Privacy Policy

1. AI & Privacy: Our Promise

  • No AI Training with Your Data: Google assures that Workspace data is not used to train Gemini models.
  • Client-Side Encryption (CSE): We empower you to use state-of-the-art encryption technologies. Your data is encrypted in the browser before it reaches the cloud, so you retain sole key sovereignty.
  • Local Fonts & No Tracking: All fonts are hosted locally, and we refrain from using analysis tools like Google Analytics to protect your privacy.
  • Two-Click Solution: External content (e.g., podcasts) is only loaded after your active consent to prevent unwanted data transmission. Your decision is noted in your local browser storage (localStorage) for user convenience.

2. Hosting and Content Delivery Network (CDN)

Our website is hosted via Cloudflare Pages. Cloudflare (Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA) provides a global CDN that optimizes loading times and increases security. This involves routing data traffic through Cloudflare's network. This constitutes a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. We have concluded a data processing agreement with Cloudflare.

3. Website Analytics and Consent Management (Cloudflare)

To protect your privacy and optimize website performance, we use technologies from our hosting provider, Cloudflare.

  • Cloudflare Web Analytics: We deliberately avoid Google Analytics. Instead, we use Cloudflare Web Analytics for purely technical reach measurement. This service is designed to be privacy-friendly: it uses no cookies, stores no personal data such as IP addresses, and does not create user profiles. The analysis serves our legitimate interest (Art. 6 Para. 1 lit. f GDPR) in improving and securing our offer.
  • Cloudflare Zaraz: We use Zaraz to manage the integration of third-party scripts (where required after consent). Zaraz executes these scripts in the Cloudflare infrastructure instead of directly in your browser. This increases the speed and security of the website and gives us an additional layer of control over data flows.

4. Responsible Body

The responsible body for data processing on this website is:
ASSISTENT.digital Projektdienstleistungs-GmbH
(Full details can be found in our Imprint).

5. Use of External Google Services

To enable a seamless "Flow of Work", we integrate functions from Google directly. By clicking on the corresponding buttons, you agree to the data transfer to Google:

  • Google Meet: For virtual meetings and consultations, we use Google Meet.
  • Google Calendar: For booking strategy sessions, you connect directly to Google Calendar.
  • Google Docs & Signature: Project plans and agreements are created collaboratively in Google Docs and signed using an electronic signature.

6. Interactive Tools (Google Gemini API)

For interactive functions such as our "AI Readiness Check", we use the Google Gemini API to create an automated analysis based on your input.

  • Anonymized Data: We do not transmit any personal data (such as name or email) to Google for this purpose, only the factual information necessary for the analysis.
  • No Storage: Your entries are not permanently stored but are only processed for the duration of the request.

Processing is based on your consent (Art. 6 Para. 1 lit. a GDPR), which you grant by actively using the tool and submitting your entries.

7. Forms (Newsletter, Whitepaper) via Google Apps Script

When you sign up for our newsletter or request a whitepaper, the data you enter (e.g., email address, name) is sent via an HTTPS-secured connection to a Google Apps Script operated by us. This script processes your request and stores the data in a Google Sheets table located in our protected Google Workspace account. For newsletter sign-ups, we use a Double-Opt-In procedure. Processing is based on your consent according to Art. 6 Para. 1 lit. a GDPR.

8. Authentication and User Management with Clerk

For signing up and managing user accounts (e.g., for access to protected areas), we use the service Clerk (Clerk, Inc., 2080-156 2nd St, San Francisco, CA 94107, USA). When you register or log in, your authentication data (e.g., email address, password hash, social login information via Google) is processed by Clerk. This serves the fulfillment of the contract or the implementation of pre-contractual measures according to Art. 6 Para. 1 lit. b GDPR. We have concluded a data processing agreement with Clerk.

9. Your Rights and Governance

As part of our Governance Framework, we support you in correctly implementing security and compliance rules (e.g., DLP policies) in your own environment. You retain full, non-delegable Admin Control (Super-Admin) over your data instance at all times.

As a data subject, you have the following rights against us regarding your personal data: Right to information, right to rectification, right to erasure, right to restriction of processing, right to data portability, right to object, and the right to lodge a complaint with a supervisory authority. To exercise your rights, please contact the address given in the Imprint.

Don't miss any tips!

Subscribe to our newsletter for regular updates.

By subscribing you agree to our Privacy Policy .