Privacy Policy

Last updated: May 17, 2026

1. Introduction

Elena Tsemirava IT-Beratung ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website or engage with our services.

This policy is written under the EU General Data Protection Regulation (GDPR) and German Federal Data Protection Act (BDSG).

2. Data Controller

Elena Tsemirava IT-Beratung
David-Schroen-Str. 16
91097 Oberreichenbach
Germany

Email: hi@trendloom.io

3. Information We Collect

We collect minimal information. Specifically:

Automatically collected when you visit the website:

• IP address (anonymized where technically possible)
• Browser type and version
• Operating system
• Referring URL
• Date and time of visit
• Pages viewed

Provided by you directly:

• Email address (when you contact us)
• Name and company (when you book an intro call via Cal.com)
• Business information you share during consultations or engagements

We do not collect: payment information (handled by separate processors), social security numbers, health data, or any special category data under GDPR Article 9.

4. How We Use Your Data

We use your data only to:

• Respond to inquiries you initiate
• Schedule and conduct intro calls
• Deliver consulting services if we begin an engagement together
• Improve our website's performance and content
• Comply with legal obligations under German and EU law

5. Legal Basis (GDPR Article 6)

We process personal data based on:

• (a) Performance of a contract — when you have engaged us for consulting services
• (b) Legitimate interests — for website analytics and security (Art. 6(1)(f))
• (c) Your consent — for non-essential cookies (Art. 6(1)(a))
• (d) Legal obligation — for tax and bookkeeping records

6. Third-Party Services

Our website uses these third-party services, each governed by their own privacy policy:

• Cal.com (booking platform) — processes data when you schedule a call. Privacy policy: https://cal.com/privacy
• Lovable.app (hosting platform) — processes server logs and basic visit data. Privacy policy: https://lovable.dev/privacy
• Substack (newsletter) — processes data only if you subscribe. Privacy policy: https://substack.com/privacy
• Plausible Analytics (privacy-friendly analytics) — processes anonymized visit data when you've accepted cookies. Privacy policy: https://plausible.io/privacy

We do not sell, rent, or trade your personal data to any third party.

7. Data Retention

We retain personal data only as long as necessary:

• Email correspondence: 3 years after last contact
• Engagement-related business data: 10 years (German tax law requirement, §147 AO)
• Website analytics data: anonymized after 14 months
• Newsletter subscriptions: until you unsubscribe

8. Your Rights Under GDPR

You have the following rights regarding your personal data:

• Right of access (Art. 15): request a copy of your data we hold
• Right to rectification (Art. 16): correct inaccurate data
• Right to erasure (Art. 17): request deletion ("right to be forgotten")
• Right to restriction of processing (Art. 18)
• Right to data portability (Art. 20): receive your data in machine-readable format
• Right to object (Art. 21): object to processing based on legitimate interests
• Right to withdraw consent (Art. 7(3)): for any consent-based processing

To exercise any of these rights, contact us at hi@trendloom.io. We will respond within 30 days.

You also have the right to lodge a complaint with a supervisory authority. In Bavaria, this is:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach
Germany
https://www.lda.bayern.de

9. Cookies

We use minimal cookies. For full details, see our Cookie Policy.

10. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• HTTPS encryption on all pages
• Limited access to personal data on a need-to-know basis
• Regular security reviews of third-party processors

11. International Data Transfers

Some of our service providers may be based outside the EU (specifically, Cal.com and Substack are US-based). These transfers are protected by:

• EU-US Data Privacy Framework (where applicable)
• Standard Contractual Clauses (SCCs) approved by the European Commission
• Additional safeguards as required under GDPR Chapter V

12. Children's Privacy

This website is not directed at children under 16. We do not knowingly collect personal data from children.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top will reflect any changes. Material changes will be highlighted prominently on the website.

14. Contact

For any privacy-related questions or to exercise your rights:

Elena Tsemirava IT-Beratung
David-Schroen-Str. 16
91097 Oberreichenbach
Germany
Email: hi@trendloom.io