Privacy Policy

1. Data Controller

The controller responsible for data processing on this website is:

2. Overview of Data Processing

The following overview summarises the types of data processed and the purposes for which they are processed.

Types of data processed

• Inventory data (name, company, job title)
• Contact data (email address)
• Content data (entries in online forms)
• Usage data (pages visited, interest in content, access times)
• Meta and communication data (IP addresses, device information)

Categories of data subjects

• Visitors and users of the website
• Individuals who submit an enquiry via the contact form or maturity assessment

Purposes of processing

• Provision and technical operation of the website
• Responding to contact enquiries and providing requested information
• Reach measurement and marketing analytics
• Security and fraud prevention

3. Legal Bases

The following provides an overview of the legal bases of the GDPR on which we process personal data.

• Consent (Art. 6(1)(a) GDPR) — where you have given consent to the processing of your personal data for one or more specific purposes (e.g. cookies, analytics).
• Contract performance (Art. 6(1)(b) GDPR) — where processing is necessary for the performance of a contract or to take steps prior to entering into a contract.
• Legitimate interests (Art. 6(1)(f) GDPR) — where processing is necessary for the purposes of legitimate interests pursued by us or a third party, unless overridden by your interests or fundamental rights.

4. Hosting — IONOS

This website is hosted by IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany. When you visit our website, IONOS collects various log files including your IP address.

The use of IONOS is based on Art. 6(1)(f) GDPR. We have concluded a Data Processing Agreement (DPA) with IONOS. See: IONOS Privacy Policy.

5. Cookies & Consent — Complianz

Our website uses cookies. We use Complianz as our consent management platform. Complianz records your cookie preferences and ensures that no tracking cookies are set until you have given your consent.

You can withdraw or adjust your cookie consent at any time via the cookie settings in the footer.

6. Google Tag Manager

We use Google Tag Manager, a tag management solution provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager itself does not set cookies and does not collect personal data. It only fires tags for which consent has been granted via our consent management platform. Legal basis: Art. 6(1)(f) GDPR.

7. Google Analytics 4

We use Google Analytics 4 (GA4), a web analytics service provided by Google Ireland Limited. GA4 uses cookies to analyse how visitors use our website. The information generated is transmitted to Google servers and stored there.

IP anonymisation

We have enabled IP anonymisation. Your IP address will be truncated by Google within the EU before transmission.

Legal basis and consent

GA4 is only activated after you have given explicit consent via our cookie banner. Legal basis: Art. 6(1)(a) GDPR. Google LLC is certified under the EU-US Data Privacy Framework.

8. HubSpot — CRM, Tracking & Forms

We use HubSpot, a CRM and marketing platform provided by HubSpot Ireland Limited, 1 Sir John Rogerson’s Quay, Dublin 2, Ireland.

HubSpot Tracking

HubSpot places a tracking cookie (hubspotutk) on your device to recognise returning visitors. This tracking only activates after you have given consent via our cookie banner.

Contact and Enquiry Forms

When you submit an enquiry via our contact form or complete the AI Maturity Assessment, the data you provide (first name, last name, email, company, job title, message) is transmitted to and stored in HubSpot CRM. We use this data exclusively to respond to your enquiry.

Legal basis for form data: Art. 6(1)(b) GDPR and/or Art. 6(1)(f) GDPR. HubSpot is certified under the EU-US Data Privacy Framework. We have concluded a DPA with HubSpot.

9. RankMath SEO

We use RankMath, an SEO plugin provided by MyThemeShop LLC, to optimise the technical SEO of our website (meta tags, structured data, sitemaps). RankMath processes data exclusively within our WordPress installation and does not transmit personal visitor data to external servers during normal operation.

10. WordPress & Kadence Theme

This website is built on WordPress (open-source CMS). WordPress itself does not collect personal data from visitors beyond what is inherent to server operation (log files processed by IONOS — see Section 4). The Kadence Theme and Kadence Blocks plugin are used for layout and design. These plugins do not process personal visitor data.

11. Your Rights under the GDPR

You have the following rights regarding your personal data:

• Right of access (Art. 15 GDPR) — Obtain confirmation of whether and how your data is processed.
• Right to rectification (Art. 16 GDPR) — Have inaccurate personal data corrected without undue delay.
• Right to erasure (Art. 17 GDPR) — Have your personal data erased where one of the grounds in Art. 17 applies.
• Right to restriction (Art. 18 GDPR) — Restrict processing of your data in certain circumstances.
• Right to data portability (Art. 20 GDPR) — Receive your data in a structured, machine-readable format.
• Right to object (Art. 21 GDPR) — Object to processing based on legitimate interests at any time.
• Right to withdraw consent (Art. 7(3) GDPR) — Withdraw consent at any time without affecting prior lawful processing.

To exercise any of these rights please contact: info@wearehandson.de

12. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes the GDPR.

13. Changes to this Policy

We reserve the right to update this privacy policy at any time. The current version is always available at wearehandson.de/privacy-policy.