← Back to homepage

Privacy Policy

1. Privacy at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. For detailed information on the subject of data protection, please refer to our privacy policy listed below.

Data collection on this website

Data processing on this website is carried out by the website operator. You can find their contact details in the “Data Controller” section of this privacy policy.

2. Data Controller

The data controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

3. Hosting

This website is hosted by Vercel Inc. (440 N Barranca Ave #4133, Covina, CA 91723, USA). Server-side processing (Serverless Functions) takes place in Frankfurt am Main, Germany (EU). Static content is delivered via Vercel's global Content Delivery Network (CDN), where data may be cached at edge locations worldwide. Operational data such as server logs, monitoring, and security data is processed on Vercel's infrastructure in the USA.

This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access data, and other data generated through a website.

The use of this hosting provider is for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 (1) (b) GDPR) and in the interest of a secure, fast, and efficient provision of our online services by a professional provider (Art. 6 (1) (f) GDPR).

Vercel is certified under the EU-U.S. Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA designed to ensure compliance with European data protection standards for data processing in the USA. The European Commission issued an adequacy decision for the DPF on July 10, 2023. We have entered into a Data Processing Addendum (DPA) with Vercel.

4. General information and mandatory disclosures

Data protection

The operator of this website takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.

Note on the data controller

The data controller for data processing on this website can be found in the “Data Controller” section above. The data controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, email addresses, etc.).

Storage duration

Unless a more specific storage period has been stated within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data; in the latter case, deletion will take place after these reasons cease to apply.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You may revoke any consent you have already given at any time. The legality of the data processing carried out prior to the revocation remains unaffected by the revocation.

5. Data collection on this website

Cookies and local storage

This website does not use any tracking, analytics, or marketing cookies. A cookie consent banner is therefore not required. Specifically:

  • Cal.com — When using the booking feature, Cal.com may set technically necessary cookies (e.g. session cookies). These are only set when you actively use the booking function.
  • Theme preference — Your color scheme selection (light/dark) is stored in your browser's localStorage. This is not a cookie; the data does not leave your browser.

The legal basis for technically necessary cookies is Art. 6 (1) (f) GDPR (legitimate interest in the technical provision of the website).

Server log files

The hosting provider automatically collects and stores information in server log files that your browser transmits automatically. These are:

  • Browser type and version
  • Operating system
  • Referrer URL
  • Hostname of the accessing device
  • Time of the server request
  • IP address

This data is not merged with other data sources. The data is collected on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of their website — server log files must be collected for this purpose.

Contact

If you contact us by email or phone, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of handling your request. We will not share this data without your consent.

The processing of this data is based on Art. 6 (1) (b) GDPR if your inquiry is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries directed to us (Art. 6 (1) (f) GDPR) or on your consent (Art. 6 (1) (a) GDPR).

Appointment booking (Cal.com)

On this website, you can book an appointment via an embedded service provided by Cal.com Inc. (340 S Lemon Ave #4133, Walnut, CA 91789, USA). When booking an appointment, the following personal data is collected and transmitted to Cal.com:

  • Name
  • Email address
  • Any additional information you voluntarily provide (e.g. message, phone number)
  • IP address and technical browser data

The processing is carried out for the purpose of scheduling appointments on the basis of Art. 6 (1) (b) GDPR (pre-contractual measures) and Art. 6 (1) (f) GDPR (legitimate interest in efficient appointment management). We have entered into a Data Processing Agreement with Cal.com. For more information, please refer to the Cal.com privacy policy.

Meetings are conducted via Google Meet (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). When a meeting is booked, your name and email address are shared with Google to create the video conference. Google processes this data under its own terms. Google is certified under the EU-U.S. Data Privacy Framework. For more information, please refer to the Google privacy policy.

6. Your rights

You have the right at any time to:

  • Obtain information about the origin, recipients, and purpose of your stored personal data free of charge (Art. 15 GDPR)
  • Request the correction of inaccurate data (Art. 16 GDPR)
  • Request the deletion of your personal data stored by us (Art. 17 GDPR)
  • Request the restriction of processing of your personal data (Art. 18 GDPR)
  • Receive your personal data in a structured, commonly used, and machine-readable format (Art. 20 GDPR)
  • Object to the processing of your personal data (Art. 21 GDPR)

7. Right to lodge a complaint with a supervisory authority

If you believe that the processing of your personal data violates data protection law, you have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR). The competent supervisory authority is:

Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
Ludwig-Erhard-Str. 22, 7. OG
20459 Hamburg
Phone: +49 40 428 54-4040
Email: mailbox@datenschutz.hamburg.de