Privacy Policy

This Privacy Policy explains how we collect, use, and disclose personal information collected from users ("you" or "user") of our website https://www.herfinancialfreedom.net/ ("Website"). By using our Website, you agree to the collection and use of your personal information as described in this Privacy Policy. 

​

Authorized persons:

Cristina Jaeger

Email address:

https://www.herfinancialfreedom.net/

Imprint:

https://www.herfinancialfreedom.net/imprint

​

Last updated 05 April 2024.

​

Information We Collect

We may collect personal information that you voluntarily provide to us when you use our Website, such as your name, email address, and other contact information. We may also collect information automatically as you navigate and interact with our Website, such as usage data, IP addresses, cookies, and other tracking technologies. Also by submitting any forms, you acknowledge and agree that the hFF may use your provided details, such as: Inventory data, Payment data, Contact details, Content data, Contract data, Usage data, Meta, communication and process data, Applicant data, Image and / or video recordings, Event data, Data Subject (Customers, Employees, Interested parties, Communication partner, User, Applicat, Challenge/Competition and competition participants, Business and contractual partners, Pupils / students / participants, Participant and Trained people). 

With the purpose of Provision of contractual services and customer service, Contact requests and communication, Direct marketing, Range measurement, Tracking, Office and organizational procedures, Remarketing, Conversion measurement, Target group formation, Affiliate tracking, Management and answering of inquiries, Application process, Conducting competitions and competitions/challenge, Feedback, Marketing, Profiles with user-related information, Provision of our online offer and user friendliness, Information technology infrastructure.

​

You can unsubscribe from the newsletter at any time by clicking the "unsubscribe" link provided in each email. Rest assured that we will handle your information with utmost care and respect your privacy. 

​

Use of Personal Information

We may use the personal information we collect for various purposes, including:

• To provide and improve our services, products, and content on the Website

• To respond to your inquiries, comments, and feedback

• To send you marketing communications, newsletters, and promotional materials

• To comply with applicable laws, regulations, and legal processes

• To protect the rights, property, and safety of our users and the public

​

Disclosure of Personal Information

We may share your personal information with third parties for various purposes, including:

• Service providers who help us operate and manage our Website

• Business partners, affiliates, and vendors who assist us in providing our services

• Legal, regulatory, or government authorities as required by law or to protect our rights

• Other users, with your consent or as part of the normal functioning of our Website

​

Newsletter Tracking

The herFinancialFreedom newsletters utilize what are known as counting pixels. A counting pixel is a small graphic element embedded within emails sent in HTML format. Its purpose is to facilitate log file recording and analysis, allowing for statistical assessment of the success or effectiveness of online marketing campaigns. By means of the embedded counting pixel, herFinancialFreedom is able to ascertain whether an email has been opened by an individual and identify which links within the email have been accessed by that individual.

Any personal data gathered through the counting pixels embedded in our newsletters is stored and analyzed by the data controller. This is done to enhance the distribution of newsletters and to tailor the content of future newsletters more precisely to the preferences of the recipient. Importantly, this personal data is not shared with any third parties. Individuals whose data is collected have the right to withdraw their previously provided consent through the double opt-in process at any time. Upon such withdrawal, the data controller will proceed to delete this personal data. Furthermore, opting out of newsletter reception is automatically regarded as a withdrawal of consent by herFinancialFreedom.

​

Deletion of data

The data processed by us will be deleted in accordance with the legal requirements as soon as their consent permitted for processing is revoked or other permits are no longer available (e.g. if the purpose of processing this data has ceased to exist or is not necessary for the purpose). If the data is not deleted because it is necessary for other and legally permissible purposes, its processing is limited to these purposes. This means that the data is blocked and not processed for other purposes. This applies e.g. for data that must be kept for commercial or tax reasons or their storage for assertion, Exercise or defense of legal claims or to protect the rights of another natural or legal person is required. Our data protection information can also contain further information on the storage and deletion of data that are of primary importance for the respective processing.

