Harry Kohlmann

Privacy Policy & GDPR Compliance

Last Updated: December 26, 2024

1. Data Controller

Harry Kohlmann
Sole Proprietor
Habenhauser Landstr 63
28277 Bremen, Germany
Email: info@harrykohlmann.com
Phone: +49 421 8785900

As the data controller, I am responsible for the processing of your personal data in accordance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

2. Scope of This Policy

This Privacy Policy applies to all personal data collected through:

  • Our website: harrykohlmann.com
  • Contact forms and email communications
  • Consulting service agreements and sessions
  • Payment processing through Stripe
  • Appointment scheduling through Calendly

3. Types of Personal Data We Collect

3.1 Information You Provide Directly:

  • Contact Information: Name, email address, phone number, business name
  • Professional Information: Job title, company details, industry
  • Communication Data: Emails, messages, call recordings (with consent), meeting notes
  • Payment Information: Billing address, transaction history (processed by Stripe)
  • Service-Specific Data: Business information necessary for consulting services

3.2 Information Collected Automatically:

  • Technical Data: IP address, browser type, device information, operating system
  • Usage Data: Pages visited, time spent, referring website
  • Cookie Data: Session cookies for website functionality (see Section 9)

4. How We Use Your Personal Data

We process your personal data for the following purposes:

  • Service Delivery: To provide consulting services and fulfill our contractual obligations
  • Communication: To respond to inquiries, schedule appointments, and provide updates
  • Payment Processing: To process payments and issue invoices through Stripe
  • Legal Compliance: To comply with German tax laws and business regulations
  • Website Improvement: To analyze website usage and improve user experience
  • Marketing: To send relevant business insights and service updates (with consent)

5. Legal Basis for Processing (GDPR Article 6)

Under GDPR, we process personal data based on the following legal grounds:

  • Contract (Art. 6(1)(b)): Processing necessary for performing our consulting services agreement with you
  • Legal Obligation (Art. 6(1)(c)): Processing necessary to comply with German legal requirements (e.g., tax laws)
  • Legitimate Interests (Art. 6(1)(f)): Processing necessary for our legitimate business interests, such as:
    • Client communication and relationship management
    • Website security and fraud prevention
    • Business administration and service improvement
  • Consent (Art. 6(1)(a)): Processing based on your explicit consent, which you may withdraw at any time

6. Data Sharing with Third Parties

We share personal data only with essential service providers who act as data processors on our behalf:

Stripe, Inc. (Payment Processing)

Location: United States (GDPR compliant through Standard Contractual Clauses)

Purpose: Secure payment processing and invoicing

Data Shared: Name, email, billing information, transaction details

Google LLC (Email & Analytics)

Location: United States (GDPR compliant through Privacy Shield certification)

Purpose: Email communication (Google Workspace) and website analytics

Data Shared: Email content, website usage data (anonymized)

Calendly, LLC (Scheduling)

Location: United States (GDPR compliant through Standard Contractual Clauses)

Purpose: Appointment scheduling and calendar management

Data Shared: Name, email, availability preferences

Important: We do not sell, rent, or trade your personal data with third parties for marketing purposes.

7. International Data Transfers

As we use service providers located outside the European Economic Area (EEA), your personal data may be transferred to countries that do not have the same data protection laws as Germany.

We ensure all international transfers are protected by appropriate safeguards:

  • Standard Contractual Clauses approved by the European Commission
  • Privacy Shield certification (for US-based providers)
  • Binding Corporate Rules where applicable

You may request details about these safeguards by contacting us at info@harrykohlmann.com.

8. Data Retention Periods

We retain personal data only as long as necessary for the purposes outlined in this policy:

  • Client Data: 7 years from the end of our business relationship (German tax law requirement)
  • Marketing Consent: Until consent is withdrawn or 2 years after last contact
  • Website Analytics: 14 months (anonymized thereafter)
  • Payment Records: 10 years (German commercial law requirement)
  • Inactive Accounts: 3 years after last activity

After these periods, data is securely deleted or anonymized for statistical purposes.

9. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

Right of Access (Art. 15): Request confirmation of whether we process your data and access to that data

Right to Rectification (Art. 16): Request correction of inaccurate or incomplete data

Right to Erasure (Art. 17): Request deletion of your data under certain circumstances

Right to Restriction (Art. 18): Request limitation of processing under certain conditions

Right to Data Portability (Art. 20): Request your data in a structured, commonly used format

Right to Object (Art. 21): Object to processing based on legitimate interests

Right to Withdraw Consent (Art. 7): Withdraw consent at any time where processing is based on consent

Right to Lodge a Complaint (Art. 77): File a complaint with a supervisory authority

To exercise any of these rights, please contact us at info@harrykohlmann.com. We will respond within 30 days as required by GDPR.

10. Cookies and Tracking Technologies

10.1 Essential Cookies: We use strictly necessary cookies for website functionality, such as session management. These cannot be disabled.

10.2 Analytical Cookies: With your consent, we use Google Analytics to understand how visitors use our website. Data is anonymized.

10.3 Cookie Consent: When you first visit our website, you will be asked to consent to non-essential cookies. You can change your preferences at any time.

10.4 Managing Cookies: Most browsers allow you to control cookies through their settings. However, disabling essential cookies may affect website functionality.

11. Data Security Measures

We implement appropriate technical and organizational measures to protect your personal data:

  • SSL/TLS encryption for data transmission
  • Secure access controls and authentication
  • Regular security updates and monitoring
  • Data minimization and pseudonymization where possible
  • Secure backup procedures
  • Confidentiality agreements with employees and contractors

While we strive to protect your data, no security system is impenetrable. We cannot guarantee absolute security.

12. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us immediately.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date. We encourage you to review this policy periodically.

14. Contact & Data Protection Officer

For privacy-related inquiries:
Harry Kohlmann
Data Protection Contact
Habenhauser Landstr 63
28277 Bremen, Germany
Email: info@harrykohlmann.com
Phone: +49 421 8785900

Supervisory Authority:

Die Landesbeauftragte für Datenschutz und Informationsfreiheit Bremen
Arndtstraße 1
27570 Bremerhaven
Germany
Phone: +49 421 361-2010
Email: office@datenschutz.bremen.de
Legal Notice / Impressum →Terms & Conditions →Legal Disclaimer →← Back to Home