Privacy Policy

The data controller within the meaning of the GDPR is:

Resilient Value GmbH
Lenbachstr. 23
85053 Ingolstadt
Germany
Phone: +49 841 121 492 48
Email: info@resilientvalue.com
Managing Director: Andreas Stauber

Registered in the Commercial Register of the Local Court of Ingolstadt under HRB 11143.

We process personal data only to the extent necessary to operate this website, deliver our consulting services, or comply with legal obligations.

Legal bases, depending on the processing activity:

• Art. 6(1)(a) GDPR (consent)
• Art. 6(1)(b) GDPR (contract or pre-contractual measures)
• Art. 6(1)(c) GDPR (legal obligation)
• Art. 6(1)(f) GDPR (legitimate interests)

When you visit our website, technical data is automatically collected and stored in server log files:

• IP address
• Date and time of access
• Requested URL and HTTP status code
• Volume of data transferred
• Referrer URL
• Browser type and version
• Operating system used

Legal basis: Art. 6(1)(f) GDPR. The legitimate interest is the secure and stable operation of the website. Data is deleted or anonymized after a maximum of 14 days.

Our website is hosted and delivered via the Lovable platform. Provider:

Lovable AB
Ynglingagatan 14
113 47 Stockholm
Sweden

Lovable processes connection data on our behalf and according to our instructions, in particular for delivering the website, defending against attacks, and ensuring operational stability. We have entered into a data processing agreement with Lovable in accordance with Art. 28 GDPR.

For the technical provision of edge infrastructure, Lovable uses sub-processors, in particular Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA) for delivery of static content and attack mitigation.

This may result in the transfer of personal data to third countries (in particular the USA). Such transfers are safeguarded by Standard Contractual Clauses (SCCs) pursuant to Art. 46 GDPR.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in reliable and secure hosting).

The domains resilientvalue.com and resilientvalue.de are registered with Wix.com Ltd. Wix acts solely as the domain registrar and does not process any content or connection data of our website.

Provider:

Wix.com Ltd.
40 Namal Tel Aviv St., Tel Aviv 6350671
Israel

Israel benefits from an EU Commission adequacy decision under Art. 45 GDPR.

We use Microsoft 365 for our business email communication. Provider:

Microsoft Ireland Operations Limited
One Microsoft Place
South County Business Park, Leopardstown
Dublin 18, D18 P521
Ireland

When you send an email to a @resilientvalue.com address, the personal data transmitted (name, email address, message content, metadata) is processed and stored on Microsoft servers. We have entered into a data processing agreement with Microsoft in accordance with Art. 28 GDPR.

To provide its services, Microsoft may transfer data to third countries, in particular the USA. Such transfers are safeguarded by Standard Contractual Clauses pursuant to Art. 46 GDPR and by the EU-US Data Privacy Framework.

Legal basis: Art. 6(1)(b) GDPR for contract-related communication, otherwise Art. 6(1)(f) GDPR (legitimate interest in efficient business communication).
Retention period: Business emails are retained for up to 10 years in accordance with German commercial and tax law (Sec. 257 HGB, Sec. 147 AO). Other correspondence is deleted once the processing purpose no longer applies.

If you contact us via the contact form, by email, or by phone, we process the transmitted data to handle your inquiry and any follow-up questions.

Data processed: name, email address, phone number (if provided), company (if provided), content of the message.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in handling inquiries).
Retention period: Until your inquiry has been finally processed; for contractually relevant correspondence, in accordance with statutory retention periods.

When you book an initial consultation, we process the data you provide (name, email, phone, company, request) to prepare and conduct the meeting.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures).
Retention period: 24 months after the meeting if no engagement results. In the case of an engagement, statutory retention periods apply.

We use only technically necessary cookies and comparable storage mechanisms required for the operation of the website and the functionality of forms. Consent is not required for these.

Legal basis: Sec. 25(2)(2) TTDSG in conjunction with Art. 6(1)(f) GDPR.

Should optional cookies for analytics or marketing purposes be used in the future, your consent will be obtained in advance via a consent banner.

LinkedIn

We link to LinkedIn profiles on our website. Data is only transmitted to LinkedIn when you actively click on a LinkedIn link. The controller for the subsequent processing is:

LinkedIn Ireland Unlimited Company
Wilton Plaza, Wilton Place
Dublin 2, Ireland

Privacy policy: https://www.linkedin.com/legal/privacy-policy

Fonts

We use locally hosted fonts. No data is transmitted to external font providers (such as Google Fonts).

Personal data is only transferred to third countries outside the EEA to the extent described under Section 4 (Lovable / Cloudflare) and Section 6 (Microsoft 365). Such transfers are safeguarded by Standard Contractual Clauses pursuant to Art. 46 GDPR. In the case of Microsoft 365, we additionally rely on the EU-US Data Privacy Framework.

You have the following rights regarding your personal data:

• Right to access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object to processing (Art. 21 GDPR)
• Right to withdraw consent (Art. 7(3) GDPR)
• Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

To exercise your rights, please contact info@resilientvalue.com.

Competent supervisory authority:

Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18
91522 Ansbach
Germany
https://www.lda.bayern.de

We implement state-of-the-art technical and organizational measures to protect your data from unauthorized access, loss, manipulation, or destruction. These include in particular:

• TLS encryption of the connection to the website (HTTPS)
• Role- and permission-based access controls
• Secure authentication (multi-factor) for administrative access
• Regular security and software updates

We update this privacy policy when legal requirements or actual processing operations change. The version current at the time of your visit applies.

Last updated: May 8, 2026