Cybervize - Cybersecurity Beratung

Privacy Policy

Cybervize Consulting GmbH

Last updated: March 2026

1. Controller

Cybervize Consulting GmbH
Graf-Adolf-Str. 41
40210 Düsseldorf
Germany

Phone: +49 211 1587 4349
Email: contact@cybervize.de
Managing Director: Alexander Busse

Commercial register: District Court Düsseldorf, HRB 101465
VAT ID: DE347501488

2. Overview of Data Processing

The following overview summarizes the types of data processed and the purposes of their processing.

Types of Data Processed

  • Inventory data (e.g., names, addresses)
  • Contact data (e.g., email, phone numbers)
  • Content data (e.g., form inputs, messages)
  • Usage data (e.g., pages visited, access times)
  • Meta/communication data (e.g., IP addresses, device information)

Categories of Data Subjects

  • Visitors and users of the website
  • Communication partners (contact form, email)

Purposes of Processing

  • Provision of the website and its content
  • Responding to contact inquiries
  • Appointment scheduling
  • Reach measurement and web analytics
  • Security measures
  • Consent management

3. Legal Bases

Below you will find an overview of the legal bases of the GDPR on which we process personal data.

  • Consent (Art. 6(1)(a) GDPR): The data subject has given consent to the processing of their personal data for one or more specific purposes (e.g., analytics cookies, marketing cookies).
  • Contract performance and pre-contractual inquiries (Art. 6(1)(b) GDPR): Processing is necessary for the performance of a contract or for pre-contractual measures (e.g., contact inquiries, appointment bookings).
  • Legitimate interests (Art. 6(1)(f) GDPR): Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party (e.g., technically necessary cookies, security measures, server logs).

4. Security Measures

We take appropriate technical and organizational measures in accordance with legal requirements, taking into account the state of the art, implementation costs, and the nature, scope, circumstances, and purposes of processing to ensure a level of protection appropriate to the risk.

These measures include securing the confidentiality, integrity, and availability of data by controlling access to data, as well as encrypting transmission via SSL/TLS (recognizable by the lock icon in your browser and the address line with "https://").

5. Rights of Data Subjects

As a data subject, you are entitled to various rights under the GDPR:

  • Right to object (Art. 21 GDPR): You have the right to object at any time to the processing of your personal data based on Art. 6(1)(f) GDPR for reasons arising from your particular situation.
  • Right to withdraw consent: You have the right to withdraw any consent given at any time. The withdrawal of consent does not affect the lawfulness of processing carried out prior to the withdrawal.
  • Right of access (Art. 15 GDPR): You have the right to request confirmation as to whether personal data concerning you is being processed and to obtain access to that data.
  • Right to rectification (Art. 16 GDPR): You have the right to request the completion or correction of inaccurate data.
  • Right to erasure (Art. 17 GDPR): You have the right to request the immediate deletion of data concerning you.
  • Right to restriction of processing (Art. 18 GDPR): You have the right to request the restriction of processing.
  • Right to data portability (Art. 20 GDPR): You have the right to receive your data in a structured, commonly used, and machine-readable format.
  • Right to lodge a complaint with a supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority. The competent authority for us is: Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Kavalleriestr. 2-4, 40213 Düsseldorf.

6. Website Hosting

Vercel

Our website is hosted by Vercel Inc. (440 N Barranca Ave #4133, Covina, CA 91723, USA). Each time you access our website, Vercel automatically collects information in server log files that your browser transmits. This includes:

  • IP address of the requesting device
  • Date and time of the request
  • Requested URL and referrer URL
  • Browser type and operating system
  • Amount of data transferred

Legal basis: Legitimate interests (Art. 6(1)(f) GDPR). Our legitimate interest lies in the stable and secure provision of the website.

Third country transfer: Vercel processes data in the USA. The transfer is based on the EU-U.S. Data Privacy Framework. Further information: Vercel Privacy Policy.

7. Consent Management

Cookiebot

We use the consent management service Cookiebot by Usercentrics A/S (Havnegade 39, 1058 Copenhagen, Denmark). Cookiebot enables us to obtain, manage, and document user consent for data processing.

When you visit our website, a cookie ("CookieConsent") is set that stores your consent preferences. The following data is processed:

  • Your IP address (in anonymized form)
  • Date and time of consent
  • Browser information
  • The URL from which consent was sent
  • Your cookie consent preferences

The cookie has a storage duration of 12 months.

Legal basis: Legitimate interests (Art. 6(1)(f) GDPR). Our legitimate interest lies in the legally compliant management of user consent in accordance with the ePrivacy Directive and GDPR.

