Omega Omniconsult · Datenschutzerklärung / Privacy Policy

Privacy Policy

Thank you for visiting our website. The protection of your personal data is important to us. This Privacy Policy informs you in detail about which data we collect when you visit our website, for which purposes the data is processed, on which legal basis the processing takes place, and what rights you have.

All processing of personal data is carried out in compliance with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the German Telecommunications-Digital-Services-Data-Protection Act (TDDDG).

1. Data Controller

The controller within the meaning of Article 4 No. 7 GDPR is:

Omega Omniconsult

Owner: Karoline Perisan (born Reiter)

Bärmannstraße 34

81245 Munich

Germany

Phone: +49 157 3538 2555

E-Mail: [email protected]

2. Data Protection Officer

Due to the size and structure of our company, we are not legally required to appoint a data protection officer under § 38 BDSG or Article 37 GDPR. For data protection inquiries, please contact us directly using the contact details above.

3. General Principles of Data Processing

Scope of Processing

As a matter of principle, we process personal data of our users only to the extent necessary to provide a functional website and our content and services. Processing generally takes place only with the user’s consent or when another legal basis permits the processing.

Legal Basis

Where consent is obtained for processing personal data, Article 6 (1) (a) GDPR serves as the legal basis.

For processing necessary for the performance of a contract, Article 6 (1) (b) GDPR serves as the legal basis. This also applies to pre-contractual measures.

Where processing is necessary to safeguard our legitimate interests and your interests, fundamental rights, and fundamental freedoms do not override those interests, Article 6 (1) (f) GDPR serves as the legal basis.

Deletion and Retention

Personal data is deleted or blocked as soon as the purpose of storage ceases to apply. Longer storage occurs only when required by European or national law (e.g., statutory retention obligations under the German Commercial Code or Fiscal Code).

4. SSL and TLS Encryption

For security reasons and to protect the transmission of confidential content, this website uses SSL/TLS encryption. You can recognise an encrypted connection by the change from “http://” to “https://” in your browser’s address bar, and the lock symbol displayed. When encryption is active, data transmitted to us cannot be read by third parties.

5. Hosting via GoHighLevel

Our website is hosted on the GoHighLevel platform. The provider is HL Pro Tools Inc. and its parent company HighLevel Inc., 400 North Saint Paul Street, Suite 920, Dallas, TX 75201, USA (“HighLevel”).

When you visit our website, personal data of users (e.g., IP address, browser information, pages accessed) is processed on HighLevel’s servers. Processing is based on our legitimate interest in providing a professional website (Article 6 (1) (f) GDPR).

We have concluded a Data Processing Agreement (DPA) with HighLevel pursuant to Article 28 GDPR. As HighLevel is based in the USA, the transfer of personal data occurs to a third country. The transfer is based on the adequacy decision under the EU-U.S. Data Privacy Framework (DPF, Article 45 GDPR) and additionally on Standard Contractual Clauses pursuant to Article 46 (2) (c) GDPR.

Further information: https://www.gohighlevel.com/privacy-policy

6. Server Log Files

Each time our website is accessed, data is automatically collected in so-called server log files transmitted by your browser. The following data is recorded:

Name
E-mail address
Phone number (if provided)
Your message or inquiry
Preferred appointment time and time zone (for bookings)
IP address and timestamp of the request

This data is not merged with other data sources. The legal basis for processing is Article 6 (1) (f) GDPR. Our legitimate interest lies in the technical provision of the website, the security of our systems, and the optimisation of our online presence. The data is deleted after a maximum of 30 days, unless security-related incidents require further verification.

7. Cookies and Similar Technologies

Our website uses cookies – small text files stored in your browser. We distinguish between technically necessary cookies and non-necessary cookies.

Technically Necessary Cookies

These cookies are necessary for the basic functioning of the website (e.g., storing language and session settings, load balancing, security features). The legal basis is § 25 (2) No. 2 TDDDG in conjunction with Article 6 (1) (f) GDPR. No consent is required.

Non-Necessary Cookies (Analytics / Marketing)

Cookies that are not strictly necessary – such as for analytics or marketing purposes – are only set with your explicit consent. The legal basis is § 25 (1) TDDDG in conjunction with Article 6 (1) (a) GDPR. You can revoke your consent at any time via the cookie banner.

Non-Necessary Cookies (Analytics / Marketing)

You can view cookies in your browser, delete them individually, or disable cookies generally. If cookies are completely disabled, the functionality of our website may be limited.

8. Contact Form and Online Appointment Booking

On our website, you can contact us via a contact form and via online appointment booking. Both functions are provided through the GoHighLevel platform.