​

Data Security

We take reasonable measures to protect the security of your personal information and to prevent unauthorized access, use, or disclosure. However, please note that no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

​

Use of cookies

Cookies are small text files or other memory notes that store information on end devices and read information from the end devices. E.g. to save the login status in a user account, a shopping cart content in an e-shop, the called up content or used functions of an online offer. Cookies can also be used for different purposes, e.g. for the functionality, security and convenience of online offers as well as the creation of analyzes of the flow of visitors. We use cookies in accordance with legal regulations. We therefore obtain prior consent from users, unless this is not required by law. In particular, consent is not necessary if it is absolutely necessary to store and read out the information, including cookies, in order to provide the users with service they expressly request (i.e. our online offer). The revocable consent is clearly communicated to the users and contains the information on the respective use of cookies. Information on data protection legal bases: The data protection legal basis on which we process users' personal data using cookies depends on whether we ask users for consent. If the users consent, the legal basis for processing your data is the declared consent. Otherwise, the data processed using cookies are processed on the basis of our legitimate interests (e.g. in a business operation of our online offer and improvement of its usability) or, if this is done within the scope of fulfilling our contractual obligations, if the use of cookies is necessary to fulfill our contractual obligations. For what purposes we process cookies, We will clarify this in the course of this data protection declaration or as part of our consent and processing processes.

Storage duration: The following types of cookies are distinguished in terms of storage duration:

• Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and has closed his end device (e.g. browser or mobile application).

• Permanent cookies: Permanent cookies remain stored even after the end device has been closed. For example, the login status can be saved or preferred content displayed directly when the user visits a website again. Likewise, the data of the users collected with the help of cookies can be used to measure the range. Unless we provide users with explicit information about the type and storage period of cookies (e.g. B. as part of obtaining consent), users should assume that cookies are permanent and that the storage period can be up to two years.

Users can revoke the consent they have given at any time and also file an objection to the processing in accordance with the legal requirements. Users can also explain their objection via the settings of their browser, e.g. by deactivating the use of cookies (although this may also limit the functionality of our online services). 

​

Processing of cookie data based on consent

We use a method for cookie consent management, within the framework of which the consent of the user in the use of cookies, or. the processing and providers mentioned in the context of the cookie consent management process can be obtained and managed and revoked by the users. The declaration of consent is saved in order not to have to repeat its query again and to be able to prove the consent in accordance with the legal obligation. The storage can be carried out on the server side and / or in a cookie (so-called opt-in cookie, or using comparable technologies) in order to be able to assign the consent to a user or his device. Subject to individual information on the providers of cookie management services, the following information applies: The duration of the storage of the consent can be up to two years. A pseudonymous user identifier is formed and, at the time of consent, information on the scope of consent as well as the browser, system and device used.

​

Your Rights

a) Right to Confirmation

Every data subject has the right, as granted by the European directive and regulation provider, to request confirmation from the data controller regarding the processing of personal data related to them. If a data subject wishes to exercise this right of confirmation, they can contact an employee of the controller at any time.

b) Right to Information

Every individual affected by the processing of personal data has the right, in accordance with the European directive and regulation, to obtain free information from the data controller at any time about the personal data stored concerning them, as well as a copy of this information. The European directive and regulation provider has also specified that data subjects have the right to be informed about the following:

• The purposes of processing

• The categories of processed personal data

• Recipients or categories of recipients to whom the personal data has been or will be disclosed, especially for recipients in third countries or international organizations

• If possible, the envisaged duration for which the personal data will be stored, or, if not possible, the criteria used to determine that duration

• The existence of the right to rectification, erasure, restriction of processing, or objection

• The right to lodge a complaint with a supervisory authority

• If the personal data is not collected from the data subject: all available information about the data's origin

• The existence of automated decision-making, including profiling, along with meaningful information about the logic involved and the envisaged consequences for the data subject

Additionally, data subjects have the right to know if their personal data has been transferred to a third country or international organization. If such transfer has taken place, the data subject also has the right to receive information about the appropriate safeguards in connection with the transfer.

To exercise this right to information, a data subject can contact an employee of the controller at any time.

c) Right to Rectification

Every individual affected by the processing of personal data has the right, as granted by the European directive and regulation, to request the prompt correction of inaccurate personal data concerning them. Furthermore, taking into account the purposes of processing, data subjects have the right to request the completion of incomplete personal data through a supplementary statement.

To exercise this right of rectification, a data subject can contact an employee of the controller at any time.

d) Right to Erasure (Right to Be Forgotten)

Every individual affected by the processing of personal data has the right, as granted by the European directive and regulation provider, to demand the data controller's immediate erasure of personal data concerning them under certain circumstances, provided that processing is not necessary. These circumstances include:

• The personal data was collected or processed for purposes for which it is no longer needed.

• The data subject revokes their consent, on which the processing was based, and there's no other legal basis for processing.

