For quick navigation, here is an overview of our policies as described in more detail below:
- Visitors are anonymous by default and clearly informed about their privacy rights. This section details how we use
- Protocols are in place to archive and delete user-submitted data after a set period of time. This section explains how we use Slack and social media platforms to reach our customers.
- Any personal information you share with us is used for its intended purpose only. This section also talks about cookies.
- You are in control and can ask to see, change, or erase your data at any time.
- User submissions are stored for a limited amount of time unless you consent to longer data retention.
- We do our best to keep your data safe with the help of professional security tools and community resources.
When it comes to privacy, GermanBureau.com is different from a lot of other sites on the Web. Everyone promises that they care about your privacy, but the platitude often masks industry practices that many users perceive as invasive.
GermanBureau wants no part in the data-mining economy. And in practice, our team is too busy with their core business to engage in complex data-driven marketing campaigns. We deal with our customers individually, on a personal basis, not at mass-market scale.
That said, the year is 2021 and data matters when you want to make the best website possible. GermanBureau.com uses a basic set of modern tools to ensure adequate security and also to understand what users want. We have configured these tools on a privacy-first basis, and we hope you enjoy the default anonymity and light pageloads that come with this approach.
Our policies are governed by German and European laws. This page explains our principles in simple language alongside excerpts from the relevant legal text of the EU’s General Data Protection Regulation (GDPR).
As a matter of principle, we consider data privacy to be a fight worth fighting in the information age. We stand with non-profit organizations working to strengthen digital rights around the world. To learn more about online privacy in general, we recommend you head over to the Electronic Frontier Foundation and use their tips and tools for a better browsing experience. (Please note that we are not affiliated with EFF.)
We will never ask you to turn off your ad blocker, disable your privacy plugins, or take any other shortcuts around your rights online. In fact, we encourage users to take a proactive approach to their own privacy. You might consider switching to a privacy-centric browser such as the Chromium-based Brave Browser or the non-profit Tor Browser (again, no affiliation). If you are already active in some other way, we salute your efforts to keep the internet open and safe for all.
What Makes Certain Data “Personal”?
The European GDPR framework defines personally identifiable data (PII) as “any information that relates to an individual who can be directly or indirectly identified.” Obvious data types that fall into this category are names and email addresses. But there are less obvious ones, too: Location information such as zip codes or geo-tracking; ethnicity, gender, religion, and other demographics; biometric data such as fingerprint scans or facial recognition; personal beliefs and political opinions; and web cookies can all be a form of personal data.
There is also the issue of so-called pseudonymous data, which may also fall under the definition of PII if it is easy enough to identify someone from it. Art. 4 (5) GDPR defines pseudonymization as “the processing of data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.”
These definitions are important if you want to fully understand the scope (and limitations) of your privacy rights as an online citizen. Keep reading to see how they apply to this website in particular.
Anonymous by Default
GDPR Article 5 (1): “Personal data shall be processed lawfully, fairly and in a transparent manner in relation to individuals.”
Anyone can access the public pages on GermanBureau.com without providing personal information. We use anonymized traffic data to understand how users navigate the site, but we make no attempt to identify individual visitors without their express consent. A pop-up dialog alerts new users to the default privacy settings and asks for consent to opt in to non-essential cookies, which are off by default.
In practice, the simple act of visiting our website — any website — reveals a certain amount of information about you to various actors along the data stream. This notably includes your IP address and general geographic location, device and browser configuration, internet service provider, and a host of other metrics that are not directly linked to your person but may reveal an identifying pattern. Malicious actors can use this information to identify and track unique visitors without consent through fingerprinting and other invasive practices.
GermanBureau.com never engages in fingerprinting, cross-site tracking, or other profiling techniques. We have no interest in piecing together the data of individual visitors to identify them or harvest their personal information.
Google and You
We use third-party analytics to understand how users are navigating our site. However, we have configured our tools to collect only anonymized, aggregate data on the site traffic. We do not have access to individual user patterns, and we never track anyone outside of our own domain. If we do post a link that deviates from these guidelines, it will be clearly marked as sponsored or tracked.
