Effective Date: April 1, 2025
Last Updated: April 1, 2025
I. General Information
1. Controller
Teno Guga, acting as GUGA Solutions
Nürnberger Straße 68
10787 Berlin, Germany
Email: [email protected]
2. No Data Protection Officer Appointed
We are not legally required to appoint a Data Protection Officer under Art. 37 GDPR. However, for all data protection-related inquiries, please contact Teno Guga at the contact details provided above.
3. Transfer to Third Parties
We may transfer your personal data to third parties where necessary to provide our Website or services. If we use external service providers, these have been carefully selected and contractually bound to process data in compliance with Art. 28 GDPR. Categories of recipients include:
4. Transfer to Third Countries
Some of our service providers are located outside the EU/EEA. If there is no adequacy decision under Art. 45 GDPR, we ensure appropriate safeguards are in place under Art. 46 GDPR, such as Standard Contractual Clauses.
5. Retention and Deletion
Your personal data will be stored only as long as necessary to fulfill the intended purposes or as legally required (e.g., 6 to 10 years under German tax and commercial laws). Once the storage purpose no longer applies, your data will be deleted or anonymized unless longer storage is required for legal or contractual obligations.
6. Data Security
We take appropriate technical and organizational measures to ensure the security of your personal data. These measures are regularly reviewed and adjusted in line with technological progress.
However, due to the nature of the Internet, data transmissions (e.g., via email) may have security gaps. Therefore, complete protection of data against third-party access cannot be guaranteed.
II. Our Processing Activities
1. Visiting Our Website
When you access our website, the following data is automatically processed:
Legal basis: Art. 6 (1) (f) GDPR. Our legitimate interest lies in the secure and stable operation of the Website. Log files are deleted after 7 days unless further storage is required for evidentiary purposes.
2. Contact Form / Calendly Booking
When you contact us via the contact form or schedule an appointment via Calendly, we process:
Legal basis: Art. 6 (1) (a) GDPR (consent) or Art. 6 (1) (b) GDPR (pre-contractual steps). Data is deleted after your request is fulfilled unless legal retention obligations apply.
3. Newsletter Subscription
If you subscribe to our newsletter, we process:
Legal basis: Art. 6 (1) (a) GDPR (consent). You can withdraw your consent at any time by clicking the “unsubscribe” link in our newsletter.
4. Cookies and Analytics
Our website uses cookies and Google Analytics (anonymized IP). Data processed:
Legal basis: Art. 6 (1) (a) GDPR (consent via cookie banner). You can revoke your consent at any time by changing your browser settings or adjusting cookie preferences.
5. Embedded Content (LinkedIn Posts)
Embedded content from LinkedIn may collect data such as IP address and browser details.
Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in presenting external content). Activation is voluntary via a two-click mechanism.
6. Video Meetings via Zoom or Microsoft Teams
When you participate in video meetings or webinars hosted via Zoom or Microsoft Teams, we process:
Legal basis: Art. 6 (1) (b) GDPR (performance of contract) or Art. 6 (1) (a) GDPR (consent, if recording is enabled). Recordings, if any, will only take place with prior notice and explicit consent.
7. Submission of Application Documents
When you submit a CV or application materials for potential career opportunities, we process:
Legal basis: Art. 6 (1) (b) GDPR (pre-contractual steps) and § 26 BDSG. If your application is unsuccessful, your data will be deleted after six months unless you consent to longer retention for future opportunities.
III. Your Rights
Under the GDPR, you have the following rights:
