Scope
This policy outlines how we handle personal data in accordance with applicable privacy regulations, including the GDPR. We are committed to transparency, fairness, and responsible business practices.
This policy applies to all personal data collected during the course of our website operation, consulting services and business communications.
Our website address is: https://www.privacya2z.com.
In case you have any question or requests regarding, please use the contact us section to learn how you can reach us.
Cookies
We only use necessary cookies in our website. Embedded content may hold additional cookies.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Links to other websites
Our website consists links to other websites. If you click on these links we are not responsible for your data and privacy protection as visiting those websites are not governed by this privacy policy. Please always make sure you understand the policies and notices of said websites.
Data processing for consulting service
When you contact us with your inquiry we will process only the necessary data to provide you with this service.
The data is necessary to communicate with you (name, contact details, company details) and to provide you with the requested consulting service (documentation you share with us, invoicing, legal requirements).
We do not process personal data on behalf of our clients. As they are responsible for the personal data they handle as data controller, when clients share documents with us, we ask them to remove any personal data before sharing with us.
How long we retain your data
We retain personal data only as long as necessary to fulfill business, legal, or contractual obligations. We do not retain client-shared documents beyond the period we agree in our engagements and defined in our Security Policy.
Your rights
If we process your personal data in any way or form, as a EU resident you have certain rights.
Please note that certain rights are not absolute and for example this does not include the deletion any data we are obliged to keep for administrative, legal, or security purposes.
Your rights under GDPR:
The right to be informed: This right gives people the ability to obtain clear and transparent information about how businesses acquire, handle, and utilize their personal data.
The right to access: Individuals’ right of access enables them to learn about and confirm the legitimacy and fairness of the processing of their personal data.
The right to rectify: By exercising their right to rectification, people may make sure that the personal information that organizations hold on them is true and current.
The right to erasure: Individuals can manage the retention and use of their personal data by exercising their right to erasure.
The right to restrict processing: Individuals have control over how their personal data is used while unresolved problems or disputes are being handled thanks to the right to prohibit processing.
The right to data portability: People who have the right to data portability are able to request and receive their personal information from a company in a structured, widely used, and machine-readable format.
The right to object: The right to object enables people to voice their disapproval and ask that a company cease processing their personal data.
Automated Decision-Making and Profiling Rights: The General Data Protection Regulation (GDPR) contains special rights pertaining to profiling and automated decision-making.
Security
We take data protection seriously. We operate with encrypted drives and follow strict access controls. We apply all reasonable technical and organizational measures to protect data against unauthorized access, alteration or destruction.
Third-party services
We do not share your personal data for any third parties for marketing purposes.
Visitor activity may be checked through an automated spam and malicious activity detection services for added security.
The website is hosted in Germany with an EU company, Hetzner.
We use Zoho mail (EU-storage) and a client chosen web conferencing tool for contacting.
We may engage with subcontractors to fulfill the consulting services, if this is the case we will notify you beforehand.
Last updated: 23.03.2026.