Update: We no longer use Google services on our website! You may disregard the paragraph below.
Microsoft and You
Likewise, we use an analytical tool called Microsoft Clarity to gain insights on how users are navigating our site. Clarity collects information about “user journeys” and shares that data with us in anonymized graphs.
Interacting with Us
GDPR Article 5 (2): “Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes.”
Users may voluntarily decide to interact with our site in ways that could reveal personal information; for example, when a visitor agrees to provide their name and email address to get in touch with us, or when someone enters a contractual agreement by hiring our services.
Any personal information you submit to us via GermanBureau.com (or by other means of direct contact) is stored in our databases for the sole purpose of processing your specific query. This could be a contact request, account registration, or any other user-initiated action. In the absence of a user-consent marker, such data are subject to automatic protocols that will archive and delete database entries after a set period. We regularly review our data retention policies to comply with the legal framework envisioned by Europe’s GDPR.
Again, we are not in the data-mining business. That means we will never sell, rent, swap, or otherwise authorize a third party to exploit your personal information for commercial gain. Visitor data gathered for our own marketing and analytics are anonymous as described above.
Web-Based Chat with Slack
GermanBureau.com offers a chat client that is integrated into the website. Users may choose to send us instant messages by tapping an on-screen icon to open a chat window. The user is prompted to enter their name and contact information, but this is voluntary. They may then send a message.
Such messages are relayed to a digital workspace on Slack, a team communication platform by Slack Technologies, Inc. (Salesforce acquired the company in 2020). In addition, we use the website plugin SmallChat by Nicer LLC to integrate this chat client into our website.
All messages received in this manner are stored and processed in accordance with our retention policies outlined under “You Decide How Long We Keep Your Data” below.
We maintain several profiles on social media sites where users can interact with us. These third-party platforms require you to sign in with an account on terms that are typically more permissive than GermanBureau.com in their handling of personal information. However, you do have some control over the data you share and what happens to it. Social media providers have privacy controls where you can tweak your settings, and we encourage you to set these permissions according to your own needs and beliefs.
As for GermanBureau.com, we may sometimes post those little social media buttons you see everywhere. Besides being a quick way for users to share content, this type of code allows us to embed off-site content on our own pages. As a general rule, we try to minimize data usage by embedding only a few platforms that are important to our business, and by restricting the scope of user data these platforms share with us.
Still, we feel the need for a word of warning here: When you use embedded social media buttons, their respective third-party providers are processing the data, including information about your interactions with our website. Tech giants like Facebook, Twitter, Google, and others have built their core business on sophisticated algorithms to track the behavior of online users and serve them personalized ads. In short, the world’s tech giants can extract a lot of information from your actions on social media. While we do not store any of this information on our own servers without express user consent, we might benefit from it indirectly if we choose to advertise our services through platforms that use unique identifiers in their own algorithms.
We want to be able to advertise on social media, and so we ask for your forgiveness on this point. GermanBureau is currently active with a company profile on LinkedIn and Twitter. In addition, individual members of our freelance network may be active on other social media platforms, and we might feature their profiles on our website from time to time.
Keeping It Simple
GDPR Article 5 (3): “Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.”
Our website encourages users to reach out to us in pusuit of a business relationship. Our web-based contact methods come with a privacy notice and/or user consent marker. If you initiate contact with us by other means such as email or phone, we can only assume that you are fine with us storing your contact information for a limited time so that we can communicate with you. If we need additional permissions, we will ask first.
Certain pages may prompt you to enter personal information such as your name and email address. Such requests are voluntary, and a refusal will not impact your browsing experience on this site. GermanBureau.com will always seek consent before collecting personal information.
Obviously, this does not apply to information that is already out there in a published format. Our marketers maintain a cold-calling database with contact information sourced from company websites and other public records. Whenever we use this database to make first contact with a potential client, we make every effort to explain where we found the data and how to change or remove it from our records.
