AscentVestor Logo
AscentVestor
FeaturesPortfoliosHow it worksFAQGet in touch
Back to home

Privacy Policy

How we handle personal data on this website.

Last updated · May 24, 2026

1. Controller

Controller within the meaning of Art. 4 (7) GDPR is:
Dr. Andreas Unger
Gabelsbergerstr. 5
85080 Gaimersheim, Germany
E-Mail: [email protected]

2. Scope of this policy

This Privacy Policy applies to the public marketing website at ascentvestor.com. Processing of personal data inside the authenticated Platform (after invitation and account setup) is governed by a separate agreement provided as part of the onboarding.

3. What data we process and why

3.1 Contact form

When you submit our contact form, we process the name, email address, and message you provide. We use these data exclusively to respond to your request.

  • Legal basis: Art. 6 (1) (b) GDPR (pre-contractual measures) and Art. 6 (1) (f) GDPR (legitimate interest in responding to inquiries).
  • Storage: Submissions are stored in our Supabase backend (hosted in the EU, region eu-central-1, Frankfurt).
  • Retention: Up to 24 months after the last correspondence, unless longer retention is required by law.

3.2 Server logs

Our hosting provider automatically processes technical access data when you visit the site (IP address, timestamp, requested URL, referrer, user-agent). These data are used to operate, secure, and troubleshoot the service.

  • Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in a stable, secure website).
  • Retention: Typically up to 30 days, then deleted or anonymised.

3.3 Local browser storage

We store your theme preference (light/dark) in the browser’s local storage. This contains no personal data and is not transmitted to our servers. You can clear it at any time via your browser settings.

3.4 No tracking, no advertising cookies

This website does not use third-party analytics, advertising trackers, social-media plugins, or cookies for marketing purposes.

4. Recipients and processors

We use the following processors under data-processing agreements pursuant to Art. 28 GDPR:

  • Supabase (PostgreSQL backend and contact-form storage, EU region).
  • Hosting provider for serving this website (EU region).

Beyond that, personal data are not transferred to third parties unless we are legally required to do so.

5. International transfers

All processing described above takes place inside the European Union. We do not transfer personal data to third countries from this website.

6. Your rights

Under the GDPR you have the right to:

  • access your personal data (Art. 15 GDPR);
  • rectification of inaccurate data (Art. 16 GDPR);
  • erasure (Art. 17 GDPR), subject to statutory retention obligations;
  • restriction of processing (Art. 18 GDPR);
  • data portability (Art. 20 GDPR);
  • object to processing based on legitimate interests (Art. 21 GDPR);
  • withdraw any consent you have given (Art. 7 (3) GDPR);
  • lodge a complaint with a supervisory authority — in our case the Bavarian State Office for Data Protection Supervision (BayLDA).

To exercise any of these rights, please contact us at [email protected].

7. Security

We use TLS encryption for all transport, encrypted backend storage, and keep our systems updated. No method of transmission or storage is 100 % secure; we continuously improve our security measures as the threat landscape evolves.

8. Changes to this policy

We may update this Privacy Policy to reflect changes in our processing or in legal requirements. The current version applies as published on this page, with the “last updated” date shown above.