Privacy Policy

1. Controller

HUMAN CENTRIC BRANDING Lischka Kunert GmbH

Eppendorfer Weg 94, 20259 Hamburg, Germany

Phone: +49 176 832 93 209

Email: m.kunert@human-centric-branding.de

Web: https://human-centric-branding.de

Represented by the Managing Directors: Christine Lischka, Martina Kunert

2. Data Protection Contacts / Data Protection Officer

A data protection officer has not been appointed, as there is no legal obligation. For questions regarding data protection, please contact the details provided above.

3. Scope

This statement provides information about the processing of personal data when visiting our website, when contacting us (e.g., via email/phone/contact form), and – where applicable – when using integrated third-party services (analytics, fonts, maps, videos, appointment booking, social media plugins).

4. Terms and Legal Basis

  • Personal data: any information relating to an identified or identifiable natural person (Art. 4 No. 1 GDPR).
  • Processing: any operation or set of operations which is performed on personal data, whether or not by automated means (Art. 4 No. 2 GDPR).
  • Legal basis: Art. 6 para. 1 lit. a (consent), lit. b (contract/initiation of contract), lit. c (legal obligation), lit. f (legitimate interest) GDPR; for setting/reading non-essential cookies, § 25 TTDSG (consent requirement) applies. For consent regarding cookies/tracking, please refer to section. 7.


5. Hosting, Processor Agreement and Security

We host this website with a European provider. A processor agreement (Art. 28 GDPR) exists with the hosting service. The provider processes server log data (see below) exclusively on our behalf. We protect your data through organizational and technical measures (including access controls, encryption, data minimization).

6. Server Log Files

When you access our pages, the server automatically collects the following data: IP address (shortened or pseudonymized, where technically possible), date/time, time zone, URL accessed, referrer URL, HTTP status code, amount of data transferred, user agent (browser/OS), and any error messages.

Purpose: technical provision, stability, security (e.g., prevention of abuse/attacks), error analysis.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in a secure, stable web operation).

Storage duration: Log data is regularly stored for a short period and for a specific purpose, then deleted or anonymized, unless a security-relevant evaluation is required.

7. Cookies, Local Storage & Consent Banner (CMP)

We only use technically necessary cookies unless you give your consent for other categories (e.g., statistics/marketing). We only set technically non-essential cookies or similar technologies (e.g., local storage, pixels, fingerprinting) after your consent via our consent banner.

Legal basis: § 25 para. 1 TTDSG (storage/reading on the end device) in conjunction with Art. 6 para. 1 lit. a GDPR (consent). We base necessary cookies on § 25 para. 2 TTDSG and Art. 6 para. 1 lit. f GDPR. You can revoke your consent at any time via the banner settings with effect for the future.

8. Contact (Email/Phone/Contact Form)

When you contact us, we process the data you provide (e.g., name, email, phone, content of your message).

Purpose: Processing your request, communication.

Legal basis: Art. 6 para. 1 lit. b GDPR (pre-contractual/contractual communication) or lit. f GDPR (legitimate interest in efficient communication).

Storage duration: According to legal retention periods or as long as necessary for processing.

9. Applications

If you apply speculatively or for a job advertisement, we process your application data exclusively for the purpose of the selection process.

Legal basis: § 26 BDSG (establishment of an employment relationship) and, if applicable, Art. 6 para. 1 lit. b GDPR; for voluntary inclusion in a talent pool, Art. 6 para. 1 lit. a GDPR (consent).

Storage duration: After completion of the process, usually 6 months; longer retention only with consent.

10. Recipients & Categories of Recipients

  • Processors (e.g., hosting, maintenance, email/collaboration services, consent management) in accordance with Art. 28 GDPR.
  • Other recipients only if legally required (authorities/public bodies) or necessary for legal defense (legal counsel).

11. Analytics Services

Status: Currently deactivated.

