EA European Atlantic GmbH Strategy, digital transformation, and AI
Contact us

Privacy

Privacy Policy

Overview of the currently intended personal-data processing on the website and in the contact flow.

Controller

EA European Atlantic GmbH, Neuer Wall 10, 20354 Hamburg, Germany, is the controller for personal-data processing on this website. The main contact address is mail@european-atlantic.com, and privacy-related requests can be sent to privacy@european-atlantic.com.

  • General contact: mail@european-atlantic.com
  • Privacy contact: privacy@european-atlantic.com
  • Phone: +49 40 2285 8520

Purposes and legal bases

Personal data is processed on this website only to the extent necessary for technical website delivery, handling contact requests, complying with legal obligations, or protecting legitimate interests in secure and functional website operations. Relevant legal bases generally include Article 6(1)(b) GDPR, Article 6(1)(c) GDPR, Article 6(1)(f) GDPR, and, for optional audience measurement, Article 6(1)(a) GDPR in conjunction with Section 25(1) TDDDG.

  • Website delivery and the maintenance of stability and security
  • Handling of incoming requests and pre-contract communication
  • Compliance with legal retention or verification duties where applicable
  • Optional analysis of website usage only after prior consent

Hosting, server logs, and security

When the website is accessed, the hosting and server setup processes technically necessary connection and log data such as IP address, timestamps, requested content, status details, and browser or device information. This is used for website delivery, troubleshooting, and protection against misuse, spam, fraud attempts, phishing, malicious bots, automated attacks, and other security incidents.

  • Technically necessary log data is kept only as long as needed for operations, troubleshooting, and security
  • No broader use for marketing or optional tracking is intended in the current website baseline

Website security and abuse detection with AegisPress

The WordPress security solution AegisPress is used to protect the website. Security-relevant requests, technical access patterns, and form submissions may be checked in order to detect, document, and respond appropriately to misuse, attack attempts, and automated manipulation. This processing helps protect the website, communication channels, and underlying technical infrastructure.

  • Detection of spam, scam, phishing, and fraud attempts
  • Protection against malicious bots, credential attacks, infrastructure attacks, and abuse of forms or interfaces
  • Assessment of technical patterns, including possible prompt-injection or automated manipulation attempts
  • Security data is processed in line with data minimization, pseudonymization or redaction, and limited retention periods

Legitimate interest in protection and operations

Security processing is based, where applicable, on Article 6(1)(f) GDPR. The legitimate interest is the protection of the website, communication channels, customers, employees, business partners, and digital infrastructure against misuse and attacks. This includes defending against spam, internet abuse, fraud, phishing, cybercrime, malicious bots, credential attacks, infrastructure attacks, abuse of communication systems, economic crime, business espionage, and automated manipulation or prompt-injection attempts. Processing also helps safeguard the availability, integrity, confidentiality, and operational security of digital systems and communication channels.

  • Security processing is not used for audience measurement, advertising, or marketing profiling
  • Checks are limited to what is needed for security, troubleshooting, and abuse detection
  • The interests and fundamental rights of data subjects are taken into account through data minimization, content redaction, and limited retention periods

Contact form and business inquiries

The contact form processes name, email address, company, service area, message, and privacy confirmation so that inquiries can be assigned, answered, and prepared for the most suitable next step. This processing supports business communication and the initiation of potential engagements.

  • Collected fields: name, email, company, service area, message
  • Processing for inquiry handling, proposal preparation, and business initiation
  • Storage only for as long as needed for the inquiry, follow-up communication, or legal obligations

Language handling, cookies, and consent

WPML is used for the multilingual setup of the website. When users actively switch languages, a technically or functionally necessary language-preference cookie may be stored so that the selected language version remains consistent across further page views. The website also uses a lightweight first-party consent script that stores the choice regarding optional audience measurement for 180 days.

  • Language preference and language switching via WPML
  • Consent choice through the cookie banner and cookie settings control
  • Technically necessary security and functional processing remains separate from optional analytics

Optional audience measurement with Google Analytics

On the live website, Google Analytics 4 may be used for statistical analysis of website usage. The provider is Google Ireland Limited. This analysis helps us understand which content is used, how the website works technically, and how structure, content, and user guidance can be improved. Google Analytics is loaded only after explicit consent. Without consent, no Google Analytics cookies are set and no analytics tags for audience measurement are executed.

  • The legal basis is your consent under Article 6(1)(a) GDPR and Section 25(1) TDDDG for non-essential cookies or comparable technologies
  • Consent can be withdrawn at any time with future effect through the cookie settings
  • The configuration is intended for analytics without advertising or personalization purposes; related signals are disabled
  • IP addresses are protected or shortened in accordance with the Google Analytics configuration
  • On withdrawal, the website attempts to delete existing Google Analytics cookies where technically possible through the website

Your rights

Under the GDPR, data subjects generally have rights of access, rectification, erasure, restriction, portability, and objection where applicable. There is also a right to lodge a complaint with a competent supervisory authority.

  • Privacy contact: privacy@european-atlantic.com
  • Right to lodge a complaint with a competent supervisory authority