Privacy Policy

Privacy Policy

Privacy Policy

Privacy Policy Effective Date: January 21, 2022


Last Updated: June 6, 2025


Pegues Innovations GmbH


1. Data Controller and Contact Information

Data Controller:
Pegues Innovations GmbH
Viktoria-Luise-Platz 12
10777 Berlin, Germany
Email: isaiah@pegues.io
Phone: +49 151 122 05900
Managing Director: Isaiah Pegues


Privacy Contact:
For all privacy-related inquiries and requests, please contact us at: privacy@pegues.io


2. Overview

This Privacy Policy explains how Pegues Innovations GmbH ("we," "us," or "our") collects, uses, and protects personal data when you visit our website isaiah.pegues.io or use our services. We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.


3. Personal Data We Collect


3.1 Contact Form Data

When you submit our contact form, we collect:

  • Name (first and last name)

  • Email address

  • Phone number (if provided)

  • Project details and messages you choose to share

  • Company name (if provided)

  • Preferred contact method


3.2 Marketing Consent Data

If you opt in to receive marketing communications:

  • Email address

  • Phone number (for SMS updates, if consented)

  • Consent timestamp and method

  • Marketing preferences


3.3 Website Usage Data (Analytics)

When you visit our website with your consent, we may collect:

  • IP address (anonymized)

  • Browser type and version

  • Operating system

  • Pages visited and time spent

  • Referring website

  • Device identifiers

  • Geographic location (country/region level)


3.4 Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Enable website functionality

  • Analyze website usage (with consent)

  • Remember your cookie preferences


4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:


4.1 Contact Form Processing

  • Legal basis: Article 6(1)(b) GDPR - Performance of a contract or pre-contractual steps

  • Purpose: To respond to your business inquiries and provide information about our services


4.2 Marketing Communications

  • Legal basis: Article 6(1)(a) GDPR - Consent

  • Purpose: To send you updates about our automation services, case studies, and relevant industry insights

  • Note: You can withdraw consent at any time by unsubscribing or contacting us


4.3 Website Analytics

  • Legal basis: Article 6(1)(a) GDPR - Consent

  • Purpose: To understand how visitors use our website and improve our services

  • Note: Analytics cookies are only activated after you provide consent via our cookie banner


4.4 Legal Compliance

  • Legal basis: Article 6(1)(c) GDPR - Legal obligation

  • Purpose: To comply with applicable laws, such as tax and accounting requirements


5. How We Use Your Personal Data


5.1 Business Communications

  • Respond to your inquiries and requests

  • Provide information about our services

  • Follow up on business opportunities

  • Provide customer support


5.2 Marketing (with consent)

  • Send newsletters and service updates

  • Share relevant case studies and industry insights

  • Notify you about new services or offerings

  • Send promotional communications via email or SMS


5.3 Website Improvement

  • Analyze website traffic and user behavior

  • Improve website functionality and user experience

  • Monitor website performance and security


5.4 Legal and Administrative

  • Maintain records for tax and accounting purposes

  • Protect our legal rights and comply with legal obligations

  • Prevent fraud and ensure security


6. Data Recipients and Third-Party Processors


6.1 Internal Recipients

Personal data is accessed by authorized personnel at Pegues Innovations GmbH who need it for the purposes outlined above.


6.2 Third-Party Processors

We use the following third-party services that may process your personal data:

Google Analytics

  • Data processed: Website usage data (with consent)

  • Purpose: Website analytics and performance monitoring

  • Safeguards: Google LLC is certified under the EU-U.S. Data Privacy Framework

  • Data Processing Agreement: We have executed Google's standard DPA

  • Opt-out: You can opt out via our cookie settings or use the Google Analytics Opt-out Browser Add-on

Google Workspace (Email/Cloud Services)

  • Data processed: Contact form submissions and business communications

  • Purpose: Email management and cloud storage

  • Safeguards: Google LLC is DPF-certified with appropriate technical safeguards

  • Data Processing Agreement: Standard Google Workspace DPA in place

Website Hosting Provider

  • Data processed: Website logs and technical data

  • Purpose: Website hosting and security

  • Safeguards: GDPR-compliant hosting with appropriate security measures


6.3 No Data Sales

We do not sell, rent, or trade your personal data with third parties for their marketing purposes.


