Privacy Policy

As of: June 2026 · In accordance with GDPR, TDDDG and DDG

1. Controller (Art. 4 No. 7 GDPR)

Mohammad Danyal Shahzad
Digital Marketing Remote · Sole proprietorship
The Cube Plaza (2nd Floor), Nishtar Block, Bahria Town, Lahore, Iqbal Town, Pakistan
Email: support@digitalmarketingremote.com
WhatsApp: +92 321 7509379
Business hours: Mon–Fri 9:00–17:00 German time

2. Hosting (Art. 28 GDPR)

This website is hosted by Vercel Inc., 440 N Barranca Ave #4133, Covina, CA 91723, USA. When the website is accessed, Vercel processes technically necessary data (IP address, date and time, page accessed, browser type) in server logs. Vercel is certified under the EU-U.S. Data Privacy Framework (DPF); Standard Contractual Clauses (SCC) are additionally in place. A data-processing agreement pursuant to Art. 28 GDPR has been concluded. Log retention: max. 30 days. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure and stable operation of the website).

3. Cookies, consent & local storage (§ 25 TDDDG, Art. 6(1)(a), Art. 7 GDPR)

Technically necessary: We store your cookie choice in your browser's local storage (localStorage, key "dc"). This is required to implement your choice and does not require consent (§ 25(2) TDDDG).
Analytics & marketing: All analytics and marketing tools (see sections 4–7) load only after your active consent via the cookie banner. Without consent, no tracking takes place.
Withdrawal: You can withdraw your consent at any time with effect for the future — via the "Cookie settings" link in the website footer (Art. 7(3) GDPR).

4. Google Tag Manager & Google Analytics 4 (Art. 6(1)(a) GDPR)

Provider: Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland; data transfer to Google LLC (USA) on the basis of the EU-U.S. Data Privacy Framework. With consent, the following are collected: page views, interactions, approximate location (city level), device information. We use Google Consent Mode v2; without consent, no analytics cookies are set. Retention: 14 months. Opt-out additionally via tools.google.com/dlpage/gaoptout.

5. Google Ads conversion tracking (Art. 6(1)(a) GDPR)

With consent, we use Google Ads to measure whether visitors reach the website via our ads and submit inquiries. Provider and third-country transfer as in section 4. Conversion-cookie retention: up to 90 days.

6. Meta Pixel (Art. 6(1)(a) GDPR)

Provider: Meta Platforms Ireland Ltd., Merrion Road, Dublin 4, Ireland; transfer to Meta Platforms Inc. (USA) on the basis of the DPF. Pixel ID: 957297367335870. With consent, visits and interactions are recorded to measure and optimise our advertising campaigns. Retention: until withdrawal. Ad settings: facebook.com/ads/preferences.

7. Microsoft Clarity (Art. 6(1)(a) GDPR)

Provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA (DPF-certified). With consent, anonymised session recordings and heatmaps are created to improve usability. Input in form fields is masked. Retention: 30 days.

8. Contact forms (Art. 6(1)(b) GDPR)

Inquiries via our forms are processed through Google Apps Script and delivered to us by email (Gmail); you receive an automatic acknowledgement of receipt. Provider: Google Ireland Ltd. / Google LLC (USA, DPF-certified). Data processed: name, email address, phone number, and where applicable company and message text. Purpose: handling your inquiry and initiating a contractual relationship. Retention: until your inquiry is fully handled, max. 12 months, unless statutory retention obligations apply.

9. Appointment booking via Calendly (Art. 6(1)(b) GDPR)

For consultation appointments we link to Calendly LLC, 1315 Peachtree St NE, Atlanta, GA 30309, USA (DPF-certified). When you book, Calendly processes your name, email address and appointment data. Privacy notice: calendly.com/privacy. Retention: up to 12 months after the appointment.

10. WhatsApp communication (Art. 6(1)(b) GDPR)

If you contact us via WhatsApp, WhatsApp Ireland Ltd. (Meta) processes your phone number and message content in accordance with its own privacy policy. We use WhatsApp solely for business communication on your initiative. Retention on our side: until project end + 12 months.

11. Data transfer to third countries (Chapter V GDPR)

Where data is transferred to providers in the USA (Vercel, Google, Meta, Microsoft, Calendly), this takes place on the basis of the EU Commission's adequacy decision on the EU-U.S. Data Privacy Framework and supplementary Standard Contractual Clauses. As a controller based in Pakistan, we also process inquiry data in Pakistan; for this we take appropriate safeguards pursuant to Art. 46 GDPR (contractual protective measures) and limit processing to what is necessary for initiating and performing the contract.

12. Retention periods at a glance (Art. 5(1)(e) GDPR)

Data typeRetention
Server logs (Vercel)max. 30 days
Analytics data (GA4)14 months
Conversion cookies (Google Ads)up to 90 days
Clarity session data30 days
Contact-form inquiriesuntil handled, max. 12 months
Appointment data (Calendly)12 months after appointment
Business correspondence with retention obligation6–10 years (§ 257 HGB, § 147 AO analogously)

13. No automated decision-making (Art. 22 GDPR)

No automated decision-making, including profiling, that produces legal effects concerning you takes place.

14. Minors (Art. 8 GDPR)

This website is intended exclusively for businesses and not for persons under 16. We do not knowingly process the data of minors. Please send any notices to: support@digitalmarketingremote.com

15. Reporting personal data breaches (Art. 33, 34 GDPR)

In the event of a personal data breach, we report it — where there is a risk to the rights and freedoms of natural persons — without undue delay, where possible within 72 hours, to the competent supervisory authority (Art. 33 GDPR). We notify affected persons without undue delay where the breach is likely to result in a high risk (Art. 34 GDPR).

16. Data protection officer

A data protection officer has not been appointed, as the legal requirements for a mandatory appointment (Art. 37 GDPR, § 38 BDSG) are not met. Please direct data-protection inquiries directly to the controller (section 1).

17. Your rights as a data subject (Art. 15–21 GDPR)

Access (Art. 15): which data we process about you.
Rectification (Art. 16): correction of inaccurate data.
Erasure (Art. 17): "right to be forgotten".
Restriction (Art. 18): restriction of processing.
Data portability (Art. 20): release in a structured format.
Objection (Art. 21): against processing based on legitimate interests.
Withdrawal (Art. 7(3)): withdraw consent given at any time — e.g. via "Cookie settings" in the footer.
Inquiries to: support@digitalmarketingremote.com

18. Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

You have the right to lodge a complaint with a data-protection supervisory authority, e.g. the German Federal Commissioner for Data Protection and Freedom of Information: www.bfdi.bund.de or the state data-protection authority of your federal state.

19. Changes to this privacy policy

We adapt this privacy policy when the legal situation or the services used change. The version published here at the time applies. As of: June 2026.

This English text is a translation for convenience. In the event of discrepancies, the German version is legally authoritative.

← Back to homepage