Imprint & Privacy

As the operator of this website and as a company, we process personal data that identifies you or makes you identifiable.

This notice explains for which purposes and on which legal bases we process your data.

We protect transmitted data with SSL/TLS. You can recognize this by the lock icon in your browser and by https://.

Despite safeguards, no Internet transmission is completely secure; we work to close security gaps promptly.

If not stated otherwise in this policy, we store personal data until the processing purpose no longer applies, you object, or you revoke consent.

If you object or revoke consent, we may continue processing when one of the following applies:

• Compelling legitimate grounds override your interests, rights, and freedoms (not applicable if your objection targets direct marketing).
• Processing is necessary to assert, exercise, or defend legal claims (not applicable for objections to direct marketing).
• We are legally obliged to retain the data.

We delete your data once none of the above applies.

We use tools from providers that transfer and store data in the USA.

The EU-US Data Privacy Framework adequacy decision currently allows transfers to certified US companies with safeguards on access and redress.

A change to the European Commission's decision cannot be ruled out.

If we process data based on legitimate interests (Art. 6(1)(f) GDPR), you may object per Art. 21 GDPR. This also applies to profiling on this basis.

You must state reasons arising from your particular situation unless the objection targets direct marketing, which requires no reasons.

If you object, we stop processing unless:

• We demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
• Processing is necessary for asserting, exercising, or defending legal claims.

These exceptions do not apply to objections to direct marketing or related profiling.

Withdrawal of consent: You may revoke consent at any time with future effect (Art. 7(3) GDPR).

Right to complain: You may lodge a complaint with a supervisory authority (Art. 77 GDPR).

Data portability: For data processed automatically on the basis of consent or contract, you can request a common machine-readable export or transfer.

Access/rectification/erasure: You may request information (Art. 15 GDPR), correction (Art. 16 GDPR), or deletion (Art. 17 GDPR) of your stored data.

Restriction of processing (Art. 18 GDPR): In certain cases you may demand restriction; then processing is limited to storage plus:

• With your consent.
• For asserting, exercising, or defending legal claims.
• To protect the rights of another natural or legal person.
• For reasons of important public interest of the EU or a Member State.

Restriction applies in particular if accuracy is contested (for the review period), processing is unlawful but deletion is refused, data is needed for legal claims, or pending the balance of interests after an objection.

External hosting: Our site is hosted by Onepage GmbH, Hanauer Landstraße 172, 60314 Frankfurt am Main, Germany. A data processing agreement is in place.

The host stores website data including IP addresses, page views, contact details, and meta/communication data strictly per our instructions.

Legal basis: Contract initiation and fulfillment (Art. 6(1)(b) GDPR) and our legitimate interest in a secure, fast, and efficient website (Art. 6(1)(f) GDPR).

Tool: Appointment scheduling by Calendly LLC, 88 N Avondale Road #603, Avondale Estates, GA 30002, USA.

A data processing agreement exists; transfers rely on Standard Contractual Clauses.

We use Calendly to plan, conduct, and follow up on appointments. Data is deleted when the purpose ceases, you request deletion, or you revoke consent (unless legal retention applies).

Legal basis: Legitimate interest in simple scheduling (Art. 6(1)(f) GDPR); with consent Art. 6(1)(a) GDPR.

Tool: Scheduling via Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

A data processing agreement exists; transfers rely on the EU-US adequacy decision and certification.

When the calendar loads, your IP address and technical data are transmitted to Google. We use the service to display and coordinate appointments.

Data is deleted when the purpose ceases, you request deletion, or you revoke consent (unless legal retention applies).

Legal basis: Legitimate interest in efficient scheduling (Art. 6(1)(f) GDPR); with consent Art. 6(1)(a) GDPR.

Tool: Form builder by Onepage GmbH, Hanauer Landstraße 172, 60314 Frankfurt am Main, Germany.

Data entered in forms is stored on Onepage servers until deletion is requested, consent is revoked, or the purpose no longer applies; statutory obligations remain unaffected.

Legal basis: Legitimate interest in functioning customer forms (Art. 6(1)(f) GDPR); with consent Art. 6(1)(a) GDPR.

Tool: Cloud storage by Google Ireland Limited.

A data processing agreement exists; transfers rely on the EU-US adequacy decision and certification.

Files uploaded via our site are stored on Google servers; when visiting the site, a connection to Google is established.

Legal basis: Legitimate interest in a reliable upload area (Art. 6(1)(f) GDPR); with consent Art. 6(1)(a) GDPR.

Tool: Project management by Notion Labs, Inc., 2300 Harrison Street, San Francisco, CA 94110, USA.

A data processing agreement exists; transfers rely on the EU-US adequacy decision and certification.

Notion enables task organization, collaboration, and embedded documents. When visiting our site, analytics such as page views may be collected by Notion.

Legal basis: Legitimate interest in operating our website effectively (Art. 6(1)(f) GDPR); with consent Art. 6(1)(a) GDPR.

We use online conferencing tools to communicate with customers, partners, and service providers.

Data categories include registration data (email/phone and provided details), conference metadata (start/end, duration, participants), technical data (IP, device info), and communication content (recordings, chats, shared files/whiteboards).

Deletion on our systems occurs when the purpose ends, you request deletion, or you revoke consent unless legal retention applies; cookies remain until removed.

Legal basis: Art. 6(1)(b) GDPR for contractual communication; otherwise legitimate interest per Art. 6(1)(f) GDPR; with consent Art. 6(1)(a) GDPR.

Video conferencing service by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.

A data processing agreement is in place; transfers rely on the EU-US adequacy decision and certification.

Privacy information: https://policies.google.com/privacy?hl=de.

We maintain profiles on social networks. Operators can collect extensive usage data, create behavior and interest profiles, and show interest-based ads on and off the networks.

Processing can occur when you visit our profile or interact with embedded network content. If logged in, activity can be linked to your account; data can also be collected without an account via IP or cookies.

Legal basis: Our legitimate interest in broad online presence (Art. 6(1)(f) GDPR); operators may rely on other bases.

Responsibility is shared between us and the network operators for processing triggered by visiting our profiles; however, operator practices are primarily under their control.

We delete data we collect via our profiles when the purpose ceases, you request deletion, or you revoke consent; cookies remain until removed.