Privacy Policy

Last updated: March 16, 2025

We appreciate your visit to the Geostrategists websites. As a specialized platform for geopolitical and country-specific expertise, the protection of your personal data is particularly important to us. In this privacy policy, we inform you transparently about what data we collect, how we process it, and what rights you have.

Please note that this English translation is provided solely for informational purposes and convenience. The German-language version of this privacy policy constitutes the official and legally binding document. In the event of any inconsistency or contradiction between the German original and this English translation, the provisions of the German version shall take precedence.

Responsible Entity and Contact

Responsible entity within the meaning of the Datenschutz-Grundverordnung (DSGVO):

Geostrategists Consulting GmbH
Zellertal 24
93444 Bad Kötzting
Germany

Email: info@geostrategists.de

If you have questions about data protection, your rights, or this privacy policy, you can contact us at any time using the contact details provided above. When you contact us by email, your email address and the content of your message will be processed to handle your inquiry. This data processing is based on Art. 6 Abs. 1 lit. f DSGVO (legitimate interest in responding to inquiries).

Principles of Data Processing

The protection of your privacy is of the highest importance to us. We process your personal data according to the following principles:

  • Lawfulness, fairness, and transparency,
  • Purpose limitation of collected data,
  • Data minimization during processing,
  • Ensuring data accuracy,
  • Adherence to storage limitations,
  • Ensuring integrity and confidentiality.

Data Processing During Website Visits

Cookies and Tracking

We deliberately refrain from using tracking cookies. For our web analytics, we use Plausible Analytics, a privacy-friendly alternative that operates without cookies.

On our website, we only use technically necessary cookies:

  • Session cookies: These temporary cookies store a session ID that allows different requests from your browser to be assigned to a common session. This enables us to recognize your computer when you return and, for example, to save your form entries across different page views. Session cookies are automatically deleted when you close your browser.

These cookies are essential for the smooth operation of our website and enable basic functions such as session management during login or saving form content while navigating.

The legal basis for processing is Art. 6 Abs. 1 lit. f DSGVO (legitimate interest), as these cookies are technically necessary for the operation of our website.

You can set your browser to inform you about the placement of cookies and to allow cookies only in individual cases, to exclude the acceptance of cookies for certain cases or in general, and to activate the automatic deletion of cookies when closing the browser. The functionality of this website may be limited if cookies are deactivated.

Automatically Collected Data

When you visit our website, the following data is automatically collected for technical reasons:

  • IP address (anonymized),
  • Date and time of access,
  • Name and URL of the accessed page,
  • Amount of data transferred,
  • Access status,
  • Browser type and version,
  • Operating system,
  • Referrer URL (the previously visited page).

The legal basis for this processing is Art. 6 Abs. 1 lit. f DSGVO (legitimate interest). Our legitimate interest lies in ensuring the functionality and security of our website.

The data is automatically deleted after 7 days.

Hosting and Technical Infrastructure

We use Amazon Web Services (AWS) in the eu-central-1 region (Frankfurt) for hosting our website. For backup and disaster recovery, data may be temporarily processed in other AWS regions within the EU. Additionally, AWS employees from third countries, particularly the USA, may have technical access to the systems for maintenance and support.

For such data transfers, we rely on the EU Standard Contractual Clauses and the EU-US Data Privacy Framework as appropriate safeguards within the meaning of Art. 44 ff. DSGVO.

Analytics and Performance Monitoring

Plausible Analytics

We use Plausible Analytics as a privacy-friendly alternative to conventional analytics tools. Plausible Analytics processes the following data:

  • Visited URL,
  • HTTP referrer (the website from which a visitor came),
  • Browser (derived from the User-Agent HTTP header),
  • Operating system (derived from the User-Agent HTTP header),
  • Device type (Desktop, Mobile, Tablet),
  • Country, region, city (based on the IP address, which is not stored).

Important privacy features of Plausible Analytics:

  • No use of cookies,
  • No storage of personal data,
  • No permanent storage of IP addresses,
  • No cross-device tracking,
  • No cross-website tracking,
  • Hosting exclusively in the EU (Germany).

Data processing is based on Art. 6 Abs. 1 lit. f DSGVO (legitimate interest). Our legitimate interest lies in analyzing and optimizing our web offering.

You have the right to object to data processing based on our legitimate interest at any time (Art. 21 DSGVO). After your objection, we will no longer process your data for these purposes unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.

Sentry

For technical monitoring and error detection, we use Sentry. The following data is collected:

  • Technical error messages,
  • Performance metrics,
  • Browser and system data,
  • Anonymized usage paths,
  • IP addresses (temporarily for error analysis).

The data is processed in the EU and automatically deleted after 30 days.

Technical Service Providers

We use the following technical service providers for the operation of our platform:

  • Amazon Web Services (AWS) for hosting and cloud infrastructure,
  • Plausible Analytics for web analytics,
  • Sentry for technical monitoring.

