top of page
pexels-vlada-karpovich-7433822.jpg

PRIVACY POLICY

Karin Gehlert: AML/CFT Consulting Luxembourg

1. Data Controller

The data controller within the meaning of the General Data Protection Regulation (GDPR) is:

Karin Gehlert
27, Grand-Rue, L – 6630 Wasserbillig

karin@simpliqaml.com

+ 352 621 746 658
 

2. Categories of Personal Data Processed

Personal data is processed only when you contact me voluntarily by email or telephone. Depending on your communication, the following categories of personal data may be processed:

  • Identification data (e.g. name)

  • Contact details (e.g. email address, telephone number)

  • Any additional information you choose to include in your communication

  • Technical usage data collected through cookies or analytics tools (subject to your consent), such as IP address (anonymised where applicable), browser type, device characteristics, pages visited, session duration, and interaction data

 

3. Purpose and Legal Basis of Processing

Personal data is processed for the purpose of handling and responding to your inquiry and for any subsequent communication related to the services I provide.

Processing is carried out on the following legal bases:

  • Article 6(1)(b) GDPR: processing is necessary for the performance of pre-contractual measures at your request.

  • Article 6(1)(f) GDPR: processing is based on my legitimate interest in communicating with prospective clients and responding to inquiries.

 

4. Use of Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, for the purpose of analyzing website usage and improving the website’s performance and user experience.

Google Analytics uses non-essential cookies, which are activated only after you have provided your explicit consent via the cookie banner displayed upon your first visit.

Data collected may include:

  • Browser and device information

  • Pages viewed and usage patterns

  • Time spent on the website

  • Approximate geographic location (with IP anonymisation applied)

Data may be transferred to the United States. Such transfers may rely on the EU-US Data Privacy Framework or, where applicable, other appropriate safeguards pursuant to Chapter V GDPR.

You may withdraw your consent at any time by adjusting your cookie preferences.

 

5. Retention Period

Personal data obtained through communication is retained for as long as is necessary to handle the inquiry and any subsequent follow-up, for up to 24 months, unless applicable legal obligations require a longer retention period.

 

6. Recipients of Personal Data

I do not sell, rent, or otherwise disclose your personal data to third parties, unless required by law or necessary for the operation of electronic communication services (for example, email service providers).

Google Analytics processes pseudonymised usage data as described in Section 4.

 

7. Rights of Data Subjects

You have the following rights under the GDPR:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to object (Art. 21 GDPR)

  • Right to lodge a complaint with a supervisory authority

The competent supervisory authority in Luxembourg is the Commission Nationale pour la Protection des Données (CNPD).

Requests to exercise your rights may be submitted by email to the contact address listed in Section 1.

 

8. Data Security

Appropriate technical and organisational measures are implemented to ensure a level of security appropriate to the risks associated with the processing of personal data.

 

9. Amendments to This Privacy Policy

This privacy policy may be updated from time to time. The version published on the website is the applicable version.

bottom of page