Effective Date: October 24, 2025
Controller: Oak Security GmbH, Leopoldstr. 31, 80802 Munich, Germany
Email: info@oaksecurity.io
Data Protection Officer (DPO): Not appointed.
Oak Security GmbH (“Oak Security,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Notice explains how we collect, use, disclose, and safeguard personal data when you use our website, contact us, request a quote, or schedule a meeting via our website. This Privacy Notice applies globally to all users, and we comply with the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA/CPRA), and other applicable privacy laws.
Personal Data We Collect
When you voluntarily submit information via our contact form or meeting scheduling tool, we may collect:
First and last name
Email address
Project name, URL, and related project details
Message or description of your inquiry
Company or entity name and signer’ (if requesting an NDA)
Meeting date, time, and notes you provide (if scheduling a meeting via Google Calendar)
We do not intentionally collect sensitive personal data. Providing personal data is voluntary, but necessary to respond to your inquiry.
How We Collect Personal Data
Directly from you when you complete the contact form, email us, or schedule a meeting.
Automatically through technical systems used to host and transmit your request (Framer and Google integrations).
We do not use third-party analytics or marketing tracking tools beyond the included anonymized tracker by Framer and what is strictly necessary to operate our website.
Purposes of Processing and Legal Basis
We process your personal data for the following purposes:
Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of prior processing.
Data Sharing and Processors
We do not sell personal data. We share personal data only as needed with:
All processors act on our documented instructions under a data processing agreement and implement appropriate security.
International Data Transfers
Personal data may be processed outside the EEA/UK by our providers (e.g., Google). Transfers are safeguarded by the European Commission Standard Contractual Clauses and, where applicable, participation in the EU-US Data Privacy Framework and additional technical/organizational measures. Framer may host certain website content through globally distributed infrastructure. Google LLC may store and process data on servers outside the European Economic Area.
Data Retention
Personal data is retained only as long as necessary:
You may request earlier deletion unless retention is legally required.
Security Measures
We apply appropriate technical and organizational security measures to protect your personal data, including encrypted transmission (TLS), restricted internal access, and secure hosting by Framer and Google Workspace.
Your Rights (EU/UK)
You have the right to access, rectify, erase, restrict processing, object (including to processing based on legitimate interests), and data portability, and to withdraw consent where applicable. Contact: info@oaksecurity.io. You also have the right to lodge a complaint with a supervisory authority.
Your Rights (California Residents)
Notice at Collection—Categories we collect: Identifiers (name, email), Commercial information (project details you submit), Internet/technical information limited to essential operation (strictly necessary cookies), Professional or employment-related information you include (e.g., company).
Sources: directly from you; our service providers (Framer/Google) for transmission/hosting.
Purposes: to respond to your request, schedule meetings, perform record-keeping and compliance.
Retention: identifiers and project/scheduling data for active communication + 12 months, or longer if required by law/contract; criteria include statutory periods and limitation periods for legal claims.
Sale/Sharing: we do not sell or share personal information as defined by CPRA, and we do not use or disclose sensitive personal information.
Rights: access, deletion, correction, to know, and to non-discrimination. Submit requests to info@oaksecurity.io.
Verification/Authorized Agents: we will verify your request (e.g., by matching email identity) and accept authorized-agent requests with proof of authorization and your verified request.
Minors: we do not knowingly sell or share data of consumers under 16.
Cookies and Tracking Technologies
We do not use analytics, advertising, or marketing cookies. Our site may use strictly necessary technical cookies required for secure operation by Framer and for Google meeting scheduling. These are essential and not used for tracking behavior.
Meeting Scheduling via Google Calendar
If you choose to schedule a meeting, your name, email, meeting time, and any notes will be processed by Google Calendar in accordance with Google’s Privacy Policy. Oak Security only receives the information necessary to conduct the meeting.
Children’s Data
Our services are not directed to children, and we do not knowingly collect personal data from children.
Required or Optional Data
Providing contact and project details is optional but necessary for us to respond, provide a quote, or schedule a meeting. If you do not provide it, we may be unable to process your request.
No Automated Decision-Making
We do not use automated decision-making or profiling.
Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority.
Our competent authority is:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 27, 91522 Ansbach, Germany
Contact Information
Oak Security GmbH
Leopoldstr. 31, 80802 Munich, Germany
Email: info@oaksecurity.io
Changes to This Privacy Notice
We may update this Privacy Notice from time to time. The effective date at the top will be updated accordingly. Continued use of our website after any changes indicates your acceptance of the updated terms.
Thank you for trusting Oak Security GmbH. Your privacy is important to us, and we are committed to protecting your personal data responsibly and transparently.
