning of Art. 4 No. 7 GDPR and other national data protection laws of the member states is the legal entity that alone or jointly with others determines the purposes and means of the processing of personal data.
Responsible for this website is:
Company: Ensorium UG (haftungsbeschränkt)
Fritz-Glenz-Straße 1
64297 Darmstadt
Germany
Registration: Registered at the Local Court (Amtsgericht) of Darmstadt, HRB 108975
Representation: Represented by the Managing Directors: Daniel Renkel and Tindaro Amato
Contact options:
Phone: +4961515043203
Email: mondou(AT)ensorium.com
To make this website available on the Internet, we use the infrastructural services of an external web hosting provider. Our website is hosted by IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany - hereinafter "IONOS".
When you visit our website, the IONOS servers automatically capture temporary information that is strictly necessary technically and is stored in so-called server log files. This server-side data collection is unavoidable in order to deliver the website content to your browser.
The automatically collected data categories include, among others:
Purpose and legal basis: The collection of these log files is necessary for the error-free provision of the website, to ward off cyber attacks, and to maintain system stability. The legal basis for this processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.
Storage duration and DPA: The IP addresses of the users are generally anonymized by IONOS after a few days, so that it is no longer possible to assign them to your person. In order to fully comply with data protection requirements, the data processing takes place on the basis of a Data Processing Agreement (DPA) within the meaning of Art. 28 GDPR, which is automatically part of the General Terms and Conditions (GTC) of IONOS for new contracts as of July 19, 2022.
Cookies are small text files that can be stored by websites on the visitor's terminal device (computer, smartphone). The Telecommunications Digital Services Data Protection Act (TDDDG) prescribes strict requirements for reading or storing such data on your terminal device.
Transparency note: Our website is designed purely as an information page (digital business card). In the current expansion stage of our website, we completely waive:
Since our website does not store any cookies on your terminal device when merely viewing it, and no tracking technologies are used to profile your user behavior, obtaining consent via a so-called cookie consent banner in accordance with § 25 TDDDG is not legally required on our site. You can move freely on our website without downstream monitoring of your surfing behavior.
The appealing presentation of texts on websites is nowadays often realized via dynamic web fonts, such as those from Google. However, the direct, dynamic integration of such fonts from external servers requires establishing a constant connection to third-party providers (often in the USA), whereby your IP address is inevitably transmitted.
To best protect your privacy and uphold the right to informational self-determination, we completely dispense with the dynamic integration of fonts via external servers (third-party hosting) on our website. All fonts used on this website for text presentation have been downloaded by us and are stored locally on our own web space provided by IONOS SE (first-party hosting). Consequently, when presenting texts in your browser, no connection request to external font servers takes place, and there is no transmission of your IP address or other personal data to third-party companies.
If you contact us via email, the personal data transmitted by you (such as your email address, your name, and the content of your inquiry) will be processed by us for the purpose of handling your request. This data will not be passed on to third parties without your explicit consent.
The processing of this data is based on our legitimate interest in the effective handling of the inquiries addressed to us in accordance with Art. 6 para. 1 lit. f GDPR. If your email aims at the conclusion of a contract or takes place within the framework of pre-contractual measures, the legal basis for the data processing is Art. 6 para. 1 lit. b GDPR.
Your data will be deleted by us as soon as your request has been conclusively clarified and the purpose of the storage ceases to apply. Mandatory statutory provisions - in particular, statutory retention periods under the German Commercial Code (HGB) or the German Fiscal Code (AO) - remain unaffected by this. As a company, we are legally obligated to archive business emails (so-called commercial and business letters) in an audit-proof manner for 6 years and tax-relevant documents for up to 10 years.
Even if we are not actively advertising open positions, you may choose to send us an unsolicited application (Initiativbewerbung) via email.
Scope and Purpose of Data Processing
When you submit an application, we collect and process the personal data you voluntarily provide. This typically includes:
This processing is carried out exclusively to review your application, evaluate your suitability for potential employment at Ensorium, and communicate with you regarding your application.