• The data subject objects to the processing and there are no overriding legitimate grounds for processing.

• The personal data was processed unlawfully.

• Erasure is necessary to fulfill a legal obligation under Union or Member State law.

• The personal data was collected in relation to information society services.

If any of these circumstances apply and a data subject wishes to have their personal data deleted from herFinancialFreedom's records, they can contact an employee of the controller at any time. The herFinancialFreedom employee will promptly arrange for the data to be deleted.

If personal data has been made public by herFinancialFreedom and there's an obligation to erase it, the company will take reasonable steps, including technical measures, to inform other data controllers processing the data, to delete links to or copies of the data. The necessary arrangements will be made on a case-by-case basis.

e) Right to Restriction of Processing

Every individual affected by the processing of personal data has the right, in accordance with the European directive and regulation, to demand the controller to restrict processing under certain conditions. These conditions include:

• The data subject contests the accuracy of the personal data, allowing the controller to verify accuracy.

• Processing is unlawful, but the data subject opposes erasure and requests restriction instead.

• The controller no longer needs the personal data for processing, but the data subject requires it to establish, exercise, or defend legal claims.

• The data subject has objected to processing under Article 21(1) of the GDPR, pending verification of whether the legitimate grounds of the controller override those of the data subject.

If any of these conditions are met and a data subject wishes to restrict the processing of their personal data held by herFinancialFreedom, they can contact an employee of the controller at any time. Employees of herFinancialFreedom will promptly initiate the necessary restrictions.

f) Right to Data Portability

Every individual affected by the processing of personal data has the right, as granted by the European directive and regulation, to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format. They also have the right to transmit this data to another controller without hindrance, if the processing is based on consent or a contract and is carried out by automated means.

To exercise this right to data portability, a data subject can contact a herFinancialFreedom employee at any time.

g) Right to Object

Every individual affected by the processing of personal data has the right, as granted by the European directive and regulation, to object to the processing of personal data based on Article 6(1)(e) or (f) of the GDPR. This includes objection to profiling based on these provisions.

In case of objection, herFinancialFreedom will cease processing personal data unless compelling legitimate grounds for processing override the interests, rights, and freedoms of the data subject or for legal claims.

If herFinancialFreedom processes personal data for direct marketing purposes, the data subject has the right to object at any time. This also applies to profiling related to direct marketing. If a data subject objects, herFinancialFreedom will cease processing personal data for this purpose.

Additionally, if personal data is processed for scientific, historical research, or statistical purposes, the data subject can object to the processing, unless the processing is necessary for the performance of a task carried out in the public interest.

To exercise the right to object, a data subject can directly contact any employee of herFinancialFreedom.

h) Automated Decisions Including Profiling

Every individual affected by the processing of personal data has the right, as granted by the European directive and regulation provider, not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects them, unless certain conditions are met. These conditions include necessity for contract fulfillment, explicit consent, or provisions of Union or Member State law.

If data subjects wish to assert rights related to automated decisions, they can contact an employee of herFinancialFreedom at any time.

i) Right to Withdraw Consent

Every individual affected by the processing of personal data has the right, as granted by the European directive and regulation, to withdraw consent to the processing of personal data at any time. To exercise the right to withdraw consent, a data subject can contact an employee of herFinancialFreedom at any time

​

Transmission of personal data

As part of our processing of personal data, it happens that the data is transmitted to other bodies, companies, legally independent organizational units or persons or that they are disclosed to them. The recipients of this data can e.g. Service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and in particular conclude corresponding contracts or. Agreements that protect your data are made with the recipients of your data.

​

Third-Party Links

Our Website may contain links to third-party websites or services that are not owned or controlled by us. We are not responsible for the privacy practices or content of such third-party websites. We encourage you to review the privacy policies of these websites before providing any personal information.

​

Management and/or organization tools

We use services, platforms and software from other providers (hereinafter referred to as „ third party provider ”) for the purposes of organizing, managing, planning and providing our services. When selecting third-party providers and their services, we observe the legal requirements.

In this context, personal data can be processed and stored on the servers of third-party providers. This can affect various data that we process in accordance with this data protection declaration. This data can include master data and user contact details, data on processes, contracts, other processes and their content.

If users are referred to the third-party providers or their software or platforms as part of communication, business or other relationships with us, the third-party providers can use usage data and metadata for security purposes, for service optimization or for marketing purposes. We therefore ask that the data protection information of the respective third-party provider be observed.

