Privacy

Privacy Policy

The German version of this statement is the legally binding one.

As of: 04/2026 · Version 1.0

Note: This privacy policy describes the data processing carried out by Augmentoring (Continuous Growth GmbH) on augmentoring.com. Before productive use, we recommend a final legal review by a lawyer specialized in data protection.

1. Controller

The controller responsible for the processing of personal data within the meaning of the GDPR (DSGVO) is:

Continuous Growth GmbH
Stainz, Austria
Email: datenschutz@augmentoring.com

Augmentoring is a brand of Continuous Growth GmbH.

2. What data we process

We process personal data only when you actively get in touch with us — in particular via the initial-consultation form on our website.

2.1 Inquiry form (initial consultation)

  • Mandatory information: first and last name, at least one means of contact (email or phone number)
  • Business context: industry, company size, desired time horizon for using AI
  • Technical metadata: time of the inquiry, source page (referrer), user agent (browser/device), hashed IP address
  • Anti-spam signals: honeypot status, time taken to complete the form (for bot detection)

2.2 Appointment booking

As soon as you submit the form, we redirect you to the appointment booking. In doing so, your name, email address and, where applicable, phone number, as well as the business context, are transmitted to our scheduling service provider in order to pre-fill the booking process (see Section 4).

2.3 Server log files

When you access our website, technically necessary data (IP address, date/time, page accessed, referrer, user agent) is automatically recorded in log files by our hoster — to ensure operation and to defend against abusive access.

3. Purposes and legal bases

We process your data solely for the following purposes and on the following legal basis pursuant to the GDPR (DSGVO):

  • Processing your inquiry and arranging the initial consultation — Art. 6(1)(b) GDPR (pre-contractual measures).
  • Protection against spam and abuse (honeypot, completion time, IP hash, rate limit) — Art. 6(1)(f) GDPR (legitimate interest in an abuse-free web form).
  • Operation and security of the website (hosting log files) — Art. 6(1)(f) GDPR (legitimate interest in stable, secure operation).
  • Compliance with statutory retention obligations (e.g. UGB, BAO) — Art. 6(1)(c) GDPR.

4. Recipients of your data

We pass your data on only to the following processors, with whom we have concluded a data processing agreement pursuant to Art. 28 GDPR:

4.1 Scheduling service provider (Calendly)

Calendly LLC, 271 17th Street NW, Atlanta, GA 30363, USA — processes your name, your email address, your phone number where applicable, and the appointment you select, in order to arrange the initial consultation. Privacy notice: calendly.com/legal/privacy-notice.

4.2 Cloud infrastructure (Google Cloud)

Google Cloud EMEA Limited, 70 Sir John Rogerson’s Quay, Dublin 2, Ireland — we use Google Cloud (region europe-west3, Frankfurt am Main, Germany) to store your inquiry data in a Cloud-Function-based processing setup with a Firestore database. Privacy notice: cloud.google.com.

4.3 Hosting

This website is delivered via Firebase Hosting (Google Cloud EMEA Limited, 70 Sir John Rogerson’s Quay, Dublin 2, Ireland). Static content is delivered via Google’s global CDN. Privacy notice: cloud.google.com.

No transfer to other third parties takes place — unless we are legally obliged to do so (e.g. authorities, courts).

5. Transfer to third countries

Calendly LLC is based in the USA. The data transfer takes place on the basis of the EU-US Data Privacy Framework or the standard contractual clauses (Art. 46 GDPR). You may decline the appointment booking and contact us directly by email instead — in which case none of your data leaves the EU legal area.

6. Storage period

  • Inquiry data (from the form): up to 24 months from the last interaction, then automatic deletion. If you become a client/customer, the statutory retention obligations apply (generally 7 years under UGB/BAO).
  • Anti-spam counters (hashed IP, request counter): max. 1 hour, then automatic deletion.
  • Server log files: max. 14 days, then automatic deletion.
  • Appointment data at Calendly: according to Calendly’s own retention periods.

7. Cookies, localStorage and similar technologies

This website uses no tracking cookies and no third-party analytics.

We use exclusively technically necessary browser storage (localStorage and sessionStorage):

  • Session ID (sessionStorage) — links your entries in the initial-consultation form across the steps. Deleted when the browser is closed.
  • Form drafts (localStorage) — your partially entered answers, so that we can resume after an interruption. Can be deleted manually after submission or after the session ends.

You can delete this storage at any time in your browser settings.

8. Your rights as a data subject

Under the GDPR, you have the following rights vis-à-vis us:

  • Access (Art. 15 GDPR) to the data stored about you
  • Rectification (Art. 16 GDPR) of incorrect data
  • Erasure (Art. 17 GDPR) of your data — provided no statutory retention obligations stand in the way
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR) — you receive your data in a machine-readable format
  • Objection (Art. 21 GDPR) to processing based on legitimate interests
  • Withdrawal of consent given at any time with effect for the future

To exercise these rights, an informal message to datenschutz@augmentoring.com is sufficient.

Right to lodge a complaint

You also have the right to lodge a complaint with a supervisory authority. The competent authority is the Austrian Data Protection Authority (Österreichische Datenschutzbehörde), Barichgasse 40-42, 1030 Vienna — www.dsb.gv.at.

9. Hosting

This website is delivered via Firebase Hosting (Google Cloud). When it is accessed, technically necessary data (IP address, timestamp, page accessed, referrer, user agent) is automatically recorded and stored for a maximum of 14 days. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the secure operation of the website).

10. Data security

Your data is transmitted exclusively in encrypted form via HTTPS (TLS). Storage takes place in GDPR-compliant data centers in the EU. IP addresses are hashed (SHA-256) before being stored in our anti-spam logic, so that no inference about individual persons is possible.

11. Changes to this privacy policy

We update this privacy policy when processing activities or the legal situation change. You can always find the current version at augmentoring.com/datenschutz with the status indicated above.