Your Privacy Matters
Privacy Policy for petar.comLast updated: February 25, 2026
1. Data ControllerPetar Markovic Roonstr. 16 12203 Berlin, Germany Email: privacy@petar.com
2. Overview
This privacy policy explains how we collect, use, store, and protect your personal data when you visit petar.com ("the Website"). We are committed to protecting your privacy in accordance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
3. Data We Collect
3.1 Automatically Collected DataWhen you visit our Website, our hosting provider and analytics tools automatically collect certain technical data, including your IP address, browser type and version, operating system, referrer URL, pages visited, date and time of access, and time zone. The legal basis for this processing is Art. 6(1)(f) GDPR (legitimate interest in ensuring the security and functionality of the Website).
3.2 Contact FormWhen you submit a contact form, we collect your name, email address, and any additional information you provide in your message. This data is processed to respond to your inquiry. The legal basis is Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in responding to inquiries).
3.3 User AccountIf you create an account on our Website, we collect your name, email address, and any additional profile information you provide. The legal basis is Art. 6(1)(b) GDPR (performance of a contract).
3.4 Payment InformationWhen you make a purchase or booking, payment data is collected and processed by our payment providers Stripe and PayPal. We do not store your full credit card or bank details on our servers. The legal basis is Art. 6(1)(b) GDPR (performance of a contract).
3.5 Calendar BookingWhen you book a meeting or consultation through our calendar system (powered by Notion Calendar), we collect your name, email address, and any details you provide for the appointment. The legal basis is Art. 6(1)(b) GDPR (pre-contractual measures).
4. Cookies and Tracking TechnologiesOur Website uses cookies and similar technologies. Cookies are small text files stored on your device. We use the following types of cookies:Strictly necessary cookies are required for the Website to function and cannot be disabled. The legal basis is Art. 6(1)(f) GDPR.Analytics cookies help us understand how visitors interact with the Website. These are only set with your consent. The legal basis is Art. 6(1)(a) GDPR.You can manage your cookie preferences at any time through our cookie consent banner. You can also configure your browser to block or delete cookies, though this may affect the functionality of the Website.
5. Third-Party Services
5.1 Webflow (Hosting)Our Website is hosted on Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA. Webflow processes visitor data (including IP addresses) on our behalf. Data may be transferred to the United States. The transfer is safeguarded by EU Standard Contractual Clauses. For more information, see Webflow's Privacy Policy.
5.2 Google AnalyticsWe use Google Analytics, a web analytics service by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses cookies to analyze your use of the Website. We have enabled IP anonymization, so your IP address is truncated within the EU before being transmitted to Google. The legal basis is Art. 6(1)(a) GDPR (consent). You can opt out of Google Analytics by installing the Google Analytics Opt-Out Browser Add-on.
5.3 Google FontsOur Website uses Google Fonts provided by Google Ireland Limited. When you access the Website, your browser may load fonts from Google servers, which may transmit your IP address to Google. We aim to host fonts locally where possible to minimize data transfers. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in uniform presentation).
5.4 StripeFor payment processing, we use Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103, USA. Stripe processes payment data (such as credit card information, billing address, and transaction details) as an independent data controller. Data may be transferred to the United States under EU Standard Contractual Clauses. For more information, see Stripe's Privacy Policy.
5.5 PayPalWe also offer PayPal as a payment option. PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg, processes your payment data as an independent data controller. For more information, see PayPal's Privacy Policy.
5.6 Notion CalendarWe use Notion Calendar for scheduling appointments and consultations. Notion Labs, Inc., 2300 Harrison Street, San Francisco, CA 94110, USA, may process data you provide when booking (such as your name and email). Data may be transferred to the United States under EU Standard Contractual Clauses. For more information, see Notion's Privacy Policy.
5.7 YouTubeOur Website may embed videos from YouTube, operated by Google Ireland Limited. When you play an embedded video, YouTube sets cookies and may collect data about your usage behavior. We use the enhanced privacy mode ("youtube-nocookie.com") where possible. The legal basis is Art. 6(1)(a) GDPR (consent) or Art. 6(1)(f) GDPR (legitimate interest in multimedia content presentation).
5.8 Social Media PluginsOur Website may include plugins or links to social media platforms such as LinkedIn, Instagram, Twitter/X, or Facebook. If you interact with these plugins, data may be transferred to the respective platform operators. Social media plugins are only activated with your consent. The legal basis is Art. 6(1)(a) GDPR.
6. Data Transfers to Third CountriesSome of our third-party service providers are based in the United States or other countries outside the European Economic Area (EEA). We ensure that appropriate safeguards are in place, such as EU Standard Contractual Clauses (Art. 46(2)(c) GDPR) or adequacy decisions by the European Commission, before transferring personal data to these providers.
7. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes described in this policy or as required by law. Specifically:Contact form data is retained for the duration of the inquiry and up to 6 months afterward, unless a business relationship is established.Account data is retained for as long as your account is active and up to 30 days after deletion.Payment and invoice data is retained for the statutory retention period of 10 years under German commercial and tax law (§ 147 AO, § 257 HGB).Analytics data is anonymized or deleted after 14 months.8. Your RightsUnder the GDPR, you have the following rights regarding your personal data:Right of access (Art. 15 GDPR) — You may request information about the personal data we hold about you.Right to rectification (Art. 16 GDPR) — You may request the correction of inaccurate or incomplete data.Right to erasure (Art. 17 GDPR) — You may request the deletion of your personal data, subject to legal retention obligations.Right to restriction of processing (Art. 18 GDPR) — You may request that we restrict the processing of your data under certain circumstances.Right to data portability (Art. 20 GDPR) — You may request to receive your data in a structured, commonly used, and machine-readable format.Right to object (Art. 21 GDPR) — You may object to the processing of your data based on legitimate interests, including profiling. You also have the right to object to direct marketing at any time.Right to withdraw consent (Art. 7(3) GDPR) — Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of prior processing.To exercise any of these rights, please contact us at privacy@petar.com.9. Right to Lodge a ComplaintYou have the right to lodge a complaint with a supervisory authority. The competent authority for Berlin is:Berliner Beauftragte für Datenschutz und Informationsfreiheit Alt-Moabit 59-61 10555 Berlin, Germany Website: https://www.datenschutz-berlin.de10. Data SecurityWe use appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or alteration. These include SSL/TLS encryption for data in transit, access controls, and regular security reviews.11. Changes to This Privacy PolicyWe may update this privacy policy from time to time. The current version is always available at petar.com/privacy. We encourage you to review this page periodically.12. ContactIf you have any questions about this privacy policy or your personal data, please contact:Petar Markovic Roonstr. 16 12203 Berlin, Germany Email: privacy@petar.com
