Personal data (usually referred to just as „data“ below) will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its contents, and the services offered there.

Per Art. 4 No. 1 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as the „GDPR“), „processing“ refers to any operation or set of operations such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data, whether by automated means or not.

The following privacy policy is intended to inform you in particular about the type, scope, purpose, duration, and legal basis for the processing of such data either under our own control or in conjunction with others. We also inform you below about the third-party components we use to optimize our website and improve the user experience which may result in said third parties also processing data they collect and control.

Our privacy policy is structured as follows:

I. Information about us as controllers of your data
II. The rights of users and data subjects
III. Information about the data processing

I. Information about us as controllers of your data

The party responsible for this website (the „controller“) for purposes of data protection law is:

Kalibra Advisory GmbH
Maximilian Zeiler
Berger Straße 175
60385 Frankfurt am Main
Germany
Telephone: S#P3K%cwWMgZ+P$TyL@}L6?,p%+!{?069 247KZLHG.:bQXT§mS-m$bDYE§2=8wvk6p5 2994
E-Mail: JptVs=x:vSUSVcDGGtD}wLG_}v#3Zeinfo@kalejFHH%8>PXRP%xN&Z8%j{~8RqTBK&$ibra-advisory.com

II. The rights of users and data subjects

With regard to the data processing to be described in more detail below, users and data subjects have the right

- to confirmation of whether data concerning them is being processed, information about the data being processed, further information about the nature of the data processing, and copies of the data (cf. also Art. 15 GDPR);

- to correct or complete incorrect or incomplete data (cf. also Art. 16 GDPR);

- to the immediate deletion of data concerning them (cf. also Art. 17 DSGVO), or, alternatively, if further processing is necessary as stipulated in Art. 17 Para. 3 GDPR, to restrict said processing per Art. 18 GDPR;

- to receive copies of the data concerning them and/or provided by them and to have the same transmitted to other providers/controllers (cf. also Art. 20 GDPR);

- to file complaints with the supervisory authority if they believe that data concerning them is being processed by the controller in breach of data protection provisions (see also Art. 77 GDPR). As a rule, you can contact the supervisory authority of your usual place of residence or workplace.


In addition, the controller is obliged to inform all recipients to whom it discloses data of any such corrections, deletions, or restrictions placed on processing the same per Art. 16, 17 Para. 1, 18 GDPR. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Nevertheless, users have a right to information about these recipients.

Likewise, under Art. 21 GDPR, users and data subjects have the right to object to the controller’s future processing of their data pursuant to Art. 6 Para. 1 lit. f) GDPR. In particular, an objection to data processing for the purpose of direct advertising is permissible.

III. Information about the data processing

Your data processed when using our website will be deleted or blocked as soon as the purpose for its storage ceases to apply, provided the deletion of the same is not in breach of any statutory storage obligations or unless otherwise stipulated below.

Cookies

a) Session cookies
We use cookies on our website. Cookies are small text files or other storage technologies stored on your computer by your browser. These cookies process certain specific information about you, such as your browser, location data, or IP address.

This processing makes our website more user-friendly, efficient, and secure, allowing us, for example, to display our website in different languages or to offer a shopping cart function.

The legal basis for such processing is Art. 6 Para. 1 lit. b) GDPR, insofar as these cookies are used to collect data to initiate or process contractual relationships.

If the processing does not serve to initiate or process a contract, our legitimate interest lies in improving the functionality of our website. The legal basis is then Art. 6 Para. 1 lit. f) GDPR.

When you close your browser, these session cookies are deleted.

b) Third-party cookies
If necessary, our website may also use cookies from companies with whom we cooperate for the purpose of advertising, analyzing, or improving the features of our website.

