Privacy Policy
Last updated: May 2026
Controller
Breternitz Consulting Ltd
Registration No. HE 490097
Larnaca, Cyprus
Email: privacy@breternitzconsulting.com
Hosting & Infrastructure
This website is hosted on a dedicated server operated by IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany. All data is processed on servers located in Germany. No data is transferred outside the European Union.
Cookies & Local Storage
This website uses only strictly necessary cookies and local storage entries. No tracking cookies or advertising cookies are used.
| Name | Purpose | Duration |
|---|---|---|
| bc-lang | Stores language preference (EN/DE). Strictly necessary. | 12 months |
| bc-theme | Stores colour scheme preference (light/dark). Strictly necessary. | 12 months |
| localStorage bc-lang / bc-theme |
Same keys stored additionally in browser local storage for faster access. No server transfer. | Until browser data is cleared |
| bc-consent-banner | Stores whether the cookie notice has been dismissed. Strictly necessary. | 12 months |
Website Analytics
This website uses privacy-friendly analytics that we operate entirely ourselves. No cookies are set for analytics purposes. Your IP address is never stored — instead, a cryptographic hash derived from your IP address combined with a salt that rotates daily at 00:00 UTC is used to count visits anonymously. As long as you do not submit any identifying data, the session remains anonymous; without the secret, daily-rotating salt, the hash cannot be traced back to you. If you submit a Discovery Call inquiry, this hash is linked to your lead record (see section “Linking Sessions with Inquiries”) — from that moment on, processing becomes pseudonymous. No data is shared with third parties. Legal basis: Art. 6(1)(f) GDPR — legitimate interest in privacy-friendly reach measurement.
Discovery Call Form
When you submit an initial consultation request, we process the following data: your name, email address, company name, company size, and your answers to the qualification questions. This data is stored in our self-hosted CRM system (EspoCRM) on our server in Germany. Legal basis: Art. 6(1)(b) GDPR — processing is necessary for pre-contractual measures at your request. Retention period: 24 months after last contact, unless a longer retention period is required by law.
Linking Sessions with Inquiries
When you submit a Discovery Call inquiry, we additionally store a 16-character session hash (field cBcSessionHash in your lead record), in addition to the data described in “Discovery Call Form”. This hash links your current anonymous browser session (see “Website Analytics”) with your inquiry and enables us to understand which content on our website led to your contact. Before submission, the hash is anonymous and held only in your browser’s memory; from the moment of submission, it is pseudonymous, as it is associated with your lead identity in our CRM system. No third-party trackers are used. Legal basis: Art. 6(1)(f) GDPR — legitimate interest in measuring the effectiveness of our content without third-party tracking providers. Retention period: same as your lead record (24 months after last contact). Right to object: You may object to this processing at any time pursuant to Art. 21(1) GDPR — we will then promptly remove the hash from your record (see “Your Rights Under GDPR”).
Newsletter
If you subscribe to our newsletter, we process your email address and language preference (EN/DE). Legal basis: Art. 6(1)(a) GDPR — your explicit consent (double opt-in). Your data is stored exclusively in our self-hosted consent system on our server in Germany (IONOS SE). Emails are sent via our own mail server (Mailcow) — no data is transferred to external email service providers. You can withdraw your consent and unsubscribe at any time via the link in each newsletter or by contacting us at privacy@breternitzconsulting.com. Retention: your data is deleted 30 days after unsubscription.
Fonts
This website uses the typefaces Instrument Serif and DM Sans. These fonts are hosted locally on our own server. No connection to Google Fonts or any other external font service is established when you visit this website.
Your Rights Under GDPR
Under the General Data Protection Regulation, you have the following rights:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object (Art. 21 GDPR)
- Right to withdraw consent (Art. 7(3) GDPR)
To exercise any of these rights, please contact us: privacy@breternitzconsulting.com
Supervisory Authority
You have the right to lodge a complaint with a supervisory authority. The competent authority for Breternitz Consulting Ltd (Cyprus) is:
Commissioner for Personal Data Protection
Republic of Cyprus
commissioner@dataprotection.gov.cy
For visitors from Germany, you may also contact the data protection authority of your federal state.