Privacy policy
Note: This is an English translation for convenience. The German version on beraterium.de is legally authoritative.
of Beraterium GbR, Dr.-Maria-Grollmuß-Straße 14, 02625 Bautzen, Germany
We appreciate your interest in our website. Protecting your personal data is important to us. Below we inform you about the type, scope and purpose of processing personal data when you visit beraterium.de, as well as about your rights. Legal notice: beraterium.de/impressum.
1. Data protection at a glance
General information
The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data with which you can be personally identified. Detailed information can be found in this privacy policy.
Who is responsible?
The party responsible for data processing on this website is the entity named in Section 2. You will find contact details there.
How do we collect your data?
Your data is collected in part because you provide it to us — for example via the contact form, by e-mail or telephone, when booking an appointment or when subscribing to a newsletter. Other data is collected automatically when you visit the website by our IT systems or the hosting provider. This is mainly technical data (e.g. IP address, browser type, operating system, time of page access).
What do we use your data for?
Some of the data is collected to ensure error-free and secure provision of the website. Other data may be used to process your enquiry, arrange appointments or — if you have given consent — for reach measurement.
What rights do you have?
You have the right at any time to free information about the origin, recipient and purpose of your stored personal data, to rectification or erasure, to restriction of processing, to data portability and to withdraw consent you have given. You also have the right to lodge a complaint with a data protection supervisory authority. Details can be found in Section 2.
2. General information and mandatory disclosures
Data protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection provisions — in particular the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the German Telecommunications and Telemedia Data Protection Act (TTDSG) — as well as this privacy policy.
When you use this website, various personal data is collected. This privacy policy explains which data we collect, what we use it for and on what legal basis this takes place.
We point out that data transmission over the internet (e.g. when communicating by e-mail) may have security gaps. Complete protection of data against access by third parties is not possible.
Note on the controller
The controller responsible for data processing on this website is:
Beraterium GbR
Dr.-Maria-Grollmuß-Straße 14
02625 Bautzen
Germany
Telephone: +49 15679 108461
E-mail: info@beraterium.de
Represented by the partners Till Manfred Blania and Peter Münstermann.
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.
Storage period
Unless a more specific storage period is stated in this privacy policy, your personal data remains with us until the purpose for data processing no longer applies. If you assert a legitimate request for erasure or withdraw consent, your data will be deleted unless we have other legally permissible grounds for storage (e.g. tax or commercial retention periods); in the latter case, erasure takes place after those grounds cease to apply.
Legal bases for data processing
If you have consented to data processing, we process your personal data on the basis of Art. 6(1)(a) GDPR. If you have consented to the storage of cookies or access to information on your end device, processing additionally takes place on the basis of Section 25(1) TTDSG; consent can be withdrawn at any time.
If your data is required for contract performance or for carrying out pre-contractual measures, we process your data on the basis of Art. 6(1)(b) GDPR. If we process your data to fulfil a legal obligation, this takes place on the basis of Art. 6(1)(c) GDPR. In other cases, processing may be based on our legitimate interest pursuant to Art. 6(1)(f) GDPR — e.g. in the secure, error-free provision of our website or in the effective processing of enquiries. We inform you about the respective applicable legal bases in detail in the following sections.
Recipients of personal data
In the course of our business activities we use external service providers (e.g. hosting, form submission, appointment booking, newsletter, web analytics). We only pass on personal data where this is necessary for contract performance, we are legally obliged to do so, we have a legitimate interest or you have consented. When using processors, we conclude contracts pursuant to Art. 28 GDPR (data processing agreements, DPAs).
Withdrawal of your consent
Where processing is based on your consent, you may withdraw it at any time with effect for the future. The lawfulness of processing carried out until withdrawal remains unaffected.
Right to object (Art. 21 GDPR)
WHERE DATA PROCESSING IS BASED ON ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS.
Where your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing.
Right to lodge a complaint with a supervisory authority
In the event of breaches of the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged breach.
