Sebastian Taatz Consulting

    Privacy Policy

    Last updated: January 2026

    1. Data Controller

    The data controller within the meaning of the General Data Protection Regulation (GDPR) is:

    Sebastian Taatz Consulting UG (haftungsbeschränkt)

    Raiffeisenstraße 2

    97209 Veitshöchheim

    Germany

    E-Mail: privacy@sebastiantaatz.de

    Telefon: +49 155 67113162

    Data Protection Officer: Sebastian Taatz

    2. Overview of Data Processing

    The following overview summarizes the types of data processed, the purposes of processing, and the categories of data subjects.

    Types of data processed:

    • Usage data (e.g., pages visited, access times)
    • Meta/communication data (e.g., IP address, browser type)
    • Content data (e.g., information in contact requests)
    • Contact data (e.g., email address for newsletter signup)

    Categories of data subjects:

    • Users (e.g., website visitors)

    3. Legal Basis

    The processing of personal data is based on the following legal grounds:

    • Consent (Art. 6(1)(a) GDPR)
    • Contract fulfillment / pre-contractual measures (Art. 6(1)(b) GDPR)
    • Legitimate interests (Art. 6(1)(f) GDPR), particularly in the secure, stable, and user-friendly provision of the website

    4. Security Measures

    We implement appropriate technical and organizational measures in accordance with Art. 32 GDPR to ensure a level of protection appropriate to the risk.

    These include measures to ensure the confidentiality, integrity, and availability of data, as well as protection against unauthorized access.

    The entire website is transmitted encrypted using SSL/TLS technology (HTTPS).

    5. Website Hosting

    This website is hosted and delivered through Netlify, Inc. as hosting and CDN provider.

    • Delivery: via Netlify's global CDN
    • Data transfers to third countries may occur as part of the Netlify services; Netlify refers to appropriate transfer mechanisms such as Standard Contractual Clauses.

    Data collected when accessing the website (server log files)

    • Anonymized IP address
    • Date and time of access
    • Name and URL of the accessed file
    • Referrer URL
    • Browser type and operating system
    • Name of the access provider

    Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the technical provision, security, and stability of the website)

    6. Cookies and Local Storage

    This website uses only technically necessary local storage technologies.

    localStorage (technically necessary)

    1. Cookie Preferences

    • Name: sebastiantaatz_cookie_consent
    • Purpose: Storage of cookie preferences
    • Storage duration: until manual deletion by the user
    • Legal basis: Art. 6(1)(f) GDPR

    2. Language Preference (German/English)

    • Name: sebastiantaatz_language
    • Purpose: Storage of the preferred language for localized display
    • Storage duration: until manual deletion by the user
    • Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a user-friendly display)

    3. Statistics Cookies (optional)

    • Purpose: reserved for optional, anonymized analytics to improve the website
    • Activation: only after an analytics feature is added and with explicit consent
    • Legal basis: Art. 6(1)(a) GDPR (consent)

    A cookie banner is displayed on the first visit. Settings can be adjusted at any time via the "Cookie Settings" link in the footer.

    Marketing cookies are currently not used. The cookie banner offers this option for future extensions.

    7. External Services

    Platform Analytics (Session Replay)

    This website currently does not use platform analytics services such as session replay. The statistics category in the cookie banner is reserved for optional, consent-based analytics features.

    Data currently processed:

    • None, unless an optional analytics or session replay integration is enabled
    • Provider: not enabled
    • Server location: not applicable
    • Legal basis: not applicable unless processing takes place

    If an optional analytics feature is added in the future, it will only be used with explicit consent. You can revoke that consent at any time via the cookie settings in the footer.

    Fonts (local embedding)

    This website uses the Inter font, which is embedded locally on our server.

    No connection to external provider servers occurs and no data is transferred to third parties.

    Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a consistent presentation of the online offering)

    Services not used

    This website does not use:

    • Social media pixels
    • Advertising or retargeting services

    8. Newsletter

    The following data is collected for newsletter registration:

    • Email address (required)
    • First name (optional)
    • Form of address preference informal/formal (optional)

    Purpose: Sending newsletter content and information about our products

    Legal basis: Art. 6(1)(a) GDPR (consent)

    Double opt-in procedure

    Registration is via a double opt-in procedure. You will first receive a confirmation email with a link to verify your registration.

    Storage duration:

    • Unconfirmed registrations are automatically deleted after 7 days
    • Confirmed registrations are stored until revocation

    Unsubscribe: You can unsubscribe at any time with one click. A corresponding link is included in every email.

    9. Email Delivery

    Emails (newsletters, confirmation emails) are sent via the Resend service.

    Service provider: Resend, Inc.

    Data transmitted:

    • Email address
    • First name (if provided)
    • Email content

    Processing: exclusively on servers within the EU

    Legal basis: Art. 6(1)(a) GDPR (consent) in conjunction with Art. 28 GDPR (data processing agreement)

    More information: resend.com/legal/privacy-policy

    10. Contact

    When contacting us (e.g., by email), the following data is processed:

    • Name
    • Email address
    • Message content

    Purpose: Processing of the inquiry

    Legal basis: Art. 6(1)(b) GDPR or Art. 6(1)(f) GDPR

    Storage duration: until the inquiry is fully processed and in accordance with statutory retention periods

    11. Data Retention

    Unless a more specific storage duration is stated in this privacy policy, we only process and store personal data for as long as necessary to achieve the respective purposes or as required by statutory retention periods.

    12. Obligation to Provide Data

    The provision of personal data is neither legally nor contractually required.

    However, without the provision of certain data (e.g., email address for contact or newsletter registration), requests or registrations cannot be processed.

    13. Automated Decision-Making

    Automated decision-making, including profiling pursuant to Art. 22 GDPR, does not take place.

    14. Your Rights

    Data subjects have the following rights in particular:

    • Access (Art. 15 GDPR)
    • Rectification (Art. 16 GDPR)
    • Erasure (Art. 17 GDPR)
    • Restriction of processing (Art. 18 GDPR)
    • Data portability (Art. 20 GDPR)
    • Objection (Art. 21 GDPR)
    • Revocation of given consents
    • Complaint to a supervisory authority

    15. Supervisory Authority

    Bavarian State Office for Data Protection Supervision (BayLDA)

    Promenade 18

    91522 Ansbach

    Germany

    16. Changes to this Privacy Policy

    We reserve the right to adapt this privacy policy to comply with legal or technical changes. The current version is always available on this website.

    Questions about data protection?

    If you have any questions about the processing of personal data or wish to exercise your rights, please contact:

    privacy@sebastiantaatz.de