​

• Calendar Booking: Online scheduling and appointment management; Service provider: Calendly LLC., 271 17th St NW, Ste 1000, Atlanta, Georgia, 30363, USA; Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO); Website: https://calendly.com/de; Data protection declaration: https://calendly.com/pages/privacy; Order processing contract: https://calendly.com/dpa; Standard contractual clauses (guarantee of data protection level for processing in third countries): https://calendly.com/dpa.

​

Video conferencing, online meetings, webinars and screen sharing

We set platforms and applications from other providers (hereinafter referred to as "conference platforms ”) for the purpose of holding video and audio conferences, Webinars and other types of video and audio meetings (hereinafter referred to as "conference"). When selecting the conference platforms and their services, we observe the legal requirements. Data processed by conference platforms: As part of attending a conference, the conference platforms process the personal data of the participants mentioned below. The scope of processing depends on the one hand on, which data is required during a specific conference (e.g. specification of access data or clear names) and which optional information is provided by the participants. In addition to processing to carry out the conference, the data of the participants can also be processed by the conference platforms for security purposes or service optimization. The processed data includes personal data (first name, last name), contact information (email address, telephone number), access data (access codes or passwords), profile images, information on the professional position / function, the IP address of Internet access, Information on the end devices of the participants, their operating system, the browser and its technical and linguistic settings, information on the content-related communication processes, i.e. Entries in chats and audio and video data, as well as the use of other available functions (e.g. surveys). The content of the communications is encrypted to the extent technically provided by the conference providers. If the participants are registered as users on the conference platforms, further data can be processed in accordance with the agreement with the respective conference provider.as well as the use of other available functions (e.g. surveys). The content of the communications is encrypted to the extent technically provided by the conference providers. If the participants are registered as users on the conference platforms, further data can be processed in accordance with the agreement with the respective conference provider.as well as the use of other available functions (e.g. surveys). The content of the communications is encrypted to the extent technically provided by the conference providers. If the participants are registered as users on the conference platforms, further data can be processed in accordance with the agreement with the respective conference provider. Logging and recording: If text entries, participation results (e.g. surveys) as well as video or audio recordings are logged, the participants will be informed transparently in advance and they will be asked – if necessary – for consent. Data protection measures of the participants: Please note the details of the processing of your data by the conference platforms and select the optimal security and data protection settings for you as part of the settings of the conference platforms. Please also ensure the duration of a video conference for data and personal protection in the background of your recording (e.g. by notifying roommates, closing doors and using them, as far as technically possible, the function to blur the background). Links to the conference rooms and access data may not be passed on to unauthorized third parties.

Information on legal bases: If, in addition to the conference platforms, we also process the data of the users and ask the users for their consent to the use of the conference platforms or certain functions (e.g. B. Consent to a recording of conferences), the legal basis of the processing is this consent. Furthermore, our processing may be necessary to fulfill our contractual obligations (e.g. in lists of participants, in the case of processing conversation results, etc.). In addition, the data of the users are processed on the basis of our legitimate interests in efficient and secure communication with our communication partners.

Processed data types: Inventory data (e.g. names, addresses); Contact details (e.g. email, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. visited websites, interest in content, access times); Meta, Communication and process data (e.g. B. IP addresses, times, identification numbers, consent status).

Affected persons: Communication partner; Users (e.g. website visitors, users of online services); Trained people. With the processing purposes of provision of contractual services and customer service; Contact requests and communication; Office and organizational procedures.

Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. F) DSGVO).​

​

Privacy Provisions on the use of Zoom

The controller has integrated components of the Zoom video conferencing service on this website. Zoom provides online video conferencing and communication solutions.

Service provider: Zoom Video Communications, Inc., 55 Almaden Blvd., Suite 600, San Jose, CA 95113, USA; Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO); Website: https://zoom.us; Data protection declaration: https://zoom.us/docs/de-de/privacy-and-legal.html; Order processing contract: https://zoom.us/docs/de-de/privacy-and-legal.html (referred to as Global DPA); Standard contractual clauses (guarantee of data protection level for processing in third countries): https://zoom.us/docs/de-de/privacy-and-legal.html (Signed as Global DPA).

Data Collection and Usage: When a user accesses individual pages of this website operated by the controller, which contain Zoom video conferencing components, the user's web browser may automatically interact with Zoom's servers to facilitate video conferencing sessions. Zoom enables real-time audio and video communication and may require the downloading of specific software or applications to support these interactions.

