Data Privacy Statement
Data Privacy Statement
Notice on Data Protection
This Data Privacy Statement is intended to inform you how we process your personal data and to explain your rights to you. We are aware that the processing of your personal data is extremely important to you as the data subject and accordingly we comply with the relevant statutory provisions. The protection of your private sphere is therefore our highest priority. In processing your personal data, we comply with the General Data Protection Regulation and the data protection provisions and the provisions of domestic law.
Name and contact details of the Data Protection Officer and their representative
Struss & Claussen Personal Development
Moorfuhrtweg 15
22301 Hamburg
Telephone: +49 (0)40 - 688 79 49 70
E-Mail: kontakt@strussundclaussen.de
Managing Directors & Authorized Representatives: Ragnhild Struss and Johann Claussen
Contact data for the Data Protection Officer:
Ayda Pirmohammadi, M.A. Philosophy
Knowledge Management & Digitalization
Struss & Claussen Personal Development
Mooruhrtweg 15
22301 Hamburg
Telephone: +49 (0)40 - 688 79 49 70
E-Mail: pirmohammadi@strussundclaussen.de
Definitions:
This data privacy statement uses the terminology of the General Data Protection Regulation (GDPR).
“Personal data” means any information relating to an identified or identifiable natural person (hereinafter: data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.
Profiling is any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
File system is any structured collection of personal data, which is accessible by means of specific criteria, irrespective of whether this collection is managed centrally, locally or ordered in accordance with functional or geographic factors.
Controller is the natural or legal person, public authority, agency or other body, which alone or jointly with others decides on the purposes and means of the processing of personal data; if the purposes and means of this processing are specified by European Union law or the law of the Member State, the controller and/or the specified criteria for his designation may be specified by European Union law or the law of the Member State.
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient is a natural or legal person, public authority, agency or other body, to which the personal data are disclosed, whether a third party or not. Public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; these data are processed in accordance with the applicable data protection provisions in accordance with the purposes of the processing.
Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Processing operations
We collect and process the following personal data concerning you:
- contact and address information, if you have communicated your contact information to us or registered on our website,
- data, which you have communicated to us in the course of consultations, training or coaching sessions,
- data, which you have communicated to us in the course of counseling by telephone,
- online identifiers (e.g., your IP address, browser type and version, the related operating system, the referrer URL, the IP address, the file name, the access status, the amount of data transferred, the date and time of the server query).
Purposes of processing
We process your data for the following purposes:
- to make contact with you as requested by you,
- to update our offer to you,
- to process the contract,
- to develop the strategy customized to you in the course of the consultation,
- for advertising purposes,
- to send you the e-mail newsletter, if you have registered for it,
- for quality assurance and
- for our statistics.
Legal bases for the data processing
Your data are processed on the following legal bases:
- on the basis of your consent in accordance with Article 6(1)(a) GDPR,
- to fulfill a contract with you in accordance with Article 6(1)(b) GDPR,
- to comply with legal obligations in accordance with Article 6(1)(c) GDPR, or
- for the purposes of our legitimate interests in accordance with Article 6(1)(f) GDPR.
Legitimate interests
If we base the processing of your personal data on legitimate interests within the meaning of Article 6(1)(f) GDPR, these interests are
- the improvement of our offer,
- protection from abuse and
- the management of our statistics.
Data sources
We receive the data from you (including via the devices used by you). If we do not collect the personal data from you, we additionally inform you from what source the personal data originate and where applicable, whether they originate from publicly accessible sources.
Recipients or categories of recipients of the personal data
In processing your data we work with the following service providers, who have access to your data:
- twentyreasons business solutions GmbH
- Gallup Strengths Center.
- LINC GmbH
- MailChimp
- Thinkific
Data are transferred to third countries outside the European Union. This transfer takes place on the basis of contractual regulations provided by statute, which are intended to guarantee adequate protection for your data and which you may inspect on request.
Storage period
We store your personal data only for as long as this is necessary in order to achieve the purpose of the processing or where storage is subject to a statutory retention period.
We store your data,
- if you have given your consent to the processing, as a maximum period up to the time you withdraw your consent,
- if we require the data for the performance of a contract as a maximum period for as long as the contractual relationship with you is in existence or statutory retention periods continue to run,
- if we use the data on the basis of a legitimate interest as a maximum period for as long as your interest in erasure or anonymization of the data does not override our interest.
