Privacy Policy (Datenschutzerklärung)

1. Data Protection at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can personally identify you.

Data Collection on This Website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find their contact details in the "Controller" section of this privacy policy.

How do we collect your data?

Your data is collected when you provide it to us (e.g., in contact forms or when creating an account). Other data is collected automatically by our IT systems when you visit the website.

What do we use your data for?

Some data is collected to ensure the proper functioning of the website. Other data may be used to analyze your user behavior and improve our services.

2. Controller and Data Protection Officer

Controller (Verantwortlicher):

Guiding Ventures

Full contact details (name, postal address, phone) are available in our Site Notice (Impressum).

Email for data protection inquiries: admin@guidingventures.com

3. General Information and Mandatory Information

Legal Basis for Data Processing

We process your personal data based on:

  • Art. 6(1)(a) GDPR: Consent
  • Art. 6(1)(b) GDPR: Contract performance
  • Art. 6(1)(c) GDPR: Legal obligation
  • Art. 6(1)(f) GDPR: Legitimate interests

Data Storage Duration

Unless specified otherwise in this privacy policy, your data will be stored until the purpose for processing no longer applies. If you submit a legitimate deletion request or revoke consent, your data will be deleted unless we have other legally permissible reasons for storing your personal data.

Your Rights

You have the right to:

  • Information: Request information about your stored personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data ("right to be forgotten")
  • Restriction: Request restriction of data processing
  • Data portability: Receive your data in a structured format
  • Objection: Object to data processing based on legitimate interest
  • Complaint: Lodge a complaint with a supervisory authority. The competent authority for our location is the Berliner Beauftragte für Datenschutz und Informationsfreiheit (BlnBDI), Friedrichstr. 219, 10969 Berlin — www.datenschutz-berlin.de
  • Withdraw consent: Withdraw your consent at any time for future processing

4. Data Collection on This Website

Website Hosting (Vercel)

This website is hosted by Vercel Inc., 440 N Barranca Ave #4133, Covina, CA 91723, USA. Vercel automatically processes server log data (IP address, browser type, referring URL, timestamp) to ensure technical operation and security.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure and stable website operation).

Data transfers to the USA are covered by Vercel's participation in the EU-US Data Privacy Framework and Standard Contractual Clauses. Vercel privacy policy: https://vercel.com/legal/privacy-policy

Server Log Files

The hosting provider automatically collects and stores information in server log files:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in ensuring system security and website stability)

This data is not merged with other data sources. Log data is retained only as long as necessary for security and operations.

Contact Form & Email

If you contact us via contact form or email, your data (name, email, message content) will be stored for processing your inquiry.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in responding to inquiries)

Data is deleted when your inquiry is fully processed and no legal obligations require further storage.

User Registration & Accounts

When you create an account, we collect your name, email address, and profile information.

Legal basis: Art. 6(1)(b) GDPR (contract performance)

Storage duration: Until you delete your account or request deletion. We may retain certain data longer if required by law.

Purpose: To provide job application services, track your applications, and communicate with potential employers.

Database & Authentication (Supabase)

We use Supabase to store and manage user accounts, job applications, saved jobs, and profile data. Supabase also handles authentication (registration and login).

Provider: Supabase Inc. Data is stored on AWS infrastructure in the EU (Frankfurt, eu-central-1 region), within the European Economic Area.

Legal basis: Art. 6(1)(b) GDPR (contract performance); Art. 28 GDPR data processing agreement in place.

Supabase privacy policy: https://supabase.com/privacy

Job Applications

When you apply for jobs through our platform, your application data (CV, cover letter, profile) is transmitted to the employer.

Legal basis: Art. 6(1)(b) GDPR and Art. 88 GDPR in conjunction with § 26 BDSG (employment relationship processing)

Application data is stored only as long as necessary to provide the service and meet legal requirements.

Cookies & Local Storage

Our website uses browser local storage to save your preferences and session data (e.g., login status, application tracking).

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in providing functionality)

You can clear local storage data at any time through your browser settings.

5. Third-Party Services & External Links

External Job Applications (Applicant Tracking Systems)

Our platform aggregates job listings from external companies. When you click "Apply" on certain job listings, you may be redirected to a third-party website (such as Greenhouse, Lever, or the employer's own career page).

Data Collection: We do not collect, process, or store the application data (CV, cover letter, personal details) that you submit on these external websites.

Privacy Policies: The processing of your data on these external sites is governed by the privacy policies of the respective employers and their Applicant Tracking System (ATS) providers. We recommend reviewing their privacy policies before submitting your application.

AI Services (Google Gemini)

We use Google Gemini AI to help optimize your profile and application materials. When you use this feature, your profile data is sent to Google's servers.

Legal basis: Art. 6(1)(a) GDPR (consent when using the feature)

Data processor: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Google's privacy policy: https://policies.google.com/privacy

Consent Management (Usercentrics CMP)

We use Usercentrics as a consent management platform (CMP) to ask for and store your consent choices for optional technologies (for example, analytics).

Legal basis: Art. 6(1)(c) GDPR (legal obligation to manage consent) and Art. 6(1)(f) GDPR (legitimate interest in documenting and managing consent).

You can change your settings anytime via the “Cookie Settings” link in the website footer.

Analytics (Google Analytics 4)

If you consent, we use Google Analytics 4 (GA4) to understand how visitors use the site (e.g., pages viewed, interactions, approximate location, device/browser information).

GA4 is loaded only after consent through our CMP.

Legal basis: Art. 6(1)(a) GDPR (consent). You can withdraw consent at any time via “Cookie Settings”.

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (or affiliated entities).

Google's privacy policy: https://policies.google.com/privacy

6. International Data Transfers

Some of our service providers are located outside the European Economic Area (EEA). When data is transferred to these countries, we ensure adequate protection through:

  • EU Standard Contractual Clauses
  • Adequacy decisions by the EU Commission
  • Other appropriate safeguards where required

7. Data Security

We use appropriate technical and organizational measures to protect your data against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons. Our security measures are continuously improved in line with technological developments.

Last updated: February 22, 2026