We value your privacy

We use cookies to enhance your browsing experience, serve personalised ads or content, and analyse our traffic. By clicking "Accept All", you consent to our use of cookies.

Powered by
    Upcoming·June 8, 2026·BVMW Bayern·AI Agents, Vibe Coding and the EU AI Act

    Privacy Policy

    Last updated: March 2026

    1. Data Controller

    Responsible for data processing on this website:

    Convios GmbH
    Bischof-Riegg-Str. 19a
    86899 Landsberg am Lech, Germany
    Phone: +49 (0) 160 924 512 00
    Email: info@convios.com

    A Data Protection Officer has not been appointed, as the legal requirements under Art. 37 GDPR are not met.

    2. Overview

    This website does not use tracking cookies, does not serve advertising, and does not share personal data for marketing purposes. Web analytics uses a cookie-free service that stores no device data and creates no personal profiles. Appointment booking happens via an external link; data processing then takes place exclusively on the booking provider's platform.

    3. Hosting — Netlify

    This website is hosted by Netlify Inc., 2325 3rd Street, Suite 215, San Francisco, CA 94107, USA.

    When accessing this website, Netlify automatically collects and stores technical connection data in server log files: IP address, date and time of access, requested URL, HTTP status code, data volume transferred, referrer URL, browser type, and operating system. Netlify stores this data for approximately 7 days.

    Legal basis: Art. 6(1)(f) GDPR. The legitimate interest lies in the technically secure and stable provision of the website.

    Third-country transfer: Netlify Inc. is certified under the EU-US Data Privacy Framework (DPF). The transfer is based on the adequacy decision of the European Commission (Art. 45 GDPR) and additionally on Standard Contractual Clauses (SCCs) pursuant to Art. 46(2)(c) GDPR. A Data Processing Agreement (DPA) pursuant to Art. 28 GDPR is in place with Netlify.

    Netlify privacy information: https://www.netlify.com/privacy/

    4. Web Analytics — Plausible Analytics

    This website uses Plausible Analytics by Plausible Insights OÜ, Västriku tn 2, 50403 Tartu, Estonia.

    Plausible operates without cookies, without local storage, and without fingerprinting. Only aggregated statistics are collected: pages visited, country of origin (from truncated IP address), referrer URL, device category, and browser type. The IP address is not stored; it is only used to calculate a daily rotating anonymized hash that cannot be reconstructed after 24 hours. No personal profiles are created.

    Data is processed exclusively on servers in Germany (Hetzner, Falkenstein). No transfer to third countries takes place.

    Legal basis: Art. 6(1)(f) GDPR. The legitimate interest lies in analyzing website usage to improve the offering. Since Plausible does not access end devices and does not store information on them, § 25 TDDDG does not apply.

    A Data Processing Agreement (DPA) pursuant to Art. 28 GDPR is in place with Plausible Insights OÜ.

    Opt-out: Since Plausible collects only anonymized, aggregated data, an individual technical opt-out is not possible. Those who wish to prevent even this aggregated collection can use the "Plausible Analytics Opt Out" browser extension.

    Plausible privacy information: https://plausible.io/data-policy

    5. Appointment Booking — Calendly

    For scheduling meetings, this website links to the external service Calendly by Calendly LLC, 3423 Piedmont Road NE, Atlanta, GA 30305, USA.

    The link leads to the external platform calendly.com. Once you follow this link, you leave this website. The processing of your booking data (name, email address, preferred time slot, and any messages you enter) is then subject to Calendly's privacy policy. This website only receives a notification about the booked appointment.

    Since no Calendly widget is embedded on this website, Calendly does not set cookies on your device and no connection to US servers is established unless you follow the link.

    Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) for the processing of booking data after an appointment is made.

    Third-country transfer: Calendly LLC is certified under the EU-US Data Privacy Framework (DPF, participant ID #6050). Additionally, Standard Contractual Clauses (SCCs) pursuant to Art. 46(2)(c) GDPR apply as part of Calendly's terms of service. A Data Processing Agreement (DPA) pursuant to Art. 28 GDPR is in place with Calendly LLC.

