Privacy Policy

Information pursuant to Article 13 & 14 GDPR, § 26 BDSG, and §§ 24 ff. TTDSG

1. Controller

Olymaris Digital Transformation Agency
Owner: Mariam Zamani
Rochlitzer Straße 1, 09217 Burgstädt, Germany
Email: contact@olymaris.com
Phone: +49 (0) 157 382 218 79

We are established in Germany and therefore subject to the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). No external EU representative is required.

2. Data Protection Officer

As a small enterprise (< 20 employees) we are not legally obliged to appoint a Data Protection Officer. Please direct all privacy-related inquiries to the contact details above.

We continuously monitor our data processing activities to ensure compliance with Art. 37 GDPR and § 38 BDSG.

3. Purposes and Legal Basis of Processing

Website operation & security – to ensure functionality and system security (Art. 6 (1)(f) GDPR).
Contact requests – to respond to inquiries (Art. 6 (1)(b)/(f) GDPR).
Service delivery & contracts – for the performance of contractual obligations (Art. 6 (1)(b) GDPR).
Marketing & analytics (cookies) – based on consent (Art. 6 (1)(a) GDPR / § 25 TTDSG).

Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.

4. Data Categories

We process personal data such as name, email address, phone number, usage data, IP addresses, and browser information that your device automatically transmits when visiting our website.

We do not intentionally collect special categories of personal data (Art. 9 GDPR).

5. Cookies & Tracking Technologies

We use technically necessary cookies to operate this website. Analytical or marketing cookies are used only with your explicit consent under § 25 TTDSG. You can withdraw consent at any time via your browser settings or our cookie banner.

If we use external services such as Google Analytics, Meta Pixel, or Cloudflare, these are listed in our Cookie Policy with full details on purpose, provider, and data retention.

6. Recipients of Data

Your data will not be sold or disclosed to unauthorized third parties. We may share data with service providers (e.g., hosting or email providers) bound by data-processing agreements pursuant to Art. 28 GDPR.

7. Transfers to Third Countries

If services (e.g., analytics, cloud providers) are based outside the EU/EEA, data transfer occurs only under an adequacy decision (Art. 45 GDPR) or Standard Contractual Clauses (Art. 46 GDPR). For providers based in the U.S. (e.g., Google, Microsoft), we use the latest EU Standard Contractual Clauses (SCCs) approved by the European Commission to ensure an adequate level of data protection.

8. Storage Duration

We store personal data only as long as necessary to fulfil contractual or legal obligations or until you withdraw consent. Statutory retention obligations (e.g., § 147 AO, § 257 HGB) remain unaffected.

9. Your Rights

Right of access (Art. 15 GDPR)
Right to rectification (Art. 16 GDPR)
Right to erasure (Art. 17 GDPR)
Right to restriction (Art. 18 GDPR)
Right to data portability (Art. 20 GDPR)
Right to object (Art. 21 GDPR)
Right to lodge a complaint with a Data Protection Authority (Art. 77 GDPR)

The competent supervisory authority is:
Sächsischer Datenschutzbeauftragter
Devrientstraße 5, 01067 Dresden, Germany
Website: www.datenschutz.sachsen.de

10. Obligation to Provide Data

You are not legally obliged to provide personal data when visiting our site. However, technical data is required for website functionality, and refusal to provide it may limit service use.

11. Automated Decision-Making

No automated decision-making or profiling within the meaning of Art. 22 GDPR takes place.

12. Updates to This Policy

We may amend this Privacy Policy to reflect legal or technical changes. The current version is always available on our website with the date of last update.

Last updated: October 24, 2025 | Olymaris Digital Transformation Agency