Your rights:
You have the following rights – in some cases subject to specific conditions:
- the right to request information, free of charge, on the processing of your data and to receive a copy of your personal data. You are entitled inter alia to request information on the purposes of the processing, the categories of personal data, which are processed, the recipients of the data (if the data are transferred), the duration of the storage period or the criteria for the determination of the storage period;
- The right tocorrect your data. If your personal data are incomplete, you have the right, with due regard to the purposes for the processing, to complete the data;
- The right to have your data erased or blocked; The grounds for a claim for the erasure or blocking of data may be inter alia the withdrawal of the consent, on which the processing is based, the data subject lodges an objection to the processing, the personal data have been unlawfully processed;
- the right to have the processing restricted;
- the right to object to the processing of your data;
- the right to withdraw your consent to the processing of your data and
- the right to lodge a complaint concerning illegal data processing with the competent supervisory authority.
Requirement or obligation for data to be provided
Unless requirement or an obligation to provide data is expressly specified, there is no requirement or obligation to provide data. Such an obligation may arise from legal requirements or contractual provisions.
Further Information on Data Protection
Contact Form
The contact form on our website provides a quick and simple method of contacting us. So that contact is possible some of the fields are marked as required fields. If you fill out the fields and select "Send", you are giving your consent that your data are communicated to us with the e-mail message. The data are not stored on the web server.
E-mail Newsletter
If you register for our newsletter, we use the data required or communicated separately by you for this purpose to send you our e-mail
newsletter on a regular basis. The data processing is carried out based on your consent (Article 6(1)(a) GDPR). We use this data solely for sending the requested information and do not share it with third parties. You can de-register from the newsletter at any time, either by sending a message to the contact details stated above or via the de-registration link provided.
The newsletter is sent using "Mailchimp," which also stores e-mail addresses and other information for the purpose of sending and analyzing the newsletter.
MailChimp
This website uses Mailchimp's services to send newsletters. The provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
Mailchimp is a service used for managing and analyzing the distribution of newsletters, among other things. If you provide data for subscribing to the newsletter (e.g., e-mail address), it will be stored on Mailchimp's servers in the USA.
Mailchimp is certified under the "EU-U.S. Privacy Shield." The "Privacy Shield" is an agreement between the European Union (EU) and the USA designed to ensure that European data protection standards are upheld in the USA.
With the help of MailChimp, we can analyze our newsletter campaigns. When you open an email sent via Mailchimp, a file within the e-mail (known as a web beacon) connects to Mailchimp’s servers in the USA. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked on. Technical information is also collected, such as the time of access, IP address, browser type, and operating system. This information cannot be linked to a specific newsletter recipient. The information is used solely for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to the interests of the recipients.
If you would prefer not to allow MailChimp to analyze your data, you must unsubscribe from the newsletter. We provide a link for this purpose in every newsletter message. You can also unsubscribe from the newsletter directly on the website.
The data processing is carried out based on your consent (Article 6(1)(a) GDPR). You can withdraw this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations carried out prior to the revocation remains unaffected.
The data you provide for subscribing to the newsletter will be stored by us until you unsubscribe. After you unsubscribe, it will be deleted from both our servers and Mailchimp’s servers. Data stored by us for other purposes (e.g., e-mail addresses for the member area) will remain unaffected by this.
For more information, please refer to MailChimp's privacy policy at: https://mailchimp.com/legal/terms/.
We have a "Data Processing Agreement" with Mailchimp, in which we require Mailchimp to protect our customers' data and not to disclose it to third parties. This contract can be viewed at the following link: https://mailchimp.com/legal/forms/data-processing-agreement/sample-agreement/.
Data Protection
We have put in place a comprehensive range of technical and organizational measures to protect your data against possible risks, such as unauthorized access or seizure, unauthorized cognizance, modification or distribution, as well as against loss, destruction or abuse.
In order to protect your personal data from unauthorized access by third parties, when the data are being transferred, we secure data transfers, where necessary by means of SSL encryption. This is a standardized encryption method for online services, especially for the web.
Log files
The website provider automatically collects and stores data in what are known as server log files, which your browser automatically transfers to us. These are: the type and version of your browser, the operating system used, HTTP referrer, URL, host name of the computer accessing the site, time of the server enquiry, IP address.
These data are not combined with other data sources.
The basis for data processing is Article 6(1)(f) GDPR, which permits the processing of data for the purpose of fulfilling a contract or pre-contractual measures.