Legal Basis
The legal basis for processing your applicant data is Art. 6 para. 1 lit. b GDPR (processing necessary for entering into an employment contract) in conjunction with § 26 para. 1 of the German Federal Data Protection Act (BDSG).
Storage Duration and Deletion
If we cannot offer you a position at this time, your application data will generally be deleted no later than six months after we notify you of the rejection. This standard retention period allows us to answer any follow-up questions regarding your application and fulfills our burden of proof under the German General Equal Treatment Act (AGG).
Extended Storage (Applicant Pool)
If your profile is of high interest to us, but no suitable position is currently available, we might ask to keep your data on file for future opportunities. We will only store your data beyond the standard six-month period if you give us your explicit, written consent to do so (Art. 6 para. 1 lit. a GDPR). You can withdraw this consent at any time with effect for the future.
Our web presence serves as a digital display and showcase for the video games we have developed. The actual acquisition and distribution of our products does not take place directly via this website, but exclusively via the external, global gaming distribution platform "Steam". Steam is operated by the Valve Corporation, 10400 NE 4th St, Bellevue, WA 98004, USA (hereinafter "Valve").
Data processing by calling up the link (HTTP Referer): We embed outbound hyperlinks (in the form of text links or graphics) on our website, which forward you directly to the product pages in the Steam shop when clicked. We use pure links for this and waive the use of tracking pixels or widgets that would transmit data to Steam even before a click. When you click on such a link, you leave the area of influence of our website. When accessing the destination address, your web browser transfers the so-called "HTTP Referer" to Valve's servers due to the system. This technical meta-information tells the target page from which source URL (our website) you have switched there. The provision of this link is based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in offering you a smooth possibility to acquire our products.
Data protection responsibility of the Valve Corporation: As soon as you are on the Steam platform, you are fully subject to the terms of use and privacy provisions of Valve. We expressly point out that we have no influence on the type, scope, and purpose of the data collection by Valve. The Valve Corporation acts as the sole and independent controller under data protection law. For the transfer of European user data to the USA, the Valve Corporation relies, among other things, on the EU Commission's adequacy decision for the "EU-U.S. Data Privacy Framework" (DPF).
Further information on data collection and processing by Valve can be found in the official Steam privacy policy: Link to the privacy policy: https://store.steampowered.com/privacy_agreement/
On our website, we link to our company profiles on various social networks. These are static hyperlinks and explicitly not interactive social media plugins that would transmit data to the networks upon loading our website.
Data processing via click: When you click on one of the links to YouTube, Bluesky, or Reddit, you leave our website and are redirected directly to the servers of the respective network. In doing so, your web browser transfers information to the operator of the target page due to the system, in particular your IP address as well as the information (HTTP Referer) regarding which website (in this case ours) you arrived from.
From the moment you leave our website, the operators of the respective social media platforms assume their own responsibility regarding data protection law. We have no influence on the nature and scope of data processing there. Since these are partially US companies, the use of the platforms may lead to a transfer of your personal data to countries outside the European Economic Area (EEA).
Please refer to the privacy policies of the respective networks for further information on data collection and use:
For reasons of data security and to protect the transmission of confidential content, our website utilizes modern SSL or TLS encryption (Transport Layer Security). You can recognize an active, encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the closed lock symbol in your browser line. When SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.
The GDPR grants you as a user far-reaching control rights regarding the processing of your personal data. If your personal data is processed, you are a "data subject" and you have the following rights vis-à-vis Ensorium as the controller:
An informal notification by email to the contact details specified in section 2 is sufficient to exercise these rights.
If you believe that the processing of your personal data violates data protection regulations, you have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). For this purpose, you can contact the State Commissioner for Data Protection and Freedom of Information of the State of Hesse (jurisdiction Darmstadt).
This privacy policy is currently valid and has the editorial status of March 2026. Due to the further development of our website (e.g., through the future integration of analysis tools or the use of advertising platforms, which will then be regulated via a professional Consent Management Platform) or due to changed legal requirements, it may become necessary to adapt this privacy policy. We reserve the right to change the policy at any time with effect for the future.