During the usage of Zoom's services on our website, Zoom may collect data related to the user's video and audio interactions, which includes video and audio data, as well as any content shared or displayed during the video conferencing session. Zoom may also collect technical data such as IP addresses, device information, and connection details to ensure the quality and security of the video conferencing experience.

Data Transmission to Zoom: As a video conferencing service, Zoom processes the data necessary for enabling online video communication, including transmitting video and audio data between participants. Users of Zoom's services may have their video and audio data transmitted to Zoom's servers for the purpose of facilitating the video conferencing session. This data may be processed and stored by Zoom in accordance with their privacy policies.

For more detailed information about how Zoom handles data and to understand the applicable data protection regulations, please refer to the following resources:

• Zoom Privacy Policy: https://zoom.us/privacy

• Zoom Security: https://zoom.us/security

​

Cloud services

We use software services accessible via the Internet and executed on the servers of their providers for the storage and management of content (e.g. document storage and management, exchange of documents, Content and information with certain recipients or publication of content and information).

In this context, personal data can be processed and stored on the providers' servers, insofar as they are part of communication processes with us or otherwise, as set out in the context of this data protection declaration, be processed. This data can include master data and user contact details, data on processes, contracts, other processes and their content. The providers of cloud services also process usage data and metadata, which they use for security purposes and for service optimization.

If we use the cloud services for other users or publicly accessible websites to form or similar. Providing documents and content, providers can save cookies on users' devices for web analysis purposes or to remember user settings (e.g. in the case of media control).

• Processed data types: Inventory data (e.g. names, addresses); Contact details (e.g. email, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. visited websites, interest in content, access times); Meta, Communication and process data (e.g. B. IP addresses, times, identification numbers, consent status); Image and / or video recordings (e.g. B. Photographs or video recordings of a person)

• Affected persons: Customers; Employees (e.g. employees, applicants, former employees); Interested parties; Communication partner.

• Processing purposes: Office and organizational procedures; Information technology infrastructure (operation and provision of information systems and technical devices (computers, servers, etc.).); Provision of contractual services and customer service.

• Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. F) DSGVO).

 

Use of Google forms and access to Google Drive

Google Forms: The controller may utilize Google Forms to collect information from users. Google Forms is an online survey and data collection tool offered by Google LLC. Users may be prompted to fill out forms for various purposes, such as feedback, registrations, or inquiries.

Service provider: Google Cloud EMEA Limited, 70 Sir John Rogerson’s Quay, Dublin 2, Ireland; Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO); Website: https://cloud.google.com/; Data protection declaration: https://policies.google.com/privacy; Order processing contract: https://cloud.google.com/terms/data-processing-addendum; Standard contractual clauses (guarantee of data protection level for processing in third countries): https://cloud.google.com/terms/eu-model-contract-clause; Additional Information: https://cloud.google.com/privacy.

Google Drive Access: In some instances, the controller may provide access to documents or resources hosted on Google Drive, a cloud storage service provided by Google LLC.

Data Collection and Usage: When users interact with Google Forms or access documents on Google Drive via links provided on this website, the controller does not directly collect personal data through these services. However, Google may collect and process data as per their respective terms of service and privacy policies.

Third-Party Service Provider: Google Forms and Google Drive are services provided by Google LLC. You can find more information about Google's data practices in their Privacy Policy: https://policies.google.com/privacy

User Responsibility: Users accessing Google Forms or Google Drive content are advised to review and understand Google's terms of service and privacy policy. The controller does not control the data processing practices of Google and shall not be held responsible for any actions, omissions, or data processing performed by Google as part of their services.

​

Communication via messenger

We use messenger for the purposes of communication and therefore ask that the following information on the functionality of the messenger, on encryption, on the use of the metadata of communication and on your options for objection be observed.

You can also use us in alternative ways, e.g. contact via phone or email. Please use the contact options communicated to you or the contact options specified in our online offer.

In the case of end-to-end encryption of content (i.e. the content of your message and attachments), we would like to point out that the communication content (i.e., the content of the message and attached images) are encrypted from end to end. This means that the content of the messages is not visible, not even by the messenger providers themselves. You should always use a current version of the messenger with activated encryption to ensure the encryption of the message content.