Data Collected

When using the contact form and online appointment booking, we collect the data you voluntarily provide, in particular:

Name
E-mail address
Phone number (if provided)
Your message or inquiry
Preferred appointment time and time zone (for bookings)
IP address and timestamp of the request

Purpose and Legal Basis

The data is used exclusively to process your inquiry and for any follow-up communication. The legal basis is Article 6 (1) (b) GDPR (pre-contractual measures or contract performance) and Article 6 (1) (f) GDPR (efficient handling of customer inquiries).

Retention

We store the data as long as is necessary to process your inquiry. Inquiries that do not result in a business relationship are deleted at the latest after 12 months. Data of customers is subject to statutory retention obligations (up to 10 years under the German Commercial Code and Fiscal Code).

Transfer to GoHighLevel

Data collected via the contact form and appointment booking is stored on the servers of HighLevel Inc. in the USA (see section 5 “Hosting”).

9. Contact via E-Mail or Phone

If you contact us by e-mail or phone, your information (in particular name, contact details, and content of your message) will be stored by us for processing your inquiry and for follow-up questions.

The legal basis is Article 6 (1) (b) GDPR for contract-related inquiries and Article 6 (1) (f) GDPR (legitimate interest in efficient processing) for general inquiries.

10. Contact via WhatsApp

Our website includes a link that leads you to a WhatsApp chat with us. The service is provided by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (part of Meta Platforms, Inc., USA).

When you click the WhatsApp link, you are redirected to the WhatsApp app or web version. Only there does the actual data processing by WhatsApp/Meta take place. For information on which data is processed, please refer to WhatsApp’s Privacy Policy: https://www.whatsapp.com/legal/privacy-policy-eea

If you contact us via WhatsApp, we process the data you submit (phone number, profile name, message content) to handle your inquiry. The legal basis is Article 6 (1) (b) and (f) GDPR. Note: WhatsApp transfers data to the USA. WhatsApp’s applicable data protection terms apply to WhatsApp communications.

11. Web Fonts

To ensure consistent font display, our website uses web fonts that may be embedded via GoHighLevel or externally (e.g., Google Fonts). When the website is accessed, connections to thirdparty servers may be established, during which your IP address may be transmitted. The legal basis is Article 6 (1) (f) GDPR (legitimate interest in consistent web design).

12. Transfers to Third Countries

As described in the preceding sections, our data processing may involve transfers of personal data to third countries – in particular the USA. This concerns primarily the hosting of our website by HighLevel and contact via WhatsApp.

These transfers are based on:

• the EU-U.S. Data Privacy Framework adequacy decision (Article 45 GDPR), provided the recipient is certified, and

• additionally, on Standard Contractual Clauses (Article 46 (2) (c) GDPR).

Please note that the level of data protection in third countries such as the USA may differ from that within the EU, and authorities may have access rights against which effective legal remedies may not be fully available.

13. Your Rights as a Data Subject

You have the following rights regarding personal data concerning you:

Right of Access (Article 15 GDPR)

You have the right to obtain information about whether and what personal data we process about you.

Right to Rectification (Article 16 GDPR)

You have the right to have inaccurate or incomplete data corrected.

Right to Erasure (Article 17 GDPR)

You have the right to request the deletion of your data, provided no statutory retention obligations prevent this.

Right to Restriction of Processing (Article 18 GDPR)

You have the right to request restriction of the processing of your data.

Right to Data Portability (Article 20 GDPR)

You have the right to receive your data in a structured, commonly used, machine-readable format, or to have it transferred to another controller.

Right to Object (Article 21 GDPR)

Where we process your data on the basis of legitimate interests (Article 6 (1) (f) GDPR), you can object to processing at any time on grounds relating to your particular situation.

Right to Withdraw Consent (Article 7 (3) GDPR)

If you have given us consent, you can withdraw it at any time with effect for the future. The lawfulness of processing carried out until the withdrawal remains unaffected.

Right to Lodge a Complaint with a Supervisory Authority (Article 77 GDPR)

You have the right to lodge a complaint about our processing of your personal data with a supervisory authority. The supervisory authority responsible for us is:

Bavarian State Office for Data Protection Supervision (BayLDA)

Promenade 18, 91522 Ansbach, Germany

Phone: +49 981 180093-0

E-Mail: [email protected]

Web: www.lda.bayern.de

14. Updates to This Privacy Policy

This Privacy Policy is currently valid. As our website evolves or in response to changes in legal or regulatory requirements, it may be necessary to amend this Privacy Policy. The current Privacy Policy can be retrieved at any time on our website.

Last updated: May 2026