top of page
Color logo - no background.png

Privacy Policy

This privacy policy explains how Krcmar& processes personal data when you visit our website, contact us directly, or engage with us in a business context.

Who is responsible?

Krcmar & Cie Catalyst GmbH

Frauenbergstr. 54

85402 Kranzberg

Email: annamarie@krcmarandcie.com

What rights do you have?

In connection with the collection and processing of your personal data, you have the following rights. Please contact us in writing, preferably by email, to exercise them.

Access and rectification
You can request information about whether and which of your data Krcmar& processes. If the data is incorrect or incomplete, you can request correction or completion.

Erasure
You can request the deletion of your data. We will review your request and inform you of the outcome. Please note that we are legally required to retain certain data for specified periods, for example, accounting records for up to 10 years under German commercial and tax law.


Restriction of processing
You can request that we restrict the processing of your data. Please let us know which data categories should be restricted and your reasons for the request. We will review and inform you of the outcome.
 

Data portability
You have the right to receive the personal data you have provided to us in a structured, commonly used, machine-readable format.
 

Withdrawal and objection
Where you have given us your consent to process your data, you can withdraw it at any time. Where we process your data on the basis of legitimate interests (Art. 6(1)(f) GDPR), you have the right to object where you have grounds arising from your particular situation.

Complaint to a supervisory authority
If you are dissatisfied with how we handle your data, you can lodge a complaint with the competent supervisory authority. 

How and why do we collect and process your data?

Visiting our website

When you visit our website, your browser transmits certain data to our server as part of standard communication processes. Your IP address is not collected directly by Krcmar& but is stored by our hosting provider for IT security purposes for the period stated below. For website analytics purposes, we use only anonymized IP addresses.

We use technically necessary cookies to ensure the proper functioning and display of our website — for example, for screen adaptation and language settings.

Purpose: Error-free display and functionality of the website; analysis of user behavior for content and functional improvement; information security.

Legal basis: Art. 6(1)(f) GDPR - legitimate interest in providing and improving our website.

Third-party processor: Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel.

 

Contacting us

If you contact us by email or via a contact form on our website, we process your name, email address, and the content of your message in order to respond to your enquiry.

Purpose: Handling and responding to your enquiry.

Legal basis: Art. 6(1)(f) GDPR - legitimate interest in responding to business enquiries; Art. 6(1)(b) GDPR where the enquiry relates to a potential contract.

Retention period: We retain correspondence for 24 months after the enquiry is resolved, unless a longer retention period applies.

Business and client relationships

If you engage Krcmar& as a provider, we process your contact details, company information, and any data necessary to fulfill our contractual obligations.

Purpose: Performance of our consultancy services and fulfillment of contractual obligations.

Legal basis: Art. 6(1)(b) GDPR - performance of a contract; Art. 6(1)(f) GDPR - legitimate interest in managing the business relationship.

Retention period: For the duration of our business relationship and in accordance with German commercial and tax law.

Email communication
Our business email is hosted by Zoho Mail.

Third-party processor: Zoho Corporation B.V., Beneluxlaan 4B, 3527 HX Utrecht, Netherlands. 

LinkedIn

Krcmar& maintains a company presence on LinkedIn for the purpose of client acquisition and public relations. When you interact with our LinkedIn page, personal data is collected and processed by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. This processing is carried out by LinkedIn on the basis of their own privacy policy, available at linkedin.com/legal/privacy-policy.

Purpose: Client acquisition and relationship building, public relations.

Legal basis: Art. 6(1)(f) GDPR - legitimate interest in communicating with clients and prospects.

Third-party transfer: USA - safeguard: EU Standard Contractual Clauses.

How is your data protected?

We have implemented technical and organisational measures to protect your personal data in accordance with applicable data protection law and current industry standards. These measures are reviewed and updated on an ongoing basis. Our goal is to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties.

What happens if data is not provided?

Where we collect data on the basis of a legal requirement or in order to fulfil a contract, and you do not provide that data, we may not be able to fulfil our obligations in full.

Changes to this policy

We may update this privacy policy from time to time to reflect changes in our practices or applicable law. The current version is always available on this page.

Last updated: April 24 2026

bottom of page