Privacy Policy
May 12, 2026
This policy informs you how we process personal data when you visit this website or use the contact form. This is a courtesy translation; the German version (Datenschutzerklärung) prevails in case of discrepancy.
1. Controller
Controller within the meaning of the GDPR is: Jonas Bergert Albert-Roßhaupter-Straße 32 81369 München Deutschland Email: jonas@bergert.digital
2. Data Protection Officer
No DPO is appointed because the conditions of §38 BDSG do not apply. For privacy questions, contact us at the address above.
3. Server logs
When you visit the website, our hosting provider automatically collects and stores technical data in server logs: IP address, date and time of request, requested URL, HTTP status code, referrer URL, user agent. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in operational security and error analysis). Retention: up to 7 days.
4. Contact form
When you use the contact form, we process: name, email address, short description of your idea, your selection of the deal model. Purpose: responding to your inquiry and initiating a possible engagement. Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures).
Retention: until your matter is concluded, then prompt deletion — at the latest within 12 months, unless statutory retention obligations apply.
5. Data processors
We use the following data processors under Art. 28 GDPR. Data processing agreements (DPAs) are in place with each:
- Brevo
- Sendinblue SAS, 106 boulevard Haussmann, 75008 Paris, France. Transactional email delivery (lead notification and your auto-confirmation).
- Hetzner
- Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. Website hosting (via Coolify).
- Cloudflare
- Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. Bot protection of the contact form via Turnstile. Data processed: IP address, technical browser signals, challenge token. Transfer to the US under EU Standard Contractual Clauses; Cloudflare is certified under the EU-US Data Privacy Framework. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in spam and abuse protection).
6. Google Ads Conversion Tracking
If you have consented via the cookie banner to marketing measurement, we load the Google Ads tag (gtag.js) from Google in your browser. We use Google's Consent Mode v2 — until you grant consent, all advertising and analytics storage stays set to "denied"; only after "Accept" do any cookies get set or data sent.
Data transmitted: Google Ads click ID (gclid, if you arrived via an ad), conversion timestamp, and technical browser data (IP address, user agent). A conversion event is sent to Google when you submit the contact form and land on the confirmation page.
Purpose: measuring effectiveness of our Google Ads campaigns. Legal basis: Art. 6(1)(a) GDPR and §25(1) TTDSG (consent).
Recipient: Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. Onward transfer to Google LLC (USA) under EU Standard Contractual Clauses; Google is certified under the EU-US Data Privacy Framework.
Withdrawal: you can withdraw your consent at any time via the "Cookie-Einstellungen" link in the footer. Withdrawal takes effect prospectively.
8. Your rights
You have the right to:
- Access the data we hold about you (Art. 15 GDPR)
- Rectification of inaccurate data (Art. 16 GDPR)
- Erasure (Art. 17 GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Object to processing (Art. 21 GDPR)
To exercise your rights, contact: jonas@bergert.digital
9. Withdrawal of consent
Where processing is based on your consent (e.g. Google Ads conversion tracking), you may withdraw it at any time with effect for the future, via the "Cookie-Einstellungen" link in the footer. The lawfulness of processing carried out before withdrawal is not affected.