Homepage

Privacy Policy

1. Controller

Georgios Lazaridis
Belgradstraße 130
80804 Munich, Germany
Email: Email
Phone: Phone

2. General Information

We take the protection of your personal data seriously. We treat your personal data confidentially and in accordance with the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and this privacy policy.

The use of our website is generally possible without providing personal data. Data transmission over the internet may have security vulnerabilities. Complete protection of data from access by third parties is not possible.

3. Hosting

This website is hosted on a server by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. The host automatically collects and stores information in server log files that your browser transmits:

  • Browser type and version
  • Operating system
  • Referrer URL
  • IP address of the accessing device
  • Time of the server request

This data cannot be attributed to specific individuals. No merging with other data sources takes place. Server log files are automatically deleted after 14 days. Collection is based on Art. 6 (1) lit. f GDPR (legitimate interest in the secure provision of the website).

4. SSL/TLS Encryption

This site uses SSL/TLS encryption for security reasons. An encrypted connection is indicated by the browser address bar changing from "http://" to "https://" and by the lock icon in your browser bar.

5. Contact Form

When you send us inquiries via the contact form, the following data is collected:

  • Name
  • Email address
  • Subject
  • Message content

The data is stored for processing the inquiry and for follow-up questions. Email transmission is handled by Brevo (Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany). Brevo processes the data as a processor on servers within the European Union. Processing is based on Art. 6 (1) lit. b GDPR (pre-contractual measures) and Art. 6 (1) lit. a GDPR (your consent via the checkbox).

To prevent abuse, your IP address is temporarily stored in server memory to limit the number of form submissions (maximum 3 per minute). This data is not persisted and is automatically deleted after 10 minutes at most. The legal basis is Art. 6 (1) lit. f GDPR (legitimate interest in protection against spam).

Contact inquiries are deleted after final processing, unless statutory retention obligations apply. Deletion generally occurs no later than 6 months after responding to the inquiry. Your data will not be shared with other third parties without your consent.

6. Cloudflare Turnstile

To protect our contact form from automated spam messages, we use Cloudflare Turnstile. This is a service provided by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. Turnstile analyzes user behavior based on various characteristics (e.g., mouse movements, time spent on page) and creates an assessment of whether the form is being used by a human or a bot. Unlike traditional CAPTCHAs, active user interaction is generally not required.

When using the contact form, a connection to Cloudflare servers is established. Your IP address and other browser data (e.g., HTTP headers) may be transmitted. Cloudflare is a US-based company certified under the EU-US Data Privacy Framework (DPF), ensuring an adequate level of data protection pursuant to Art. 45 GDPR. Processing is based on Art. 6 (1) lit. f GDPR (legitimate interest in protection against spam and abuse). For more information, see the Cloudflare Privacy Policy.

7. Fonts

This website uses the "Geist" font by Vercel. The font files are hosted locally on our own server and served directly from there. No connection to external servers or CDN services is made. Your IP address is not transmitted to third parties in this context.

8. Local Storage

This website stores your color scheme preference (light/dark mode) in your browser's local storage. This is a purely technical, non-personal storage that occurs only locally on your device and is not transmitted to our servers.

9. Cookies

This website sets a technically necessary cookie (lang-pref) to store your language preference. This cookie has a lifetime of one year and is used solely for correct language assignment. The legal basis is § 25 (2) No. 2 TDDDG (strictly necessary cookie).

When using the contact form, a technically necessary third-party cookie may be set by the spam protection service Cloudflare Turnstile (see section 6). This cookie is used solely for bot detection and is not used for tracking or advertising purposes.

10. Web Analytics (Umami)

This website uses Umami, a privacy-friendly, open-source web analytics tool. Umami is self-hosted on our own server (umami.entenbach.de) in Germany (Hetzner Online GmbH). The following anonymized data is collected:

  • Pages visited (URL)
  • Referring page (referrer)
  • Browser and operating system used
  • Device type (desktop/mobile/tablet)
  • Country (based on anonymized IP address)

Umami does not set any cookies, does not store IP addresses, and does not create personal user profiles. There is no fingerprinting and no cross-device tracking. All data processing takes place entirely on our own server within the EU. No data is shared with third parties. Collection is based on Art. 6 (1) lit. f GDPR (legitimate interest in the anonymized analysis of website usage to improve the offering). Since Umami does not process personal data and does not set cookies, no consent is required under ePrivacy regulations.

Social media plugins are not used on this website.

11. Your Rights

You have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent (Art. 7 (3) GDPR) — If processing is based on your consent, you may withdraw it at any time with effect for the future. The lawfulness of processing carried out prior to withdrawal remains unaffected.

To exercise your rights, contact us at the address provided in the imprint.

12. Affiliate Links

Our website contains affiliate links to third-party products and services on the Recommendations page. If you purchase a product or book a service through such a link, we receive a commission from the respective provider. This does not result in any additional costs for you. Affiliate links are marked accordingly (rel="sponsored"). Clicking an affiliate link does not transmit any personal data from us to the provider — attribution is handled via a parameter in the URL.

13. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates the GDPR.

Competent supervisory authority:
Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18, 91522 Ansbach, Germany
www.lda.bayern.de

14. Objection to Unsolicited Advertising

The use of contact data published as part of the legal notice obligation for the purpose of sending unsolicited advertising and information materials is hereby prohibited. The operator of this website expressly reserves the right to take legal action in the event of unsolicited promotional information, such as spam emails.

Last updated: February 2026