The supervisory authority responsible for us is:
Saxon Commissioner for Data Protection and Freedom of Information
Devrientstraße 5
01067 Dresden
Germany
Telephone: 0351 85471-101
E-mail: poststelle@saechsdsb.de
Website: https://www.saechsdsb.de
Your further rights
You have the right to access (Art. 15 GDPR), rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR) and data portability (Art. 20 GDPR). To exercise your rights, an informal message to the contact details above is sufficient.
SSL/TLS encryption
This site uses SSL/TLS encryption for security reasons. You can recognise an encrypted connection by the fact that the browser address bar changes from «http://» to «https://» and by the padlock symbol in the browser bar.
Objection to advertising e-mails
We hereby object to the use of contact data published as part of our legal notice obligations for the transmission of unsolicited advertising. The operators reserve the right to take legal action in the event of unsolicited advertising communications.
3. Hosting
We host the content of our website with the following provider:
da.web | Dirk Auerbach
Christgrün 21 c
08543 Pöhl
Germany
Website: https://dasolutions.de
E-mail: info@dasolutions.de
The host stores server log files including your IP address, date and time of the request, amount of data transferred, requesting browser and operating system, and referrer URL. Processing takes place for the technical provision, stability and security of the website on the basis of our legitimate interest pursuant to Art. 6(1)(f) GDPR in conjunction with Section 25(2) No. 2 TTDSG, insofar as access to information on the end device is required.
We have concluded a data processing agreement (DPA) with the host pursuant to Art. 28 GDPR. Processing takes place — where possible — on servers in Germany or the European Union.
Further information on the host's data protection: [PLACEHOLDER link to da.web privacy policy]
No WordPress, no US cloud CDN for fonts
Our website is a static website (HTML, CSS, JavaScript). No content is delivered via WordPress, Automattic or comparable US analytics services. Fonts (Inter) are served locally from our server — no requests are made to Google Fonts or other external font CDNs.
4. Data collection on this website
Cookies and consent management
Our website may use cookies and similar technologies. Cookies are small text files stored on your end device.
Technically necessary cookies serve the operation of the website (e.g. storing your cookie settings). They are set — where required — on the basis of Art. 6(1)(f) GDPR or Section 25(2) TTDSG.
Statistics and marketing cookies are only used if you have expressly consented via our consent banner (Art. 6(1)(a) GDPR, Section 25(1) TTDSG). You can withdraw your consent at any time with the same ease with which you gave it.
Consent management tool (CMP): [PLACEHOLDER e.g. Borlabs Cookie / Complianz / Cookiebot — only enter if live]
You can configure your browser to inform you when cookies are set, to allow cookies only in individual cases or to exclude them generally. If technically necessary cookies are disabled, functionality may be limited.
Server log files
The hosting provider automatically collects information in so-called server log files that your browser transmits automatically. This may include: browser type and version, operating system used, referrer URL, hostname of the accessing computer, time of server request and IP address.
This data is not merged with other data sources. Storage is temporary; the specific duration depends on the host's settings (usually a few days up to a maximum of six weeks, unless longer retention is required for security reasons).
Contact form
When you send us enquiries via the contact form at beraterium.de/kontakt/, we process the data you enter (e.g. name, e-mail address, company, message, target group selection if applicable) to handle your enquiry and for any follow-up questions.
The legal basis is Art. 6(1)(b) GDPR if your enquiry relates to the performance of a contract or pre-contractual measures; otherwise Art. 6(1)(f) GDPR (legitimate interest in effective communication) or Art. 6(1)(a) GDPR if you have consented via the privacy policy.
The data remains with us until the purpose no longer applies (e.g. completed processing), you request erasure or you withdraw your consent. Mandatory statutory retention periods remain unaffected.
Technical submission/storage: [PLACEHOLDER form service, e.g. own backend, SMTP, Formspree EU — conclude DPA]
Enquiry by e-mail or telephone
When you contact us by e-mail or telephone, we store and process your details to handle your request. The legal bases correspond to those for the contact form. We do not pass on the data without your consent.
