This Privacy Policy explains how Finovo Consulting processes personal data when you visit finovo-consulting.de, contact us, or use our services.

1) Controller

Finovo Consulting – Anne Hennig
Karl-Marx-Str. 179D, 12043 Berlin, Germany
Email: [privacy@finovo-consulting.de] · Phone: [+49 …]

Separate controller for insurance-brokerage services:
Danny Hennig, Königsheideweg 268, 12487 Berlin, Germany, danny@consulting-hennig.com.
If your request relates to insurance mediation, your data may be shared with and processed by Danny Hennig as an independent controller.

2) What data we process

• Inquiry data: name, contact details, message content.

• Client/service data: information you provide for advice, documents, preferences.

• Communication data: email, phone, WhatsApp Business messages.

• Technical data: IP address, timestamps, pages viewed, basic device/browser data (server logs; essential cookies only).

• Billing data (if applicable): name, address, invoice details.
  
  

3) Purposes & legal bases (Art. 6 GDPR)

• Responding to inquiries, pre-contract steps, and performing a contract (Art. 6(1)(b)).

• Fulfilling legal obligations (e.g., commercial/tax retention, regulatory duties) (Art. 6(1)(c)).

• Legitimate interests in running, securing and improving our website and communications (Art. 6(1)(f)).

• Consent for optional features (e.g., certain marketing/analytics or WhatsApp if initiated by you) (Art. 6(1)(a)). You can withdraw consent at any time.
  
  

4) Retention

We store inquiry and contract data as long as needed to handle your request and to comply with statutory retention (generally 6–10 years under German law for business records). Server logs are typically deleted or anonymized within [90] days.

5) Recipients & processors

We use carefully selected service providers under data-processing agreements where required:

• Hosting / infrastructure: Hostinger, EU

• Google Workspace (email, documents, video calls); Google Ireland Ltd. / Google LLC

• WhatsApp Business (WhatsApp Ireland Ltd. / affiliated companies)

Where providers process data outside the EU/EEA, transfers rely on appropriate safeguards (e.g., EU Standard Contractual Clauses). Details available on request where legally required.

6) Cookies & similar technologies

We use only essential cookies necessary to operate and secure the site.

7) Contact forms, email & WhatsApp

If you contact us, we process your data to handle the inquiry and any follow-up. If you message us via WhatsApp Business, your phone number and message content are processed by WhatsApp; this may involve third-country transfers. Please avoid sending sensitive information via WhatsApp.

8) Your rights

You have the rights of access, rectification, erasure, restriction, data portability, and objection (Arts. 15–21 GDPR). You may withdraw consent at any time with effect for the future.
You can lodge a complaint with a supervisory authority, in particular:
Berlin Commissioner for Data Protection and Freedom of Information (BlnBDI), Alt-Moabit 59–61, 10555 Berlin, Germany – https://www.datenschutz-berlin.de/

9) Security

We use appropriate technical and organizational measures (e.g., TLS encryption, access controls). No method is 100% secure.

10) Updates

We may update this Privacy Policy from time to time; the current version is published here.
Last updated: 01 September 2025

Privacy Policy (GDPR)