PRIVACY POLICY
1) Introduction and Contact Details of the Controller
1.1We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about how we handle your personal data when you use our website. Personal data means all data by which you can be personally identified.1.2The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:Laouni & Partners Consulting
Mohammed Laouni
Am Südpark 8
52477 Alsdorf
Germany
Phone: +49 176 30182563
Email: [email protected]The controller responsible for the processing of personal data is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data.2) Data Collection When Visiting Our Website
2.1When you use our website for informational purposes only, meaning if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to the website server, so-called “server log files”. When you access our website, we collect the following data, which is technically necessary for us to display the website to you:The website visited
Date and time of access
Amount of data sent in bytes
Source/referrer from which you accessed the page
Browser used
Operating system used
IP address used, if applicable in anonymised formProcessing is carried out pursuant to Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to subsequently check the server log files if there are specific indications of unlawful use.2.2For security reasons and to protect the transmission of personal data and other confidential content, such as orders or enquiries sent to the controller, this website uses SSL or TLS encryption. You can recognise an encrypted connection by the character string “https://” and the lock symbol in your browser bar.3) Hosting & Content Delivery NetworkFor hosting our website and displaying the page content, we use a provider that provides its services either itself or through selected subcontractors exclusively on servers located within the European Union.All data collected on our website is processed on these servers.We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorised disclosure to third parties.4) Contacting Us
4.1 CalendlyFor the provision of an online appointment booking function, we use the services of the following provider:Calendly, LLC
BB&T Tower
271 17th St NW
Atlanta, GA 30363
USAFor the purpose of scheduling appointments, first and last name as well as email address, and if applicable the telephone number if a telephone appointment is requested, are collected pursuant to Art. 6 para. 1 lit. b GDPR and transmitted to the provider pursuant to Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in effective customer management and efficient appointment administration, where they are stored for appointment organisation.After the appointment has taken place or after the agreed appointment period has expired, your data will be deleted by the provider.We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorised disclosure to third parties.For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.4.2When contacting us, for example via contact form or email, personal data is collected. The data collected when using a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of responding to your enquiry or for contacting you and the associated technical administration.The legal basis for processing this data is our legitimate interest in responding to your enquiry pursuant to Art. 6 para. 1 lit. f GDPR. If your contact is aimed at concluding a contract, an additional legal basis for processing is Art. 6 para. 1 lit. b GDPR.Your data will be deleted after final processing of your enquiry. This is the case when it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.5) Website Functionalities
5.1 Microsoft TeamsFor conducting online meetings, video conferences and/or webinars, we use the following provider:Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USAThe provider processes various data, whereby the scope of the processed data depends on the data you provide before or during participation in an online meeting, video conference or webinar. Your data as a communication participant is processed and stored on the provider’s servers. This may include, in particular, your login data, such as name, email address, telephone number optional and password, as well as session data, such as topic, participant IP address, device information and description optional.In addition, image and audio contributions from participants as well as text inputs in chats may be processed.For the processing of personal data required for the performance of a contract with you, including processing operations required to carry out pre-contractual measures, Art. 6 para. 1 lit. b GDPR serves as the legal basis. If you have given us consent to process your data, processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR. Consent given may be withdrawn at any time with effect for the future.Otherwise, the legal basis for data processing when conducting online meetings, video conferences or webinars is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the effective performance of the online meeting, webinar or video conference.We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorised disclosure to third parties.For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.5.2 ZoomFor conducting online meetings, video conferences and/or webinars, we use the following provider:Zoom Video Communications Inc.
55 Almaden Blvd, Suite 600
San Jose, CA 95113
USAThe provider processes various data, whereby the scope of the processed data depends on the data you provide before or during participation in an online meeting, video conference or webinar. Your data as a communication participant is processed and stored on the provider’s servers. This may include, in particular, your login data, such as name, email address, telephone number optional and password, as well as session data, such as topic, participant IP address, device information and description optional.In addition, image and audio contributions from participants as well as text inputs in chats may be processed.For the processing of personal data required for the performance of a contract with you, including processing operations required to carry out pre-contractual measures, Art. 6 para. 1 lit. b GDPR serves as the legal basis. If you have given us consent to process your data, processing is carried out on the basis of Art. 6 para. 1 lit. a GDPR. Consent given may be withdrawn at any time with effect for the future.Otherwise, the legal basis for data processing when conducting online meetings, video conferences or webinars is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the effective performance of the online meeting, webinar or video conference.We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorised disclosure to third parties.For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.6) Tools and Other Services
DocuSignFor the digital signing of documents, we use the services of the following provider:DocuSign International (EMEA) Ltd.
5 Hanover Quay
Grand Canal Dock
Dublin, D02 VY79
IrelandThe service enables the legally valid signing of documents by electronic signature from any device.For this purpose, in addition to the electronic signature, the service collects, stores and transmits usage data of the device used, in particular the IP address, as well as certain transaction data for verification and proof of signing.Processing is carried out on the basis of our legitimate interest in efficient and time-saving business management and customer-friendly and effective document management pursuant to Art. 6 para. 1 lit. f GDPR.We have concluded a data processing agreement with the provider, which protects the data of our website visitors and prohibits disclosure to third parties.7) Rights of the Data Subject
7.1The applicable data protection law grants you the following data subject rights, rights of access and intervention, vis-à-vis the controller with regard to the processing of your personal data. Reference is made to the stated legal basis for the respective requirements for exercising these rights:Right of access pursuant to Art. 15 GDPR
Right to rectification pursuant to Art. 16 GDPR
Right to erasure pursuant to Art. 17 GDPR
Right to restriction of processing pursuant to Art. 18 GDPR
Right to notification pursuant to Art. 19 GDPR
Right to data portability pursuant to Art. 20 GDPR
Right to withdraw consent given pursuant to Art. 7 para. 3 GDPR
Right to lodge a complaint pursuant to Art. 77 GDPR
7.2 Right to ObjectIF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST AS PART OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT AT ANY TIME, FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE.IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS.IF YOUR PERSONAL DATA IS PROCESSED BY US FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING. YOU MAY EXERCISE THE OBJECTION AS DESCRIBED ABOVE.IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.8) Duration of Storage of Personal DataThe duration of storage of personal data is determined by the respective legal basis, the processing purpose and, where applicable, additionally by the respective statutory retention period, for example commercial and tax retention periods.When personal data is processed on the basis of explicit consent pursuant to Art. 6 para. 1 lit. a GDPR, the data concerned will be stored until you withdraw your consent.If statutory retention periods exist for data processed within the framework of contractual or similar obligations on the basis of Art. 6 para. 1 lit. b GDPR, this data will be routinely deleted after expiry of the retention periods, provided that it is no longer required for contract performance or contract initiation and/or we have no legitimate interest in further storage.When personal data is processed on the basis of Art. 6 para. 1 lit. f GDPR, this data will be stored until you exercise your right to object pursuant to Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.When personal data is processed for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f GDPR, this data will be stored until you exercise your right to object pursuant to Art. 21 para. 2 GDPR.Unless otherwise stated in the other information in this policy regarding specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.Copyright notice: This privacy policy was created by the specialist lawyers of IT-Recht Kanzlei and is protected by copyright.Status: 13 May 2026, 09:38:23.