Skip to main content

Privacy Policy

Last updated: June 2026

1. Data Controller

The data controller within the meaning of the General Data Protection Regulation (GDPR) is:

Sebastian Taatz Consulting UG (haftungsbeschränkt)

Raiffeisenstraße 2

97209 Veitshöchheim

Germany

E-Mail: privacy@sebastiantaatz.de

Telefon: +49 155 67113162

Data Protection Officer: Sebastian Taatz

2. Overview of Data Processing

The following overview summarizes the types of data processed, the purposes of processing, and the categories of data subjects.

Types of data processed:

  • Usage data (e.g., pages visited, access times)
  • Meta/communication data (e.g., IP address, browser type)
  • Content data (e.g., information in contact requests)
  • Contact data (e.g., email address when contacting us)

Categories of data subjects:

  • Users (e.g., website visitors)

3. Legal Basis

The processing of personal data is based on the following legal grounds:

  • Contract fulfillment / pre-contractual measures (Art. 6(1)(b) GDPR)
  • Legitimate interests (Art. 6(1)(f) GDPR), particularly in the secure, stable, and user-friendly provision of the website

4. Security Measures

We implement appropriate technical and organizational measures in accordance with Art. 32 GDPR to ensure a level of protection appropriate to the risk.

These include measures to ensure the confidentiality, integrity, and availability of data, as well as protection against unauthorized access.

The entire website is transmitted encrypted using SSL/TLS technology (HTTPS).

5. Website Hosting

This website is hosted and delivered through Netlify, Inc. as hosting and CDN provider.

  • Delivery: via Netlify's global CDN
  • Data transfers to third countries may occur as part of the Netlify services; Netlify refers to appropriate transfer mechanisms such as Standard Contractual Clauses.

Data collected when accessing the website (server log files)

  • IP address or shortened/anonymized IP address, where provided by the Netlify configuration
  • Date and time of access
  • Name and URL of the accessed file
  • Referrer URL
  • Browser type and operating system
  • Name of the access provider

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the technical provision, security, and stability of the website)

6. Cookies and Local Storage

This website does not set marketing cookies and does not use tracking technologies that require consent for advertising, retargeting, or profiling purposes. According to the provider, Simple Analytics does not set its own analytics cookies and does not use local storage, IP storage, fingerprinting, or user, browser, or device IDs. Netlify Web Analytics is based on server-side CDN/server log data and does not add a separate tracking script in the browser.

Local storage (technically necessary)

1. Language Preference (German/English)

  • Name: language_preference
  • Purpose: Storage of the preferred language for localized display
  • Storage duration: until manual deletion by the user
  • Legal basis: Art. 6(1)(f) GDPR and Sec. 25(2) No. 2 TDDDG

2. Display preference

  • Name: sebastiantaatz_theme
  • Purpose: Storage of the preferred display mode (light, dark, or system default)
  • Storage duration: until manual deletion by the user
  • Legal basis: Art. 6(1)(f) GDPR and Sec. 25(2) No. 2 TDDDG

3. Technical reload protection

  • Name: stc_last_reload_for_build
  • Purpose: Prevents repeated automatic reloads after a website update
  • Storage duration: until the browser tab is closed
  • Legal basis: Art. 6(1)(f) GDPR and Sec. 25(2) No. 2 TDDDG

On the first visit, the browser language may be read to redirect to the appropriate language version. This information is not transmitted to third parties.

No cookie or tracking banner is used because the website currently does not use marketing cookies, retargeting services, social pixels, session replay services, or comparable tracking technologies that require consent. Local storage is used only for the user-friendly presentation of the website.

7. External Services

Web analytics, marketing, and session replay services

This website uses Netlify Web Analytics for server-side, aggregated reach measurement based on CDN/server log data. In addition, Simple Analytics is used for cookieless, anonymous reach measurement without a consent prompt according to the provider's position. Marketing, advertising, retargeting, and session replay services are not used.

Data currently processed:

  • Netlify Web Analytics: aggregated evaluations from CDN/server log data, especially pageviews, top pages, referrers or traffic sources, approximate locations, status codes, 404 resources, bandwidth, and unique visitors based on different IP addresses per period
  • Simple Analytics: visited pages or paths, referrer, timestamp, browser/device information, approximate location information, and automatically collected events such as outbound links, downloads, and email links; does not set its own analytics cookies, no IP storage, no fingerprinting, and no user, browser, or device IDs
  • Providers: Netlify, Inc. and Simple Analytics B.V.
  • Server location: processing may take place within and outside the EU as part of the providers' infrastructure; the providers refer to appropriate safeguards such as Standard Contractual Clauses.
  • Legal basis: For Netlify Web Analytics and Simple Analytics, Art. 6(1)(f) GDPR (legitimate interest in privacy-friendly reach measurement, website improvement, and technical operation)

Netlify Web Analytics is a server-side Netlify evaluation based on CDN/server log data and cannot be controlled client-side per visitor. Activation and detailed views are managed in the Netlify dashboard. Simple Analytics does not set its own analytics cookies, is loaded without opt-in, respects an enabled Do Not Track signal, and is embedded without full event URLs or custom metadata.

Fonts

This website uses native system fonts from the visitor's device.

No external font provider is contacted and no font files are loaded from this website.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a consistent presentation of the online offering)

Services not used

This website does not use:

  • Session replay services
  • Social media pixels
  • Newsletter or email marketing services on this website
  • Advertising or retargeting services

8. Contact

When contacting us (e.g., by email), the following data is processed:

  • Email address
  • Message content
  • any additional information you voluntarily provide

Purpose: Processing of the inquiry

Legal basis: Art. 6(1)(b) GDPR or Art. 6(1)(f) GDPR

Storage duration: until the inquiry is fully processed and in accordance with statutory retention periods

9. Data Retention

Unless a more specific storage duration is stated in this privacy policy, we only process and store personal data for as long as necessary to achieve the respective purposes or as required by statutory retention periods.

10. Obligation to Provide Data

The provision of personal data is neither legally nor contractually required.

However, without the provision of certain data (e.g., email address when contacting us), requests cannot be processed.

11. Automated Decision-Making

Automated decision-making, including profiling pursuant to Art. 22 GDPR, does not take place.

12. Your Rights

Data subjects have the following rights in particular:

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection (Art. 21 GDPR)
  • Revocation of given consents
  • Complaint to a supervisory authority

13. Supervisory Authority

Bavarian State Office for Data Protection Supervision (BayLDA)

Promenade 18

91522 Ansbach

Germany

14. Changes to this Privacy Policy

We reserve the right to adapt this privacy policy to comply with legal or technical changes. The current version is always available on this website.

Questions about data protection?

If you have any questions about the processing of personal data or wish to exercise your rights, please contact:

privacy@sebastiantaatz.de