• Contact us: office@woods.consulting
Book a meeting
Privacy Policy — WOODS Business Solutions
Last updated: May 2026

Privacy Policy.

Thank you for your interest in our services. The protection of your personal data is important to us. The following information explains how we process your personal data when you visit this website and use our services, in each case in accordance with the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

§ 1Data Controller

The controller within the meaning of Art. 4(7) GDPR is:

Zachary Woods
WOODS Business Solutions
John-Skilton Straße 22, 1st Floor
97074 Würzburg, Germany

Phone: +49 (0) 931 8709 89 77
Email: info@woods.consulting

§ 2Data Protection Officer

Due to the size and scope of our sole proprietorship, there is no statutory obligation to appoint a data protection officer under Art. 37 GDPR in conjunction with § 38 BDSG. Please direct any data protection inquiries to the contact address listed in the Legal Notice.

§ 3General Information on Data Processing

(1) As a matter of principle, we process our users' personal data only to the extent necessary to provide a functional website together with our content and services. Processing is regularly carried out only with the user's consent (Art. 6(1)(a) GDPR), or where the processing is necessary for the initiation or performance of a contract (Art. 6(1)(b) GDPR), for compliance with a legal obligation (Art. 6(1)(c) GDPR), or to safeguard legitimate interests (Art. 6(1)(f) GDPR).

(2) Personal data is deleted as soon as the purpose for which it was stored no longer applies. Storage beyond this point only takes place where required by European or national law (e.g. retention periods under commercial or tax law).

§ 4Website Provision (Hosting)

(1) This website is provided via GitHub Pages, a service of GitHub, Inc., 88 Colin P. Kelly Jr. Street, San Francisco, CA 94107, USA. When the website is accessed, technically necessary data (in particular IP address, date and time of the request, amount of data transmitted, referrer URL, browser and device information) is recorded by GitHub in server log files.

(2) This processing is carried out on the basis of our legitimate interest in the technically faultless and secure provision of the website (Art. 6(1)(f) GDPR).

(3) GitHub processes data partly in the USA. Transfers to third countries take place on the basis of the European Commission's Standard Contractual Clauses (Art. 46(2)(c) GDPR) and on the basis of the EU-US Data Privacy Framework, to which GitHub adheres. Further information on data processing by GitHub: GitHub Privacy Statement.

§ 5Cookies and Similar Technologies

We currently do not set any cookies on this website that capture user behavior or are used for marketing or analytics purposes. Only technically necessary functions are used.

§ 6Fonts

The fonts used on this website ("Cubron Grotesk" and "Inter") are served locally from the same server that provides the website (self-hosted). When the website is accessed, no connection is made to external font providers such as Google Fonts. In particular, your IP address is not transmitted to third parties for the purpose of delivering fonts.

§ 7Contact

(1) When you contact us — for example by email, by phone, or via a contact form provided on this website — the data you provide is processed in order to respond to your inquiry and, where applicable, to initiate a business relationship. In particular, the following categories of personal data are processed:

Data categoryExamples
Identification dataFirst name, last name, company
Contact dataEmail address, phone number
Content dataYour message and any other voluntary information
MetadataDate and time of the inquiry

(2) The legal basis for the processing is Art. 6(1)(b) GDPR insofar as your inquiry is directed at the conclusion of a contract or serves the performance of pre-contractual measures; otherwise our legitimate interest in responding to your inquiry (Art. 6(1)(f) GDPR).

(3) Your data is used exclusively to process your inquiry and is deleted as soon as the purpose for which it was stored no longer applies — at the latest, however, on expiry of any statutory retention obligations.

§ 8Data Processing in Connection with Contract Performance

(1) When a contract is concluded for our consulting and implementation services (in particular in the areas of Microsoft Dynamics 365, Power Platform, and cloud technologies), we process your data in order to perform the contractual services. This includes in particular:

  • Project communication and scheduling
  • Design, development, and implementation of the agreed solutions
  • Maintenance, support, and further development of implemented systems
  • Invoicing and receivables management

(2) The legal basis is Art. 6(1)(b) GDPR (contract performance) and, insofar as necessary for invoicing and accounting, Art. 6(1)(c) GDPR in conjunction with retention obligations under commercial and tax law.

(3) Insofar as we engage service providers for this purpose (in particular Microsoft as the provider of the underlying cloud platforms, hosting providers, and communication providers), we conclude data processing agreements with them pursuant to Art. 28 GDPR where required. Any further transfer to third parties does not take place unless we are legally obliged to do so or you have given your express consent.

§ 9Processing on Behalf of the Customer

Where, in the course of our consulting and implementation services, we access systems on your behalf in which personal data of your employees, customers, or other data subjects is processed (e.g. Dynamics 365, Power Platform, or Microsoft 365 environments), we conclude a separate data processing agreement (DPA) with you pursuant to Art. 28 GDPR. We undertake to process this data exclusively on the basis of your instructions and within the scope of the respective project assignment, and not to use it for our own purposes.

§ 10Retention Period

(1) Personal data is stored for the duration of contract performance and to comply with statutory retention obligations. In particular, the following apply:

Contract and accounting data (§ 257 HGB / § 147 AO)
10 years
Other contact data — until termination of the contractual relationship plus statutory limitation periods
typically 3 years
Data from contact inquiries that do not lead to a contract
until purpose fulfilled

(2) Server log data from GitHub Pages is deleted automatically in accordance with the provider's policies.

§ 11Your Rights as a Data Subject

You have the following rights vis-à-vis us with regard to the personal data concerning you:

  • Right of accessArt. 15 GDPR
  • Right to rectificationArt. 16 GDPR — inaccurate or incomplete data
  • Right to erasureArt. 17 GDPR — "right to be forgotten"
  • Right to restriction of processingArt. 18 GDPR
  • Right to data portabilityArt. 20 GDPR
  • Right to objectArt. 21 GDPR — to the processing of your data
  • Withdrawal of consentArt. 7(3) GDPR — with effect for the future

An informal message to the contact address listed in the Legal Notice is sufficient to exercise your rights.

§ 12Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right under Art. 77 GDPR to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement. The supervisory authority competent for our place of business is:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach, Germany
Phone: +49 (0) 981 180093-0
Email: poststelle@lda.bayern.de
Web: www.lda.bayern.de

§ 13Security of Processing

We take appropriate technical and organizational measures to protect your personal data against accidental or intentional manipulation, partial or complete loss, destruction, and unauthorized third-party access. In particular, data transmission on this website is encrypted using TLS. Our security measures are continuously improved in line with technological developments.

§ 14Amendments to this Privacy Policy

This privacy policy is current as of May 2026. As our website and offerings evolve, or as a result of changes to legal or regulatory requirements, it may become necessary to amend this privacy policy. The current version of the privacy policy can be accessed and printed at any time at https://woods.consulting/datenschutz.