However, we would also like to point out to our communication partners that the providers of the messengers do not see the content, but can find out, that and when communication partners communicate with us as well as technical information about the device used by the communication partners and, depending on the settings of their device, location information (so-called metadata) are processed.

Information on legal bases: If we ask communication partners for permission before communicating with them via Messenger, the legal basis for our processing of their data is their consent. Otherwise, if we do not ask for consent and e.g. contact us on your own, we use Messenger in relation to our contractual partners as well as in the context of the contract initiation as a contractual measure and in the case of other interested parties and communication partners based on our legitimate interests in fast and efficient communication and fulfillment of the needs of our communication partner in communication via messenger. We would also like to point out that we will not transmit the contact details communicated to us to the Messenger for the first time without your consent. Revocation, objection and deletion: You can revoke your consent at any time and object to communication with us via Messenger at any time. In the case of communication via messenger, we delete the messages according to our general deletion guidelines (i.e.g., as described above, after the end of contractual relationships, in the context of archiving specifications etc.) and otherwise, as soon as we can assume that we have answered any information from the communication partners, if no reference to a previous conversation is to be expected and the deletion does not conflict with any legal retention requirements.

Reservation of reference to other communication channels: Finally, we would like to point out that for reasons of your security, we reserve the right not to answer inquiries about Messenger. This is the case if e.g. Contract internals require special confidentiality or a response via messenger does not meet the formal requirements. In such cases, we refer you to more adequate communication channels.

Processed data types such as Contact details (e.g. email, telephone numbers); Usage data (e.g. visited websites, interest in content, access times); Meta, communication and process data (e.g. B. IP addresses, times, identification numbers, consent status).​ With the processing purposes of contact requests and communication; Direct marketing (e.g. by email or post).

Legal basis: Consent (Art. 6 Para. 1 P. 1 lit. a) DSGVO); Eligible interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO).

Further information on processing processes, processes and services:

​

Privacy Provisions on the use of WhatsApp

WhatsApp Communication: The controller may use WhatsApp as a communication channel for users. WhatsApp is a messaging application that allows users to send text messages, voice messages, multimedia content, and engage in real-time communication.

Service Provider: WhatsApp Messenger with end-to-end encryption; Service provider: WhatsApp Ireland Limited, 4 Grand Canal Quay, Dublin 2, D02 KH28, Ireland; Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO); Website: https://www.whatsapp.com/; Data protection declaration: https://www.whatsapp.com/legal.

Data Collection and Usage: When users communicate with the controller through WhatsApp, the controller may collect and process the personal data shared during the conversation. This data may include text messages, images, videos, and other multimedia content exchanged on the platform.

Data Transmission to WhatsApp: WhatsApp processes the data exchanged between users on its platform in accordance with its own terms of service and privacy policy. Users should be aware that using WhatsApp involves data transmission to WhatsApp's servers, which may be located in different countries.

For more information on how WhatsApp collects, processes, and uses data, please refer to WhatsApp's Terms of Service: https://www.whatsapp.com/legal/#terms-of-service and Privacy Policy: https://www.whatsapp.com/legal/#privacy-policy

User Responsibility: Users communicating with the controller through WhatsApp are advised to review WhatsApp's terms of service and privacy policy. The controller does not control the data processing practices of WhatsApp and shall not be held responsible for any actions, omissions, or data processing performed by WhatsApp as part of their services.

​

Business Services

We process this data to meet our contractual obligations. This includes, in particular, the obligations to provide the agreed services, any updating obligations and remedial measures in the event of warranty and other service disruptions. In addition, we process the data to protect our rights and for the purpose of the administrative tasks associated with these obligations as well as the company organization. In addition, we process the data based on our legitimate interests in proper and business management as well as security measures to protect our contractual partners and our business operations from misuse, risk to their data, secrets, Information and rights. Within the framework of the applicable law, we only pass on the data of contractual partners to third parties to the extent that this is necessary for the aforementioned purposes or for the fulfillment of legal obligations. About other forms of processing, e.g. for marketing purposes, the contractual partners are informed in the context of this data protection declaration. 

The statutory retention period for documents relevant to tax law as well as for commercial books, inventories, opening balance sheets, annual financial statements, the work instructions and other organizational documents and booking documents required to understand these documents for ten years, as well as for received trade and business letters and reproductions of the sent trade and business letters for six years. The period begins at the end of the calendar year in which the last entry is made in the book, the inventory, the opening balance sheet, the annual financial statements or the management report, the commercial or business letter has been received or sent or the booking receipt has been created, the recording has been made or the other documents have been created.