If we use privacy-friendly web analytics in the future (e.g., Matomo with anonymization/IP truncation, own hosting instance), we will provide detailed information here.

Legal basis: Consent, Art. 6 para. 1 lit. a GDPR in conjunction with § 25 para. 1 TTDSG; for purely anonymized, consent-free measurement (without end-device access), we rely on Art. 6 para. 1 lit. f GDPR.

12. Third-Party Integrations (e.g., YouTube/Vimeo/Maps/Fonts/CDN)

Status: Blocked by default, active only after consent.

To protect your data, we use – where available – a 2-click solution or content blocker: content is only loaded after your active decision (Art. 6 para. 1 lit. a GDPR; § 25 para. 1 TTDSG). Details (provider, data categories, storage duration, third-country transfer) appear directly in the consent dialog.

13. Third-Country Transfers (outside EU/EEA)

A transfer to third countries only takes place if either

a) an adequacy decision by the EU Commission exists (e.g., EU-US Data Privacy Framework from 10.07.2023),

b) appropriate safeguards (especially EU Standard Contractual Clauses) are in place, or

c) an exception under Art. 49 GDPR applies.

For transfers to the USA, the EU-US Data Privacy Framework may apply – provided the recipient is certified; many providers also continue to use the EU Standard Contractual Clauses (SCC). The validity of the DPF was confirmed on 03.09.2025 by the Court of the European Union (T-553/23); appeals are still possible.

14. Storage Duration

We process personal data only for as long as necessary for the respective purpose. Thereafter, we delete or anonymize it, unless legal retention obligations (e.g., commercial/tax law) prevent this.

15. Obligation to Provide Data

You are neither legally nor contractually obliged to provide personal data. However, without certain information (e.g., contact details), we cannot process some inquiries.

16. Automated Decisions / Profiling

No automated decision-making, including profiling within the meaning of Art. 22 GDPR, takes place.

17. Your Rights

In accordance with the GDPR, you have the following rights in particular:

  • Right of access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), objection (Art. 21 against processing based on Art. 6 para. 1 lit. e/f).
  • Withdrawal of consent (Art. 7 para. 3) with effect for the future (e.g., via our consent banner).
  • Right to lodge a complaint with a data protection supervisory authority, in particular in your place of residence, workplace, or the place of the alleged infringement. Responsible for Hamburg:
  • The Hamburg Commissioner for Data Protection and Freedom of Information, Ludwig-Erhard-Str. 22, 20459 Hamburg, Tel. 040 42854-4040, Email: mailbox@datenschutz.hamburg.de


18. Minors

Our services are not directed at children within the meaning of Art. 8 GDPR. We do not knowingly process data of individuals under 16 years of age without the consent of their legal guardians.

19. Data Security / TLS Encryption

Our website uses TLS encryption (recognizable by “https://”). This protects data during transmission from unauthorized access.

20. Changes to this Privacy Policy

We will adapt this Privacy Policy if the legal situation, services, data processing, or technical procedures change. The version published here is always authoritative.

Status: 2025-10-01 

Orientation

1. Stock-Take

It all starts with a precise analysis: where does the brand stand today? What messages is it sending—and do they actually land with the intended audiences? We make visible whether external perception matches internal intention.

2. Exposing Communication Gaps

SENSUS reveals where communication between brand and consumer breaks down. Which signs, codes or messages are missing their mark? Where do misunderstandings or misinterpretations arise?

3. Cross-Channel Perspective

We examine the brand across all relevant channels—digital, analogue and direct contact—ensuring messages are consistent throughout.

4. Collaborative Approach

Our approach is cooperative: we don't impose solutions, but work together with all relevant stakeholders. By involving everyone, we create shared understanding and broad acceptance of results—driving change processes that are supported by all.

5. Foundation for Development

The outcome is a clear, holistic picture of the status quo. On this basis, strategic decisions can be made and brands developed with purpose—with clarity, commitment and clear direction.