Privacy Policy

How we collect, use, and protect your personal data.

Last updated: May 2025

1. Introduction

Kairos Consulting ("we", "us", "our") is committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR) and applicable German data protection law. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website at https://kairosconsulting.co or engage with our services.

2. Data Controller

The data controller responsible for your personal data is:
Kairos Consulting
Berlin, Germany
Email: hello@kairos-consulting.com

3. Personal Data We Collect

We collect personal data in the following contexts:

3.1 Contact Form and Consultation Requests

When you submit our contact form, we collect your name, email address, phone number (optional), company name (optional), industry, and message content. Legal basis: Art. 6(1)(b) GDPR (performance of a contract or pre-contractual measures).

3.2 Newsletter Subscription

If you subscribe to our newsletter, we collect your email address and, optionally, your name. Legal basis: Art. 6(1)(a) GDPR (your consent). You may withdraw your consent at any time by clicking "Unsubscribe" in any newsletter email.

3.3 Cookies and Analytics

We use privacy-friendly, cookie-free analytics (Plausible Analytics) that do not collect personal data or use cookies. No consent banner is required for our analytics solution.

4. How We Use Your Data

We use your personal data to:

  • Respond to your inquiries and provide our consulting services
  • Send you the newsletter you subscribed to
  • Improve our website and services
  • Comply with legal obligations

We do not sell your personal data to third parties. We do not use your data to train AI models.

5. Data Processors and Third Parties

We use the following third-party services that may process your data:

  • Supabase — Database and authentication hosting (EU-based processing available)
  • Resend — Transactional email delivery
  • Vercel — Website hosting

All processors are contractually obligated to handle your data in accordance with GDPR requirements.

6. Data Retention

We retain contact form submissions and lead data for up to 3 years, or until you request deletion. Newsletter subscription data is retained until you unsubscribe. We may retain anonymized statistical data indefinitely.

7. Your Rights

Under GDPR, you have the following rights:

  • Right of access — Request a copy of the personal data we hold about you
  • Right to rectification — Request correction of inaccurate data
  • Right to erasure — Request deletion of your data
  • Right to restriction — Request restriction of processing
  • Right to data portability — Receive your data in a machine-readable format
  • Right to object — Object to processing based on legitimate interests
  • Right to withdraw consent — Withdraw consent at any time for consent-based processing

To exercise any of these rights, contact us at hello@kairos-consulting.com. We will respond within 30 days.

You also have the right to lodge a complaint with the relevant supervisory authority. In Germany, this is the Berliner Beauftragte für Datenschutz und Informationsfreiheit.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including encrypted connections (HTTPS), access controls, and regular security reviews.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our website. The current version is always available at this URL.

10. Contact

For questions about this Privacy Policy or your personal data, contact us at: hello@kairos-consulting.com