top of page

Privacy Policy

1. Name and Contact of the Controller

Michael Brand
Hildegardstr. 11

80539 Munich
Germany
Email: mb@aporiaadvisory.com

 

2. Data Collection and Processing

2.1 Personal Data We Collect

We collect and process the following data when you use our website:

  • Contact details (name, email, phone) via the contact form

  • Information related to inquiries (if you contact us)

  • Website usage data (IP address, browser type, device information, referring URL) via Google Analytics

  • Customer relationship data stored in our CRM system

 

2.2 Purpose and Legal Basis for Processing

We process your personal data for the following purposes:

  • Responding to inquiries (via contact form or email) – Art. 6 (1)(b) GDPR

  • Website analytics and improvement (Google Analytics) – Art. 6 (1)(f) GDPR (legitimate interest)

  • Managing customer relationships (CRM) – Art. 6 (1)(b) GDPR

 

3. Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited. Google Analytics collects information about your use of our website via cookies. We use this data to analyze visitor behavior and improve our website.

Google Analytics is activated only with your explicit consent via our cookie banner. Without your consent, no data collection via Google Analytics will take place. You can revoke your consent at any time.

Google may process your data outside the EU. We have enabled IP anonymization to protect your privacy. You can opt out of Google Analytics tracking by installing the Google Analytics opt-out browser add-on:
https://tools.google.com/dlpage/gaoptout

 

4. Contact Form

When you contact us via our form, we collect your name, email, and any message you provide. This data is used solely to process your request and is not shared with third parties.

 

5. CRM System

We use a Customer Relationship Management (CRM) system to manage interactions with customers. The CRM provider may process data on our behalf. We ensure GDPR compliance through Data Processing Agreements (DPA) with third-party providers.

If our CRM provider is located outside the EU, we ensure data protection through EU Standard Contractual Clauses (SCCs). A copy of these clauses can be provided upon request.

 

6. Data Retention

We retain personal data only as long as necessary:

  • Contact form inquiries: 6 months after the last interaction, unless further retention is required (e.g., ongoing communication).

  • Analytics data: 14 months (Google Analytics standard retention period, if consent was given).

  • CRM data: Until the end of the business relationship or as long as legal retention obligations exist.

7. Your Rights

You have the right to:

  • Request access to your personal data (Art. 15 GDPR)

  • Request correction of inaccurate data (Art. 16 GDPR)

  • Request deletion of your data (Art. 17 GDPR), unless legal retention obligations apply

  • Object to processing based on legitimate interests (Art. 21 GDPR)

  • Withdraw your consent at any time (Art. 7 (3) GDPR)

To exercise your rights, contact us at: hello@aporiaadvisory.com

Additionally, you have the right to file a complaint with the relevant data protection authority:

Competent authority in Germany:
Bavarian Data Protection Authority (BayLDA)
Promenade 18, 91522 Ansbach, Germany

8. Cookies & Tracking Technologies

We use cookies to enhance user experience. You can manage your cookie preferences in your browser settings.

9. Data Transfers Outside the EU

We may transfer data outside the EU when using third-party services such as Google Analytics or CRM providers. In such cases, we ensure an adequate level of data protection through EU Standard Contractual Clauses (SCCs).

Please note: In certain cases, US authorities may access your data under applicable US laws.

10. Changes to This Privacy Policy

We may update this Privacy Policy. The latest version will always be available on our website.

Last updated: 25 February 2025

bottom of page