Written in plain language. The legally binding German version sits behind a link at the bottom. If you only have two minutes, read the summary below — it covers 95% of what you came for.
The controller for personal data processed via this website (per Art. 4 (7) GDPR) is:
Remote Native GmbH · Joergstr. 29, 80689 München, Germany · privacy@remote-native.com. Full company details on the Imprint page.
Where required under Art. 37 GDPR, our Data Protection Officer can be reached at:
dpo@remote-native.com · Mail: c/o Remote Native GmbH, Joergstr. 29, 80689 München. Please write "DPO" in the subject line for routing.
We try hard to collect as little as possible. Concretely:
Server logs at our EU host (Hetzner, Frankfurt) capture IP address (truncated to /24 within 24 hours), timestamp, requested URL, response code, referrer, and user-agent. These logs exist for security and abuse prevention. Retention: 14 days, then irreversible deletion.
The 12-question diagnostic runs entirely in your browser. Answers are kept in localStorage while you're on the page. Nothing leaves your device until you press "Send me my result", at which point we collect: email, first name, your 12 answers, and a derived score across 6 dimensions.
A two-field form: email + first name. The PDF is sent by email. No tracking pixel in the PDF. We do not silently re-send.
Whatever you put in the email. We answer from a human inbox (Fastmail, EU). Retained per § 257 HGB / § 147 AO when commercially relevant; otherwise deleted after 12 months.
Each type of processing has a named purpose, a legal basis under GDPR Art. 6 (1), and a retention period. The register below is the operative version — if you want it as a PDF, email dpo@remote-native.com.
| Activity | Purpose | Legal basis | Retention |
|---|---|---|---|
| Server logs | Security, abuse prevention, debugging | Art. 6 (1) f Legitimate interest | 14 days |
| Diagnostic submission | Send personal result & benchmark | Art. 6 (1) b Pre-contractual measure | 24 months, then anonymized |
| Ebook delivery | Deliver PDF & (opt-in) follow-up | Art. 6 (1) a Consent | Until withdrawn |
| Sales correspondence | Reply, scope, contract | Art. 6 (1) b Contract / pre-contractual | 6 yrs (§ 257 HGB) |
| Invoicing | Tax & commercial obligation | Art. 6 (1) c Legal obligation | 10 yrs (§ 147 AO) |
| Newsletter (none currently) | — | N/A | — |
We do not sell, rent, or trade personal data. We do not use it for advertising or third-party profiling. We do not perform any automated decision-making with legal effect under Art. 22 GDPR.
Where we use third parties to process data on our behalf, we operate them under a Data Processing Agreement per Art. 28 GDPR. Current list:
| Processor | What for | Location | Transfer mechanism |
|---|---|---|---|
| Hetzner Online GmbH | Web hosting, logs, ebook delivery | Falkenstein / Nürnberg, DE | EU only |
| Fastmail Pty Ltd | Email inbox (hello@, privacy@, dpo@) | EU servers (NL) | EU only |
| Stripe Payments Europe Ltd | Founders' Copy purchase only | Dublin, IE | EU only |
| HubSpot CRM | Engagement pipeline notes | Frankfurt, DE (EU data residency) | EU residency |
| OpenAI / Anthropic | Engagement work only · zero-retention APIs · no website data | US | SCC + DPA |
If we add a sub-processor, we update this page before data flows to them. The diff is dated below at § 09.
We use no advertising cookies, no analytics cookies, and no third-party cookies of any kind. Three things are stored on your device:
rn-theme · localStorage · stores your light/dark/auto preference. First-party, no expiry, no PII. Strictly necessary for UI — no consent required.rn-diag-draft · localStorage · stores diagnostic answers in progress so a refresh doesn't lose them. Cleared on submit. First-party.rn-consent · localStorage · records your cookie / consent choices. Without it we'd have to ask every visit.You can clear all of the above by clearing site data in your browser. Nothing on this site requires cookies to function.
Each category has a defined retention period (see § 03 for the register). Outside the statutory minimums (commercial 6 years, tax 10 years), we delete on the shortest reasonable horizon. After retention, we either delete or irreversibly anonymize. Anonymized statistics may be retained for trend analysis (median diagnostic scores per industry, etc.) but cannot be re-identified.
You have the following rights regarding any personal data we hold about you. To exercise any of them, email privacy@remote-native.com — we respond within one month (Art. 12 (3) GDPR), usually inside a week.
Get a copy of what we hold about you, the purposes of processing, recipients, and retention.
Correct anything inaccurate or incomplete.
"The right to be forgotten" — subject to statutory retention (tax, commercial).
Tell us to pause processing while a dispute is resolved.
Receive your data in a machine-readable format (JSON, on request).
Object to processing based on legitimate interest. We'll stop unless we can demonstrate compelling grounds.
Where processing is based on consent (e.g. ebook follow-up), withdraw it any time. No reason needed.
Lodge a complaint with a supervisory authority — see § 08 below for ours.
For any privacy matter, write to privacy@remote-native.com. For matters directed to the DPO specifically: dpo@remote-native.com.
You also have the right to complain to a supervisory authority. The competent supervisor for our registered office is:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA) · Promenade 18, 91522 Ansbach · lda.bayern.de · You may also complain to the supervisor of your habitual residence or place of work.
This page is updated when our processing changes. The German version is the legally binding version; the English version is provided for convenience. Material changes are flagged on the homepage for 30 days.
Last updated · 14 Jan 2026 · v3.2 · DE binding · See imprint