We have concluded data processing agreements with all service providers according to Art. 28 DSGVO and ensure through appropriate safeguards that an adequate level of data protection is guaranteed even when processing in third countries.

Data Processing When Using Our Platform

Registration as an Expert

When registering as an expert, we collect the following mandatory information:

  • First and last name,
  • Business contact details (email and phone),
  • Professional expertise (regions and subject areas),
  • Services offered,
  • Evidence of qualification and experience.

Voluntary information includes:

  • Form of address and title,
  • Additional information on expertise,
  • Additional references,
  • Profile picture,
  • Detailed project descriptions.

During or after successful placement, the following additional information is collected:

  • Bank details,
  • Tax-relevant data,
  • Fee expectations (daily rates or other compensation models).

The processing of this data is based on Art. 6 Abs. 1 lit. b DSGVO, as it is necessary for the performance of the placement contract.

Registration as a Client

When registering as a client, we collect the following mandatory information:

  • Company name,
  • First and last name of the contact person,
  • Business contact details (email and phone),
  • Expertise sought (regions and subject areas),
  • Desired services,
  • Form of deployment (remote/on-site),
  • Desired start date,
  • Duration and intensity of deployment.

Voluntary information includes:

  • Form of address and title,
  • Position in the company,
  • Detailed project description,
  • Specific time availability,
  • Notes on the form of deployment.

The processing of this data is based on Art. 6 Abs. 1 lit. b DSGVO, as it is necessary for the performance of the placement contract.

Storage Duration

We process and store your personal data only for the period necessary to fulfill the storage purpose or as required by legal provisions.

After the end of the active business relationship, your profile data will be deleted after 6 months unless legal retention obligations prevent this. Business letters, booking documents, and similar documents are kept for up to 10 years in accordance with statutory retention periods.

Storage may occur in particular if:

  • It is necessary for the fulfillment of contractual obligations,
  • Legal retention obligations require it,
  • You have consented to longer storage,
  • It is necessary for the establishment, exercise, or defense of legal claims.

International Data Transfers

Principles

We generally process your data in Germany or the European Union. Should a transfer to third countries occur, we ensure that this only happens under the strict requirements of Art. 44 ff. DSGVO.

International Data Transfers and Safeguards

For any data transfers to the USA (e.g., in the context of maintenance and support by our technical service providers), we rely on:

  • The EU-US Data Privacy Framework,
  • EU Standard Contractual Clauses according to Art. 46 Abs. 2 lit. c DSGVO,
  • Appropriate safeguards according to Art. 46 DSGVO,
  • Binding corporate rules according to Art. 47 DSGVO.

We ensure through appropriate contractual agreements and technical and organizational measures that an adequate level of data protection is guaranteed even when data is processed in third countries.

Social Media and External Services

LinkedIn Integration

We use various LinkedIn functions on our platform:

When using "Sign in with LinkedIn," the following data is retrieved from LinkedIn:

  • Basic profile information (name, email)
  • Professional career
  • Current position
  • Professional expertise

With profile synchronization enabled, changes to your LinkedIn profile are automatically applied to your Geostrategists profile. You can deactivate the synchronization at any time in your profile settings.

The data processing is based on your consent (Art. 6 Abs. 1 lit. a DSGVO). For more information on data processing by LinkedIn, please see their privacy policy at: https://de.linkedin.com/legal/privacy-policy

Social Media Presences

We maintain presences on various social networks. When you visit these, personal data may be transmitted to the respective platform operators.

Technical and Organizational Measures

To protect your personal data, we have implemented appropriate technical and organizational security measures in accordance with Art. 32 DSGVO:

  • Encryption through end-to-end SSL/TLS encryption of the website and all data transfers,
  • Access control through strictly regulated access rights and two-factor authentication,
  • Data security through regular backups and redundant systems,
  • Availability control through protection against technical disruptions and DDoS attacks,
  • Separation requirement through separate processing of data for different purposes,
  • Regular security audits and penetration tests,
  • Training and sensitization of our employees.

Your Rights as a Data Subject

You have the following rights:

  • Right to information (Art. 15 DSGVO),
  • Right to rectification (Art. 16 DSGVO),
  • Right to erasure (Art. 17 DSGVO),
  • Right to restriction of processing (Art. 18 DSGVO),
  • Right to data portability (Art. 20 DSGVO),
  • Right to object (Art. 21 DSGVO),
  • Right to withdraw given consent (Art. 7 Abs. 3 DSGVO).

To exercise your rights, please contact us using the contact details provided above.

You also have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data.

Changes to the Privacy Policy

We continuously develop our services. In doing so, we reserve the right to adapt this privacy policy to ensure that it always complies with current legal requirements and transparently reflects our services and their data processing.

Changes may arise in particular due to:

  • Further development of our services,
  • Adaptation to new technologies,
  • Changes in the legal situation,
  • Optimization of our processes.

The current version of this privacy policy can always be found at https://www.geostrategists.de/en/privacy.