Privacy Policy

Privacy Policy

Last updated: February 2026

Greg Wright (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal data when you visit gregwright.org.

1. Data Controller

Greg Wright
Email: admin@gregwright.org

2. Server Location

This website is hosted on servers located in Germany.

3. Data We Collect

  • Contact form submissions: When you use our contact form (WPForms), we collect your name, email address, and message.
  • Analytics data: We use Google Analytics (via Google Site Kit) to collect anonymized usage data including pages visited, session duration, referral source, and general geographic location.
  • Server logs: Our web server records your IP address, browser type, operating system, and visit timestamps.
  • Cookies: We use cookies as described in our Cookie Policy.

4. Legal Basis for Processing (GDPR Art. 6)

  • Consent (Art. 6(1)(a)): For analytics and non-essential cookies. You may grant or withdraw consent via our cookie consent banner.
  • Legitimate interest (Art. 6(1)(f)): For website security (Wordfence) to protect the site from malicious activity.
  • Contract performance (Art. 6(1)(b)): For processing contact form inquiries regarding our consulting services.

5. Third-Party Services

  • Google Analytics (Google LLC) — Website usage statistics.
  • Jetpack Boost (Automattic Inc.) — Performance optimization.
  • WP Mail SMTP — Reliable email delivery from the website.

6. International Data Transfers

  • Google LLC (Google Analytics, Site Kit) — United States, under the EU-US Data Privacy Framework.
  • Automattic Inc. (Jetpack Boost) — United States, under the EU-US Data Privacy Framework.

These transfers are safeguarded by the EU-US Data Privacy Framework, ensuring adequate data protection as recognized by the European Commission.

7. Data Retention

  • Contact form submissions: 1 year, then securely deleted.
  • Analytics data: Per Google Analytics retention settings.
  • Server logs: 30 days, then automatically purged.

8. Your Rights (GDPR Art. 13–22)

  • Access (Art. 15): Request a copy of your personal data.
  • Rectification (Art. 16): Correct inaccurate data.
  • Erasure (Art. 17): Request deletion, subject to legal obligations.
  • Restriction (Art. 18): Restrict processing under certain circumstances.
  • Portability (Art. 20): Receive your data in a machine-readable format.
  • Objection (Art. 21): Object to processing based on legitimate interest.

To exercise these rights, contact admin@gregwright.org.

9. Right to Lodge a Complaint

Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI)
Graurheindorfer Str. 153
53117 Bonn, Germany

10. Changes to This Policy

We may update this policy from time to time. The date at the top indicates the most recent revision.

11. Contact

Email: admin@gregwright.org