Further information: Cookiebot Privacy Policy.

8. Web Analytics

Google Tag Manager and Google Analytics

We use Google Tag Manager (GTM) and Google Analytics by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google Tag Manager itself does not store personal data but serves as a tool for managing tags and tracking services.

Google Analytics is integrated via the Tag Manager and uses cookies to enable analysis of website usage. The information generated by the cookie about your use of this website is usually transmitted to a Google server.

We use Google Consent Mode v2. This means that tracking cookies are only set after your explicit consent via the Cookiebot banner. Without your consent, no cookie-based tracking takes place.

Data processed: Usage data (pages visited, dwell time, click behavior), device information, IP address (anonymized).

Storage duration: Session to 2 years, depending on the cookie type.

Legal basis: Consent (Art. 6(1)(a) GDPR).

Third country transfer: Google may process data in the USA based on the EU-U.S. Data Privacy Framework. Further information: Google Privacy Policy.

Opt-out: You can withdraw your consent at any time via the cookie banner or use the browser plugin to deactivate Google Analytics: https://tools.google.com/dlpage/gaoptout.

9. Contact Form and Email Communication

Contact Form

When you contact us via our contact form, we process the data you provide to handle your inquiry. This includes:

  • Name (required)
  • Email address (required)
  • Company (optional)
  • Phone number (optional)
  • Subject (required)
  • Message (required)

Email Delivery via Brevo

For sending contact form messages, we use the service Brevo (formerly Sendinblue) by Brevo GmbH (Köpenicker Str. 126, 10179 Berlin, Germany). Brevo processes the data entered in the form exclusively for the purpose of delivering the email to us.

Legal basis: Contract performance and pre-contractual inquiries (Art. 6(1)(b) GDPR). The processing serves to handle your inquiry.

Storage duration: Your data will be deleted as soon as it is no longer required for the purpose for which it was collected. For contact inquiries, this is generally the case when the conversation has ended and the matter has been conclusively resolved.

Further information: Brevo Privacy Policy.

10. Appointment Booking

Calendly

For online appointment booking, we use the service Calendly by Calendly LLC (BB&T Tower, 271 17th St NW, Atlanta, GA 30363, USA). Calendly is provided as an embedded widget (iFrame) on our website.

When booking an appointment, Calendly processes the data you enter (e.g., name, email address, desired appointment time) as well as technical data (IP address, browser information).

Legal basis: Contract performance and pre-contractual inquiries (Art. 6(1)(b) GDPR). The appointment booking serves to initiate a business relationship.

Third country transfer: Calendly processes data in the USA based on the EU-U.S. Data Privacy Framework. Further information: Calendly Privacy Policy.

11. Podcast Integration

Spotify

On our website, we embed a podcast player from Spotify AB (Regeringsgatan 19, 111 53 Stockholm, Sweden) as an iFrame. When loading the player, Spotify may set cookies and process technical data (IP address, browser information, device ID).

Legal basis: Consent (Art. 6(1)(a) GDPR). The Spotify player is only loaded after your consent via the cookie banner.

Third country transfer: Spotify may process data in countries outside the EU/EEA. Further information: Spotify Privacy Policy.

Podigee

For hosting our podcast, we use Podigee (Podigee GmbH, Germany). When accessing podcast content, Podigee may process technical data such as IP address and browser information to provide the content and create access statistics.

Legal basis: Legitimate interests (Art. 6(1)(f) GDPR). Our legitimate interest lies in providing our podcast content.

Further information: Podigee Privacy Policy.

12. Content Management System

Sanity CMS

For managing our blog content, we use Sanity (Sanity AS, Grønland 32, 0188 Oslo, Norway). Sanity serves as a headless CMS for providing content. When delivering content via the Sanity API, technical data (IP address) may be processed.

Legal basis: Legitimate interests (Art. 6(1)(f) GDPR). Our legitimate interest lies in the efficient management and provision of our website content.

Further information: Sanity Privacy Policy.

13. SSL/TLS Encryption

This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as inquiries you send to us as the site operator. An encrypted connection is indicated by the browser address line changing from "http://" to "https://" and by the lock icon in your browser bar.

When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

14. Changes to This Privacy Policy

We reserve the right to adapt this privacy policy to ensure it always complies with current legal requirements or to implement changes to our services. The new privacy policy will apply to your subsequent visits.

15. Cookie Declaration

A detailed list of all cookies used on this website can be found in the following cookie declaration, which is automatically generated by Cookiebot: