Data Protection (GDPR)

1. Data Controller

Heerberg acts as the data controller for personal data collected through its website, communication channels, and platform services unless otherwise specified in a separate agreement. As the data controller, Heerberg determines the purposes and means of processing personal data.

2. Types of Personal Data

Heerberg may process personal data such as names, company names, email addresses, phone numbers, professional contact details, and communication records when individuals contact Heerberg or use its services. In the context of platform use, operational information related to projects or business coordination may also be processed where necessary.

3. Legal Basis for Processing

Personal data may be processed on the basis of legitimate business interests, contractual necessity, legal obligations, or consent where applicable. Processing is limited to what is necessary for communication, service delivery, operational coordination, and platform functionality.

4. Purpose of Data Processing

Personal data may be used to respond to inquiries, establish business relationships, manage projects, provide support services, operate the client platform environment, and maintain communication with clients or partners. Data may also be used to improve services, ensure system stability, and comply with legal obligations.

5. Client Platform Data

Where clients use the Heerberg platform environment, certain operational information may be processed in order to coordinate tasks, track project progress, manage communication, and support workflow execution. Such processing is strictly limited to the purposes necessary for the functioning of the service environment.

6. Data Sharing

Personal data may be shared with trusted service providers or technical partners where necessary for hosting, infrastructure, communication systems, or project execution. Such third parties are expected to process information only in accordance with applicable data protection requirements.

7. Data Retention

Personal data will be retained only for as long as necessary to fulfill the purpose for which it was collected, maintain ongoing business cooperation, or comply with legal and administrative requirements.

8. Data Security

Heerberg implements reasonable technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or loss. Security practices are designed to maintain the integrity and confidentiality of information handled within the platform and website.

9. Rights of Data Subjects

Under GDPR, individuals may have the right to access their personal data, request correction of inaccurate data, request deletion of data where legally permissible, restrict certain processing activities, or request information about how their data is handled. Requests can be submitted to Heerberg using the contact information below.

10. International Data Transfers

Where data processing involves international collaboration or service providers outside a specific jurisdiction, appropriate safeguards are expected to be implemented to ensure the protection of personal data in accordance with applicable legal standards.

11. Policy Updates

Heerberg may update this Data Protection notice where necessary to reflect regulatory changes, operational developments, or improvements to the platform and services.

12. Contact

For questions regarding data protection or the processing of personal data, you may contact Heerberg:

Email: legal@heerberg.com