Privacy Policy

My firm commitment to the privacy of visitors to this site.

Last updated: 12 June 2026

Your privacy matters to me, and this site runs on trust, so here is exactly how your information is handled — in plain language, no legal fog.

A few principles I stick to:

  • I don’t ask for personal information unless I genuinely need it.
  • I don’t sell your data. Ever.
  • I don’t share it except with the service providers needed to run the site, or where the law requires it.
  • You stay in control. You can access, correct, or delete your data at any time.

Who I am (the data controller)

This site, hermannk.com, is my personal website, operated by KLG (King Lion Group), a company based in Valencia, Spain. Under the EU General Data Protection Regulation (GDPR) and Spanish data protection law, KLG is the “data controller” for the information collected here. Full company identification is set out in our Legal Notice.

Anything privacy-related — questions, requests, corrections: hello@klg.me

This policy also covers data collected across my connected properties, such as my Gumroad shop, where these same principles apply.

What I collect

Information you give me directly:

  • Newsletter: your email address, and your name if you choose to give it, when you subscribe.
  • Contact form: your name, email, and whatever you write to me.
  • Purchases: when you buy a product, your order and billing details, processed through my shop provider (Gumroad). I do not see or store your full payment-card details. The payment processor handles those.
  • Accounts (planned): if and when logins are added, your account details and preferences.

Information collected automatically:

  • Basic analytics through the Burst Analytics plugin, which runs first-party and is built to be privacy-friendly (it can operate without tracking cookies). This shows me things like which pages are popular and roughly where visitors come from, in aggregate. It is not used to build advertising profiles about you.
  • Essential technical data your browser sends, such as IP address and device and browser type, needed to serve the site securely.

I do not run a mobile app, send push notifications, or operate advertising-tracking networks on this site.

Why I use it, and my legal basis

Under GDPR I need a lawful reason to process your data. Here is the mapping:

  • To send the newsletter — your consent, which you can withdraw at any time by unsubscribing.
  • To answer your messages — my legitimate interest in responding to you.
  • To process and deliver purchases — to fulfil our contract when you buy something.
  • To keep tax and transaction records — my legal obligation under Spanish law.
  • To run and secure the site and understand basic usage — my legitimate interest in operating the site well.

Cookies and tracking

I keep this light. The site uses essential cookies needed to function, and privacy-friendly analytics that, where possible, run without tracking cookies. Any non-essential cookies are only set with your consent, which you can manage or withdraw through the site’s cookie controls. Most browsers also let you block or delete cookies in their settings, though some features may stop working if you do.

Who I share it with

I don’t sell your data. I share it only with:

  • Service providers who help run the site — hosting, the email and newsletter platform, the payment processor (Gumroad), and analytics — and only what they need to do their job.
  • My own connected properties, such as my Gumroad shop, under this same policy.
  • Authorities, if the law genuinely requires it, or to protect rights and safety.
  • A successor, if the business is ever sold, merged, or restructured.

Sending data outside the EU

Some of my providers (for example, the payment or email platforms) may be based outside the European Economic Area, such as in the United States. Where your data is transferred outside the EEA, it is done under the safeguards GDPR requires, typically the European Commission’s Standard Contractual Clauses or an equivalent approved mechanism.

How long I keep it

  • Newsletter: until you unsubscribe, after which your email is removed from the active list.
  • Contact messages: as long as needed to handle your query, plus a reasonable period afterward.
  • Purchase records: for as long as the law requires me to keep them under Spanish tax and accounting rules.
  • Everything else: only as long as it is needed for the purpose it was collected.

Your rights

Under GDPR you have the right to:

  • access the data I hold about you,
  • correct it if it is wrong,
  • delete it (the “right to be forgotten”),
  • restrict or object to how it is used,
  • receive a copy in a portable format,
  • and withdraw consent at any time.

To exercise any of these, email hello@klg.me. You also have the right to lodge a complaint with the Spanish data protection authority, the Agencia Española de Protección de Datos (AEPD), at www.aepd.es.

Security

I take reasonable measures to protect your information against loss, misuse, and unauthorised access. No system is ever perfectly secure, but I treat your data with the care I would want for my own.

Changes to this policy

If I update this policy, I will change the “Last updated” date above, and for significant changes I will give clearer notice. It is worth checking back from time to time.

Contact

Questions about this policy or your data? Email hello@klg.me.

Start where you are. Improve the process. Repeat.

Read the latest

I fix what's broken and build what's missing.

Real stories. Sharp thinking. No shortcuts.

Worked with 1k+ clients (4.8/5)

Explore

AboutPhilosophyResourcesBlogShop

Ventures

King Lion GroupLean Six SigmaRonda Mallorcathe/2ndmallorcakes

Connect

ContactNewsletter

ToS | Privacy | Cookies | Disclaimer | Imprint