Privacy Policy

How Ch. Wolf Group collects, uses, and protects your personal data

Last updated: January 2025

GDPR Compliance Notice

This privacy policy complies with the General Data Protection Regulation (GDPR) and other applicable European privacy laws.

As a data subject, you have specific rights regarding your personal data. This policy explains those rights and how we protect your information.

1. Data Controller

2. Personal Data We Collect

Information You Provide

Name and contact details (email, phone)
Company information and business details
Financial information (for consulting services)
Communication records and correspondence
Consultation and meeting notes
Business documents and financial records

Automatically Collected Data

IP address and location data
Browser type and version
Website usage data and analytics
Cookies and similar technologies
Device information and preferences
Referral source and navigation patterns

3. Legal Basis for Processing

Consent

When you voluntarily provide information through forms or direct communication.

Contract Performance

Processing necessary to provide consulting services and fulfill contractual obligations.

Legitimate Interest

Website analytics, business communication, and service improvement activities.

Legal Compliance

When required by European law, tax obligations, or regulatory requirements.

4. How We Use Your Data

Primary Purposes

Provide business consulting services
Respond to inquiries and communications
Schedule consultations and meetings
Process service agreements and contracts
Deliver turnaround and strategic guidance
Maintain client relationships

Secondary Purposes

Website improvement and analytics
Marketing and business development
Compliance with legal obligations
Security and fraud prevention
Research and service enhancement
Administrative and operational needs

5. Data Sharing and Disclosure

We DO NOT Sell Your Data

We never sell, rent, or trade your personal information to third parties for marketing purposes.

Limited Sharing Only When:

Service Providers

Trusted partners who assist with website hosting, email services, or business operations under strict confidentiality agreements.

Legal Requirements

When required by law, court orders, or to protect our legal rights and those of our clients.

Business Partners

Only with your explicit consent and for specific business purposes related to our consulting services.

Business Transfers

In case of merger, acquisition, or asset sale, with proper notification and continued protection.

6. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

Right to Access

Request a copy of your personal data we hold

Right to Rectification

Correct inaccurate or incomplete information

Right to Erasure

Request deletion of your personal data

Right to Restrict Processing

Limit how we use your data in certain circumstances

Right to Portability

Transfer your data to another service provider

Right to Object

Object to processing based on legitimate interests

Withdraw Consent

Withdraw consent for processing at any time

Right to Complaint

File a complaint with your data protection authority

How to Exercise Your Rights

To exercise any of these rights, contact us at [email protected]

We will respond to your request within 30 days and may ask for identification to protect your privacy.

7. Data Security

Technical Measures

SSL encryption for data transmission
Secure hosting with regular backups
Access controls and authentication
Regular security updates and monitoring
Firewall protection and intrusion detection

Organizational Measures

Staff training on data protection
Confidentiality agreements
Limited access on need-to-know basis
Regular security audits and assessments
Incident response procedures

While we implement robust security measures, no system is 100% secure. We continuously monitor and improve our security practices.

8. Data Retention

Client Data

Retained for the duration of our business relationship plus 7 years for legal and tax purposes.

Consultation Inquiries

Kept for 2 years to follow up on potential business relationships and service improvements.

Website Analytics

Anonymous usage data retained for 26 months for website optimization purposes.

Marketing Communications

Retained until you opt out or withdraw consent, then deleted within 30 days.

9. Cookies and Tracking

Types of Cookies We Use

Essential Cookies

Required for website functionality and security. Cannot be disabled.

Analytics Cookies

Help us understand how visitors use our website to improve user experience.

Preference Cookies

Remember your settings and preferences for future visits.

Marketing Cookies

Track website visitors to provide relevant advertisements (with consent only).

Cookie Management

You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

10. International Data Transfers

EU-Based Processing

We primarily process data within the European Union to ensure maximum protection under GDPR.

When We Transfer Data Outside EU

If we need to transfer data outside the EU, we ensure adequate protection through:

Adequacy decisions by the European Commission
Standard Contractual Clauses (SCCs)
Binding Corporate Rules (BCRs)
Certification schemes and codes of conduct

11. Policy Updates

We may update this privacy policy from time to time to reflect changes in our practices, technology, or legal requirements.

How We Notify You

Email notification to registered users
Website banner for 30 days after changes
Updated "Last modified" date at top of policy
Significant changes require new consent

Questions About This Policy?

If you have questions about how we handle your personal data or want to exercise your rights, we're here to help.

Email Privacy Questions or Use Contact Form

Response time: Within 30 days as required by GDPR