Privacy Policy
Last updated: June 2026
This is a convenience translation. The German version is legally binding.
Protecting your personal data is important to me. This policy informs you about which data is processed when you visit this website (maikbusch.com) and the client portal (portal.maikbusch.com), for what purpose and on what legal basis.
1. Controller
The controller within the meaning of the General Data Protection Regulation (GDPR) is:
Maik Busch
Waldstraße 7
26188 Edewecht
Germany
Phone: +49 172 2187830
Email: maik@maikbusch.com
2. Hosting and server log files
This website is hosted by ALL-INKL.COM – Neue Medien Münnich, owner: René Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany. The provider processes the data listed below on our behalf on the basis of a data processing agreement pursuant to Art. 28 GDPR. The servers are located in Germany.
When the website is accessed, information is automatically stored in so-called server log files that your browser transmits. These are:
- Browser type and version
- Operating system used
- Referrer URL (the previously visited page)
- Host name of the accessing computer
- Time of the server request
- IP address
This data serves the secure and stable operation of the website and is not merged with other data sources. The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in the secure operation of the website). The log data is deleted as soon as it is no longer required for the stated purpose.
3. Appointment booking (TidyCal)
For booking appointments (e.g. the E-Commerce Sparring) we use the service TidyCal, provider: Sumo Group, Inc., Austin, Texas, USA. When you book an appointment, the data you provide (in particular name, email address, preferred appointment and your answers to the preliminary questions) is transmitted to TidyCal and processed there to carry out the booking.
The legal basis is Art. 6 (1) (b) GDPR (performance of pre-contractual measures and contract fulfilment). As the provider is based in the USA, data may be transferred to the USA. Further information can be found in the TidyCal privacy policy.
4. Payment processing (Stripe)
For processing paid bookings we use the payment service provider Stripe, provider in Europe: Stripe Payments Europe, Limited, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. The data required for payment (e.g. name, email address, billing and payment data) is processed directly by Stripe; complete payment data is not stored by us.
The legal basis is Art. 6 (1) (b) GDPR (contract fulfilment). Stripe may transfer data to Stripe, Inc. in the USA. Further information can be found in the Stripe privacy policy.
5. Newsletter (Brevo)
If you sign up for the newsletter, your first name and email address are transferred to Brevo SAS (formerly Sendinblue), 7 rue de Madrid, 75008 Paris, France, and stored there. Brevo is our service provider for sending the newsletter.
The processing is based on your consent pursuant to Art. 6 (1) (a) GDPR. You can withdraw your consent at any time by using the unsubscribe link in every newsletter or by contacting us by email. The lawfulness of the processing carried out up to the withdrawal remains unaffected.
Brevo is certified under the EU-US Data Privacy Framework. Further information can be found in the Brevo privacy policy.
6. Contact form
If you use the contact form on this website, we process the data you enter (first name, name, email address, optionally company as well as subject and message) in order to handle and respond to your enquiry. The technical delivery of your message to us takes place via our service provider Brevo SAS, 7 rue de Madrid, 75008 Paris, France.
The legal basis is Art. 6 (1) (b) GDPR (initiation or fulfilment of a contract) as well as our legitimate interest in responding to your enquiry (Art. 6 (1) (f) GDPR). The data is deleted as soon as your enquiry has been conclusively handled and no statutory retention obligations conflict with this. Brevo is certified under the EU-US Data Privacy Framework.
7. Client portal
Via the access-protected client portal (portal.maikbusch.com) we provide clients with documents and information relating to their mandate. To use it, we process the data required for access (e.g. name, email address) as well as the content provided in the portal. The legal basis is Art. 6 (1) (b) GDPR (contract fulfilment).
The portal runs on Supabase (provider: Supabase, Inc.), which we use as a processor under Art. 28 GDPR for the database, authentication and file storage. We process access and authentication data (name, email address, encrypted password) as well as the documents and content provided in the course of the mandate. Data is stored in the region selected for the project; where this is located outside the EU, the transfer relies on appropriate safeguards such as the European Commission's Standard Contractual Clauses. Data is retained only for as long as required for the mandate or by statutory retention obligations.
For the operation of the portal, technically necessary information is stored in your browser's local storage. This is required for the portal's function and does not serve analysis or tracking.
8. Fonts (Bunny Fonts)
This website embeds fonts via Bunny Fonts (provider: BunnyWay d.o.o., Cesta komandanta Staneta 4A, 1215 Medvode, Slovenia). Bunny Fonts is a privacy-friendly service that does not store any personal data of visitors, sets no cookies and processes requests in a GDPR-compliant manner within the EU. No transfer to the USA takes place. The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in a consistent presentation). Further information: Bunny.net Privacy Policy.
9. Web analytics (Umami)
For measuring reach and usage we use Umami (provider: Umami Software, Inc., USA). Umami works without cookies and without recognising individual persons. Only aggregated, anonymous statistics are created (e.g. page views, approximate origin, browser used); no personal data is stored and no data is sold to third parties. As the provider is based in the USA, processing in the USA cannot be ruled out, though no personal data is collected. The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in privacy-friendly reach measurement). Further information: Umami Privacy Policy.
10. Cookies and local storage
This website does not use tracking, advertising or marketing cookies. The web analytics in use (Umami) works without cookies. Only technically necessary storage mechanisms are used (e.g. the local browser storage in the client portal). Cookie consent is therefore not required.
11. LinkedIn
This website contains a link to the LinkedIn profile. By clicking the link you are redirected to the LinkedIn website (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland). LinkedIn then processes data according to its own privacy provisions. Further information: LinkedIn Privacy Policy.
12. SSL/TLS encryption
For security reasons this website uses SSL/TLS encryption. You can recognise an encrypted connection by the fact that the browser's address bar begins with “https://”.
13. Your rights
You have the following rights with respect to your personal data:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object (Art. 21 GDPR)
- Right to withdraw consent (Art. 7 (3) GDPR)
To exercise your rights, please contact: maik@maikbusch.com
14. Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data. The authority responsible for the controller is the State Commissioner for Data Protection of Lower Saxony (LfD Niedersachsen), Prinzenstraße 5, 30159 Hannover. You may also contact the supervisory authority of your usual place of residence.
15. Currency of this privacy policy
This privacy policy is dated June 2026. As the website develops or legal requirements change, it may become necessary to adapt this policy.