Privacy Policy

Last updated: September 24, 2025

Table of Contents

• Preamble
• Controller
• Overview of Processing
• Applicable Legal Bases
• Security Measures
• Transfer of Personal Data
• International Data Transfers
• General Information on Data Storage and Deletion
• Rights of Data Subjects
• Use of Framer (Hosting & Site Platform)
• Use of Outlook Bookings (Scheduling)
• Business Services
• Provision of the Online Offering and Web Hosting
• Use of Cookies
• Blogs and Publishing Media
• Contact and Inquiry Management
• Newsletters and Electronic Notifications
• Promotional Communication via Email, Mail, Fax or Telephone
• Web Analytics, Monitoring and Optimization
• Presence on Social Networks
• Plugins and Embedded Functions and Content

Preamble

With this privacy policy, we explain how Jeffery Reich Unternehmenskommunikation (jeff-reich.com) processes personal data when you visit our website, contact us, subscribe to updates, or book a meeting. The policy applies to all data processing performed by us, especially on our website, via online forms, and via integrated services such as Framer and Outlook Bookings.

The terms used are not gender-specific.

Controller

Jeffery Reich Unternehmenskommunikation
Jeffery Reich
Rosenheimer Strasse 36
10781 Berlin
Germany

Email: privacy@jeff-reich.com

Website: https://jeff-reich.com

Imprint: https://impressum.jeff-reich.com

Overview of Processing

The following overview summarizes the types of data processed, the purposes, and the categories of data subjects.

Types of Data Processed

• Inventory data
• Payment data
• Contact data
• Content data
• Contract data
• Usage data
• Meta, communication, and procedural data
• Log data

Categories of Data Subjects

• Service recipients and clients
• Interested parties
• Communication partners
• Users
• Business and contractual partners

Purposes of Processing

• Provision of contractual services and fulfillment of contractual obligations
• Communication
• Security measures
• Direct marketing
• Reach measurement
• Office and organizational procedures
• Organizational and administrative procedures
• Feedback
• Marketing
• Profiling with user-related information
• Provision of our online offering and user-friendliness
• Information technology infrastructure
• Public relations
• Sales promotion
• Business processes and economic procedures

Applicable Legal Bases

GDPR: We process personal data based on consent (Art. 6(1)(a)), performance of a contract / pre-contractual measures (Art. 6(1)(b)), legal obligation (Art. 6(1)(c)), and legitimate interests (Art. 6(1)(f)).

Germany (BDSG): National provisions may apply, e.g., on access rights, erasure, and processing of special categories of data.

Note on Swiss FADP: Where relevant, this notice also fulfils information duties under the FADP; GDPR terminology is used for clarity.

Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to risk, including confidentiality, integrity, and availability; access controls; deletion concepts; and privacy by design/default.

TLS/SSL (HTTPS): We secure data in transit using TLS/SSL. A secure URL begins with “https://”.

Transfer of Personal Data

We may transfer data to service providers (e.g., hosting, analytics, communication tools). In such cases, we conclude contracts to ensure adequate protection.

International Data Transfers

Where data is transferred to third countries (outside the EU/EEA), this occurs according to legal requirements, e.g., adequacy decisions (such as the EU–U.S. Data Privacy Framework “DPF”), standard contractual clauses, or consent.

More about the DPF and certified companies: dataprivacyframework.gov.

General Information on Data Storage and Deletion

We delete personal data when consent is withdrawn or no other legal basis applies (e.g., after the purpose is fulfilled), subject to statutory retention duties or overriding interests.

Typical German retention periods:

• 10 years – e.g., financial statements, ledgers, supporting documents (§147 AO, §14b UStG, §257 HGB)
• 8 years – e.g., accounting receipts (§147 AO, §257 HGB)
• 6 years – e.g., business correspondence, payroll records (§147 AO, §257 HGB)
• 3 years – e.g., warranty and compensation-related data (statutory limitation, §§195, 199 BGB)

Rights of Data Subjects

• Right to object: to processing under Art. 6(1)(e) or (f) GDPR, incl. profiling; and to direct marketing at any time.
• Withdraw consent at any time.
• Access to your data and information about processing.
• Rectification of inaccurate/incomplete data.
• Erasure / restriction under legal conditions.
• Data portability.
• Complaint to a supervisory authority.

Use of Framer (Hosting & Site Platform)

Our website is built and hosted on Framer (Framer B.V., Singel 542, 1017 AZ Amsterdam, Netherlands). Framer provides website building, hosting, performance, and optional analytics. Framer acts as our data processor under Art. 28 GDPR.