Insofar as we use third-party providers or platforms to provide our services, the terms and conditions and data protection notices of the respective third-party providers or platforms apply in the relationship between the users and the providers.

• Processed data types: Inventory data (e.g. names, addresses); Payment data (e.g. bank details, invoices, payment history); Contact details (e.g. email, telephone numbers); Contract data (e.g. object of contract, term, customer category).

• Affected persons: Interested parties; Business and contract partners; Pupils / students / participants; Customers.

• Processing purposes: Provision of contractual services and customer service; Contact requests and communication; Office and organizational procedures; Management and response of inquiries.

• Legal basis: Fulfillment of contracts and pre-contractual inquiries; Legal obligation; Authorized interests.

 

Education and training services: We process the data of the participants in our education and course offers  in order to be able to provide them with our program services. The data processed here, the type, scope, purpose and necessity of their processing are determined according to the underlying contractual and training relationship. Processing forms also include performance evaluation and evaluation of our services and that of teachers. As part of our work, we can also use special categories of data, Here in particular, information on the health of trainees and trainees as well as data from which ethnic origin, political opinions, religious or ideological convictions emerge. If necessary, we will get, express consent of the trainees and trainees and otherwise only process the special categories of data if it is for the provision of training services, for the purposes of health care, social protection or the protection of vital interests of trainees and trainees is required.

Coaching: We process the data of our clients as well as interested parties and other clients or contractual partners (uniformly referred to as "clients") in order to be able to provide them with our services. The processed data, the type, scope, purpose and necessity of their processing are determined according to the underlying contractual and client relationship. As part of our work, we can also use special categories of data, here in particular information on the health of clients, possibly with reference to their sex life or sexual orientation, as well as data from which the racial and ethnic origin, political opinions, process religious or ideological beliefs or union membership. If necessary, we will get, an express consent of the clients and process the special categories of data otherwise if this serves the health of the clients, the data is public or other legal permits are available. If it is necessary for our fulfillment of the contract, for the protection of vital interests or legally required, or if the clients have given their consent, we disclose or transmit the client's data to third parties or agents, e.g. Authorities, accounting offices as well as in the area of IT, office or comparable services; Legal basis.

Online courses and online training: We process the data of the participants in our online courses and online training (uniformly referred to as  "participants") in order to be able to provide them with our course and training services. The data processed here, the type, scope, purpose and necessity of their processing are determined according to the underlying contractual relationship. The data basically includes information on the courses and services used and, as far as part of our range of services, personal specifications and results of the participants. Processing forms also include performance evaluation and evaluation of our services as well as that of course and training managers.

Events: We process the data of the participants of the events, events and similar activities we offer or organize (hereinafter referred to as "participants" and "events"), to enable them to participate in the events and take advantage of the services or actions associated with participation, provided that we process health-related data, religious, political or other special categories of data, then this takes place within the scope of the obviousness (e.g. for thematically oriented events or for health care, safety or with the consent of those affected). The required information is marked as such in the context of the conclusion of the order, order or comparable contract and includes the information required for the provision of services and billing as well as contact information in order to be able to keep any feedback. Insofar as we have access to information from end customers, employees or other persons, we process it in accordance with the legal and contractual requirements.

​

We offer our services on online platforms operated by other service providers. In this context, in addition to our data protection information, the data protection information of the respective platforms applies. This applies in particular with regard to the implementation of the payment process and the procedures used on the platforms for measuring the reach and for marketing interests.

• Processed data types: Inventory data (e.g. names, addresses); Payment data (e.g. bank details, invoices, payment history); Contact details (e.g. email, telephone numbers); Contract data (e.g. object of contract, term, customer category); Usage data (e.g. visited websites, interest in content, access times); Meta, communication and process data (e.g. B. IP addresses, times, identification numbers, consent status. With the processing purposes of provision of contractual services and customer service; Marketing.

 

Payment procedure

In the context of contractual and other legal relationships, Due to legal obligations or otherwise based on our legitimate interests, we offer the data subjects efficient and secure payment options and, in addition to banks and credit institutions, use other service providers (in summary "payment service provider").

