Kai Osthoff
Küfergasse 15
71720 Oberstenfeld
Germany
Email: kai@osthoff.blog
The contents of this website have been created with the utmost care. However, I cannot guarantee the accuracy, completeness, and timeliness of the content. As a service provider, I am responsible for my own content on these pages in accordance with § 7 paragraph 1 TMG (German Telemedia Act). However, according to §§ 8 to 10 TMG, I am not obligated to monitor transmitted or stored third-party information or to investigate circumstances that indicate illegal activity.
This website contains links to external third-party websites over whose content I have no influence. Therefore, I cannot accept any liability for this third-party content. The respective provider or operator of the linked pages is always responsible for their content.
This privacy policy informs you about the nature, scope, and purpose of the processing of personal data on this website. Personal data is any data that can personally identify you.
The controller for data processing on this website is:
Kai Osthoff
Küfergasse 15
71720 Oberstenfeld
Germany
Email: kai@osthoff.blog
This website does not use analysis tools such as Google Analytics, Matomo, or similar services. There is no analysis of your user behavior.
The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
This data is not merged with other data sources. The collection of this data is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this, the server log files must be collected. The server log files are automatically deleted after 7 days.
If you send us inquiries via the contact form or email, your information, including any contact details you provide, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We will not share this data without your consent.
The processing of this data is based on Art. 6 para. 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR).
The data you enter in the contact form will remain with us until we answer your inquiry plus 6 months for potential follow-up questions, until you request us to delete it, revoke your consent for storage, or the purpose for data storage no longer applies. Mandatory statutory provisions - especially retention periods - remain unaffected.
For processing contact forms and sending newsletters, I use the Resend service. Resend is a GDPR-compliant email service that stores the transmitted data in the United States (USA). The received emails are processed on Microsoft servers.
As part of its GDPR compliance, Resend has implemented a Data Processing Addendum (DPA) that includes a standard contractual clause to ensure proper data export from the EU to the USA. Resend follows security best practices to protect personally identifiable information (PII).
The processing of your data is based on my legitimate interest in effective communication (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if you have subscribed to a newsletter.
When using Resend, data is transferred to the USA. The transfer is based on EU standard contractual clauses pursuant to Art. 46 para. 2 lit. c GDPR. Resend has implemented additional technical and organizational measures to protect your data.
For more information on Resend’s GDPR compliance, please visit: https://resend.com/security/gdpr
This website uses only technically necessary cookies:
These cookies are necessary for the functionality of the website and are processed on the basis of Art. 6 para. 1 lit. f GDPR (legitimate interest). They do not contain any personal data and are not used for tracking or advertising purposes.
For appointment scheduling, I use the Microsoft Bookings service, which is part of the Microsoft 365 package. When you schedule an appointment through the booking function on my website, the data you provide is transmitted to Microsoft and processed there.
The following data is collected and processed during appointment booking:
I have a data processing agreement with Microsoft in accordance with Art. 28 GDPR. The data you enter is stored in the Microsoft 365 Cloud. Microsoft has committed to implementing appropriate technical and organizational measures to protect your personal data.
Please note that Microsoft as a service provider may, under certain circumstances, also process certain customer data for its own business purposes, as described in Microsoft’s privacy policy. This may include, for example, improving the service or complying with legal obligations.
With Microsoft Bookings, your data is processed in Microsoft data centers within the EU, but may under certain circumstances also be transferred to the USA. Microsoft has submitted to the EU standard contractual clauses and offers additional guarantees to protect your data.
The processing of your data in the context of appointment booking is based on Art. 6 para. 1 lit. b GDPR (contractual fulfillment or pre-contractual measures) or Art. 6 para. 1 lit. a GDPR (consent), if you have consented to the data processing.
The data collected during appointment booking is stored for the duration of the business relationship and subsequently deleted after the expiry of the statutory retention periods, unless you have consented to longer storage or further storage is necessary for reasons of legitimate interest. Appointment booking data is usually retained for a period of 6 months after the appointment to allow for inquiries or follow-up appointments.
You have the following rights regarding your personal data:
To exercise your rights, please contact me at the email address provided above. For identity verification, I may request additional information.
You have the right to lodge a complaint with the competent supervisory authority if you believe that the processing of your personal data violates the GDPR:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg
Postfach 10 29 32, 70025 Stuttgart
Königstraße 10a, 70173 Stuttgart
Tel.: 0711/61 55 41 - 0
Fax: 0711/61 55 41 - 15
Email: poststelle@lfdi.bwl.de
This website contains links to my LinkedIn profile. When you click on these links, you will be redirected to LinkedIn. No direct embedding of LinkedIn content takes place. Only when you click on such a link is data transmitted to LinkedIn. What data LinkedIn collects and how it is used can be found in LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy.
I embed YouTube videos in enhanced privacy mode. This means that YouTube does not store any information about you before you play the video. Data is only transferred to YouTube when you click on the video. The operator of the corresponding plugins is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you are logged into your YouTube account, YouTube can associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
The use of YouTube is in the interest of an appealing presentation of our online offerings. This constitutes a legitimate interest in the sense of Art. 6 para. 1 lit. f GDPR. For more information on how user data is handled, please see YouTube’s privacy policy at: https://www.google.de/intl/en/policies/privacy
For questions regarding data protection, you can contact me directly at the contact address provided above.
This privacy policy was last updated on March 19, 2025. I reserve the right to occasionally adapt this privacy policy to ensure it always meets the current legal requirements or to implement changes to my services in the privacy policy, e.g., when introducing new services. The new privacy policy will then apply to your subsequent visit.
This website primarily serves private purposes for presenting my CV and as a personal blog. I make every effort to comply with all legal requirements to the best of my knowledge. If you nevertheless discover errors or opportunities for improvement in this privacy policy or other legal aspects of this website, I kindly ask you to contact me directly (kai@osthoff.blog) so that I can correct them promptly.
I appreciate constructive feedback and ask that you refrain from sending costly legal warnings. My goal is to operate this website in compliance with data protection regulations and to protect the rights of all visitors.