Data categories: IP address, device/browser metadata, access times, pages viewed; for forms embedded via Framer, the data you enter (e.g., name, email, message).

Legal bases: Legitimate interests (Art. 6(1)(f)) in secure and efficient site provision; consent (Art. 6(1)(a)) for optional analytics/cookies where applicable.

Framer privacy: framer.com/privacy.

Use of Outlook Bookings (Scheduling)

We use Microsoft Outlook Bookings to schedule discovery calls and meetings. When you book, Microsoft processes the data you provide (e.g., name, email, preferred time) and synchronizes it with our calendar.

Provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA (subsidiaries within the EU may also be involved). Transfers to the USA may rely on the EU–U.S. DPF and/or standard contractual clauses.

Data categories: Identification and contact data, booking details (date, time, notes), technical metadata (IP, timestamps).

Purposes / legal bases: Appointment coordination and fulfillment of pre-contractual measures (Art. 6(1)(b)); legitimate interests in efficient communications (Art. 6(1)(f)).

Microsoft privacy: privacy.microsoft.com/privacystatement.

Business Services

We process client and partner data in the context of contractual or comparable legal relationships, including communication and pre-contractual inquiries, service delivery, administration, and safeguarding our rights.

Data is deleted after statutory warranty periods (generally four years) unless legal archiving duties require longer retention (typically ten years for tax reasons).

• Types: Inventory, payment, contact, contract, usage, and meta/communication/procedural data.
• Purposes: Contract fulfillment, security, communication, office/organizational processes.
• Legal bases: Art. 6(1)(b), Art. 6(1)(c), Art. 6(1)(f) GDPR.

Provision of the Online Offering and Web Hosting

We process users’ IP addresses and related technical data to deliver website content and ensure stability and security. Server access is logged (“server log files”).

• Types: Usage data; meta/communication/procedural data; log data.
• Purposes: Provision of online offering; IT infrastructure; security.
• Legal basis: Art. 6(1)(f) GDPR.
• Deletion of logs: Stored up to 30 days then deleted/anonymized; longer if needed as evidence.

Use of Cookies

We use cookies only where necessary and, where required, based on your consent. You can withdraw consent at any time and manage preferences in your browser.

• Legal bases: Consent (Art. 6(1)(a)); Legitimate interests (Art. 6(1)(f)) for essential cookies.
• Durations: Session (temporary) and persistent cookies (up to 2 years unless stated otherwise).

Blogs and Publishing Media

We operate a publishing area (e.g., blog). Reader data is processed as necessary for presentation, communication, and security.

• Legal basis: Art. 6(1)(f) GDPR.

Contact and Inquiry Management

When you contact us (e.g., form, email, phone), we process the data you provide to respond and manage the inquiry.

• Legal bases: Art. 6(1)(b) and Art. 6(1)(f) GDPR.

Newsletters and Electronic Notifications

We send newsletters only with consent or legal permission. You can unsubscribe at any time via the link in each email.

• Legal basis: Consent (Art. 6(1)(a) GDPR).

Promotional Communication via Email, Mail, Fax or Telephone

We may contact you for promotional purposes in line with legal requirements. You can object at any time.

• Legal bases: Consent (Art. 6(1)(a)); Legitimate interests (Art. 6(1)(f)).

Web Analytics, Monitoring and Optimization

We may use privacy-respecting analytics. If third-party analytics (e.g., Google Analytics) are used, they run only with your consent and with IP masking/pseudonymization where available.

• Legal bases: Consent (Art. 6(1)(a)); Legitimate interests (Art. 6(1)(f)) where consent is not required.

Google Analytics (if enabled): See Google’s privacy policy here and processor terms here. Opt-out plugin: tools.google.com/dlpage/gaoptout.

Presence on Social Networks

We maintain profiles (e.g., LinkedIn) for communication and PR. Platform operators process data for their own purposes (incl. analytics/ads). Your rights are best exercised with the platform provider.

LinkedIn: Privacy policy: linkedin.com/legal/privacy-policy. Joint controller addendum for Page Insights: link.

Plugins and Embedded Functions and Content

We may integrate third-party content (e.g., fonts, videos, maps). Providers require your IP address to deliver content and may use cookies/pixel tags. We use such content only where appropriate legal bases exist (consent or legitimate interests).

Google Fonts (web API): See Google Fonts privacy FAQ and Google Privacy Policy.

This privacy policy is based on the generator by Dr. Thomas Schwenke and has been adapted for jeff-reich.com.