The following information (“Datenschutzerklärung”) is required under German law. I would like to inform you about the types of your personal data (hereinafter also referred to as "data") I collect, for which purposes and to what extent. The data protection declaration applies to all processing of personal data that I carry out, both within the scope of the provision of my services as well as in particular on my websites, and within external online presences, such as my social media profiles (hereinafter referred to collectively as the "online offer").
Updates to the policy: I may update this policy from time to time by publishing a new version on our website, i.e. to adhere to updates in regulations. You should check this page occasionally to ensure you are happy with any changes to this policy.
Information about me as controllers of your data
Your user rights
Information about data collection and data processing
(1) You have the following rights with regard to your personal data:
right to request information
right to rectification or erasure
right to restriction of processing
right to object to the processing
right to data portability.
(2) If you have given your consent to data processing, you can revoke this consent at any time for the future.
3) You also have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data by me.
To exercise your rights under the GDPR or other applicable data protection laws, in particular to withdraw your consent to the use of your data, please contact me at firstname.lastname@example.org. You can also contact me at any time if you have any further questions on the subject of data protection.
Data Collection & Processing
Collection of personal data when you contact me
When you contact me by e-mail or telephone, the data you provide me with (e.g. your e-mail address, your telephone number and your name and other personal data you provided me in the body text of the email) will be stored by me in order to answer your questions. I dont automatically delete the data from my email service provider or my phone storage, please get in touch with me if you wish me to delete these data points in my communication history (email service provider and phone history).
The web hosting services I use also include the sending, receiving and storage of emails. For these purposes, the addresses of the recipients and senders as well as further information regarding the sending of e-mails (e.g. the providers involved) and the content of the respective e-mails are processed. The data can also be processed for the purpose of detecting SPAM. I ask you to note that e-mails are generally not sent encrypted on the Internet. As a rule, e-mails are encrypted during transport, but (unless an end-to-end encryption process is used) not on the servers from which they are sent and received. We can therefore not accept any responsibility for the transmission path of the emails between the sender and the receipt on our server.
Collection of personal data when visiting my website
In order to be able to provide my online offer securely and efficiently, I use the services of one or more web hosting providers (including Google Inc and Wix.com), from whose servers (or servers managed by them) the online offer can be accessed. For these purposes, I can use infrastructure and platform services, computing capacity, storage space and database services as well as security and technical maintenance services.
The data processed in the context of the provision of the hosting offer can include all information relating to the users of my online offer that is incurred in the context of use and communication. This regularly includes the IP address that is necessary to be able to deliver the content of online offers to browsers and all entries made within my online offer or from websites.
The server log files can be used on the one hand for security purposes, e.g. to avoid overloading the server (i.e. in the event of abusive attacks) and on the other hand to ensure the utilization of the servers and their stability.
Processed data types: content data (e.g. text input, photographs, videos), usage data (e.g. visited websites, interest in content, access times), meta / communication data (e.g. device information, IP addresses).
Affected persons: users (e.g. website visitors, users of online services).
Legal basis: legitimate interests (Art. 6 Para. 1 S. 1 lit. GDPR).
I use Google Analytics as a web analytics tool to understand user behaviour on my website and improve the user experience and service offering.
The provider of Google Analytics is Google Inc, a company of the holding company Alphabet Inc, based in the USA. The anonymous IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. According to Google Inc., in no case will the IP address be associated with other data relating to the user.
For more information about the web analytics service used, please visit the Google Analytics website. You can object to the processing of your data by the Google web analysis service either by using a browser add-on plugin or by setting the opt-out cookie.
The data processed will be deleted in accordance with the legal requirements as soon as their consent for processing is revoked or other permits no longer apply (e.g. if the purpose of processing this data has ceased to apply or if it is not necessary for the purpose).
If the data is not deleted because it is required for other and legally permissible purposes, its processing is restricted to these purposes. This means that the data is blocked and not processed for other purposes. This applies e.g. for data that must be kept for commercial or tax law reasons or whose storage is necessary to assert, exercise or defend legal claims or to protect the rights of another natural or legal person.
Data shared with third party services
On my website I use third party services for ease of service provisioning, i.e including a service for scheduling appointments or handling payments.
For payments and invoicing I also work with Stripe Inc. as a service provider (i.e. integrated into calendly, my scheduling provider). Follow this link to review the Stripe Inc. privacy notice.
According to the Law of Germany, I am required to keep financial records showing any payments the contracting party made to me for a defined period of time (ten years right now). This information is kept separate from your personal data. I will never use these details to contact the contracting party in regard to anything except your payments.