Cookiebot
We use the consent management service Cookiebot, provided by Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (Cybot). This allows us to obtain and manage the website user's consent for data processing. The processing is necessary for compliance with a legal obligation to which we are subject (Article 6(1)(c) GDPR) and is in accordance with the requirements of Article 7(1) GDPR. The following data is processed using cookies:
Your IP address (with the last three digits set to '0'). Date and time of consent. Browser information and the URL from which the consent was given. An anonymous, random, and encrypted key, along with your consent status, serving as proof of consent.
The key and consent status are stored in the browser for 12 months using the "CookieConsent" cookie. This means that your cookie preferences are retained for subsequent page requests. The key allows for the verification and tracking of consent.
If you activate the "collective consent" service feature to allow consent for multiple websites with a single end-user consent, the service will also store a separate, random, unique ID alongside your consent. If all the following criteria are met, this key is stored in encrypted form in the cookie of the third-party provider "CookieConsentBulkTicket" in your browser: You activate the collective consent feature in the service configuration. You allow cookies from third-party providers via browser settings. You have deactivated "Do not track" via the browser settings. You accept all or at least certain types of cookies when you give your consent.
The functionality of the website cannot be guaranteed without this processing.
Cybot is the recipient of your personal data and acts as a data processor on our behalf.
The processing takes place in the European Union. Further information on objection and removal options vis-à-vis Cybot can be found at https://www.cookiebot.com/de/privacy-policy/
Your personal data will be deleted continuously after 12 months or immediately upon termination of the contract between us and Cybot.
Please refer to our general information on deleting and deactivating cookies provided above.
Cookies
This website uses what are known as cookies. A cookie is a text file with an identification number, which, when the user uses the website, is transferred to the user's computer together with the data actually requested and is deposited there. The file is stored there in readiness for subsequent access to our site and serves to identify the user. Since cookies are only simple files and are not executable programs they present no risk to your computer. Depending on the internet browser setting selected by the user, the user's computer accepts these cookies automatically. However, this setting can be changed, and the acceptance of cookies deactivated, or the setting can be adjusted so that the user is notified every time a cookie is deposited. If the use of cookies is deactivated, however, it may be that some functions of the website may not be available or may be available only in a restricted form. You may prevent the placing of cookies by our website, as explained above, at any time by means of adjusting accordingly the settings of the browser used and in this way objecting on a permanent basis to the placing of cookies. Cookies already active may be deleted at any time by means of an internet browser or other software program. In some cases, we work with advertising partners, who help us to design our website content to make it more interesting for you. In this case and for this purpose, when you visit our website, cookies from our partner companies are also stored on your hard disk (cookies from third party suppliers). When we work with the aforementioned advertising partners the following sections inform you individually and separately about the use of such cookies and the extent of the information collected in each case.
Google Analytics
We use the services of Google Analytics from Google Inc. This service allows us to analyze the use of our websites and for this purpose uses cookies. For this purpose, information generated by the cookie, such as your anonymized IP address is transferred on our behalf to a Google Inc. server in the USA, stored and analyzed there with the extension on this website "gat._anonymizeIp();". In this way IP addresses are captured anonymously. Your IP address is normally anonymized by being abbreviated by Google Inc. within the European Union or in other signatory states of the European Economic Area (EEA). In exceptional cases your IP address is transferred to a Google Inc. server in the USA and not anonymized until it is received there. Your IP address, which has been transferred in this way, is not merged with other data from Google Inc. As part of the Google Analytics advertising function re-marketing and reports on performance are used in accordance with demographic characteristics and interests. The purpose of these operations is, with the help of information on user behavior, to direct the advertising campaigns more closely towards the interests of the respective users. As part of re-marketing the user's surfing behavior on this website can be used to switch personalized advertising campaigns to other websites. In this way the promotional material can include products, which the user has previously seen on the website. If you have agreed that Google may link your web and app browser history with your Google account and use information from your Google account to personalize advertisements, Google uses these data for cross-device re-marketing. You may at any time register your objection to the collection of your data by Google Analytics. In order to do so, the following possibilities are available to you. Most browsers accept cookies automatically. However, you can prevent the use of cookies by altering the settings on your browser; in this case, however, it may not be possible to use all the functions on the website. The settings must be adjusted separately for every browser you use.