The data processed by the payment service providers include inventory data, e.g. the name and address, bank details, e.g. Account numbers or credit card numbers, passwords, TANs and checksums as well as the contract, Total and recipient-related information. The information is required to carry out the transactions. However, the entered data is only processed by the payment service providers and stored by them. This means that we do not receive any account or credit card-related information, but only information with confirmation or negative information of the payment. Payment service providers may transmit the data to business information agencies. This transmission is intended for the identity and credit check. We refer to the terms and conditions and the data protection information of the payment service providers.

The terms and conditions and data protection notices of the respective payment service providers apply to the payment transactions, which are published within the respective websites or. Transaction applications are available. We also refer to them for further information and assertion of revocation, information and other affected rights. We processed data such as Inventory data (e.g. names, addresses); Payment data (e.g. bank details, invoices, payment history); Contract data (e.g. subject of the contract, term, customer category); Usage data (e.g. visited websites, interest in content, access times); Meta, communication and process data (e.g. B. IP addresses, times, identification numbers, consent status); Contact details (e.g. email, telephone numbers).​  With the processing purposes of provision of contractual services and customer service.​

​

Apple Pay: Payment services (technical connection of online payment methods); Service provider: Apple Inc., Infinite Loop, Cupertino, CA 95014, USA; Legal basis: Fulfillment of contracts and pre-contractual inquiries (Art. 6 Para. 1 P. 1 lit. b) DSGVO); Website: https://www.apple.com/de/apple-pay/; Data protection declaration: https://www.apple.com/legal/privacy/de-ww/.

Google Pay: Payment services (technical connection of online payment methods); Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: Fulfillment of contracts and pre-contractual inquiries (Art. 6 Para. 1 P. 1 lit. b) DSGVO); Website: https://pay.google.com/intl/de_de/about/; Data protection declaration: https://policies.google.com/privacy.

Mastercard: Payment services (technical connection of online payment methods); Service provider: Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium; Legal basis: Fulfillment of contracts and pre-contractual inquiries (Art. 6 Para. 1 P. 1 lit. b) DSGVO); Website: https://www.mastercard.de/de-de.html; Data protection declaration: https://www.mastercard.de/de-de/datenschutz.html.

PayPal: Payment services (technical connection of online payment methods) (e.g. PayPal, PayPal Plus, Braintree); Service provider: PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg; Legal basis: Fulfillment of contracts and pre-contractual inquiries (Art. 6 Para. 1 P. 1 lit. b) DSGVO); Website: https://www.paypal.com/de; Data protection declaration: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Visa: Payment services (technical connection of online payment methods); Service provider: Visa Europe Services Inc., London branch, 1 Sheldon Square, London W2 6TT, GB; Legal basis: Fulfillment of contracts and pre-contractual inquiries (Art. 6 Para. 1 P. 1 lit. b) DSGVO); Website: https://www.visa.de; Data protection declaration: https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.

​

Application process

The application process requires that applicants provide us with the data necessary for their assessment and selection. Which information is required can be found in the job description or, in the case of online forms, in the information there. The required information includes information about the person, such as the name, address, contact options and evidence of the qualifications required for a job. Upon request, we would also be happy to provide you with the information you need. If made available, applicants can send us their applications using an online form. The data is transmitted to us encrypted according to the state of the art. Applicants can also send us their applications via email. However, we ask you to note that emails are generally not sent encrypted on the Internet. As a rule, emails are encrypted during transport, but not on the servers from which they are sent and received. We can therefore not assume any responsibility for the transfer route of the application between the sender and the reception on our server.

For the purposes of applying, submitting applications and selecting applicants, we can, in compliance with legal requirements, applicant management or. Use recruitment software and third-party platforms and services.

Applicants can contact us about the type of application or send us the application by post. 

As special categories of personal data within the meaning of Art. 9 Para. 1 DSGVO (e.g. health data, such as severely disabled status or ethnic origin) are requested from applicants as part of the application process, so that the person responsible or the person concerned can exercise his or her rights arising from labor law and the law of social security and social protection and can fulfill his or her obligations in this regard, their processing takes place according to Art. 9 Para. 2 lit. b. DSGVO, in the case of the protection of vital interests of applicants or other persons acc. Art. 9 para. 2 lit. c. DSGVO or for the purposes of preventive health care or occupational medicine, for assessing the employability of the employee, for medical diagnostics,for health or social care or for the management of systems and services in the health or social field acc. Art. 9 para. 2 lit. H. DSGVO. In the event of a voluntary notification of the special categories of data, they are processed on the basis of Art. 9 Para. 2 lit. a. DSGVO.

​