CROSS CULTURAL MARKETING & CHINA ENABLER

Privacy Policy

Last updated: June 2026

The protection of personal data is important to us. Below, we provide information on which personal data is processed when visiting this website and using our services, for what purposes this takes place, and which rights data subjects have.

1. Data Controller

The controller responsible for data processing on this website is:

Progress Agency
DSO-IFZA IFZA Properties
Dubai Silicon Oasis
PO Box 393532
Dubai, United Arab Emirates

Email: info@progressagency.de

Where this Privacy Policy refers to “we”, “us” or “our”, this refers to Progress Agency.

2. General information on data processing

We generally process personal data only to the extent necessary to provide a functional website, handle inquiries, communicate with users, maintain technical security, or analyze and improve our online offering.

Personal data means any information relating to an identified or identifiable natural person. This may particularly include names, email addresses, IP addresses, contact details, usage data, and content submitted via a form.

3. Legal bases of processing

The processing of personal data takes place, depending on the respective processing activity, on the basis of the General Data Protection Regulation (GDPR), in particular on the following legal bases:

  • Art. 6(1)(a) GDPR, where consent has been obtained, for example for certain cookies or analytics tools.
  • Art. 6(1)(b) GDPR, where processing is necessary for the performance of pre-contractual measures or a contract, for example in the case of inquiries via the contact form.
  • Art. 6(1)(c) GDPR, where legal obligations exist.
  • Art. 6(1)(f) GDPR, where processing is necessary for the purposes of legitimate interests, for example for technical security, error analysis, or optimization of the website.
 

4. Visiting the website and server log files

When our website is accessed, the server automatically processes information transmitted to the server by the browser used. This may particularly include:

  • IP address
  • Date and time of access
  • Page or file accessed
  • Referrer URL
  • Browser type and browser version
  • Operating system used
  • Host name of the accessing computer
 

This data is processed in order to provide the website technically, maintain stability and security, analyze errors, and protect against misuse. The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure and uninterrupted provision of our website.

Server log files are stored only for as long as necessary for the stated purposes and are subsequently deleted or anonymized, unless there is a legal obligation to retain them for a longer period.

5. Hosting and technical infrastructure via GoDaddy

Our website is operated and/or technically provided through services by GoDaddy.

The provider is, depending on the respective agreement, the relevant GoDaddy entity, in particular GoDaddy.com, LLC or its affiliated companies.

As part of the hosting, GoDaddy processes technical data generated when visiting the website. This may particularly include IP addresses, server log files, technical communication data, and data transmitted via the website.

Processing takes place for the provision, security, and maintenance of the website. The legal basis is Art. 6(1)(f) GDPR. Where GoDaddy processes personal data on our behalf, the processing takes place on the basis of a data processing agreement pursuant to Art. 28 GDPR.

As GoDaddy is an internationally operating provider, the transfer of personal data to countries outside the European Union or the European Economic Area cannot be excluded. In such cases, the transfer takes place on the basis of appropriate safeguards, insofar as these are required by law.

6. WordPress

This website is operated using the WordPress content management system. WordPress is used to create, manage, and display the content of this website.

As part of the operation of the website, technical data may be processed that is necessary for the display, management, and security of the website. This may particularly include IP addresses, technical access data, and, where applicable, cookie information.

Processing takes place on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure, stable, and user-friendly operation of our website.

7. Elementor

We use Elementor for the design and display of our website. Elementor enables the visual creation and editing of website content.

Through the use of Elementor, technical data may be processed that is necessary for displaying the website, executing individual website functions, and providing forms.

The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the professional, user-friendly, and technically functional presentation of our website.

8. Yoast SEO

We use Yoast SEO for the search engine optimization of our website. The plugin supports us in preparing content technically and structurally for search engines.

Yoast SEO primarily serves to optimize metadata, structured data, sitemaps, and other SEO-relevant settings. Based on our current understanding, Yoast SEO generally does not process personal data of website visitors for analytics or marketing purposes.

Where technical data is processed in individual cases, this takes place on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in the discoverability and technical optimization of our website.

9. Contact form

When users contact us via a form on the website, we process the data entered into the form. This may particularly include:

  • Name
  • Email address
  • Telephone number, if provided
  • Company, if provided
  • Message or inquiry content
  • Technical metadata, for example the time of the inquiry

Processing takes place for the purpose of handling the inquiry, contacting the user, and, where applicable, carrying out pre-contractual measures.

The legal basis is Art. 6(1)(b) GDPR, where the inquiry is related to a contract or pre-contractual measures. In all other cases, processing takes place on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in the efficient handling of inquiries.

The data transmitted via the form is deleted once the inquiry has been fully processed and no statutory retention obligations apply. If the inquiry results in a business relationship, statutory retention periods may apply.

The provision of data is voluntary. Without the required information, however, we may not be able to process the inquiry, or may only be able to do so to a limited extent.

10. Email communication

When users contact us by email, we process the personal data transmitted in order to handle the respective inquiry. This particularly includes the email address, name, content of the message, and technical communication data.

The legal basis is Art. 6(1)(b) GDPR, where the communication is related to a contract or pre-contractual measures. Otherwise, processing takes place on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in handling and responding to inquiries.

11. Cookies

Our website may use cookies and similar technologies. Cookies are small text files stored on the user’s device.

We distinguish between technically necessary cookies and non-essential cookies.