Furthermore, you can prevent these data being collected and processed by Google Inc. by downloading and installing the browser add-on available from the following link:https://tools.google.com/dlpage/gaoptout?hl=en
Alternatively, or within browsers on mobile devices, please click on the following link:
Google Analytics Opt-Out-Cookie
Your current setting: The opt-out cookie is not engaged
This stores an opt-out cookie for our websites on your device with effect for the browser you are currently using. If you delete these cookies from your browser, you must click once again on this link. You can find more detailed information on conditions of use and data protection onhttps://marketingplatform.google.com/about/analytics/terms/us/ or on https://policies.google.com/?hl=en.
Google Fonts
We use Google Fonts, a service from Google Inc. (Google): www.google.com/fonts#AboutPlace:about. These web fonts are integrated by means of a server request, usually to a Google server in the USA. This communicates to the servers which of our Internet sites you have visited. The IP address of the browser of the terminal used by the visitor to these websites is also stored by Google. More detailed information is available in Google's Data Privacy Notice, which you can access here: www.google.com/policies/privacy/.
Google Maps
On our website we use Google Maps (API) from Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google). Google Maps is a web service for the display of interactive maps, in order to display geographical information visually. When you use this service, you are shown our main site and route-planning to it is facilitated. When you access those sub-pages, to which the Google Maps map is linked, information on your use of our website (e.g., your IP address) is transferred to Google servers in the USA and stored there. This happens irrespective of whether Google provides a user account, to which you are logged in or whether no user account exists. If you are logged in to Google, your data are assigned directly to your account. If you do not want the data to be allocated to your Google profile, you must log out of your Google account before activating the button. Google stores your data (even the data of users, who are not logged on) as usage profiles and analyzes these. This type of analysis is conducted pursuant to Article 6(1)(f) GDPR, based on Google's legitimate interest in delivering personalized advertising, conducting market research, and/or tailoring its websites to market needs. You have the right to object to the creation of this user profile; to exercise this right you must contact Google. Detailed information on data protection in relation to the use of Google Maps is available on Google's website (Google Privacy Policy): https://policies.google.com/privacy?hl=en&gl=de.
Facebook using the "Shariff" function
Plug-ins for the Facebook social network, access provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, are integrated into our websites. You can recognize the Facebook plug-ins by the Facebook logo or the Like button on our site. An overview of Facebook plug-ins is available here: http://developers.facebook.com/docs/plugins/. We use the Shariff button, which ensures data protection. Shariff replaces the usual Share button, so that your data are not automatically transferred to Facebook every time you access the site. This will happen only if you click on the button. We advise you that we as the access provider for our site have no knowledge of the contents of the data transferred or of their use by Facebook. You can find more detailed information on this in the Facebook Data Privacy Statement on https://www.facebook.com/privacy/policy/.
Google Tag Manager
We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is a tool that enables us to integrate tracking or statistics tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store any cookies and does not carry out any independent analyses. It is only used to manage and display the tools integrated via it. However, Google Tag Manager records your IP address, which may also be transmitted to Google's parent company in the United States.
The Google Tag Manager is used based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in the quick and efficient integration and management of various tools on the website. If consent has been obtained, the processing is carried out solely based on Article 6(1)(a) GDPR and § 25(1) TTDSG, insofar as the consent covers the storage of cookies or access to information on the user's terminal device (e.g., device fingerprinting) as defined by the TTDSG. Consent can be revoked at any time.
Google Ads
The website operator uses Google Ads. Google Ads is an online advertising program run by Google Ireland Limited, located at Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads allows us to display advertisements in the Google search engine or on third-party websites when users enter specific search terms in Google (keyword targeting). Additionally, targeted advertisements can be shown based on user data available to Google, such as location data and interests (audience targeting). As website operators, we can analyze this data quantitatively by examining, for example, which search terms triggered our advertisements and how many of these ads resulted in clicks.
The use of this service is based on your consent in accordance with Article 6(1)(a) GDPR and § 25(1) TTDSG. Consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses provided by the EU Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.
Google Conversion Tracking
This website uses Google Conversion Tracking. The provider is Google Ireland Limited, located at Gordon House, Barrow Street, Dublin 4, Ireland.
With Google Conversion Tracking, both Google and we can determine whether a user has completed specific actions. For example, we can analyze which buttons on our website are clicked most frequently and identify which products are viewed or purchased the most. This information is used to create conversion statistics. We can determine the total number of users who have clicked on our ads and the actions they subsequently took. We do not receive any information that allows us to personally identify the user. Google uses cookies or similar tracking technologies for identification purposes.