7. International Data Transfers

Some of our third-party processors are located outside the European Economic Area (EEA):


7.1 United States

Data may be transferred to the United States through our use of Google services. These transfers are protected by:

  • EU-U.S. Data Privacy Framework: Google LLC is certified under the DPF adequacy decision

  • Standard Contractual Clauses: Additional contractual safeguards where applicable

  • Technical safeguards: Encryption and security measures


7.2 Other Countries

If we engage additional processors outside the EEA, we will ensure appropriate safeguards are in place, such as adequacy decisions or Standard Contractual Clauses.


8. Data Retention Periods


8.1 Contact Form Data

  • Retention period: 12 months after initial contact, unless you become a client

  • Client data: Retained as necessary for the business relationship plus applicable legal retention requirements


8.2 Marketing Communications

  • Retention period: Until you unsubscribe or withdraw consent

  • Inactive contacts: Automatically removed after 24 months of inactivity


8.3 Website Analytics Data

  • Retention period: 14 months (Google Analytics retention setting)

  • Automatic deletion: Data is automatically deleted after the retention period



8.4 Legal and Tax Records

  • Retention period: As required by German tax and commercial law (typically 6-10 years)


9. Your Rights Under GDPR

You have the following rights regarding your personal data:


9.1 Right of Access (Article 15)

You can request a copy of all personal data we hold about you.


9.2 Right to Rectification (Article 16)

You can request correction of inaccurate or incomplete personal data.


9.3 Right to Erasure (Article 17)

You can request deletion of your personal data in certain circumstances.


9.4 Right to Restrict Processing (Article 18)

You can request that we limit how we process your personal data in certain situations.


9.5 Right to Data Portability (Article 20)

You can request your personal data in a commonly used electronic format.


9.6 Right to Object (Article 21)

You can object to processing based on legitimate interests or for direct marketing purposes.


9.7 Right to Withdraw Consent (Article 7)

For processing based on consent (marketing, analytics), you can withdraw consent at any time:

  • Marketing emails: Use the unsubscribe link in any email

  • SMS marketing: Reply "STOP" or contact us

  • Analytics cookies: Adjust settings in our cookie banner


9.8 Exercising Your Rights

To exercise any of these rights, contact us at privacy@pegues.io. We will respond within one month of receiving your request.


10. Right to Lodge a Complaint

If you believe we have not handled your personal data lawfully, you have the right to file a complaint with a data protection authority.


Our Lead Supervisory Authority:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219
10969 Berlin, Germany
Website: https://www.datenschutz-berlin.de


You may also contact your local data protection authority.


11. Data Security Measures

We implement appropriate technical and organizational measures to protect your personal data:


11.1 Technical Safeguards

  • Encryption: All data transmission uses HTTPS/TLS encryption

  • Access controls: Restricted access to personal data on a need-to-know basis

  • Security monitoring: Regular security assessments and monitoring

  • Backup security: Encrypted backups with restricted access


11.2 Organizational Safeguards

  • Staff training: Regular privacy and security training for personnel

  • Data processing agreements: Contracts with all third-party processors

  • Incident response: Procedures for handling security breaches

  • Regular reviews: Periodic review of privacy and security practices


12. Cookies and Consent Management


12.1 Types of Cookies

  • Essential cookies: Necessary for website functionality (no consent required)

  • Analytics cookies: Used for Google Analytics (consent required)

  • Preference cookies: Remember your cookie choices (consent required)


12.2 Managing Cookies

You can manage your cookie preferences:

  • Cookie banner: Choose your preferences when you first visit

  • Browser settings: Configure cookies in your browser

  • Opt-out tools: Use Google Analytics opt-out browser extension


12.3 Third-Party Content

Some pages may include embedded content (social media, videos) that may set cookies. These are only loaded with your consent.


