Privacy & Cookies

This version is applicable as of January 1, 2025 (no previous versions exist)

1. Data Controller and Contact Information

Lauri Mertala

Friedrichsgracht 57, 10178 Berlin, Germany

Email: info@mertala.eu

2. General Information About Processing Personal Data

This Privacy Notice explains how we collect, use, and share information about you when you visit our website or engage with us. This Privacy Notice applies to website visitors, clients (prospective, existing, and past), and representatives of our cooperation partners.

We process personal data in accordance with the General Data Protection Regulation (2016/679) ("GDPR") and applicable national data protection laws.

3. What Data Is Processed and Where Does It Come From?

Website Visitors: Technical data, such as, IP addresses, device type, operating system, and browser type, access times. Essential cookies and similar technologies are used by our website hosting platform for site functionality, and security. We do not use additional cookies for analytics or advertising purposes.

Contact Form Submissions: Name, email address, phone number, and any information you provide in your message.

Direct Communications: Information transmitted when contacting us e.g. via email, phone, or video calls.

Client Data: Information necessary for contract execution, and performance, such as names, addresses, billing details, and service-related communications.

Personal data is mainly collected directly from the person in question, for example, in a client relationship. Personal data can also be collected from the entity on whose behalf the person acts, from the entity's website, or from other public sources (like LinkedIn).

4. Cookies and Similar Technologies

Our website uses essential cookies, placed by the web hosting platform we use, that are necessary for the website operation, and security. We do not use the data to identify or to profile website visitors, nor do we use additional cookies for analytics or marketing purposes. Therefore, we do not use a cookie banner on this website.

You can manage your cookie preferences through your browser settings.

5. For What Purposes Is the Data Processed?

We use personal data to respond to inquiries and to provide our services, to manage client relationships, and to fulfill our contractual obligations.

Personal data (such as IP addresses) may also be used for purposes of our website operations, to ensure the website functions correctly and is secure.

6. Data Sharing and International Transfers

We mainly process personal data in the EU.

However, we use certain third-party service providers whose data centers may be located outside of the EU. In those cases we will ensure that each such service provider has committed to complying with GDPR, and maintaining adequate measures for data protection.

We may have to share personal data if it is necessary for compliance with a legal obligation (e.g. a court order).

7. Legal Basis for Processing the Data

We may process personal data based on our legitimate interests (GDPR 6.1(f)). This may include responding to your inquiry by using data you have provided, e.g. through our contact form or direct communications.

On these basis we also process personal data to maintain and improve our services and to ensure website functionality, and security (see section 4 for more details).

If necessary to conclude or to perform a contract, we will process the personal data provided to us and relevant for that purpose (GDPR 6.1(b)).

We may process your personal data based on your consent when you have explicitly consented to processing (GDPR 6.1(a)).

If necessary for compliance with a legal obligation, we will process personal data required to comply with such obligations (GDPR 6.1(c)).

8. How Long Is the Data Kept?

We retain personal data only as long as necessary to fulfill the purposes we collected it for, including satisfying any legal, accounting, or reporting requirements.

Contact form submissions or data in direct contacts are retained for up to 12 months unless a client relationship is established.

Client data is retained for the duration of the client relationship and as required by law, or for as long as required to pursue or defend against related claims.

9. Data Security

We maintain appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

10. Your Rights

Under the GDPR, you have the following rights with respect to your personal data we process:

• Access your data (GDPR 15).

• Rectify inaccurate or incomplete data (GDPR 16).

• Request erasure of your data (GDPR 17).

• Object to or restrict processing of your data (GDPR 21 and 18).

• Data portability (GDPR 20).

• Lodge a complaint with a supervisory authority (GDPR 77).

To exercise these rights, please contact us using the contact details provided at the top of this page.

11. Changes to this Privacy Notice

We may update this Privacy Notice from time to time. Any changes will be posted on this page with the applicable revision date.