Privacy

Controller

Legal basis and general processing principles

We process personal data only where this is necessary for communication, pre-contractual steps, contract performance, system security, or compliance with legal obligations.

Processing based on consent is carried out under Art. 6(1)(a) GDPR. Processing for contract performance or pre-contractual steps is carried out under Art. 6(1)(b) GDPR. Processing for legal obligations is carried out under Art. 6(1)(c) GDPR. Where we pursue legitimate interests, the legal basis is Art. 6(1)(f) GDPR.

Access to information stored on terminal equipment is additionally governed by Section 25 TDDDG. Non-essential cookies and comparable technologies are used only after consent.

Your rights

Data subjects have the following rights under the GDPR:

• access to personal data processed under Art. 15 GDPR,
• rectification of inaccurate or incomplete data under Art. 16 GDPR,
• erasure of personal data under Art. 17 GDPR,
• restriction of processing under Art. 18 GDPR,
• data portability under Art. 20 GDPR,
• objection to processing under Art. 21 GDPR,
• withdrawal of consent with effect for the future under Art. 7(3) GDPR.

You also have the right to lodge a complaint with a competent supervisory authority.

Hosting and server log files

This website is hosted by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. Further information is available in Hetzner's privacy policy: https://www.hetzner.com/legal/privacy-policy/

Server log files may include IP address, access time, requested URL, referrer URL, browser type, operating system, hostname, transferred data volume, HTTP status code, and comparable technical data. Log data is stored only as long as required for delivery, security, error analysis, or abuse prevention.

Contact form and direct contact

If you contact us through the contact form, we process the data entered there. This usually includes name, email address, company, message, and technical metadata of the submission.

The contact form is operated without an external form provider. The website sends the entered data to a same-origin endpoint at /api/contact, hosted on the Tertia/Hetzner server. From there, the message is delivered by email through the Tertia Zoho EU mailbox or Zoho SMTP service.

Newsletter and footer email field

An email address can be entered in the footer for updates or newsletters. This entry is passed to the user's local email program via a mailto: link and is not immediately transmitted by the website to a newsletter service.

Consent management, cookies, and comparable technologies

This website uses Cookiebot by Usercentrics to collect, manage, and document consent choices. The provider is Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark.

You can change or withdraw your consent at any time through the cookie settings below:

Technically necessary cookies or comparable storage may be used for consent management, security, and website operation. Non-essential cookies, local storage, tracking pixels, or comparable technologies are activated only after consent.

Analytics

This website may use Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics is loaded only after your consent.

External resources, fonts, maps, and media

Fonts are embedded locally via Fontsource. External scripts from Cookiebot by Usercentrics, Google Tag Manager, or Google Analytics may be loaded for consent management and statistics.

LinkedIn links

This website may link to LinkedIn. This is only an external link. No LinkedIn tracking pixel and no LinkedIn Insight Tag are integrated.

Customer inquiries and project processing

If an inquiry becomes a contractual relationship, we also process customer, contact, project, billing, and communication data where necessary for proposal preparation, project implementation, documentation, handover, invoicing, and support.

AI-supported automation systems

Tertia develops AI-supported automation and assistance systems for clients. No AI-supported analysis of website visitors takes place on this website.

Which providers, models, infrastructure components, or automation services are used in a customer project is agreed and documented project by project.

Processors and service providers

We may use service providers for hosting, form processing, email, project management, accounting, development, and security. Where required, we conclude data processing agreements with these service providers.

• Hosting: Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany.
• Contact form: same-origin endpoint on the Tertia/Hetzner server, email delivery through Zoho Mail/SMTP.
• Consent management: Cookiebot by Usercentrics, Usercentrics A/S, Copenhagen.
• Analytics: Google Analytics 4 by Google Ireland Limited; only after consent.
• Newsletter service: not used.

Technical and organizational measures

We take technical and organizational measures to protect personal data against loss, destruction, alteration, unauthorized access, and unauthorized disclosure. Depending on the processing, these include TLS encryption, access restrictions, role-based permissions, secure transfer of credentials, backups, logging, and documentation.