Privacy Policy

1. An overview of data protection

General information

This section provides a brief overview of what happens with your personal data when you visit this website. "Personal data" means data that can identify you personally. For full details, please read the full privacy policy below.

Data recording on this website

Who is responsible for data collection on this website?

The data is processed by the website operator. Contact details are listed in the section "Information about the responsible party" below.

How do we collect your data?

Some data you provide directly, such as via our contact form. Other data is collected automatically by our IT systems when you use the site (e.g., browser type, operating system, time of access).

What do we use your data for?

Some data ensures proper website functionality. Other data may be used to analyze user behavior.

What rights do you have?

You have the right to request information about, correction of, or deletion of your personal data. You can revoke your consent at any time. You also have the right to restrict processing and file a complaint with the supervisory authority.

2. General information and mandatory disclosures

Data protection

We take your data privacy seriously and treat your data in accordance with GDPR and this policy.

Please note: data transmission over the internet (e.g., email) can have security vulnerabilities.

Information about the controller (GDPR)

Marc Riegel
Email: office@nimbusforge.de

The controller determines the purposes and means of processing personal data.

Storage duration

Unless otherwise specified, your personal data will be deleted once its purpose is fulfilled or if you revoke consent — unless legal retention periods apply.

Legal basis for processing

• Consent: Art. 6(1)(a) GDPR or Art. 9(2)(a) for sensitive data
• Contractual fulfillment: Art. 6(1)(b) GDPR
• Legal obligation: Art. 6(1)(c) GDPR
• Legitimate interest: Art. 6(1)(f) GDPR

Data protection officer

Marc Riegel
Email: office@nimbusforge.de

Transfers to unsafe third countries

We may use tools from countries lacking EU-equivalent data protection. In such cases, appropriate safeguards (like Standard Contractual Clauses) are used.

Recipients of personal data

We only share data with third parties where required for contract fulfillment, legal obligations, or justified interests. Processors are contractually bound by data processing agreements.

Revoking consent

You may revoke your consent at any time. This will not affect past processing.

Right to object (Art. 21 GDPR)

You may object to data processing on grounds related to your situation, especially in case of direct marketing.

Right to file a complaint

You can file a complaint with the data protection authority of your residence or where the alleged violation occurred.

Data portability

You can request data you provided to us in a machine-readable format, or have it transferred to another controller.

Information, correction, deletion

You may request details on your data, request corrections, or demand deletion if permitted by law.

Restriction of processing

You can request restriction of your data processing under certain circumstances:

• If you dispute data accuracy
• If processing is unlawful
• If we no longer need the data but you require it for legal claims
• If you object under Art. 21(1) GDPR

SSL/TLS encryption

We use encryption (SSL or TLS) to secure data transmission.

3. Data collection on this website

Requests via email, phone, or fax

If you contact us, your personal data will be stored for processing your request. Legal basis is Art. 6(1)(b) GDPR or our legitimate interest per Art. 6(1)(f) GDPR.

Calendly

Appointment bookings use Calendly, provided by Calendly LLC, Atlanta, GA, USA.
Calendly Privacy Policy
Data Protection Agreement

Legal basis: Art. 6(1)(f) GDPR or Art. 6(1)(a) GDPR if consented.