Appointment booking (Cal.com)
[Only publish if Cal.com or similar is integrated on /kontakt/]
For online appointment booking we use the service Cal.com (Cal.com, Inc. / Cal.com EU — [enter exact legal entity and server location]).
When booking, we or the provider process in particular name, e-mail address, chosen appointment and any additional information you provide. Processing serves the purpose of arranging your initial consultation (Art. 6(1)(b) or (f) GDPR).
Cal.com may set cookies and process data in third countries. Integration only takes place after your consent via the consent banner, unless technically necessary. We have concluded a DPA with Cal.com; standard contractual clauses pursuant to Art. 46 GDPR may apply.
Cal.com privacy information: https://cal.com/privacy
Newsletter
[Only publish if newsletter sign-up is live — e.g. Brevo]
If you subscribe to our newsletter, we process your e-mail address and, if applicable, your name for delivery. We use the double opt-in procedure: after signing up you receive an e-mail with a confirmation link. No delivery takes place without confirmation.
Legal basis: Art. 6(1)(a) GDPR. Withdrawal at any time via the unsubscribe link in the newsletter or by e-mail to info@beraterium.de.
Newsletter service: [PLACEHOLDER e.g. Brevo (Sendinblue), Frankfurt/EU] — DPA required.
Web analytics
[Only publish if analytics is live]
For reach measurement we use [PLACEHOLDER e.g. Plausible Analytics (EU) / Matomo (self-hosted, DE)]. The tool is [cookieless / consent-required — specify]. Usage data that is anonymised or pseudonymised is processed (e.g. pages accessed, referrer, approximate location, device type). Legal basis for cookieless reach measurement without personal reference: Art. 6(1)(f) GDPR; for cookies: Art. 6(1)(a) GDPR and Section 25(1) TTDSG.
Fonts (self-hosted)
For consistent presentation we use the Inter typeface. The font files are served from our own web server. When pages are accessed, no connections are made to Google Fonts, Adobe Fonts or other external font providers. No personal data is transmitted to third-party providers as a result.
Links to LinkedIn and other platforms
Our website contains links to our profile on LinkedIn (LinkedIn Ireland Unlimited Company). When you merely access our website, no data is transmitted to LinkedIn. Only when you click a link and visit LinkedIn do LinkedIn's privacy provisions apply. LinkedIn may process your IP address and usage data, among other things; transmission to the USA may take place on the basis of the EU-US Data Privacy Framework (DPF) or standard contractual clauses.
LinkedIn privacy information: https://de.linkedin.com/legal/privacy-policy
YouTube, Google Maps and embedded social media content are not currently used. Should such services be integrated in future, this privacy policy will be updated in advance.
5. Data transfers to third countries
Personal data is only transferred to countries outside the EU/EEA if an adequate level of data protection exists (adequacy decision of the EU Commission), suitable safeguards are in place (in particular EU standard contractual clauses pursuant to Art. 46 GDPR) or you have consented (Art. 49(1) GDPR).
Our hosting with da.web generally takes place in Germany/the EU. If individual services (e.g. Cal.com, LinkedIn, newsletter provider) transfer data to third countries — in particular the USA — we inform you in the respective sections about the safeguards used (e.g. EU-US Data Privacy Framework certification of the provider).
6. Obligation to provide data
Provision of personal data is neither legally nor contractually required. For use of the website, however, provision of technical access data (log files) is technically necessary. Without contact details we cannot process your enquiry via form, e-mail or appointment booking.
7. Automated decision-making
No automated decision-making, including profiling pursuant to Art. 22 GDPR, takes place.
8. Changes to this privacy policy
We reserve the right to amend this privacy policy so that it always meets current legal requirements or reflects changes to our services. On your next visit, the new privacy policy will apply.
As of: 09 June 2026