ITLC Consulting
DE|ENContact

Privacy

Privacy Policy

This page explains, pursuant to Art. 13 GDPR, how personal data is processed in connection with this website. Status: May 2026.

1. Controller

Heinrich Löwen
ITLC Consulting
Friedhofstraße 171
33659 Bielefeld
Germany
E-mail: info@itlc-consulting.com

A data protection officer has not been appointed. According to the current assessment, there is no statutory obligation to appoint one.

2. Hosting and Server Log Files

The hosting provider is STRATO AG, Otto-Ostrowski-Straße 7, 10249 Berlin, Germany.

When the website is accessed, technical information is automatically transmitted by the web browser to the server. This data is required to deliver the website, ensure technical stability and trace misuse or security incidents.

  • IP address of the requesting device
  • Date and time of access
  • Name and URL of the requested file
  • Referrer URL
  • Browser type, browser version and operating system
  • HTTP status code and transferred data volume

The legal basis is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the secure, stable and efficient operation of this website. Where the hosting provider acts as a processor, processing is based on a data processing agreement pursuant to Art. 28 GDPR.

3. Contact by Email

If you contact us by email, we process your name, email address, the content of your message and the technical metadata required for communication. Processing is carried out in order to handle and respond to your inquiry.

The legal basis is Art. 6 para. 1 lit. b GDPR where your inquiry relates to pre-contractual measures or an existing contractual relationship. In all other cases, processing is based on our legitimate interest in properly handling inquiries pursuant to Art. 6 para. 1 lit. f GDPR.

Inquiries are deleted as soon as they are no longer required for processing and no statutory retention obligations prevent deletion.

4. Cookies, Local Storage and TDDDG

According to the current status of this website, no cookies, tracking technologies, analytics services or marketing services are used. No external fonts or external tracking scripts are embedded.

If information should in the future be stored on or accessed from your device for purely technical operation, this will only take place in accordance with statutory requirements, in particular § 25 TDDDG. Non-essential storage or access will only take place with your prior consent.

5. Data Subject Rights

Within the scope of applicable law, you have the right of access pursuant to Art. 15 GDPR, rectification pursuant to Art. 16 GDPR, erasure pursuant to Art. 17 GDPR, restriction of processing pursuant to Art. 18 GDPR, data portability pursuant to Art. 20 GDPR and objection to certain processing pursuant to Art. 21 GDPR.

You also have the right to lodge a complaint with a data protection supervisory authority pursuant to Art. 77 GDPR. For North Rhine-Westphalia, this is in particular the State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia, Kavalleriestraße 2-4, 40213 Düsseldorf, Germany, www.ldi.nrw.de.

6. Data Security

We use technical and organisational measures to protect personal data against unauthorised access, loss or misuse. Complete protection of data transmission by email cannot be guaranteed.

7. Recipients, Processors and Third-Country Transfers

Personal data is only disclosed to external parties where this is necessary for operating the website, handling your inquiry, fulfilling legal obligations or safeguarding legitimate interests. This may include hosting and email service providers.

According to the current status of this website, personal data is not transferred to countries outside the European Union or the European Economic Area, unless this is technically triggered in individual cases by the email communication you choose or by service providers used for that communication.

8. Retention Period

Personal data is stored only for as long as required for the relevant purpose or as prescribed by statutory retention obligations. After the purpose no longer applies or the periods expire, data is deleted or blocked unless another legal basis applies.

9. No Automated Decision-Making

No automated decision-making, including profiling within the meaning of Art. 22 GDPR, takes place.