Privacy Policy

Christian Voß Consulting ("we", "our", or "us") is committed to protecting your personal data and respecting your privacy.

‍

This Privacy Policy explains how we collect, use, store, and protect personal information when you visit our website or contact us regarding our services.

‍

This policy is prepared in accordance with the General Data Protection Regulation (GDPR) and applicable German data protection laws.

‍

1. Data Controller

The controller responsible for processing personal data is:

‍

Christian Voß Consulting

Munich, Germany

Email: mail@christian-voss.de

‍

2. Information We Collect

We may collect and process the following categories of personal data:

‍

Information You Provide Directly

When you contact us through forms, email, telephone, or consultation requests, we may collect:

• Name
• Company name
• Email address
• Phone number
• Project information
• Any information voluntarily provided in your enquiry

‍

Information Collected Automatically

When you visit our website, certain information may be collected automatically, including:

• IP address
• Browser type and version
• Device information
• Operating system
• Date and time of website access
• Referring website
• Pages visited
• Website interaction data

‍

3. How We Use Your Information

We process personal data for the following purposes:

‍

Communication

To respond to enquiries, consultation requests, and project discussions.

‍

Service Delivery

To provide consulting, project management, technical due diligence, procurement, contract administration, and related professional services.

‍

Website Administration

To maintain, improve, secure, and optimize the performance of our website.

‍

Legal Compliance

To comply with legal obligations and regulatory requirements.

‍

Business Operations

To manage client relationships, proposals, contracts, and administrative activities.

‍

4. Legal Basis for Processing

Under GDPR, we process personal data based on one or more of the following legal grounds:

‍

Consent

Where you have provided consent for a specific purpose.

‍

Contractual Necessity

Where processing is necessary to perform a contract or take steps prior to entering into a contract.

‍

Legitimate Interests

Where processing is necessary for our legitimate business interests, provided those interests do not override your rights and freedoms.

‍

Legal Obligations

Where processing is required to comply with applicable laws or regulations.

‍

5. Contact Forms and Enquiries

When you submit a contact form or send us an email, we process the information provided solely for the purpose of responding to your enquiry and managing potential business relationships.

‍

We do not sell or rent personal information to third parties.

‍

6. Cookies and Analytics

This website uses cookies and similar technologies to improve functionality, analyse website performance, and enhance the user experience.

‍

Cookies are small text files stored on your device when you visit a website. Some cookies are essential for the operation of the website, while others help us understand how visitors interact with the website.

‍

Where required by law, we will request your consent before placing non-essential cookies on your device.

‍

You can manage your cookie preferences at any time through our cookie consent banner or by adjusting your browser settings.

‍

a. Google Analytics 4 (GA4)

This website uses Google Analytics 4, a web analytics service provided by Google LLC.

‍

Google Analytics helps us understand how visitors interact with our website by collecting information such as:

• Pages visited
• Time spent on pages
• Navigation paths
• Device and browser information
• Geographic region (approximate)
• Website performance metrics

‍

Google Analytics may collect information including your IP address. IP anonymisation is enabled where applicable.

‍

The information generated by Google Analytics may be transmitted to and stored on servers operated by Google.

‍

The processing of personal data through Google Analytics is based on your consent pursuant to Article 6(1)(a) GDPR.

‍

You may withdraw your consent at any time through the website's cookie settings.

‍

For more information, please refer to Google's Privacy Policy.

‍

b. Google Tag Manager

This website uses Google Tag Manager, a tag management system provided by Google LLC.

‍

Google Tag Manager itself does not collect personal data. It facilitates the deployment and management of website tags and tracking scripts.

‍

However, tags implemented through Google Tag Manager may collect data independently. Information regarding such data collection is described within the relevant sections of this Privacy Policy.

‍

The use of Google Tag Manager is based on our legitimate interest in the efficient management and operation of website services pursuant to Article 6(1)(f) GDPR.

‍

c. Calendly

This website may use Calendly to allow visitors to schedule meetings and consultations.

‍

When you book an appointment through Calendly, personal data may be collected, including:

• Name
• Email address
• Telephone number (if provided)
• Company information (if provided)
• Appointment details
• Any information submitted during the booking process

‍

This information is used solely for scheduling and managing appointments and consultations.

‍

The legal basis for processing this data is either:

• Your consent pursuant to Article 6(1)(a) GDPR, or
• The performance of pre-contractual measures pursuant to Article 6(1)(b) GDPR.

‍

Calendly may process data on servers located outside the European Economic Area (EEA). Appropriate safeguards, including Standard Contractual Clauses approved by the European Commission, are used where required.

‍

For further information, please refer to Calendly's Privacy Notice.

‍

7. Third-Party Services

To support the operation of our website and business activities, we may share information with trusted third-party providers, including:

‍

• Google Analytics 4 / GA4
• Google Tag Manager
• Calendly
• Website hosting providers
• Email and communication platforms
• Cloud storage and productivity tools

‍

These providers receive only the information necessary to perform their services and are required to maintain appropriate security and confidentiality measures.

‍

8. Sharing Personal Data

We may disclose personal data only when:

‍

• Required by law or regulatory authorities.
• Necessary to protect our legal rights.
• Required to deliver requested services.
• Working with trusted service providers under appropriate confidentiality and data processing agreements.

‍

We do not sell personal data to third parties.

‍

9. International Data Transfers

Where personal data is transferred outside the European Economic Area (EEA), appropriate safeguards will be implemented in accordance with GDPR requirements.

‍

These safeguards may include:

• Standard Contractual Clauses approved by the European Commission.
• Transfers to countries with recognised adequacy decisions.
• Other lawful transfer mechanisms permitted under GDPR.

‍

10. Data Retention

We retain personal data only for as long as necessary to:

‍

• Respond to enquiries.
• Deliver services.
• Meet legal, tax, accounting, or regulatory obligations.
• Resolve disputes and enforce agreements.

Once data is no longer required, it is securely deleted or anonymised.

‍

11. Data Security

We implement appropriate technical and organisational measures to protect personal data against:

‍

• Unauthorised access
• Accidental loss
• Alteration
• Disclosure
• Destruction

‍

While we take reasonable steps to protect information, no internet transmission or storage system can be guaranteed to be completely secure.

‍

12. Your Rights Under GDPR

You may have the right to:

‍

Access

Request a copy of your personal data.

‍

Rectification

Request correction of inaccurate or incomplete information.

‍

Erasure

Request deletion of your personal data where legally permitted.

‍

Restriction

Request limitation of processing under certain circumstances.

‍

Data Portability

Request transfer of your personal data to another provider.

‍

Objection

Object to certain processing activities based on legitimate interests.

‍

Withdraw Consent

Withdraw previously granted consent at any time.

‍

To exercise any of these rights, please contact us using the details provided below.

‍

13. Complaints

If you believe your personal data has been processed unlawfully, you have the right to lodge a complaint with the relevant data protection authority.

‍

For Germany, this is typically the competent supervisory authority responsible for your region or the region in which the controller is established.

‍

14. External Links

Our website may contain links to external websites.

‍

We are not responsible for the privacy practices, content, or security of third-party websites. Visitors should review the privacy policies of those websites independently.

‍

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or technical changes.

‍

The latest version will always be available on this website, and the effective date will be updated accordingly.

‍

16. Contact Information

‍

If you have any questions regarding this Privacy Policy or the processing of your personal data, please contact:

‍

Christian Voß Consulting

Munich, Germany

Email: mail@christian-voss.de