Privacy Policy

1. Privacy at a Glance

General Information

The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data by which you can be personally identified.

Data Collection on This Website

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator:

Panagiotis Giannikakis · PG Psychological Consulting
(Address: see Imprint)
E-mail: giannikakis@giannikakis.com

How do we collect your data?

Your data is collected partly by you providing it to us — for example via direct email, the contact form, or by using the Calendly appointment booking service. Other data is collected automatically when you visit the website through our IT systems (technical data such as browser, operating system, time of page access). Font files are loaded exclusively from our own server — no external font services are contacted.

What do we use your data for?

Some data is collected to ensure the website functions correctly. Data submitted by email is used exclusively to process your enquiry. No analytics or user-behaviour tracking of any kind takes place on this website (no Google Analytics, no tracking pixels, no profiling).

What rights do you have regarding your data?

You have the right at any time to receive free information about the origin, recipients and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances.

2. Hosting

This website is hosted by Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin, Germany. When you visit this website, Strato collects various log files including your IP address.

The use of Strato is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the most reliable presentation of our website.

3. General Information and Mandatory Details

Data Protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.

Note on the Responsible Party

The responsible party for data processing on this website is:
Panagiotis Giannikakis · (Address: see Imprint)
E-mail: giannikakis@giannikakis.com

Retention Period

Unless a more specific retention period has been stated within this privacy policy, your personal data will remain with us until the purpose for which it was collected no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing it.

Revocation of your Consent to Data Processing

Many data processing operations are only possible with your explicit consent. You can revoke consent you have already given at any time. The lawfulness of data processing carried out before the revocation remains unaffected by the revocation.

Right to Lodge a Complaint with the Supervisory Authority

In the event of breaches of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority. The competent supervisory authority in North Rhine-Westphalia is:
www.ldi.nrw.de

Right to Data Portability

You have the right to have data which we process based on your consent or in fulfilment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format.

4. Data Collection on This Website

Cookies and Local Storage

This website sets no cookies of its own. Neither tracking nor marketing cookies are used. External services (e.g. Calendly) may set cookies when accessed — these are subject to the privacy policies of the respective providers.

To store your display preference (light/dark mode), an entry is saved in your browser's local storage (localStorage) under the key pgc-dark. This entry contains only the value true or false and holds no personal data. You can delete it at any time via your browser's developer tools. Access to local storage is based on § 25(2)(2) TTDSG (technically necessary to implement the display preference chosen by the user); subsequent processing is governed by Art. 6(1)(f) GDPR (legitimate interest in a user-friendly display).

Contact Form

This website provides a contact form. When you use it, the data you enter (first name, last name, email address, subject and message content) together with your privacy consent is transmitted to our web server and processed there.

Transmission is encrypted (HTTPS). The data is processed server-side via a PHP script and forwarded exclusively by email to the operator. No form data is stored permanently in a database. You will also receive an automatic acknowledgement to the email address you provided.

The legal basis is Art. 6(1)(b) GDPR (initiation of a contractual relationship) and Art. 6(1)(a) GDPR (your explicit consent via the privacy checkbox). Your data is used solely to process your enquiry and is not passed on to third parties.

Email Contact

If you contact us by email, your details (at minimum your email address and the content of your message) will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.

The processing is based on Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in responding to enquiries). Emails are generally deleted within 6 months of the matter being concluded, unless statutory retention obligations apply. Commercially relevant correspondence may be retained for up to 6 years in accordance with applicable law.

Appointment Booking via Calendly

For booking consultations, we use the service Calendly (Calendly LLC, 271 17th St NW, Suite 1000, Atlanta, GA 30363, USA). When using Calendly, the data you enter (name, email address) is transmitted to and stored by Calendly. Calendly is based in the USA — the transfer to the USA is safeguarded by EU Standard Contractual Clauses (Art. 46(2)(c) GDPR). A data processing agreement (DPA) in accordance with Art. 28 GDPR is in place with Calendly. The legal basis for processing is Art. 6(1)(b) GDPR (initiation of a contractual relationship). For further information, please see Calendly's privacy policy: calendly.com/privacy.

Self-Hosted Fonts

This website uses the typefaces Inter and Playfair Display, stored as local files on our own web server (Strato AG). When a page loads, the font files are transferred exclusively from our own server — no connection to Google servers or any other external font service takes place. No personal data is transmitted to third parties in this process.

GSAP Animation Library (Cloudflare CDN)

To display page animations, this website loads the JavaScript library GSAP from the servers of Cloudflare, Inc. (101 Townsend St, San Francisco, CA 94107, USA) via the CDN service cdnjs.cloudflare.com. When the library is loaded, your IP address is transmitted to Cloudflare servers, which may also be located outside the EU (third-country transfer pursuant to Art. 44 ff. GDPR, safeguarded by EU Standard Contractual Clauses).

The legal basis is Art. 6(1)(f) GDPR (legitimate interest in a technically reliable and performant website). The library is used exclusively for visual animations; no further data processing by GSAP or Cloudflare takes place. For further information, please see Cloudflare's Privacy Policy.

External Links to Social Networks

This website contains links to external profiles on social networks. These are simple hyperlinks — no social media plugins or tracking scripts from these providers are embedded on our pages. Data is only transferred to the networks when you actively click a link.

• LinkedIn (LinkedIn Ireland Unlimited Company): LinkedIn Privacy Policy
• Instagram (Meta Platforms Ireland Limited): Meta/Instagram Privacy Policy
• MindFi (MindFi Pte. Ltd.): MindFi privacy terms apply upon visiting.
• Calendly (Calendly LLC, USA): Calendly Privacy Policy

5. Your Rights

You have the following rights with regard to your personal data:

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to object to processing (Art. 21 GDPR)
• Right to data portability (Art. 20 GDPR)

To exercise your rights, please contact: giannikakis@giannikakis.com

Last updated: May 2026