Skip to content
Asset 2@2x
What we do
What we've done
Who we are

Get in touch

Asset 3@2x

Privacy Policy

Last Updated: April 10th 2025.

 

1. Who We Are

We are a small freelance and interim management firm that communicates with customers via email. We are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR).

You can contact us at: hello@arcpeak.io

 

2. What Personal Data We Collect

We collect and process personal data when you communicate with us via email. This may include:

  • Your name
  • Your email address
  • Any information you voluntarily share in your messages

We do not collect sensitive personal data unless explicitly required for contractual or legal purposes.

 

3. Purpose of Data Processing

We process your personal data for the following purposes:

  • To respond to your inquiries and provide requested information
  • To fulfill contractual obligations, including invoicing and service agreements
  • To maintain business communication
  • To comply with legal obligations, such as record-keeping under German law

We do not use your data for marketing purposes unless you have explicitly provided consent.

 

4. Legal Basis for Processing

Under GDPR, we process personal data based on:

  • Contract Performance (Art. 6(1)(b)) – When communication is necessary for fulfilling a contract or service request
  • Legitimate Interest (Art. 6(1)(f)) – When you voluntarily contact us and we need to process your data to respond
  • Legal Obligation (Art. 6(1)(c)) – When data retention is required by applicable laws

If required, we will obtain your consent (Art. 6(1)(a)) before using your data for marketing purposes.

 

5. Data Retention

We store personal data only as long as necessary based on the following guidelines:

  • Customer inquiries (no contract): Up to 12 months, then deleted
  • Contract-related emails: Up to 6 years, in compliance with German tax laws
  • Marketing-related emails: Until consent is withdrawn

You may request the deletion of your data at any time (see Section 7).

 

6. Data Sharing and Third Parties

We do not sell, rent, or trade personal data. Emails are stored on Google’s secure servers (Google Workspace), which complies with GDPR through Standard Contractual Clauses (SCCs).

We may share data only when:

  • Required by law or government authorities
  • Necessary for service fulfillment, such as with accountants or legal advisors
 
7. Your Rights Under GDPRUnder GDPR, you have the following rights regarding your personal data:
  • Right to Access (Art. 15) – Request a copy of your data
  • Right to Rectification (Art. 16) – Request corrections to inaccurate data
  • Right to Erasure (Art. 17) – Request the deletion of your data
  • Right to Restrict Processing (Art. 18) – Request limitations on how your data is used
  • Right to Object (Art. 21) – Withdraw consent for marketing communications
To exercise any of these rights, contact us at hello@arcpeak.io.

 

8. Data Security

We implement security measures to protect personal data, including:

  • Encryption of stored and transmitted data
  • Access controls limiting data access to authorized personnel
  • Regular review and deletion of unnecessary data
 
9. Updates to This Privacy Policy

We may update this Privacy Policy as necessary. The latest version will always be available at www.arcpeak.io/privacy.

If there are significant changes, we will notify users via email where applicable.

Contact

For privacy-related inquiries, contact us at: hello@arcpeak.io