Technically necessary cookies

Technically necessary cookies are required for the website to function properly. They may, for example, be necessary for security functions, form functions, or the technical provision of the website.

The legal basis for technically necessary cookies is Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure and functional provision of the website.

Non-essential cookies

We use non-essential cookies, in particular analytics or marketing cookies, only where users have given their prior consent.

The legal basis is Art. 6(1)(a) GDPR. Consent that has been given may be withdrawn at any time with effect for the future.

12. Microsoft Clarity

We use Microsoft Clarity, a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

Microsoft Clarity enables us to analyze the use of our website. In this context, interactions on the website, click behavior, scroll behavior, technical device information, browser information, approximate location information, page views, and session data may be processed, among other data. Microsoft Clarity may also use pseudonymous user identifiers to analyze recurring visits and usage processes.

We use Microsoft Clarity to improve the usability, structure, technical functionality, and content of our website.

Microsoft Clarity is used only where users have given their consent via our cookie or consent banner. The legal basis is Art. 6(1)(a) GDPR. Consent may be withdrawn at any time with effect for the future.

As part of the use of Microsoft Clarity, personal data may be transferred to the USA or other third countries. Microsoft bases such transfers on appropriate data protection safeguards, insofar as these are required.

Further information on data processing by Microsoft can be found in Microsoft’s privacy information.

13. Link to Instagram

On our website, we link to our Instagram profile. Instagram is operated by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.

When users click on the Instagram link, they leave our website and are redirected to Instagram. From that point onwards, the privacy provisions of Instagram or Meta apply.

We do not have full influence over which data Instagram or Meta processes when the respective profile is visited. This may apply in particular if users are logged into Instagram.

Users can interact with us via our Instagram profile, for example through messages, comments, likes, or other interactions. In this case, we process the respective interaction and communication data in order to communicate with users and manage our profile.

The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in communication, public presentation, and maintaining our social media presence.

14. Link to LinkedIn

On our website, we link to our LinkedIn profile. LinkedIn is operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

When users click on the LinkedIn link, they leave our website and are redirected to LinkedIn. From that point onwards, LinkedIn’s privacy provisions apply.

We do not have full influence over which data LinkedIn processes when the respective profile is visited. This may apply in particular if users are logged into LinkedIn.

Users can interact with us via our LinkedIn profile, for example through messages, comments, reactions, or other interactions. In this case, we process the respective interaction and communication data in order to communicate with users and manage our profile.

The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in communication, public presentation, and maintaining our social media presence.

15. Recipients of personal data

Personal data may be transmitted to technical service providers, hosting providers, website service providers, communication service providers, and analytics service providers, insofar as this is necessary for the operation of the website, the handling of inquiries, or the stated purposes.

Service providers are involved, where required, on the basis of a data processing agreement pursuant to Art. 28 GDPR.

16. Data transfers to third countries

As we use international service providers and our company is located outside the European Union or the European Economic Area, the processing or transfer of personal data to third countries may take place.

Such a transfer takes place only where there is a legal basis for it or appropriate safeguards within the meaning of the GDPR are in place, for example standard contractual clauses, adequacy decisions, or other permissible transfer mechanisms.

17. Storage period

We store personal data only for as long as this is necessary for the respective purposes or as long as statutory retention obligations exist.

Data from contact inquiries is deleted once the inquiry has been fully processed, unless statutory retention obligations or legitimate interests in further storage exist.

Data processed on the basis of consent is generally deleted or no longer processed when consent is withdrawn, unless another legal basis exists for further processing.

18. Rights of data subjects

Data subjects have the following rights within the scope of the statutory requirements:

  • Right of access to the personal data processed pursuant to Art. 15 GDPR
  • Right to rectification of inaccurate data pursuant to Art. 16 GDPR
  • Right to erasure of personal data pursuant to Art. 17 GDPR
  • Right to restriction of processing pursuant to Art. 18 GDPR
  • Right to data portability pursuant to Art. 20 GDPR
  • Right to object to certain processing activities pursuant to Art. 21 GDPR
  • Right to withdraw consent that has been given pursuant to Art. 7(3) GDPR
 

To exercise these rights, data subjects may contact us at any time: info@progressagency.de

19. Withdrawal of consent

Where processing is based on consent, this consent may be withdrawn at any time with effect for the future.

The lawfulness of processing carried out up to the point of withdrawal remains unaffected by the withdrawal.

20. Right to object

Where personal data is processed on the basis of Art. 6(1)(f) GDPR, data subjects have the right to object to the processing at any time on grounds relating to their particular situation.

If an objection is lodged, we will no longer process the personal data concerned, unless there are compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject, or the processing serves the establishment, exercise, or defense of legal claims.

21. Right to lodge a complaint with a supervisory authority

Data subjects have the right to lodge a complaint with a competent data protection supervisory authority if they believe that the processing of their personal data violates applicable data protection law.

This may in particular be done with a supervisory authority in the Member State of their habitual residence, place of work, or the place of the alleged infringement.

22. Security of processing

We take appropriate technical and organizational measures to protect personal data against loss, misuse, unauthorized access, alteration, or disclosure.

The security measures are adapted in line with technical development and organizational requirements.

23. SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, this website uses SSL or TLS encryption.

An encrypted connection can be recognized by the browser’s address bar beginning with “https://” and by the lock symbol displayed in the browser.

24. Changes to this Privacy Policy

We reserve the right to amend this Privacy Policy if legal requirements, technical functions of our website, or the services we use change.

The current version published on this website applies.