13. Automated Decision-Making and Profiling

We do not use your personal data for any automated decision-making or profiling that produces legal or similarly significant effects.


14. Data Protection Impact Assessments

For high-risk processing activities, we conduct Data Protection Impact Assessments as required by Article 35 GDPR to ensure appropriate safeguards.


15. Children's Privacy

Our website and services are not directed at children under 16. We do not knowingly collect personal data from children under 16 without parental consent.


16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Material changes will be prominently posted on our website with an updated effective date.


17. Data Processing for Client Services

When we provide services to clients, we may process personal data on their behalf as a data processor. Such processing is governed by separate Data Processing Agreements (Auftragsverarbeitungsvertrag) that comply with GDPR Article 28.


 Clients can request information about our data processing practices by

 contacting privacy@pegues.io.


18. Contact Information

For questions about this Privacy Policy or to exercise your rights:


Email: privacy@pegues.io
Postal address:
Pegues Innovations GmbH
Attn: Privacy Officer
Viktoria-Luise-Platz 12
10777 Berlin, Germany


19. Requirement to Provide Data

Providing personal data through our contact form is voluntary. However:

  • Contact information (email or phone) is necessary for us to respond to your inquiry

  • Marketing consent is optional and separate from contact requests

  • Analytics data is collected only with your consent and is not necessary for using the website


20. Legal Framework

This Privacy Policy is designed to comply with:

  • GDPR (General Data Protection Regulation)

  • German Federal Data Protection Act (Bundesdatenschutzgesetz - BDSG)

  • German Telemedia Act (Telemediengesetz - TMG)

  • EU ePrivacy Directive and implementing national laws


This Privacy Policy provides comprehensive information about our data processing activities in compliance with GDPR Article 13 and 14 requirements.

isaiah@pegues.io

isaiah@pegues.io

Privacy Policy Effective Date: January 21, 2022


Last Updated: June 6, 2025


Pegues Innovations GmbH


1. Data Controller and Contact Information

Data Controller:
Pegues Innovations GmbH
Viktoria-Luise-Platz 12
10777 Berlin, Germany
Email: isaiah@pegues.io
Phone: +49 151 122 05900
Managing Director: Isaiah Pegues


Privacy Contact:
For all privacy-related inquiries and requests, please contact us at: privacy@pegues.io


2. Overview

This Privacy Policy explains how Pegues Innovations GmbH ("we," "us," or "our") collects, uses, and protects personal data when you visit our website isaiah.pegues.io or use our services. We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.


3. Personal Data We Collect


3.1 Contact Form Data

When you submit our contact form, we collect:

  • Name (first and last name)

  • Email address

  • Phone number (if provided)

  • Project details and messages you choose to share

  • Company name (if provided)

  • Preferred contact method


3.2 Marketing Consent Data

If you opt in to receive marketing communications:

  • Email address

  • Phone number (for SMS updates, if consented)

  • Consent timestamp and method

  • Marketing preferences


3.3 Website Usage Data (Analytics)

When you visit our website with your consent, we may collect:

  • IP address (anonymized)

  • Browser type and version

  • Operating system

  • Pages visited and time spent

  • Referring website

  • Device identifiers

  • Geographic location (country/region level)


3.4 Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Enable website functionality

  • Analyze website usage (with consent)

  • Remember your cookie preferences


4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:


4.1 Contact Form Processing

  • Legal basis: Article 6(1)(b) GDPR - Performance of a contract or pre-contractual steps

  • Purpose: To respond to your business inquiries and provide information about our services


4.2 Marketing Communications

  • Legal basis: Article 6(1)(a) GDPR - Consent

  • Purpose: To send you updates about our automation services, case studies, and relevant industry insights

