Privacy Policy

We process personal data on the basis of Art. 6(1) GDPR, in particular: (a) consent, (b) performance of a contract and pre-contractual steps, (c) compliance with a legal obligation, and (f) legitimate interest (e.g. the secure and functional operation of the website).

Server log files: when you access the website, technically necessary data is processed (e.g. IP address, date/time, page requested, browser type, operating system) on the basis of Art. 6(1)(f) GDPR for secure operation.

Contact requests: if you contact us via the contact form or by email, we process the data you provide (e.g. name, email address, company, message) to handle your request (Art. 6(1)(b)/(f) GDPR).

Contract data: within a business relationship we process the data required to perform it.

Certificate activation and Terms acceptance: when you activate a certificate via an activation link and accept the Terms, we store — as proof — the time of acceptance, the accepted Terms version (including a content hash), your IP address, your browser (user agent) and the email address the activation link was sent to. The legal basis is Art. 6(1)(b) and (f) GDPR (performance of the contract and the legitimate interest in being able to evidence the acceptance).

We use Umami, a privacy-friendly analytics tool, to measure reach. Umami is cookieless, sets no cookies and does not process personal data that can be traced back to you; IP addresses are not stored in clear text. No cross-device tracking takes place. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in a needs-based design of the website).

We use only technically necessary cookies or local storage required to operate the website (e.g. language and theme preference). Under § 25(2) TTDSG no consent is required for these. We do not run cookie-based web analytics.

Our website is hosted with Hetzner Online GmbH on servers in Finland (EU); a data-processing agreement under Art. 28 GDPR is in place with Hetzner. Contact-form submissions are processed via a self-hosted n8n instance on the same server in Finland and then forwarded by email to our mailbox hosted at ALL-INKL.COM – Neue Medien Münnich GmbH (Germany) for handling. Both providers process exclusively within the EU; no transfer to a third country takes place.

Your data is disclosed only where necessary to perform a contract, where you have consented, or where required by law. Processing generally takes place within the EU/EEA. Should a transfer to a third country exceptionally occur, it does so only under the conditions of Art. 44 et seq. GDPR.

We store personal data only as long as necessary for the respective purposes or as required by statutory retention periods (e.g. commercial and tax law). Server log files are deleted or anonymised after a short time. Contact requests are deleted once finally processed, unless retention obligations apply.

Records of Terms acceptance (certificate activation) are retained for the duration of the business relationship and thereafter until the statutory limitation periods expire.

You have the right of access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20) and to object to processing (Art. 21 GDPR).

You may withdraw consent at any time with effect for the future (Art. 7(3) GDPR).

To exercise your rights, a message to info@ipm-consulting.org is sufficient.

You have the right to lodge a complaint with a data protection supervisory authority. The authority responsible for us is: Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein (ULD), Holstenstraße 98, 24103 Kiel, Germany (www.datenschutzzentrum.de).

We take appropriate technical and organisational measures to protect your data, in particular transport encryption (TLS/HTTPS) and access-restricted systems.

We are not legally required to appoint a data protection officer. For any privacy questions, please contact the controller named above.

We update this policy when changes to our processing or to the legal situation make it necessary. The version published on this page applies.