    Calendly privacy information: https://calendly.com/legal/privacy-notice

    6. Content Management — Sanity

    The content of this website is provided via Sanity AS, Grensen 5–7, 0159 Oslo, Norway. When visiting this website, content and media files are loaded via the Sanity CDN (cdn.sanity.io); your IP address is transmitted to the CDN in the process.

    Legal basis: Art. 6(1)(f) GDPR. The legitimate interest lies in the efficient provision of website content.

    Sanity AS is based in Norway (EEA); no third-country transfer takes place. A DPA pursuant to Art. 28 GDPR is in place with Sanity.

    Sanity privacy information: https://www.sanity.io/legal/privacy

    7. Consent Management — CookieYes

    This website uses CookieYes by CookieYes Limited, 3 Warren Yard, Wolverton Mill, Milton Keynes, MK12 5NW, United Kingdom.

    CookieYes sets a technically necessary cookie (cookieyes-consent) that stores your consent decision. This cookie is set without prior consent, as it is technically required to store and enforce your preference (§ 25(2)(2) TDDDG). Data stored: consent status, timestamp, anonymized IP address. Storage duration: 1 year.

    Legal basis: Art. 6(1)(c) GDPR (legal obligation to document consent) and Art. 6(1)(f) GDPR.

    The United Kingdom has an adequacy decision from the European Commission (June 2021). A DPA pursuant to Art. 28 GDPR is in place with CookieYes.

    CookieYes privacy information: https://www.cookieyes.com/privacy-policy/

    8. Contact via Email

    If you contact us by email, the data transmitted (email address, content of the message, and name and phone number if provided) will be stored for the purpose of handling your inquiry. No disclosure to third parties takes place without your consent.

    Legal basis: Art. 6(1)(f) GDPR for general inquiries; Art. 6(1)(b) GDPR for inquiries aimed at initiating a contract.

    Storage duration: Data is deleted as soon as it is no longer required for processing, at the latest after the expiry of statutory retention periods.

    9. Your Rights as a Data Subject

    You have the following rights vis-à-vis the data controller:

    Access (Art. 15 GDPR): You can request information about whether and which personal data is processed, for which purposes, from which sources, and to whom it is disclosed. You will receive a free copy of your data upon request.

    Rectification (Art. 16 GDPR): You can request correction of inaccurate data and completion of incomplete data.

    Erasure (Art. 17 GDPR): You can request deletion of your data if it is no longer necessary for the processing purpose, you have withdrawn your consent, or the processing is unlawful. Exceptions apply for statutory retention obligations.

    Restriction (Art. 18 GDPR): You can request that your data only be stored but not further processed — for example, if you dispute its accuracy or an objection under Art. 21 GDPR is pending.

    Data portability (Art. 20 GDPR): Where processing is based on consent or contract and is carried out by automated means, you have the right to receive your data in a machine-readable format or to have it transferred to another controller.

    Withdrawal of consent (Art. 7(3) GDPR): Where processing is based on your consent, you may withdraw it at any time with effect for the future. The lawfulness of the processing carried out until then remains unaffected.

    Complaint (Art. 77 GDPR): You have the right to lodge a complaint with a supervisory authority. The competent authority is the Bavarian State Office for Data Protection Supervision (BayLDA), Promenade 18, 91522 Ansbach, https://www.lda.bayern.de.

    Automated decisions (Art. 22 GDPR): No automated decision-making including profiling takes place that produces legal effects or similarly significantly affects you.

    To exercise your rights, contact: info@convios.com

    10. Right to Object (Art. 21 GDPR)

    Where personal data on this website is processed on the basis of Art. 6(1)(f) GDPR (legitimate interest), you have the right to object to this processing at any time if there are grounds relating to your particular situation. This applies to processing by Netlify (hosting, server log files) and Plausible Analytics (web analytics). Direct your objection to: info@convios.com.

    Processing of the affected data will then be ceased, unless compelling legitimate grounds can be demonstrated that override your interests, or the processing serves the establishment, exercise, or defense of legal claims.

    11. Data Security

    This website transmits data exclusively in encrypted form (TLS/HTTPS). The controller implements technical and organizational measures to protect your data against loss, destruction, manipulation, and unauthorized access.

    12. Updates and Changes

    This privacy policy was last updated in March 2026. In the event of material changes to the services used or data processing procedures, this policy will be updated accordingly. The current version is available at https://olivergausmann.com/datenschutz.