  • Note: You can withdraw consent at any time by unsubscribing or contacting us


4.3 Website Analytics

  • Legal basis: Article 6(1)(a) GDPR - Consent

  • Purpose: To understand how visitors use our website and improve our services

  • Note: Analytics cookies are only activated after you provide consent via our cookie banner


4.4 Legal Compliance

  • Legal basis: Article 6(1)(c) GDPR - Legal obligation

  • Purpose: To comply with applicable laws, such as tax and accounting requirements


5. How We Use Your Personal Data


5.1 Business Communications

  • Respond to your inquiries and requests

  • Provide information about our services

  • Follow up on business opportunities

  • Provide customer support


5.2 Marketing (with consent)

  • Send newsletters and service updates

  • Share relevant case studies and industry insights

  • Notify you about new services or offerings

  • Send promotional communications via email or SMS


5.3 Website Improvement

  • Analyze website traffic and user behavior

  • Improve website functionality and user experience

  • Monitor website performance and security


5.4 Legal and Administrative

  • Maintain records for tax and accounting purposes

  • Protect our legal rights and comply with legal obligations

  • Prevent fraud and ensure security


6. Data Recipients and Third-Party Processors


6.1 Internal Recipients

Personal data is accessed by authorized personnel at Pegues Innovations GmbH who need it for the purposes outlined above.


6.2 Third-Party Processors

We use the following third-party services that may process your personal data:

Google Analytics

  • Data processed: Website usage data (with consent)

  • Purpose: Website analytics and performance monitoring

  • Safeguards: Google LLC is certified under the EU-U.S. Data Privacy Framework

  • Data Processing Agreement: We have executed Google's standard DPA

  • Opt-out: You can opt out via our cookie settings or use the Google Analytics Opt-out Browser Add-on

Google Workspace (Email/Cloud Services)

  • Data processed: Contact form submissions and business communications

  • Purpose: Email management and cloud storage

  • Safeguards: Google LLC is DPF-certified with appropriate technical safeguards

  • Data Processing Agreement: Standard Google Workspace DPA in place

Website Hosting Provider

  • Data processed: Website logs and technical data

  • Purpose: Website hosting and security

  • Safeguards: GDPR-compliant hosting with appropriate security measures


6.3 No Data Sales

We do not sell, rent, or trade your personal data with third parties for their marketing purposes.


7. International Data Transfers

Some of our third-party processors are located outside the European Economic Area (EEA):


7.1 United States

Data may be transferred to the United States through our use of Google services. These transfers are protected by:

  • EU-U.S. Data Privacy Framework: Google LLC is certified under the DPF adequacy decision

  • Standard Contractual Clauses: Additional contractual safeguards where applicable

  • Technical safeguards: Encryption and security measures


7.2 Other Countries

If we engage additional processors outside the EEA, we will ensure appropriate safeguards are in place, such as adequacy decisions or Standard Contractual Clauses.


8. Data Retention Periods


8.1 Contact Form Data

  • Retention period: 12 months after initial contact, unless you become a client

  • Client data: Retained as necessary for the business relationship plus applicable legal retention requirements


8.2 Marketing Communications

  • Retention period: Until you unsubscribe or withdraw consent

  • Inactive contacts: Automatically removed after 24 months of inactivity


8.3 Website Analytics Data

  • Retention period: 14 months (Google Analytics retention setting)

  • Automatic deletion: Data is automatically deleted after the retention period



8.4 Legal and Tax Records

  • Retention period: As required by German tax and commercial law (typically 6-10 years)


9. Your Rights Under GDPR

You have the following rights regarding your personal data:


9.1 Right of Access (Article 15)

You can request a copy of all personal data we hold about you.


9.2 Right to Rectification (Article 16)

You can request correction of inaccurate or incomplete personal data.


9.3 Right to Erasure (Article 17)

You can request deletion of your personal data in certain circumstances.


9.4 Right to Restrict Processing (Article 18)

You can request that we limit how we process your personal data in certain situations.


