Privacy Policy

1. Controller

Fiorik Family Office GmbH
Clemensstraße 7
44789 Bochum
Germany

Phone: +49 1791298941
Email: thorsten.podlech@fiorik.de

Represented by: Thorsten Podlech, Dennis Podlech
Commercial Register: District Court Bochum, HRB 19750
VAT ID: DE264139354

2. Data Protection Officer

For questions regarding data protection, you can contact our data protection officer:

Email: datenschutz@fiorik.de
Postal Address: Fiorik Family Office GmbH, Attn: Data Protection Officer, Clemensstraße 7, 44789 Bochum, Germany

3. General Information

The protection of your personal data is of great importance to us. We process your data exclusively on the basis of legal provisions (GDPR, German Telecommunications Act). This privacy policy informs you about the nature, scope and purpose of the processing of personal data.

4. Collection and Processing of Personal Data

4.1 Automatic Data Collection During Website Visits

When you visit our website, our servers automatically collect the following information:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which access was made (referrer URL)
  • Browser used and, if applicable, the operating system of your computer

Legal Basis: Art. 6 para. 1 lit. f GDPR (legitimate interests)
Purpose: Ensuring trouble-free connection establishment, system security and stability
Storage Period: 7 days

4.2 Contact

When contacting us via email, telephone or contact form, the data you provide will be stored in order to process your inquiries.

Legal Basis: Art. 6 para. 1 lit. f GDPR (legitimate interests) or Art. 6 para. 1 lit. b GDPR (contract initiation)
Purpose: Processing your inquiry and communication
Storage Period: Until complete processing of the inquiry, maximum 3 years

4.3 Client Relationship and Advisory Services

As part of our advisory services as a family office, we process various categories of personal data:

Data Processed:

  • Master data (name, address, date of birth, contact details)
  • Financial data (assets, income, investments)
  • Tax information
  • Family structures and relationships
  • Business information

Legal Basis: Art. 6 para. 1 lit. b GDPR (contract performance), Art. 6 para. 1 lit. c GDPR (legal obligation)
Purpose: Provision of family office services, wealth management, tax advisory
Storage Period: According to legal retention requirements (generally 10 years after contract termination)

5. Data Disclosure

Your data will only be transmitted to third parties in the following cases:

5.1 Service Providers

We may engage external service providers (e.g., IT services, tax advisors, lawyers). These are contractually obligated to process your data only on our behalf.

5.2 Legal Obligations

In case of legal obligation, data may be transmitted to authorities (e.g., tax authorities, law enforcement agencies).

5.3 Legitimate Interests

In exceptional cases to protect legitimate interests (e.g., legal defense).

6. Data Security

We use appropriate technical and organizational measures to protect your data:

  • SSL/TLS encryption for data transmission
  • Access controls and authorization concepts
  • Regular security updates
  • Data backups
  • Employee training

7. Your Rights

You have the following rights regarding your personal data:

7.1 Right of Access (Art. 15 GDPR)

You can request information about the personal data we process.

7.2 Right to Rectification (Art. 16 GDPR)

You can request the correction of incorrect or completion of incomplete data.

7.3 Right to Erasure (Art. 17 GDPR)

You can request the deletion of your data, provided there are no legal retention obligations.

7.4 Right to Restriction of Processing (Art. 18 GDPR)

You can request the restriction of processing of your data.

7.5 Right to Data Portability (Art. 20 GDPR)

You can request the transfer of your data in a structured format.

7.6 Right to Object (Art. 21 GDPR)

You can object to the processing of your data insofar as it is based on legitimate interests.

7.7 Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority.

Competent Supervisory Authority:
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
PO Box 20 04 44
40102 Düsseldorf, Germany
Tel.: +49 211/38424-0
Email: poststelle@ldi.nrw.de

8. Cookies and Online Tracking

8.1 Use of Cookies

Our website uses cookies. Cookies are small text files that are stored on your device.

Technically Necessary Cookies: These are required to provide the website.
Legal Basis: Art. 6 para. 1 lit. f GDPR

Analytics Cookies: These help us analyze the use of the website.
Legal Basis: Your consent (Art. 6 para. 1 lit. a GDPR)

You can deactivate cookies in your browser settings.

9. External Links

Our website may contain links to external websites. We assume no responsibility for their content and data protection practices.

10. Changes to the Privacy Policy

We reserve the right to adapt this privacy policy to accommodate changed legal situations or changes to our services. The current privacy policy is available on our website.

11. Confidentiality and Professional Secrecy

As a family office, we are subject to special confidentiality obligations. All employees are obligated to maintain professional secrecy.

12. International Data Transfers

12.1 Third Country Transfers

When providing our international services, personal data may be transferred to countries outside the European Economic Area (EEA). We ensure adequate protection through:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules
  • Certification schemes

12.2 Data Processing Outside the EEA

If we engage service providers outside the EEA, we ensure appropriate safeguards are in place and inform our clients accordingly.

13. Multi-Jurisdictional Compliance

13.1 Applicable Laws

Depending on your residence and the services provided, additional data protection laws may apply:

  • UK GDPR (for UK residents)
  • Swiss Federal Act on Data Protection (for Swiss residents)
  • State privacy laws (for US residents, e.g., CCPA, CPRA)

13.2 Additional Rights

Depending on applicable law, you may have additional rights such as:

  • Right to know about data sales (CCPA)
  • Right to opt-out of data sales
  • Right to non-discrimination

14. Cross-Border Wealth Management

14.1 Regulatory Reporting

In the context of international wealth management, we may be required to report information to various regulatory authorities under:

  • Common Reporting Standard (CRS)
  • Foreign Account Tax Compliance Act (FATCA)
  • Other bilateral tax agreements

14.2 Client Notification

We will inform you of any such reporting obligations during the onboarding process.

Last Updated: July 2025

Contact for Data Protection Inquiries:
Email: datenschutz@fiorik.de
Phone: +49 1791298941