Privacy Policy — Kerstin Ludwig | Directing Brand, Systems & Transformation

1. Controller

The controller responsible for processing personal data on this website is the person listed in the Imprint.

2. Hosting and server log files

When you visit this website, the hosting provider processes technically necessary access data (server log files), typically including IP address, date/time, requested page/file, referrer URL, and browser/device information. Purpose: website delivery, security, and troubleshooting.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure and stable operation).

Retention: only as long as necessary for these purposes (per the host’s retention settings).

3. Contact (email)

If you contact me by email, I process the data you provide (e.g., name, email address, message) to respond to your request.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual/contractual communication) and/or Art. 6(1)(f) GDPR (handling inquiries).

4. Calendly booking

This website offers appointment booking via Calendly. When you open the booking modal, your browser connects to Calendly and loads Calendly content. Personal data such as your IP address, device/browser information, and booking-related data you enter (e.g., name, email, meeting details) may be processed by Calendly.

Calendly may transfer personal data to countries outside the EEA. Calendly states it relies on recognised transfer mechanisms such as the EU–U.S. Data Privacy Framework and/or Standard Contractual Clauses.

5. Cookies / tracking

This website uses Simple Analytics for privacy-friendly, cookie-free analytics and aggregate site measurement. The setup is used to understand overall page usage and key site interactions in order to improve the website and its core journeys.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in understanding and improving the website). No personal profiles are created through this analytics setup.

Calendly may still set cookies or use similar technologies when the booking modal is opened. Where legally required, such technologies are only used with consent.

6. Your rights

You may have the right to access, rectification, erasure, restriction, data portability, and to object to processing based on legitimate interests. Where processing is based on consent, you can withdraw consent at any time with effect for the future.

7. Supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority.

Last updated: 20 April 2026