Privacy Policy

1. Controller

2. Overview

This website does not set any cookies. Neither first-party nor third-party. No external trackers, no Google Analytics, no Matomo, no Facebook Pixel, no LinkedIn Insight Tag, and no Google Tag Manager are used.

No cookie banner is required as no consent-dependent tracking takes place.

3. Hosting and Content Delivery

This website is served via Cloudflare Pages. Cloudflare acts as a data processor under Art. 28 GDPR. A Data Processing Addendum (DPA) with Standard Contractual Clauses (SCCs) is in place.

When delivering web pages, Cloudflare technically processes the IP address of the requesting device. Depending on the service, this processing may also take place outside the EU and is secured via DPA/SCCs.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure and performant website delivery).

4. Web Analytics

We use Cloudflare Web Analytics. This service is cookie-free and does not collect personal data. No individual users are identified or tracked. Only aggregated access data is collected (page views, referrer, country, device category).

Consent is not required as no tracking within the meaning of the ePrivacy Directive takes place.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in analyzing website usage in aggregated, anonymous form).

5. Contact Form

When you use our contact form, the following data is processed:

• Name
• Email address
• Company (optional)
• Message

Data is processed via a Cloudflare Worker and forwarded to us by email. No permanent storage of form data takes place on the server. Data is used exclusively to process your inquiry.

Legal basis: Art. 6(1)(b) GDPR (performance of pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in processing inquiries).

Retention: Inquiries received by email are stored for the duration of the business relationship or in accordance with statutory retention periods.

6. Appointment Booking

For appointment booking, we use an external calendar service. When you click the booking link, you are redirected to the provider's platform. The respective provider's privacy policy applies. No script is loaded and no cookie is set on our website by the booking link.

7. Fonts

All fonts used on this website are locally embedded (self-hosted). No external font services (e.g., Google Fonts) are loaded. No connection to third parties is established when loading fonts.

8. Maps and Videos

This website does not embed external map services (e.g., Google Maps) or external video services (e.g., YouTube). Where maps or videos are displayed, this is done via static images or self-hosted content.

9. No Additional Third Parties

This website does not load resources from third parties not mentioned in this privacy policy. In particular, the following are not used: Google Tag Manager, Facebook Pixel, LinkedIn Insight Tag, HubSpot, Salesforce or other CRM trackers, Hotjar, Mouseflow or other session recording tools, Matomo or other self-hosted analytics tools.

10. SSL/TLS Encryption

This website uses SSL/TLS encryption for security purposes. An encrypted connection is indicated by "https://" in your browser's address bar.

11. Server Log Files

The hosting provider (Cloudflare) collects access data in server log files for technical reasons. These may include: page accessed, time, data volume, referrer URL, IP address, browser, and operating system. Log files are stored by Cloudflare for a limited period according to their retention policies and are not merged with other data.

12. Your Rights

You have the following rights regarding your personal data:

• Access (Art. 15 GDPR): You may request information about data we process.
• Rectification (Art. 16 GDPR): You may request correction of inaccurate data.
• Erasure (Art. 17 GDPR): You may request deletion of your data, provided no statutory retention obligations apply.
• Restriction (Art. 18 GDPR): You may request restriction of processing.
• Data portability (Art. 20 GDPR): You may request your data in a machine-readable format.
• Objection (Art. 21 GDPR): You may object to processing based on Art. 6(1)(f) GDPR.

13. Right to Complain

You have the right to lodge a complaint with a data protection supervisory authority. The competent authority is the supervisory authority of the federal state in which you reside, or the authority responsible for the controller:

14. Currency

This privacy policy is currently valid. Last updated: February 2026.

We reserve the right to amend this privacy policy to adapt it to changed legal requirements or changes to the service.