Privacy Policy
Last updated: 7 May 2026
1. Controller
The controller responsible for the processing of personal data on this website is:
Fessler Advisory Inh. Henrik Fessler
Henrik Fessler
Spessartstraße 15A
14197 Berlin
Germany
Telephone: +49 176 56862692
Email: mail.hf@fessleradvisory.com
2. General information on data processing
We process personal data only to the extent necessary to provide this website, respond to enquiries, carry out pre-contractual or contractual measures, comply with legal obligations, or protect legitimate interests.
Processing is carried out in particular on the following legal bases:
Art. 6(1)(b) GDPR, where processing is necessary for the performance of pre-contractual measures or for the performance of a contract;
Art. 6(1)(c) GDPR, where processing is necessary to comply with a legal obligation;
Art. 6(1)(f) GDPR, where processing is necessary to protect legitimate interests.
Processing based on consent pursuant to Art. 6(1)(a) GDPR takes place only where such consent has been expressly obtained.
3. Data Protection Officer
No Data Protection Officer has been appointed.
Fessler Advisory Inh. Henrik Fessler has no employees. According to the current status, there is no obligation to appoint a Data Protection Officer.
4. Provision of the website and server log files
When this website is accessed, technically necessary data is processed by the web server. This may include, in particular:
IP address
date and time of access
page or file accessed
amount of data transferred
referrer URL
browser type and browser version
operating system used
hostname of the accessing device
This processing is carried out for the technical provision of the website, to ensure stability and security, and for error analysis.
The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure, stable, and error-free provision of this website.
Server log files are deleted as soon as they are no longer required for the purposes stated above, unless statutory retention obligations or security reasons require longer storage.
5. Hosting
This website is hosted by:
Hostinger International Limited
Legal entity code: CY10301365E
61 Lordou Vironos Street
Lumiel Building, 4th floor
6023 Larnaca
Cyprus
The hosting provider processes personal data generated when this website is accessed, in particular technical connection data and server log files.
Processing by the hosting provider is carried out for the purpose of providing and securely operating the website.
The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the reliable and secure provision of our online offering.
Where Hostinger processes personal data on our behalf, this is carried out on the basis of a data processing agreement pursuant to Art. 28 GDPR.
6. Domain registration
The domain for this website is registered through Hostinger.
As part of domain registration, technically and organisationally necessary data may be processed to the extent required for the registration, administration, and technical provision of the domain.
The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the administration and accessibility of our website.
7. Contact by email or telephone
If you contact us by email or telephone, we process the data you provide in order to respond to your enquiry.
This may include, in particular:
name
email address
telephone number
company
content of the enquiry
communication data and times of communication
any documents or information submitted by you
Processing is carried out on the basis of Art. 6(1)(b) GDPR where your enquiry relates to pre-contractual measures or a contractual relationship.
In all other cases, processing is carried out on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in the proper handling of incoming enquiries.
The data is deleted as soon as it is no longer required for the handling of the enquiry, unless statutory retention obligations apply.
8. No contact forms
This website does not contain a contact form.
Contact is possible only through the contact details provided on the website, in particular by email or telephone.
9. Use of Microsoft 365 for communication and administration
Fessler Advisory Inh. Henrik Fessler uses Microsoft 365, in particular Outlook and SharePoint, to handle website enquiries and business communication.
If you contact us by email, your personal data may be processed and stored in Microsoft 365. This may include, in particular:
name
email address
company
communication content
attachments
technical communication data
times of communication
Processing is carried out to handle your enquiry, for business communication, and for internal organisation.
The legal basis is Art. 6(1)(b) GDPR where the communication relates to pre-contractual measures or a contractual relationship.
Otherwise, processing is carried out on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in efficient, secure, and traceable business communication.
According to the information displayed in the Microsoft 365 Admin Center, the data for the Microsoft 365 services relevant to Fessler Advisory is currently stored predominantly in Germany. This applies in particular to Exchange Online, Microsoft Teams, OneDrive, and SharePoint. Exchange Online Protection is shown with a committed geography of European Union/EFTA.
Where Microsoft processes personal data on our behalf, this is carried out on the basis of the Microsoft Products and Services Data Protection Addendum and a data processing agreement pursuant to Art. 28 GDPR.
Where personal data is processed outside the EU or the EEA in connection with the use of Microsoft 365, this is carried out on the basis of the data protection safeguards provided by Microsoft, in particular the applicable Standard Contractual Clauses or other permitted safeguards pursuant to Art. 44 et seq. GDPR.
10. Cookies and comparable technologies
This website does not use cookies or comparable technologies that store information on, or read information from, your device.
No analytics cookies, marketing cookies, tracking cookies, or comparable tracking technologies are used.
11. No cookie banner
As this website does not currently use cookies or comparable technologies that store information on, or read information from, your device, no cookie banner is used.
If cookies, analytics tools, marketing technologies, embedded third-party content, or comparable technologies are used in the future, this Privacy Policy will be updated accordingly. Where legally required, consent will be obtained before such technologies are used.
12. No analytics or tracking tools
This website does not use analytics or tracking tools.
In particular, the following are not used according to the current status:
Google Analytics
Google Tag Manager
Microsoft Clarity
Meta Pixel
LinkedIn Insight Tag
Hotjar
Matomo
any other analytics, statistics, or marketing tools
13. No externally embedded content
This website does not currently use externally embedded content.
In particular, the following are not embedded:
external maps
external videos
social media plugins
external booking tools
newsletter tools
payment services
client portals
external captcha or spam-protection services
Fonts are hosted locally. When fonts are loaded, no connection is made to external font provider servers.
14. External links
Where this website links to external websites or profiles, such as LinkedIn, data processing on the external website is carried out by the relevant provider.
If you follow an external link, you leave this website. The respective provider is generally responsible for data processing on the target website.
15. Transfer of personal data to third countries
The website itself currently does not use any external analytics, tracking, marketing, or embedded services that transfer personal data to third-party providers outside the EU or the EEA.
The website is hosted by Hostinger International Limited, which is based in Cyprus. Cyprus is a member state of the European Union.
When Microsoft 365 is used for business communication, personal data may be processed by Microsoft. The data-at-rest locations shown in the Microsoft 365 Admin Center for the relevant services are currently Germany or within the European Union/EFTA. Where personal data is processed outside the EU or the EEA, this is carried out on the basis of the applicable data protection safeguards.
16. Retention period
We store personal data only for as long as necessary for the respective processing purposes.
Data from business communication is deleted as soon as it is no longer required for handling the enquiry or performing the contract, unless statutory retention obligations apply.
Where commercial or tax-law retention obligations apply, the relevant data is stored for the legally prescribed period.
17. Your rights
Subject to the requirements of the GDPR, you have in particular the following rights:
right of access to the personal data processed;
right to rectification of inaccurate data;
right to erasure;
right to restriction of processing;
right to data portability;
right to object to processing based on Art. 6(1)(f) GDPR;
right to withdraw consent with effect for the future.
18. Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a data protection supervisory authority.
The competent authority for Berlin is:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59–61
10555 Berlin
Germany
Telephone: +49 30 13889-0
Email: mailbox@datenschutz-berlin.de
19. Security
We take appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, unauthorised disclosure, and alteration.
The measures are adapted in line with technical developments and the nature of the data processed.
20. No automated decision-making
Automated decision-making, including profiling, does not take place.
21. Changes to this Privacy Policy
This Privacy Policy may be amended if this website, the services used, or the legal requirements change.
The version published on this website at any given time applies.