Scope and Purpose

This Policy applies to all personal data processed when visiting this website, using contact forms, subscribing to communications, engaging services, and interacting with any embedded technologies.

Personal data are processed solely for specified, explicit, and legitimate purposes, including operating the site, responding to inquiries, providing services, security, analytics (where consented), and legal compliance.

Our Commitment to Discretion and Compliance

All information shared is handled with 100% discretion. Confidentiality is a foundational principle of our services.

Any data collected through technology (including cookies, logs, analytics, or similar) is strictly protected under all applicable EU and German data protection laws, including the GDPR, BDSG, and TDDDG.

Legal Bases (GDPR Art. 6)

Consent: For non‑essential cookies/trackers, newsletters, and certain marketing analytics.

Contract: To provide requested services or respond to pre‑contractual inquiries.

Legal obligation: To comply with statutory requirements (e.g., tax/accounting, regulatory).

Legitimate interests: Site security, fraud prevention, essential functionality, and service improvement, balanced with data subject rights.

Data Categories

Identification and contact data: name, email, phone, organization.

Usage and technical data: IP address, device/browser info, timestamps, pages viewed, basic diagnostics.

Communication data: content of messages, meeting notes, feedback.

Billing data (if applicable): payment details processed via certified providers.

Cookies and Similar Technologies

Essential cookies: Used to provide the website and ensure security; do not require consent.

Non‑essential cookies (e.g., analytics/marketing): Used only with prior consent; can be withdrawn at any time via the preference tool or browser settings.

Consent Management: Where offered, user choices are honored and can be updated at any time; essential services remain accessible without non‑essential tracking.

Disclosures and Recipients

Trusted processors (e.g., hosting, email, analytics where consented) act under written contracts, follow our instructions, and implement appropriate technical and organizational measures.

Disclosures to authorities occur only where legally required or to establish, exercise, or defend legal claims.

International Transfers

Where data leave the EEA, transfers rely on an adequacy decision, or appropriate safeguards such as EU Standard Contractual Clauses and supplementary measures. Copies of relevant safeguards are available upon request.

Data Retention

Data are retained only as long as necessary for the purposes collected, to fulfil legal obligations, or to resolve disputes. When no longer required, data are securely deleted or anonymized.

Typical periods: contact inquiries (up to 12 months), contract files (up to 10 years if legally required), consent logs (as required for compliance).

Security

We apply state‑of‑the‑art technical and organizational measures, including encryption in transit, access controls, least‑privilege principles, secure development and logging, and regular reviews.

We continuously work to reduce data exposure and ensure confidentiality, integrity, and availability.

Your Rights (GDPR Arts. 12–22)

Right of access, rectification, erasure, restriction, portability, and to object to processing based on legitimate interests.

Right to withdraw consent at any time (without affecting prior lawful processing).

Right to lodge a complaint with a supervisory authority, e.g., the State Data Protection Authority competent for your residence or with the Federal Commissioner for Data Protection and Freedom of Information.

Children’s Data

Our services are not directed to children under applicable age thresholds. We do not knowingly process children’s data without verifiable consent where required.

Automated Decision‑Making

We do not use automated decision‑making or profiling that produces legal or similarly significant effects without appropriate safeguards and transparency.

Third‑Party Links and Embeds

External sites or embedded services are governed by their own policies. Please review their notices; we are not responsible for their practices.

Changes to this Policy

We may update this Policy to reflect legal or technical changes. The latest version will be posted here and marked with an effective date. Material changes will be communicated where required.