Please refer to the following information for details, in particular for the legal basis and purpose of such third-party collection and processing of data collected through cookies.

c) Disabling cookies
You can refuse the use of cookies by changing the settings on your browser. Likewise, you can use the browser to delete cookies that have already been stored. However, the steps and measures required vary, depending on the browser you use. If you have any questions, please use the help function or consult the documentation for your browser or contact its maker for support. Browser settings cannot prevent so-called flash cookies from being set. Instead, you will need to change the setting of your Flash player. The steps and measures required for this also depend on the Flash player you are using. If you have any questions, please use the help function or consult the documentation for your Flash player or contact its maker for support.

If you prevent or restrict the installation of cookies, not all of the functions on our site may be fully usable.

Microsoft Bookings

Our website gives you the option to schedule appointments with us. We use Microsoft Bookings to book these appointments. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland, https://learn.microsoft.com/en-us/microsoft-365/bookings/?view=o365-worldwide.

To book an appointment, enter the requested data and the desired date in the form provided. The data entered will be used for planning, conducting and, if necessary, for the follow-up of the appointment. The appointment data will be stored for us on the servers of Microsoft Bookings, whose privacy policy you can view here: https://privacy.microsoft.com/de-de/privacystatement.

The data recorded in this manner will be stored until you ask us to delete them, revoke your consent to the archiving of your data or until the purpose of archiving the data no longer exists. This does not affect mandatory statutory provisions – in particular those governing retention periods.

The legal basis for the processing of the data is Art. 6(1)(f) GDPR. The operator of the website has a legitimate interest in ensuring that appointments with customers and prospective customers can be scheduled as easily as possible. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.

Data transfer to the US is based on the standard contractual clauses of the EU Commission. Details can be found here: https://learn.microsoft.com/en-us/compliance/regulatory/offering-eu-model-clauses.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/6474.

Matomo Analytics (On-Premise)

We use the open-source software tool Matomo Analytics on our website to analyse the surfing habits of our users. We also use Matomo Tag Manager. Matomo Tag Manager is a Matomo Analytics Software add-on. Tag Manager is used to integrate Matomo Analytics, for tracking events and to control the integration of third-party provider code. The following data is processed when a user visits our website:

- 2 bytes of the IP address of the system the user uses to visit our website
- the website visited (URL)
- the website from which the user accessed the visited website (referrer)
- the sub-pages visited from the visited website
- the time spent on the website
- how often the website has been visited

We use the on-premise version of Matomo Analytics and host the software on our own servers in Germany. The aforementioned data is exclusively stored there. We use Matomo Analytics without cookies. We do not pass the data on to third parties. The Matomo software has been configured such that IP addresses are not saved in full. Instead, the last 2 bytes of the IP address are masked (e.g. 192.168.xxx.xxx). This means it is no longer possible to link the truncated IP address to the computer used to visit the website.

The legal basis for the processing is our legitimate interest in analysing the surfing habits on our website pursuant to Art. 6 (1f) of the GDPR. Processing this data allows us to analyse the surfing habits of website visitors. This information helps us to improve our website and make it more user-friendly. By anonymising the IP address, due consideration has been given to the user's interest in protecting their personal data.

For more information about Matomo's privacy settings, please visit https://matomo.org/privacy/.

Contact

If you contact us via email or the contact form, the data you provide will be used for the purpose of processing your request. We must have this data in order to process and answer your inquiry; otherwise we will not be able to answer it in full or at all.

The legal basis for this data processing is Art. 6 Para. 1 lit. b) GDPR.

Your data will be deleted once we have fully answered your inquiry and there is no further legal obligation to store your data, such as if an order or contract resulted therefrom.

Server data

For technical reasons, the following data sent by your internet browser to us or to our server provider will be collected, especially to ensure a secure and stable website: These server log files record the type and version of your browser, operating system, the website from which you came (referrer URL), the webpages on our site visited, the date and time of your visit, as well as the IP address from which you visited our site.

The data thus collected will be temporarily stored, but not in association with any other of your data.

The basis for this storage is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the improvement, stability, functionality, and security of our website.

The data will be deleted within no more than seven days, unless continued storage is required for evidentiary purposes. In which case, all or part of the data will be excluded from deletion until the investigation of the relevant incident is finally resolved.