The use of this service is based on your consent in accordance with Article 6(1)(a) GDPR and § 25(1) TTDSG. Consent can be revoked at any time.
You can find more information about Google Conversion Tracking in Google's privacy policy: https://policies.google.com/privacy?hl=en.
YouTube
For the integration of videos we use inter alia the access provider, YouTube. YouTube is operated by YouTube LLC with head office at 901 Cherry Avenue, San Bruno, CA 94066, USA. YouTube is represented by Google Inc. with registered office at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. When you access our Internet presence through websites equipped with plug-ins, for example our media center, this produces a connection to the YouTube servers and the plug-in is displayed. This communicates to the YouTube servers which of our Internet sites you have visited. If you are logged on to YouTube as a member, YouTube allocates this information to your personal user account. When you use the plug-in, for example by clicking on the start button for a video, this information is also allocated to your user account. You can prevent this information being allocated to your account by logging off from your YouTube user account and any other user accounts of the YouTube LLC und Google Inc. companies before using our website and by deleting the appropriate cookies from those companies. You can find more detailed information on data processing and advice on data protection by YouTube (Google) on https://policies.google.com/privacy?hl=en&gl=de.
FontAwesome
On our website we use the FontAwesome web font. When a site is accessed, your browser loads the required web fonts into its browser cache, in order to display texts and fonts correctly. For this purpose, the browser used by you must accept a connection with the FontAwesome servers. This informs FontAwesome that our website has been accessed through your IP address. If your browser does not support web fonts, your computer uses a standard font. Further information on FontAwesome web fonts is available in FontAwesome's data privacy statement: https://www.fontawesome.com/privacy.
FontAwesome is integrated by means of a CDN (Content Delivery Network). When a website is downloaded, each file included on the site generates what is known as a HTTP request (a server request). Modern browsers can process in parallel between two and four requests, which inevitably creates a queue. The longer the queue, the longer it takes for the website to download. However, the request is restricted by domain. If media contents are rolled out on additional domains, the site can be downloaded by various sources and is built up more quickly.
TYPEFORM
On our websites we use the TYPEFORM service from TYPEFORM S.L. with registered office in Carrer Bac de Roda, 163, 08018 Barcelona (Spain). TYPEFORM collects data, in order to analyze user behavior on our website and to transfer the information to us. In order that TYPEFORM S.L. may collect and process the data mentioned for the purposes stated, we need your consent. If you do not want to agree to the collection and processing of your data by TYPEFORM as described, it is not possible to communicate your enquiry via the online form. You can find detailed information on data collection and processing by TYPEFORM S.L on https://admin.typeform.com/to/dwk6gt.
Spotify
We use the Spotify widget provided by Spotify AB, Regeringsgatan 19, 111 53 Stockholm, Sweden, to offer our audio content for listening and downloading, and to gather statistical information on retrieval. Usage data (such as information about websites you have visited, your interest in content, and access times), as well as meta/communication data (such as device information, IP address, and pseudonymous cookie ID), are collected and processed to measure content reach through access statistics, recognize returning visitors, evaluate interactions of website visitors, and create user profiles for advertising purposes. You can find more information in Spotify's privacy policy, which you can access here: https://www.spotify.com/de-en/legal/privacy-policy/.
Calendly
You can make appointments with us on our website. We use the “Calendly” tool to book appointments. The provider is Calendly LLC, 271 17th St NW, 10th Floor, Atlanta, Georgia 30363, USA (hereinafter “Calendly”).
For the purpose of booking an appointment, you enter the requested data and the desired date in the mask provided for this purpose. The data entered will be used for the planning, execution and, if necessary, follow-up of the appointment. The appointment data is stored for us on the servers of Calendly, whose privacy policy you can view here: https://calendly.com/de/pages/privacy.
The data you enter will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Mandatory statutory provisions - in particular retention periods - remain unaffected.
The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in making appointments with interested parties and customers as uncomplicated as possible. If consent has been requested, Art. 6 para. 1 lit. a GDPR is the legal basis for data processing; consent can be withdrawn at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://calendly.com/pages/dpa.
Order processing
We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract required by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
Translated with DeepL.com (free version)
Use of services as part of the online coaching course
We use the following services to run our online coaching course:
Zoom
As part of our online coaching course, we use the video transmission tool Zoom, a service provided by Zoom Video Communications, Inc., located at 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA (hereinafter referred to as "Zoom"). Zoom enables us to conduct live sessions, coaching, and peer group work through video transmission.
