Controller
Mirko Wagner Cybersecurity
Angelika-Machinek-Straße 16
60486 Frankfurt, Germany
Email: mirko@wagner-cyber.com
Phone: +491736594652
Scope of processing
We process personal data only to the extent necessary to provide this website, answer inquiries, and protect the website against misuse.
Categories of data
Contact form data: name, company, email address, selected topic, and message content.
Technical server data: IP address, date/time of access, requested URL, user agent, and status information in server logs.
Security-related data: temporary session data used for anti-spam and rate limiting.
Purposes and legal basis (Art. 6 GDPR)
Website operation and IT security: Art. 6(1)(f) GDPR (legitimate interest in secure, stable, and abuse-resistant operation of the website).
Responding to inquiries: Art. 6(1)(b) GDPR (pre-contractual communication) and, where applicable, Art. 6(1)(f) GDPR.
Legal retention and compliance: Art. 6(1)(c) GDPR where legal obligations apply.
Contact form and anti-spam
The contact form includes a hidden anti-spam field (honeypot) and session-based rate limiting to reduce abusive submissions. This serves our legitimate interest under Art. 6(1)(f) GDPR.
Inquiry data is sent by email to our business inbox for processing. Please avoid sharing special categories of personal data in free-text fields.
Recipients
Data may be processed by technical service providers involved in hosting, email delivery, and IT operation. These providers process data only to the extent necessary to perform their services.
Where required by law, we enter into data processing agreements pursuant to Art. 28 GDPR.
Cookies and local storage (Sec. 25 TTDSG)
This website does not use analytics or marketing cookies.
Technically necessary storage pursuant to Sec. 25(2) TTDSG may be used for website operation and security (for example, a session cookie such as PHPSESSID for contact form processing). These are strictly necessary for the service explicitly requested by the user and do not require consent.
The browser local storage entry cookieConsent is used only to remember the cookie notice acknowledgment and does not track user behavior.
International transfers
If service providers process data outside the EU/EEA, this is done only where permitted by law and with appropriate safeguards (for example, adequacy decisions or standard contractual clauses).
Retention periods
Contact inquiries: generally up to 24 months after final communication, unless longer retention is required by law.
Server logs: generally up to 14 days, unless longer storage is required to investigate security incidents.
Session/anti-spam data: temporary and deleted automatically after session expiry.
Obligation to provide data
The provision of personal data via the contact form is voluntary. However, if you do not provide the required information (name and email address), we will not be able to process your inquiry. There is no statutory or contractual obligation to provide data.
Automated decision-making
No automated decision-making or profiling within the meaning of Art. 22 GDPR takes place on this website.
Your rights
You have the right to request access (Art. 15 GDPR), rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction (Art. 18 GDPR), and data portability (Art. 20 GDPR).
You have the right to object to processing based on Art. 6(1)(f) GDPR at any time for reasons relating to your particular situation (Art. 21 GDPR). If processing is based on consent, you may withdraw consent at any time with effect for the future.
You have the right to lodge a complaint with a data protection supervisory authority, in particular in the EU member state of your residence, workplace, or the place of the alleged infringement. The competent supervisory authority for Bavaria is: Bayerisches Landesamt für Datenschutzaufsicht (BayLDA), Promenade 18, 91522 Ansbach, Germany.
To exercise your rights, contact: mirko@wagner-cyber.com.
Data protection officer
There is currently no legal obligation to appoint a data protection officer. If this changes, contact information will be published here.
Updates
We may update this policy to reflect legal, technical, or operational changes. The current version published on this page applies.
Last updated: 09 February 2026