1. Data Controller (Art. 13 GDPR)
The data controller within the meaning of the General Data Protection Regulation (GDPR) is:
Gabriel Waldeyer
111 Leoforos Chlorakas Avenue
Antonescos Plaza, Shop 9, Suite 301
Chloraka, Paphos, 8220
Cyprus
Tel.: +49 175 846 7721
E-Mail: c i b w a l @ o u t l o o k . c o m
2. Principles of Data Processing
The protection of your personal data is of particular importance to the operator. Personal data is processed exclusively on the basis of applicable statutory provisions, in particular the GDPR and – where applicable – the German Federal Data Protection Act (BDSG).
This website is designed according to the principle of data minimisation. Use of the website is generally possible without providing personal data. Where personal data is collected, this is done on a voluntary basis.
3. Server Log Files
The hosting provider of this website automatically collects and stores information in so-called server log files, which your browser transmits automatically. These include:
URL visited · date and time of access · volume of data transferred in bytes · referrer URL · browser used and browser version · operating system used · IP address (anonymised or full, depending on hosting settings) · hostname of the accessing device
This data cannot be attributed to specific individuals and is not merged with other data sources. The legal basis is Art. 6 para. 1 lit. f GDPR (legitimate interest in the secure and uninterrupted operation of the website). The data is deleted after a maximum of 7 days, unless a specific legal violation has been established.
4. Cookies and Tracking
This website uses no cookies and no tracking technologies whatsoever (no Google Analytics, no Facebook Pixel, no retargeting). For further information please refer to the Cookie Policy.
5. Contact by Email
If you contact the operator by email, your details (email address and content of your message) will be stored for the purpose of processing your enquiry. The legal basis is Art. 6 para. 1 lit. b GDPR (pre-contractual measures) or Art. 6 para. 1 lit. f GDPR (legitimate interest in responding to enquiries). Your data will not be passed on to third parties. The data will be deleted once your enquiry has been conclusively processed and no statutory retention obligation applies.
Please note that email communication without additional encryption is not fully protected from access by third parties.
6. Appointment Booking via Calendly
This website links to the external service Calendly (calendly.com) for appointment booking. Data processing there is the responsibility of Calendly LLC. Their privacy policy applies: https://calendly.com/privacy
7. Video Embedding (Self-Hosted Video)
The video embedded on this website (video.html) is delivered directly from the operator's own server (cibwal.com). No third-party provider such as YouTube is involved; no data is transmitted to external platforms.
8. Your Rights as a Data Subject (Art. 15–22 GDPR)
You have the right to:
Access (Art. 15 GDPR): You may at any time request free information about the personal data stored about you, its origin, recipients and purpose.
Rectification (Art. 16 GDPR): You may request the immediate correction of inaccurate data.
Erasure (Art. 17 GDPR): You may request the deletion of your data, provided no statutory retention obligation applies (e.g. 10-year tax retention requirement).
Restriction of processing (Art. 18 GDPR): You may request that your data be processed only in a restricted manner.
Objection (Art. 21 GDPR): You may object at any time to the processing of your data on the basis of legitimate interests.
Data portability (Art. 20 GDPR): You may request that your data be provided to you in a structured, commonly used and machine-readable format.
Right to lodge a complaint: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence. The competent supervisory authority in Bavaria is: Bayerisches Landesamt für Datenschutzaufsicht (BayLDA), Promenade 27, 91522 Ansbach, Germany, www.lda.bayern.de
To exercise your rights, please contact: [email protected]
9. SSL/TLS Encryption
This website uses SSL/TLS encryption for security reasons. You can recognise an encrypted connection by "https://" in the browser address bar and the padlock symbol.
10. Notice for Visitors from the United Kingdom (UK GDPR)
This privacy policy also applies under the UK GDPR, as retained in UK law by the European Union (Withdrawal) Act 2018. Your rights as a data subject are equivalent to those described in section 8 above. The operator does not maintain a separate UK representative, as no large-scale processing of UK residents' data takes place.
11. Notice for California Residents (CCPA)
This website does not sell personal data. In compliance with the California Consumer Privacy Act (CCPA), California residents may contact the operator at the address listed in section 1 to request information about any personal data held, or to request its deletion. As this website does not use cookies, tracking technologies or targeted advertising, no data is shared with or sold to third parties.
12. Currency of This Privacy Policy
This privacy policy is currently valid. Further development of this website or changes in statutory requirements may necessitate an update. The operator reserves the right to update this policy at any time. The current version is always available at this URL.
As of: March 2026