Privacy Policy

1. General Information and Controller Details

1.1 Overview

Thank you for visiting our website and for your interest in our services. Protecting your personal data is important to us. This privacy policy explains what personal data we process when you use our website, why we process it, and the legal basis for doing so.

Personal data means any information that can be used to identify you directly or indirectly.

1.2 Controller

The controller responsible for data processing within the meaning of the General Data Protection Regulation (GDPR) is:

studio8020 Pankoke & Schäfer Consulting GbR
Bonner Strasse 528d
50968 Cologne, Germany

Represented by the partners:
Romina Pankoke
Martina Schäfer

Email: hallo@studio8020.de

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.

2. Data Processing When You Visit Our Website

2.1 Server Log Data

If you browse our website without registering or actively submitting information, we automatically receive technical data from your browser. These server log files are necessary for the technical delivery and security of the website.

This includes:

  • the pages you access
  • date and time of your visit
  • amount of data transmitted
  • referring website (referrer URL)
  • browser type and version
  • operating system
  • IP address (possibly shortened or anonymised)

Processing is based on Art. 6(1)(f) GDPR. Our legitimate interest is to ensure the secure and stable operation of the website.

These data are not shared with third parties. However, we may review log data retrospectively if there are indications of misuse or unlawful activity.

2.2 Secure Data Transmission

We use SSL/TLS encryption to protect the transmission of personal data and confidential content. You can identify a secure connection by the “https://” prefix and the lock icon in your browser.

3. Hosting

Our website is hosted by a service provider whose infrastructure is located exclusively within the European Union, either directly or via subcontractors.

All data collected via this website are processed on these servers.

We have concluded a data processing agreement with the hosting provider to ensure compliance with GDPR and to prevent unauthorised disclosure of data.

4. Cookies

We use cookies to improve usability and enable essential website functions. Cookies are small text files stored on your device.

Types of cookies used:

  • Session cookies – deleted when you close your browser
  • Persistent cookies – remain stored to remember preferences and settings

Where cookies involve the processing of personal data, the legal basis is:

  • Art. 6(1)(b) GDPR – contract performance
  • Art. 6(1)(a) GDPR – your consent
  • Art. 6(1)(f) GDPR – legitimate interest in functionality and usability of our website

You can adjust your browser settings to control or block cookies. Please note that disabling cookies may limit some website features.

5. Contact Options

5.1 Appointment Booking via Zeeg

We use the appointment scheduling service:

Zeeg GmbH
Friedrichstraße 114A
10117 Berlin, Germany

To schedule appointments, we collect your name and email address. If a phone appointment is requested, your phone number will also be processed.

Legal basis:

  • Art. 6(1)(b) GDPR – pre-contractual measures (appointment scheduling)
  • Art. 6(1)(f) GDPR – legitimate interest in efficient customer and appointment management

Your data are stored by the provider only for scheduling purposes and are deleted after the appointment has taken place or the scheduled period expires.

A data processing agreement has been concluded with the provider.

5.2 Contact Form and Email Communication

When you contact us via email or contact form, we process the personal data you provide to respond to your request.

The legal basis is:

  • Art. 6(1)(f) GDPR – legitimate interest in responding to enquiries
  • Art. 6(1)(b) GDPR – if your request relates to a contract or potential contract

Your data will be deleted once your enquiry has been fully resolved, unless legal retention obligations apply.

6. Consent Management Tool

We use a cookie consent solution to obtain and manage user consent for cookies and services that require approval.

When you visit our website, the tool allows you to choose which cookies or services you accept. Only services for which you give consent will be activated.

The tool uses technically necessary cookies to store your preferences.

Personal data are generally not processed. If personal data (such as IP address) are processed in individual cases for documentation or assignment of consent, this is based on:

  • Art. 6(1)(c) GDPR – legal obligation to obtain consent
  • Art. 6(1)(f) GDPR – legitimate interest in compliant consent management

Where necessary, a data processing agreement has been concluded with the provider.

Further details can be found directly in the consent interface on our website.

7. Your Rights Under Data Protection Law

You have the following rights under the GDPR:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to notification (Art. 19 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to withdraw consent (Art. 7(3) GDPR)
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

Right to Object

If we process your personal data based on legitimate interests (Art. 6(1)(f) GDPR), you may object to this processing at any time for reasons related to your particular situation.

If you object, we will stop processing your data unless we can demonstrate compelling legitimate grounds that override your interests or the processing is necessary for legal claims.

If your data are used for direct marketing, you may object at any time. In that case, we will stop processing your data for marketing purposes.

8. Data Retention

The retention period depends on the legal basis and purpose of processing as well as statutory retention obligations.

  • Data processed based on consent (Art. 6(1)(a) GDPR) are stored until consent is withdrawn.
  • Data processed for contractual purposes (Art. 6(1)(b) GDPR) are deleted after statutory retention periods expire unless further storage is required.
  • Data processed based on legitimate interests (Art. 6(1)(f) GDPR) are stored until a valid objection is raised, unless overriding legitimate grounds exist.

Unless stated otherwise, personal data are deleted once they are no longer necessary for the purposes for which they were collected.

How to get in contact

Want to make your brand visible in the age of AI?

Let’s build systems that speak your brand, scale your communication, and turn interactions into measurable impact.

Send an email
Book a meeting

Locations: Cologne and Berlin.

Scroll to Top
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.