100north

Services

About

Contact

Privacy Policy

Effective Date: 10.04.2026

This Privacy Policy explains how personal data is processed on this website operated by Fabian Herrmann. This website is designed with a privacy-first approach and complies with the General Data Protection Regulation (GDPR).

1. Data Controller (Art. 4(7) GDPR)

The data controller responsible for processing personal data is:

Fabian Herrmann Consulting
Fabian Herrmann
Sonnenallee 148
12059 Berlin

fabian (at) 100north (dot) io
DE461022918

2. Principles of Processing (Art. 5 GDPR)

We adhere to the following principles:

  • Data minimization: We only process data strictly necessary

  • Purpose limitation: Data is used only for clearly defined purposes

  • Storage limitation: Data is retained only as long as necessary

  • Integrity and confidentiality: Data is protected against unauthorized access

3. Categories of Personal Data Processed

a. Data You Provide Voluntarily (Art. 6(1)(b), (f) GDPR)

If you contact us (e.g., via email), we may process:

  • Name

  • Email address

  • Message content

Purpose:

  • Responding to inquiries

  • Pre-contractual communication

Legal Basis:

  • Art. 6(1)(b) GDPR (pre-contractual measures)

  • Art. 6(1)(f) GDPR (legitimate interest in communication)

b. Server Log Files (Art. 6(1)(f) GDPR)

When you access this website, the hosting provider (Framer) and its infrastructure partner (Cloudflare) automatically process:

  • IP address (not stored beyond request handling)

  • Date and time of request

  • Browser type and version

  • Operating system

  • Referrer URL

Purpose:

  • Ensuring website security and stability

  • Detecting and preventing abuse

Legal Basis:

  • Art. 6(1)(f) GDPR (legitimate interest in secure operation)

c. Analytics Data (Art. 6(1)(f) GDPR)

This website uses privacy-preserving, cookie-free analytics:

Cloudflare Web Analytics

  • No cookies are used

  • No cross-site tracking

  • No user profiling

  • IP addresses are not stored

Google Search Console

  • Provides aggregated search performance data (queries, impressions, clicks)

  • No direct identification of users

Purpose:

  • Understanding website performance

  • Improving content and visibility

Legal Basis:

  • Art. 6(1)(f) GDPR (legitimate interest in optimizing the website)

4. Cookies and Tracking (Art. 5(3) ePrivacy Directive)

This website:

  • Does not use cookies

  • Does not use tracking technologies requiring consent

Therefore, no cookie consent banner is required.

5. Recipients of Data (Art. 28 GDPR)

Personal data may be processed by the following service providers acting as processors:

  • Framer B.V. (website hosting)

  • Cloudflare, Inc. (content delivery, security, analytics)

  • Google Ireland Limited (Google Search Console)

Data Processing Agreements (DPAs) are in place with each provider where required.

6. International Data Transfers (Art. 44 et seq. GDPR)

Some data may be transferred to countries outside the European Economic Area (EEA), particularly to the United States.

Such transfers are safeguarded by:

  • Standard Contractual Clauses (SCCs) approved by the European Commission

  • Additional technical and organizational measures where applicable

7. Data Retention (Art. 5(1)(e) GDPR)

  • Contact data: retained only as long as necessary to handle the request and comply with legal obligations

  • Server logs: retained for a limited period for security purposes

  • Analytics data: processed only in aggregated, non-identifiable form

8. Your Rights (Art. 12–22 GDPR)

You have the following rights:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure ("right to be forgotten") (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to object (Art. 21 GDPR)

To exercise your rights, contact: [Email Address]

9. Right to Lodge a Complaint (Art. 77 GDPR)

You have the right to lodge a complaint with a supervisory authority. The competent supervisory authority for Berlin is:

Berliner Beauftragte für Datenschutz und Informationsfreiheit Friedrichstr. 219 10969 Berlin mailbox@datenschutz-berlin.de

10. Obligation to Provide Data

You are not legally required to provide personal data. However, failure to provide necessary information (e.g., email details) may prevent us from responding to your inquiry.

11. Automated Decision-Making (Art. 22 GDPR)

This website does not engage in automated decision-making or profiling.

12. Data Security (Art. 32 GDPR)

Appropriate technical and organizational measures are implemented, including:

  • Encryption (HTTPS)

  • Access controls

  • Secure hosting infrastructure

13. Changes to This Privacy Policy

This Privacy Policy may be updated to reflect legal or operational changes. The current version is always available on this page.

14. Contact

For any privacy-related questions or to exercise your rights:

Fabian Herrmann
fabian (at) 100north (dot) io