Privacy Policy
This privacy policy explains how Ainstainer DACH GmbH (“we”, “us”, “our”)
collects and processes personal data when you visit ctomunich.com or interact with us.
We comply with the EU General Data Protection Regulation (GDPR).
1. Controller
Ainstainer DACH GmbH
Dachauer Str. 180, 80992 Munich, Germany
Email: artem@ctomunich.com
2. What Data We Collect
- Server log data none;
- Contact‑form data (name, email, message) – only if you submit the form.
- Cookie & usage data – none;
- Newsletter / marketing – none; we don’t maintain mailing lists.
3. Purpose & Legal Basis
We process personal data for the following purposes and on the legal bases of Art. 6 GDPR:
- Website delivery & security (Art. 6 (1) f – legitimate interest).
- Handling enquiries via the contact form or email (Art. 6 (1) b – pre‑contractual steps).
- Compliance with legal obligations, e.g. tax or commercial retention (Art. 6 (1) c).
4. Recipients & Processors
Your data is processed by the following service providers:
- Microsoft Ireland Operations Ltd. – we host this website and related backend services on Microsoft Azure in EU data-centres (Germany West Central / West Europe). Microsoft acts as a data processor under the Azure GDPR Data Processing Addendum .
- Azure Front Door / Azure CDN – global edge caching, WAF and DDoS protection to deliver content securely and quickly.
- Internal staff & vetted contractors – all bound by confidentiality and data-processing agreements.
Every processor listed above operates on the basis of a Data-Processing Agreement (DPA) and, where required, EU Standard Contractual Clauses to ensure full GDPR compliance.
5. International Transfers
Some service providers are located outside the EU (e.g. Netlify in the USA). Transfers are secured by Standard Contractual Clauses approved by the European Commission (Art. 46 GDPR).
6. Storage Period
Server logs are retained for up to 30 days. Contact‑form messages are kept for the duration of our business relationship and archived in line with statutory retention (usually 6 or 10 years under German law).
7. Your Rights
You have the right to:
- Access your data (Art. 15 GDPR)
- Rectify inaccurate data (Art. 16)
- Erase data (“right to be forgotten”, Art. 17)
- Restrict processing (Art. 18)
- Data portability (Art. 20)
- Object to processing (Art. 21)
- Withdraw consent at any time (Art. 7 (3))
- Lodge a complaint with a supervisory authority – e.g. Bayerisches Landesamt für Datenschutzaufsicht.
8. Security Measures
The site uses HTTPS/TLS, secure server locations, access controls, and periodic reviews to protect data against loss, misuse, or unauthorized access.
9. External Links
Our site may contain links to third‑party websites. We are not responsible for their content or privacy practices.
10. Updates to This Policy
We may occasionally update this privacy policy. The “Last updated” date below indicates the latest revision.
Last updated: 15 July 2025