9.5 Right to Data Portability (Article 20)

You can request your personal data in a commonly used electronic format.


9.6 Right to Object (Article 21)

You can object to processing based on legitimate interests or for direct marketing purposes.


9.7 Right to Withdraw Consent (Article 7)

For processing based on consent (marketing, analytics), you can withdraw consent at any time:

  • Marketing emails: Use the unsubscribe link in any email

  • SMS marketing: Reply "STOP" or contact us

  • Analytics cookies: Adjust settings in our cookie banner


9.8 Exercising Your Rights

To exercise any of these rights, contact us at privacy@pegues.io. We will respond within one month of receiving your request.


10. Right to Lodge a Complaint

If you believe we have not handled your personal data lawfully, you have the right to file a complaint with a data protection authority.


Our Lead Supervisory Authority:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219
10969 Berlin, Germany
Website: https://www.datenschutz-berlin.de


You may also contact your local data protection authority.


11. Data Security Measures

We implement appropriate technical and organizational measures to protect your personal data:


11.1 Technical Safeguards

  • Encryption: All data transmission uses HTTPS/TLS encryption

  • Access controls: Restricted access to personal data on a need-to-know basis

  • Security monitoring: Regular security assessments and monitoring

  • Backup security: Encrypted backups with restricted access


11.2 Organizational Safeguards

  • Staff training: Regular privacy and security training for personnel

  • Data processing agreements: Contracts with all third-party processors

  • Incident response: Procedures for handling security breaches

  • Regular reviews: Periodic review of privacy and security practices


12. Cookies and Consent Management


12.1 Types of Cookies

  • Essential cookies: Necessary for website functionality (no consent required)

  • Analytics cookies: Used for Google Analytics (consent required)

  • Preference cookies: Remember your cookie choices (consent required)


12.2 Managing Cookies

You can manage your cookie preferences:

  • Cookie banner: Choose your preferences when you first visit

  • Browser settings: Configure cookies in your browser

  • Opt-out tools: Use Google Analytics opt-out browser extension


12.3 Third-Party Content

Some pages may include embedded content (social media, videos) that may set cookies. These are only loaded with your consent.


13. Automated Decision-Making and Profiling

We do not use your personal data for any automated decision-making or profiling that produces legal or similarly significant effects.


14. Data Protection Impact Assessments

For high-risk processing activities, we conduct Data Protection Impact Assessments as required by Article 35 GDPR to ensure appropriate safeguards.


15. Children's Privacy

Our website and services are not directed at children under 16. We do not knowingly collect personal data from children under 16 without parental consent.


16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Material changes will be prominently posted on our website with an updated effective date.


17. Data Processing for Client Services

When we provide services to clients, we may process personal data on their behalf as a data processor. Such processing is governed by separate Data Processing Agreements (Auftragsverarbeitungsvertrag) that comply with GDPR Article 28.


 Clients can request information about our data processing practices by

 contacting privacy@pegues.io.


18. Contact Information

For questions about this Privacy Policy or to exercise your rights:


Email: privacy@pegues.io
Postal address:
Pegues Innovations GmbH
Attn: Privacy Officer
Viktoria-Luise-Platz 12
10777 Berlin, Germany


19. Requirement to Provide Data

Providing personal data through our contact form is voluntary. However:

  • Contact information (email or phone) is necessary for us to respond to your inquiry

  • Marketing consent is optional and separate from contact requests

  • Analytics data is collected only with your consent and is not necessary for using the website


20. Legal Framework

This Privacy Policy is designed to comply with:

  • GDPR (General Data Protection Regulation)

  • German Federal Data Protection Act (Bundesdatenschutzgesetz - BDSG)

  • German Telemedia Act (Telemediengesetz - TMG)

  • EU ePrivacy Directive and implementing national laws


This Privacy Policy provides comprehensive information about our data processing activities in compliance with GDPR Article 13 and 14 requirements.

isaiah@pegues.io