Privacy Policy & Datenschutzerklärung

1. Controller

The controller responsible for the processing of personal data on this website is:

Lengersdorf Capital LLC
7901 4th St N, Suite 300
St. Petersburg, FL 33702, USA
Email: [email protected]

Authorized representative: Luca Lengersdorf

2. What data is processed

When you visit this website, the following data is processed automatically:

• IP address (anonymized after request handling)
• Date and time of the request
• Requested URL and referring URL
• Browser type, version, and operating system
• Approximate region (country, city) based on IP

When you contact us by email, we additionally process your email address, name, and the content of your message.

3. Purposes & legal basis

• Operation of the website — server logs to ensure stable, secure delivery of content. Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest in operating a working website).
• Reply to your inquiry — when you contact us via email or our discovery-call CTA, we process your contact data and message content to reply. Legal basis: Art. 6 (1) lit. b GDPR (pre-contractual measures / contract performance) and Art. 6 (1) lit. f GDPR (legitimate interest in responding).

4. Service providers (data processors)

The following processors handle data on our behalf under data processing agreements (Auftragsverarbeitung) where applicable:

• Cloudflare, Inc. — hosting, CDN, DDoS protection, DNS, and TLS termination. Cloudflare may process IP addresses and request metadata to deliver this website. More info: cloudflare.com/privacypolicy.
• Zoho Corporation Pvt. Ltd. — email hosting and processing for our incoming and outgoing mail at @lengersdorfstudio.com. When you email us, your message is delivered to and stored by Zoho on our behalf. More info: zoho.com/privacy.
• Google Fonts — fonts (Fraunces, Inter) are loaded from Google's CDN (fonts.googleapis.com / fonts.gstatic.com). Google may receive your IP and User-Agent for this request. More info: policies.google.com/privacy.

Data may be transferred to the United States. Where applicable, we rely on the EU-U.S. Data Privacy Framework and / or Standard Contractual Clauses pursuant to Art. 46 GDPR as a transfer mechanism.

5. Cookies

This website does not set tracking or marketing cookies. We do not use analytics or advertising cookies. Strictly technical local storage may be used by your browser to remember motion-preference settings; this is purely client-side and not transmitted.

6. Storage period

• Server logs: typically 30 days, then automatically deleted.
• Email inquiries: as long as required to respond and to fulfil legal retention obligations (e.g. up to 6 / 10 years for commercial correspondence under §147 AO / §257 HGB if applicable).

7. Your rights under GDPR

You have the right to:

• Request access to your personal data (Art. 15 GDPR)
• Request rectification of inaccurate data (Art. 16 GDPR)
• Request erasure of your data (Art. 17 GDPR)
• Request restriction of processing (Art. 18 GDPR)
• Receive your data in a portable format (Art. 20 GDPR)
• Object to processing based on legitimate interest (Art. 21 GDPR)
• Withdraw consent at any time (Art. 7 (3) GDPR), without affecting the lawfulness of prior processing

To exercise your rights, contact: [email protected].

8. Right to lodge a complaint

If you believe your data is processed unlawfully, you have the right to lodge a complaint with a supervisory authority. In Germany, this is the data protection authority of your federal state (bfdi.bund.de).

9. Security

This website is served over TLS (HTTPS) with certificates managed by Cloudflare. Standard technical and organizational measures are in place to protect data from loss, misuse, alteration or unauthorized access.

10. Changes

We may update this privacy policy to reflect changes to our processing activities or legal requirements. The date below indicates the current version.