Privacy Policy

Last updated: April 2026

1. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws as well as other data protection provisions is:

SDK Marketing GbR
Steven Henke, Devin Kos, Kaan Yesilkaya
Danzigerstraße 5
75433 Maulbronn
Germany
Email: contact@sdk-marketing.de

2. General Information on Data Processing

We only process personal data of our users insofar as this is necessary for the provision of a functional website as well as our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in cases where prior consent cannot be obtained for practical reasons and the processing of data is permitted by law.

3. Legal Basis

Insofar as we obtain consent for the processing of personal data, Art. 6(1)(a) GDPR serves as the legal basis.

Insofar as the processing of personal data is necessary for the performance of a contract to which the data subject is a party, Art. 6(1)(b) GDPR serves as the legal basis.

Insofar as the processing of personal data is necessary for compliance with a legal obligation, Art. 6(1)(c) GDPR serves as the legal basis.

If the processing is necessary for the purposes of the legitimate interests pursued by our company or a third party, and if the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6(1)(f) GDPR serves as the legal basis for the processing.

4. Hosting

Our website is hosted by the following provider:

Strato AG
Otto-Ostrowski-Straße 7, 10249 Berlin, Germany
www.strato.de

The host collects the following data transmitted by your browser in so-called log files: IP address, the address of the previously visited website (referer), date and time of the request, time zone difference to Greenwich Mean Time, content of the request, HTTP status code, amount of data transferred, website from which the request originates, and information about the browser and operating system.

This is necessary for the correct display of our website and serves its security and stability. This corresponds to our legitimate interest within the meaning of Art. 6(1)(f) GDPR.

5. SSL/TLS Encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock icon in your browser bar.

6. Contact Form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provided there (name, email address, optionally Instagram/TikTok/YouTube handle, message), will be stored by us for the purpose of processing the inquiry and in case of follow-up questions.

The processing of this data is based on Art. 6(1)(b) GDPR if your inquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries directed to us (Art. 6(1)(f) GDPR).

The data you enter in the contact form will remain with us until you request its deletion, revoke your consent to storage, or the purpose for data storage no longer applies. Mandatory statutory provisions, in particular retention periods, remain unaffected.

For the technical transmission of the contact form, we use the service Web3Forms (Web3Forms, Aravind Shenoy). When you submit the form, your data is forwarded to us via the Web3Forms API. Web3Forms does not permanently store your data and acts solely as a technical transmission service. Data processing is based on Art. 6(1)(f) GDPR (legitimate interest in reliable contact processing). For more information, visit: https://web3forms.com/privacy.

7. Email Contact

If you contact us by email, your email including the personal data contained therein (name, email address, content of the message) will be stored by us for the purpose of processing your inquiry. The legal basis is Art. 6(1)(b) and (f) GDPR.

8. Appointment Scheduling via Calendly

On our website, we offer the option to schedule appointments via the service Calendly (Calendly LLC, 271 17th St NW, Ste 1000, Atlanta, GA 30363, USA). When you use the appointment scheduling function, the data you enter (e.g., name, email address, desired appointment) will be transmitted to Calendly and processed there.

Data processing is based on Art. 6(1)(b) GDPR (pre-contractual measures) and Art. 6(1)(f) GDPR (legitimate interest in efficient appointment scheduling).

Calendly LLC is a US-based company. Data transfer to the USA is based on Standard Contractual Clauses (Art. 46(2)(c) GDPR). For more information about data protection at Calendly, please visit: https://calendly.com/privacy.

The service is only activated when you click the "Schedule a Call" or "Termin vereinbaren" button. Simply visiting our website does not transmit any data to Calendly. However, loading the Calendly widget may cause cookies to be set by Calendly. For more information, please see Section 10 on cookies.

9. Google Fonts (Self-Hosted)

This site uses Google Fonts for the uniform display of typefaces. The fonts are installed locally on our server. No connection to Google servers is made. No data is transmitted to Google.

For more information about Google Fonts, please visit: https://developers.google.com/fonts/faq and Google's privacy policy: https://policies.google.com/privacy.

10. Cookies

Our website uses cookies. Cookies are small text files that are stored on your device and saved by your browser.

We use only technically necessary cookies and local storage values (localStorage) to store your cookie settings. These cookies are required for the operation of the site and cannot be disabled.

Additionally, loading the Calendly widget may cause cookies from Calendly to be set. These are only loaded when you actively use the appointment scheduling function.

The legal basis for technically necessary cookies is Art. 6(1)(f) GDPR. For all other cookies, we obtain your consent pursuant to Art. 6(1)(a) GDPR.

11. Your Rights

You have the following rights with respect to your personal data:

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object (Art. 21 GDPR)
• Right to withdraw consent (Art. 7(3) GDPR)

You also have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data by us.

12. Deletion and Storage Duration

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. Data will also be blocked or deleted when a storage period prescribed by the above-mentioned standards expires.

13. Changes to This Privacy Policy

We reserve the right to amend this privacy policy to ensure that it always complies with current legal requirements or to implement changes to our services in the privacy policy. The new privacy policy will apply to your next visit.