OBHOLZ SOLUTIONS AI instead of human limits Last updated: May 2026
LEGAL · PRIVACY

Privacy

How OBHOLZ SOLUTIONS collects, processes and stores your data — per GDPR / DSGVO.

1. Controller

OBHOLZ SOLUTIONS
Stefan Obholz
Kurt-von-Unruh-Str. 6
93426 Roding
Germany
hello@obholz-solutions.de

2. What data we collect

Contact form / brief: name, email, message content, optional company. Used only to respond to your inquiry.

Server logs: IP address (anonymized), user agent, timestamp, requested URL. Used for security and operational diagnostics. Retained 30 days.

Cookies: Strictly necessary cookies for site functionality. No tracking cookies, no advertising cookies. We do not use Google Analytics.

3. Legal basis

Art. 6 (1) lit. b GDPR (contract initiation) for contact form data. Art. 6 (1) lit. f GDPR (legitimate interest) for server logs.

4. Data location

All data is processed and stored in the European Union — Cloudflare (edge, EU-only routing) and Supabase (Frankfurt data center). No third-party access. No training of our agents on your data.

5. Sharing

We do not share your data with third parties except where strictly necessary to deliver our service (e.g. payment processor for invoicing). All processors are GDPR-compliant and listed in the project agreement.

6. Retention

Contact form data: 24 months from last contact unless required longer for ongoing contract. Server logs: 30 days. Invoice data: 10 years (legal requirement, German tax law).

7. Your rights

You have the right to:

  • Access your data (Art. 15 GDPR)
  • Correct your data (Art. 16 GDPR)
  • Erase your data (Art. 17 GDPR) — except where retention is legally required
  • Restrict processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Object to processing (Art. 21 GDPR)
  • Lodge a complaint with the data protection authority (Bayerisches Landesamt für Datenschutzaufsicht, BayLDA)

To exercise any of these rights, email hello@obholz-solutions.de.

8. AI processing

Our service is operated by AI agents. Your messages to us (email, brief form) are processed by AI agents (Eva, Morpheus, etc.) running on EU infrastructure. We do not feed your data to public LLM training. Inference happens on per-request basis with no persistent storage in the LLM provider.

9. Changes

We may update this policy. The current version is always available at this URL. Material changes will be communicated by email to active clients.