Privacy Policy

Last updated: October 2025

The protection of your personal data is important to us. This privacy policy explains how we collect, use and safeguard personal information when you visit thegoldcode.de and our associated online services.

1. Controller

German Sole Trader
Janine Huetter
Süchtelner Straße 104
41747 Viersen, Germany
Phone: +49 172 281 79 86
Email: info@thegoldcode.de
Tax Number: 102/5115/2452

Australian Sole Trader
Janine Huetter
12 Hollis Street
6163 Samson, WA, Australia
Phone: +61 466 987 529
Email: info@thegoldcode.de
ABN: 15740514453

For the purposes of GDPR, the primary establishment is Germany.

2. Scope of processing

We process personal data only to the extent necessary to provide our digital design and marketing consulting services, to ensure the functionality of this website, and to communicate with clients or interested parties.

3. Data collected

3.1 When visiting our website

When you access thegoldcode.de, your browser automatically transmits data to our web server (operated by Hostinger International Ltd.). This data includes:

  • IP address
  • Date and time of access
  • Browser type and version
  • Operating system
  • Referrer URL

This information is required to deliver the website content correctly and to ensure stability and security (Art. 6 (1) f GDPR). The data is automatically deleted or anonymised after a short retention period.

3.2 Contact form and quote requests

When you contact us via our online forms, we collect:

  • Name
  • Email address
  • Phone number (optional)
  • Message content

The data is processed solely to respond to your inquiry (Art. 6 (1) b GDPR). Your information may be stored in our CRM (Brevo, formerly Sendinblue) for follow-up communication. We do not share this data with third parties unless required by law.

3.3 reCAPTCHA v3

To protect our contact forms from automated abuse, we use Google reCAPTCHA v3, a service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). reCAPTCHA analyses user interactions to distinguish humans from bots. This may involve transmitting the IP address and other technical data to Google. Processing is based on our legitimate interest in website security (Art. 6 (1) f GDPR).
Further details: Google Privacy Policy.

4. Cookies and Consent

We use cookies to improve user experience and to analyse website performance. Your consent to non-essential cookies is managed through the CookieYes consent banner. You can adjust your cookie preferences at any time via the banner or your browser settings.

Essential cookies (e.g. for session management and security) are required for technical operation and are processed on the basis of Art. 6 (1) f GDPR.

5. Web analytics – Google Analytics

We use Google Analytics, provided by Google Ireland Limited, to analyse how visitors use our site. Google Analytics uses cookies that transmit anonymised usage data to servers in the EU and, in some cases, the USA. The IP address is anonymised before storage (“IP masking”).

Processing is carried out on the basis of your consent (Art. 6 (1) a GDPR) through the CookieYes banner. You can withdraw consent at any time via the banner or by deleting cookies.

More information: https://policies.google.com/privacy

6. Fonts

We use Google Fonts for uniform display of text and design elements. Fonts are hosted locally on our server so that no connection to Google’s servers is established and no personal data is transmitted.

7. Email communication and CRM

Our newsletters and client correspondence are managed via Brevo (Sendinblue SAS, Paris, France). When you contact us, your data (name, email address, message content) may be stored securely on Brevo’s EU servers. Brevo complies with GDPR and acts as a processor under Art. 28 GDPR. You can request deletion of your communication data at any time.

8. Payments

For project payments, we offer PayPal and Stripe. When you initiate a payment, personal data such as name, address, payment details and transaction IDs are transmitted to the selected payment provider.

Processing is necessary to perform a contract (Art. 6 (1) b GDPR). Each provider is responsible for its own data processing:

9. Hosting

Our website is hosted by Hostinger International Ltd., 61 Lordou Vironos Street, 6023 Larnaca, Cyprus. All data collected through this website is stored on Hostinger’s EU servers. A data processing agreement (DPA) in accordance with Art. 28 GDPR has been concluded with Hostinger.

10. Social media links

Our website contains links (icons) to our social media profiles (e.g. Instagram, LinkedIn, Behance). These are simple hyperlinks, not embedded feeds or plugins. No data is transmitted to these platforms unless you click the link. Each provider’s own privacy policy applies upon redirection.

11. International data transfers

Because we operate internationally (Germany and Australia), personal data may be accessed by the Australian entity under a controller-to-controller relationship. All processing complies with the GDPR and equivalent safeguards under the Australian Privacy Act 1988. Data stored within the EU is primarily processed in the EU and transferred only where necessary and legally permissible.

12. Data retention

Personal data is retained only as long as necessary to fulfil the purpose for which it was collected or to comply with statutory obligations. Contact-form data is typically deleted after 12 months unless a business relationship continues.

13. Your rights (GDPR Articles 15–21)

  • Right of access (Art. 15)
  • Right to rectification (Art. 16)
  • Right to erasure (Art. 17)
  • Right to restriction of processing (Art. 18)
  • Right to data portability (Art. 20)
  • Right to object (Art. 21)
  • Right to lodge a complaint with a supervisory authority (Art. 77)

If you believe your data is being processed unlawfully, you may contact your local data-protection authority. For Germany: Landesbeauftragte für Datenschutz Nordrhein-Westfalen (LDI NRW), Kavalleriestraße 2-4, 40213 Düsseldorf, Germany.

14. Security

We use SSL/TLS encryption and appropriate technical and organisational measures to protect your data from unauthorised access, loss or disclosure.

15. Updates to this policy

We may update this privacy policy periodically to reflect new legal requirements or website changes. The latest version is always available at https://thegoldcode.de/privacy.

Contact for privacy inquiries

Email: info@thegoldcode.de
Phone: +49 172 281 79 86