1. Introduction
STAFIELD ADVISORS („we,“ „us,“ or „our“), located at Am Klosterfeld 5A, 86558 Hohenwart, Germany, is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 („GDPR“), the German Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG), and the German Telemedia Act (Telemediengesetz – TMG) / Telecommunications Telemedia Data Protection Act (Telekommunikation-Telemedien-Datenschutz-Gesetz – TTDSG).
By using our website
https://stafieldadvisors.com, you acknowledge the data practices described in this policy.
2. Controller and Contact Information
The controller responsible for data processing on this website is:
STAFIELD ADVISORS
Am Klosterfeld 5A
86558 Hohenwart, Germany
Email:
contact@stafieldadvisors.com
If you have any questions about this Privacy Policy or our data processing activities, please contact us at the above address.
3. Types of Personal Data We Collect
We may collect and process the following categories of personal data:
a) Data provided voluntarily by you: Name, email address, telephone number, postal address, company name, and any other information you provide when contacting us via our contact form, email, or telephone.
b) Data collected automatically when visiting our website: IP address (anonymized where possible), browser type and version, operating system, referrer URL, pages visited on our website, date and time of access, and the amount of data transferred. This data is collected through server log files.
c) Cookies and similar technologies: We may use cookies and similar tracking technologies. Please refer to Section 9 of this Privacy Policy for details.
4. Legal Basis for Processing
We process your personal data on the following legal bases under Article 6(1) GDPR:
a) Consent (Art. 6(1)(a) GDPR): Where you have given us your explicit consent for specific processing purposes, such as subscribing to a newsletter or accepting optional cookies.
b) Performance of a contract (Art. 6(1)(b) GDPR): Where processing is necessary for the performance of a contract with you or to take pre-contractual steps at your request.
c) Legal obligation (Art. 6(1)(c) GDPR): Where processing is necessary for compliance with a legal obligation to which we are subject.
d) Legitimate interests (Art. 6(1)(f) GDPR): Where processing is necessary for the purposes of our legitimate interests, such as ensuring the security and proper functioning of our website, provided that such interests are not overridden by your rights and freedoms.
5. Purpose of Data Processing
We process your personal data for the following purposes:
– To respond to your inquiries and provide the services you have requested;
– To fulfill our contractual and pre-contractual obligations;
– To ensure the technical functionality and security of our website;
– To analyze website usage in an anonymized or pseudonymized manner to improve our services;
– To comply with legal obligations, including tax and commercial law retention requirements;
– To send you information about our services, where you have given your consent.
6. Data Sharing and Recipients
We do not sell, rent, or trade your personal data to third parties. We may share your personal data with the following categories of recipients only where necessary and lawful:
a) Service providers: We may engage third-party service providers (data processors) who process data on our behalf and according to our instructions, such as web hosting providers, IT service providers, or email service providers. These processors are contractually bound to comply with data protection requirements under Art. 28 GDPR.
b) Legal requirements: We may disclose your personal data if required by law, court order, or governmental regulation.
c) Professional advisors: In connection with the provision of our advisory services, we may share data with professional advisors such as lawyers, accountants, or auditors, subject to appropriate confidentiality obligations.
7. Data Transfers Outside the EU/EEA
In principle, we process your data within the European Union/European Economic Area. Should a transfer of personal data to a third country become necessary, we will ensure that appropriate safeguards are in place in accordance with Chapter V of the GDPR, such as EU Standard Contractual Clauses (Art. 46(2)(c) GDPR) or an adequacy decision by the European Commission (Art. 45 GDPR).
8. Data Retention
We store your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Statutory retention periods under German commercial law (Section 257 HGB) and tax law (Section 147 AO) may require us to retain certain data for up to 6 or 10 years. After the applicable retention period expires, your data will be securely deleted or anonymized.
9. Cookies and Tracking Technologies
Our website may use cookies. Cookies are small text files that are stored on your device when you visit our website. Some cookies are technically necessary for the operation of the website (essential cookies), while others are used for analytical or marketing purposes (non-essential cookies).
Essential cookies: These cookies are strictly necessary for the functioning of the website and are placed on the basis of Art. 6(1)(f) GDPR and Section 25(2) TTDSG.
Non-essential cookies: Any cookies that are not strictly necessary will only be set with your prior consent in accordance with Art. 6(1)(a) GDPR and Section 25(1) TTDSG. You may withdraw your consent at any time with effect for the future.
You can configure your browser to refuse all or certain cookies, or to alert you when cookies are being sent. Please note that disabling cookies may affect the functionality of our website.
10. Your Rights as a Data Subject
Under the GDPR, you have the following rights regarding your personal data:
a) Right of access (Art. 15 GDPR): You have the right to obtain confirmation as to whether we process your personal data and, if so, to access that data and receive further information about the processing.
b) Right to rectification (Art. 16 GDPR): You have the right to request the correction of inaccurate personal data or the completion of incomplete data.
c) Right to erasure (Art. 17 GDPR): You have the right to request the deletion of your personal data, subject to legal retention obligations.
d) Right to restriction of processing (Art. 18 GDPR): You have the right to request the restriction of processing in certain circumstances.
e) Right to data portability (Art. 20 GDPR): You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
f) Right to object (Art. 21 GDPR): You have the right to object at any time to the processing of your personal data based on Art. 6(1)(e) or (f) GDPR. If you object, we will cease processing your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms.
g) Right to withdraw consent (Art. 7(3) GDPR): Where processing is based on your consent, you may withdraw that consent at any time without affecting the lawfulness of processing carried out prior to the withdrawal.
To exercise any of these rights, please contact us at:
contact@stafieldadvisors.com
11. Right to Lodge a Complaint
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection supervisory authority, in particular in the EU member state of your habitual residence, your place of work, or the place of the alleged infringement, if you consider that the processing of your personal data infringes the GDPR (Art. 77 GDPR).
The competent supervisory authority for us is:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach, Germany
Website:
https://www.lda.bayern.de
12. Website Hosting
Our website is hosted by a third-party provider. When you access our website, the hosting provider automatically collects and stores information in server log files that your browser transmits, including your IP address, browser type and version, operating system, referrer URL, and the date and time of the request. This data is processed on the basis of Art. 6(1)(f) GDPR for the purpose of ensuring the secure and efficient provision of our website. A data processing agreement pursuant to Art. 28 GDPR has been concluded with our hosting provider.
13. Contact Form and Email Communication
When you contact us via our contact form or by email, the information you provide (e.g., name, email address, message content) will be stored and processed for the purpose of handling your inquiry and any follow-up correspondence. This data is processed on the basis of Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (our legitimate interest in responding to inquiries). Your data will be deleted once your inquiry has been conclusively dealt with, unless statutory retention obligations apply.
14. SSL/TLS Encryption
For security reasons and to protect the transmission of confidential content, our website uses SSL or TLS encryption. You can recognize an encrypted connection by the „https://“ prefix in the browser address bar and the lock icon. When SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties.
15. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the content, data protection practices, or privacy policies of those external websites. We recommend that you review the privacy policies of any third-party websites you visit.
16. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our data processing practices or applicable legal requirements. The current version of this Privacy Policy is always available on our website. We encourage you to review this page periodically.
Last updated: March 2026
