Trust Center

Yes. We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). Our Privacy Policy explains what we collect, the legal basis, and why.

Our infrastructure runs on Hetzner servers located in Germany and on Cloudflare’s platform (Workers and the D1 database) within the European Union. Personal data is stored in the EU.

No. Our hosting and database are located in Germany and the EU, so personal data is not transferred to third countries in the ordinary course of running our website and services.

The vendors that may process personal data on our behalf are listed in the Subprocessors section above. We keep this list current and review each vendor’s data-protection posture.

When we provide legal advice we act as an independent data controller under our own professional and statutory duties — not as a processor acting on a client’s instructions. For that reason we do not enter into a data processing agreement (DPA) for our legal services.

Client information is protected by attorney-client confidentiality (§ 43a BRAO, § 203 StGB) in addition to GDPR. We apply appropriate technical and organisational measures to keep that data secure.

Contact us using the address in the Contact section below. We respond to access, rectification, erasure and other requests within the statutory timeframe, subject to our legal retention and confidentiality obligations.

Where a breach is likely to result in a risk to data subjects, we notify the competent supervisory authority within 72 hours and affected individuals without undue delay, as required by Articles 33 and 34 GDPR.