Although GermanBureau.com contains no third-party advertising, analytical tools such as Microsoft Clarity may use third-party cookies for traffic evaluation. This means that any information gathered through cookies may be stored on a Microsoft server located in the United States of America or anywhere else in the world where the company decides to store its data. Microsoft may then use the information to analyze your usage of our site, create reports on related online traffic patterns for us, and provide its own services based on aggregate data collected from millions of users. Microsoft may also transfer this information to other third parties for further processing on their behalf.
To the best of our knowledge, Microsoft is GDPR-compliant in the European Union. If information comes to light showing otherwise, we pledge to switch providers.
You Control Your Data
GDPR Article 5 (4): “Personal data shall be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay.
To view, update, or delete the information you have shared with us, please send us a short message and tell us what to do with your personal data. At your request, we can supply a complete overview of the information we have on you, and then it is up to you what happens to it. We can modify or remove individual portions of your data, or you can ask us to delete the entire set.
In general, we reserve the right to verify your identity whenever someone requests a change in your data. This simple security measure acts as a safeguard against unauthorized access, which is good for you and helps us comply with the law. In the future, we will be offering more web-based controls for you to easily manage your data on our site. We ask for your patience as we develop an adequate technical solution.
Please note that any emails or messages you send us are retained for archival purposes under our limited data retention policy (see below). If for some reason you would like to remove all traces of your interactions with us, just let us know and we will do what we can.
There are some rare and clearly defined instances in which we have to keep your data without consent; for example, if law enforcement serves us a legitimate court order. In the unlikely event that we retain your data for reasons other than our own, we will inform you as permitted by law.
Stay safe out there!
You Decide How Long We Keep Your Data
GDPR Article 5 (5): “Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals.”
There are generally two options for storing your information with us:
Under this policy, your data are automatically deleted after a specified time unless you consent to other options. Limited data retention is the default policy for new contacts.
By default, the system scrambles IP address information after three months and deletes the whole dataset after one year.
Example: You request a price quote through our price calculator. The information you submit is stored in our web database, and a copy lands in our email inbox. Three months later, the system anonymizes your IP address; and after one year, it erases your submitted data from our servers and email inbox.
Under this policy, we store your data forever — or rather, for the maximum amount of time permitted by law. We encourage our business partners to opt in to unlimited data retention to facilitate long-term relationships.
Example: You hire us to provide recurring services under an ongoing contract. Beyond the contractual data, which we are obliged to retain anyway, we ask to keep a record of your full contact information and customer insights gleaned from analytics. By allowing us to retain such data indefinitely, you can help us better serve your needs in the future.
How We Protect Your Data
GDPR Article 5 (6): “Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
Even the most low-traffic site is subject to daily intrusion attempts by automated bots, fake crawlers, impostors, and other shady online actors. That is just how the internet works. We have deployed several trusted plugins to protect our website and its visitors from spam and malicious attacks. Without getting into the details, we can assure you that we are doing everything in our power to keep your data safe.
The internet comes with inherent security risks. For this reason, GermanBureau.com is unable to guarantee full protection against unauthorized access by third parties. To the best of our abilities, we have taken reasonable steps to protect the privacy rights and digital safety of our online visitors.
GermanBureau.com is powered by WordPress, and we rely on community programmers who develop open-source security tools for anyone to use. These professional-grade products are typically licensed to individuals and small businesses at low cost or free of charge. We at GermanBureau.com are endlessly grateful to the community for providing the resources that make this website possible (and affordable).
Questions and Feedback
We are working to provide a fuller set of online privacy controls for our visitors. Until then, to withdraw your consent, simply close all instances of GermanBureau.com on your device and clear your browser cache including cookies. Most browsers will let you do that on a per-site basis (to avoid deleting desirable cookies from other providers). Once the data has been cleared from your device, our servers will treat you as a new visitor if you decide to revisit our site.