Imprint

Niagon GmbH
Alfred-Herrhausen-Allee 3-5
65760 Eschborn
Germany

Commercial Register: HRB 133502
Register Court: Amtsgericht Frankfurt am Main

Represented by:
Nino Leschhorn (Managing Director)

Email: contact@niagon.com

VAT identification number according to § 27 a of the German VAT Act:
DE366840009

Professional Designation

Professional Title: Management Consultant (Unternehmensberater)

Competent Chamber:
IHK Frankfurt am Main
Börsenplatz 4
60313 Frankfurt, Germany

Consumer Dispute Resolution

We are not willing or obliged to participate in dispute resolution proceedings before a consumer arbitration board.

---

Privacy Policy

1. Privacy at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you.

Data Collection on This Website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find the operator's contact details in the "Information about the responsible party" section of this privacy policy.

How do we collect your data?

Some data is collected when you provide it to us. This could be data you enter in a contact form, for example. Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g., internet browser, operating system, or time of page access).

What do we use your data for?

Some of the data is collected to ensure the proper functioning of the website. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right to receive information about the origin, recipient, and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future.

2. Hosting

We host our website content with the following provider:

Cloudflare

The provider is Cloudflare Inc., 101 Townsend St, San Francisco, CA 94107, USA. When you visit our website, Cloudflare collects various log files including your IP addresses.

For more information, please see Cloudflare's privacy policy: https://www.cloudflare.com/privacypolicy/

The use of Cloudflare is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our website as reliably as possible.

3. General Information and Mandatory Information

Data Protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.

Information about the responsible party

The responsible party for data processing on this website is:

Niagon GmbH
Alfred-Herrhausen-Allee 3-5
65760 Eschborn
Germany
Email: contact@niagon.com

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)

Right to lodge a complaint with the competent supervisory authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work, or the place of the alleged violation.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

4. Data Collection on This Website

Cookies

Our websites use "cookies." Cookies are small data packets that do not cause any damage to your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device.

Cookies that are necessary for the electronic communication process, for providing certain functions you have requested, or for optimizing the website (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified.

Contact Form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.

5. GRC Health-Check Assessments

We offer free GRC Health-Check assessments on our website (DORA, NIS2, ISO 27001, MaRisk/BAIT, Cyber Security, ICS, EU AI Act). These assessments allow you to evaluate your compliance maturity in various regulatory areas.

What data do we collect?

When participating in our assessments, we collect the following data:

• Contact details: Name, business email address, company, function/role
• Assessment responses: Your answers to the assessment questions
• Result: The maturity score calculated from your responses

How do we use this data?

Your data is used exclusively for the following purposes:

• Calculation and display of your individual assessment result
• Creation of a personalized report (if you request one)
• Contact to schedule a consultation (Premium package only)
• Improvement of our assessment offerings (anonymized, aggregated analysis)

Legal basis

The processing of your data as part of the assessments is based on your consent (Art. 6 para. 1 lit. a GDPR), which you provide before starting the assessment by checking the privacy checkbox. Consent is voluntary and can be revoked at any time with effect for the future.

If you purchase a paid report or consultation, further processing is based on Art. 6 para. 1 lit. b GDPR (contract fulfillment).

Storage duration

Your assessment data is stored for 12 months unless you have booked a report or consultation. For booked services, statutory retention periods apply (typically 6–10 years for business documents). You can request deletion of your data at any time, provided no statutory retention obligations apply.

Technical processing (Jotform)

For the technical implementation of the assessments, we use Jotform Inc., 111 Pine St. Suite 1815, San Francisco, CA 94111, USA. Jotform is certified under the EU-U.S. Data Privacy Framework and ensures an adequate level of data protection.

For more information, see Jotform's privacy policy: https://www.jotform.com/privacy/

6. Other External Services

Formspree (Contact Form)

For our contact form, we use Formspree Inc., 760 Market Street, Suite 814, San Francisco, CA 94102, USA. When you submit the contact form, your input is forwarded to us via Formspree.

For more information, see Formspree's privacy policy: https://formspree.io/legal/privacy-policy/

Google Fonts

This site uses Google Fonts for uniform font display. When you access a page, your browser loads the required fonts into its browser cache to display texts and fonts correctly.

For this purpose, the browser you are using must connect to Google's servers. This gives Google knowledge that this website has been accessed via your IP address. The use of Google Fonts is based on Art. 6 para. 1 lit. f GDPR.

Source: e-recht24.de
Last updated: February 2026