Privacy Policy

1. Privacy at a Glance

The protection of your personal data matters to us. This policy explains which data we process when you visit this website, for what purpose, and on what legal basis. Personal data is any data that can be used to personally identify you.

2. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

Tim Schmidt
Schmidt Consulting
Rosengasse 3
96224 Burgkunstadt
Germany

Email: admin@schmidtconsulting.io

3. Hosting

This website is hosted by Netlify (Netlify, Inc., 512 2nd Street, Suite 200, San Francisco, CA 94107, USA). Netlify processes the data that is technically generated when the website is accessed (see server log files) on our behalf. A data processing agreement pursuant to Art. 28 GDPR is in place with Netlify.

As Netlify is a US company, data may be transferred to the USA. This is based on the European Commission's standard contractual clauses pursuant to Art. 46 GDPR and, where applicable, certification under the EU-U.S. Data Privacy Framework. The legal basis for hosting is our legitimate interest in providing this website securely and efficiently (Art. 6 para. 1 lit. f GDPR).

4. Server Log Files

When you access this website, information transmitted by your browser is automatically collected. This includes:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

This data serves the technical delivery, security and stability of the website and is not merged with other data sources. The legal basis is Art. 6 para. 1 lit. f GDPR (legitimate interest in error-free and secure operation).

5. Contact and Inquiry Form

When you use our inquiry / funnel form, we process the information you provide (e.g. industry, desired style, selected features, your email address) as well as your IP address and a timestamp for abuse prevention. We use this data solely to process your inquiry and to get in touch with you.

For the technical delivery of the form notification to us, we use the email service Resend (Resend, Inc., USA). Resend processes the transmitted data on our behalf (Art. 28 GDPR); here too, data may be transferred to the USA on the basis of standard contractual clauses (Art. 46 GDPR).

The legal basis is Art. 6 para. 1 lit. b GDPR (performance of pre-contractual measures) and Art. 6 para. 1 lit. f GDPR (legitimate interest in processing inquiries and preventing abuse). The data is deleted as soon as it is no longer required for the intended purpose and no statutory retention obligations apply.

6. Appointment Booking via Cal.com

To schedule appointments online, we embed the service Cal.com (Cal.com, Inc., USA) on this website. When the booking calendar loads, a connection to Cal.com's servers is established and your IP address is transmitted to Cal.com. When you book an appointment, we and Cal.com process the data you provide (e.g. name, email address, chosen time) to arrange and hold the call.

The legal basis is Art. 6 para. 1 lit. b GDPR (performance of pre-contractual measures) and Art. 6 para. 1 lit. f GDPR (legitimate interest in easy scheduling). As Cal.com may process data in the USA, any such transfer is based on standard contractual clauses (Art. 46 GDPR). Details can be found in Cal.com's privacy policy.

7. Cookies and Local Storage

This website does not use any tracking, analytics or marketing cookies and does not embed any third-party services for analytics purposes. Only your chosen appearance (light or dark mode) is stored in your browser's local storage (localStorage, key “sc-theme”). This storage is technically necessary to preserve your choice, takes place exclusively on your device and is not transmitted to us or any third party. No consent is required for this pursuant to § 25 para. 2 TDDDG. You can delete this storage at any time via your browser settings.

8. Fonts

The fonts used on this website are served locally from our server. There is no connection to third-party servers (e.g. Google Fonts), and no personal data is transmitted to third parties for this purpose.

9. SSL/TLS Encryption

For security reasons, this website uses SSL/TLS encryption. You can recognise an encrypted connection by the “https://” in your browser's address bar.

10. Your Rights

Within the scope of the legal provisions, you have the right to access (Art. 15 GDPR), rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR), data portability (Art. 20 GDPR) and a right to object to processing based on legitimate interests (Art. 21 GDPR). You can revoke any consent given at any time with effect for the future. To do so, please contact admin@schmidtconsulting.io.

11. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority. The authority responsible for us is:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18, 91522 Ansbach, Germany
www.lda.bayern.de