The data processed includes user details (e.g., first name, surname, e-mail address), meeting metadata (e.g., topic, participant IP addresses, device/hardware information), and recordings (MP4 files of all video, audio, and presentation recordings, M4A files of all audio recordings, and text files of the online meeting chat).
The data processing is carried out to fulfill the contract based on Article 6(1)(b) GDPR.
As part of the service, data is transferred to the USA. The processing of "operational data" in the USA and the handling of personal data for support purposes are governed by the standard contractual clauses of the EU Commission.
You can find Zoom's privacy policy here: https://explore.zoom.us/en/privacy/
Stripe
We use Stripe, a service provided by Stripe Payments Europe, Ltd, located at The One Building, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland (hereinafter referred to as "Stripe"), for payment processing. Stripe enables us to provide fast and secure payment processing.
Processed data includes inventory data (e.g., names, addresses), payment data (e.g., bank details, invoices, payment history), contract data (e.g., subject matter of the contract, term, customer category), and meta/communication data (e.g., device information, IP addresses).
The data processing is carried out for the fulfillment of the contract based on Art. 6(1)(b) GDPR.
As part of the service, data is transferred to the USA. The transfer is based on the standard contractual clauses of the EU Commission.
You can find Stripe's privacy policy here: https://stripe.com/de/legal/privacy-center
Thinkific
For hosting our online coaching course, we use Thinkific, a service provided by Thinkific Labs Inc, located at #400 - 369 Terminal Ave, Vancouver, British Columbia, V6A 4C4, Canada (hereinafter referred to as "Thinkific"). Thinkific allows us to provide a user-friendly course environment. The service also serves as a sales interface for the distribution of the course.
The processed data includes user details (e.g., first name, surname, e-mail address), meta/communication data (e.g., device information, IP addresses), usage data (e.g., interactions with website elements, access times, course history), and payment data (e.g., bank details, invoices, billing address, payment history). We have access to this data at any time and can remove it.
Data processing is carried out for the fulfilment of the contract under Article 6(1)(b) GDPR and based on our legitimate interest pursuant to Article 6(1)(f) GDPR, to provide a seamless and user-friendly digital course experience.
As part of the service, data is transferred to the USA. The transfer is conducted based on the standard contractual clauses established by the EU Commission.
You can find Thinkific's privacy policy here: https://www.thinkific.com/privacy-policy/
Sugar CRM
We use the CRM tool SugarCRM, provided by SugarCRM Inc., located at 10050 N. Wolfe Rd., SW2-130, Cupertino, CA 95014, USA. SugarCRM is employed to efficiently and digitally manage our specially developed test procedures, which participants complete as part of the online coaching course.
To facilitate this, a unique participant profile is created for each individual in SugarCRM. In this context, we process inventory data (e.g., name, address, e-mail), usage data (e.g., test history, access times), and meta/communication data (e.g., IP address).
Data processing is conducted to fulfil the contract in accordance with Article 6(1)(b) of the GDPR.
As part of the service, data is transferred to the USA. Data processing is based on the Standard Contractual Clauses (SCCs) established by the European Commission.
You can find SugarCRM's privacy policy here: https://www.sugarcrm.com/legal/privacy-policy/
PayPal
We use PayPal, a service provided by PayPal (Europe) S.à r.l. et Cie, S.C.A., located at 22-24 Boulevard Royal, L-2449 Luxembourg (referred to as "PayPal"), as an additional payment service provider. With the help of PayPal, we can offer swift and secure payment processing.
For payment processing, data collected during the transaction - including inventory data (e.g., name, e-mail address, phone number), payment data (e.g., amount, product description), and meta/communication data (e.g., IP address) - is transmitted to PayPal.
PayPal may share the collected data with credit agencies for identity and credit checks, particularly in cases involving direct debit or invoicing. You can find more information here: https://www.paypal.com/de/webapps/mpp/ua/creditref
Data processing is carried out for the fulfillment of the contract in accordance with Article 6(1)(b) of the GDPR. The use of PayPal also serves our legitimate interest, as outlined in Article 6(1)(f) of the GDPR, to provide fast and secure payment processing and to protect against fraud.
As part of the service, data is transferred to the USA. The transfer is based on the EU Commission's standard contractual clauses. You can find more details here: https://www.paypal.com/de/webapps/mpp/gdpr-readiness-requirements
You can find Paypal's privacy policy here: https://www.paypal.com/en/webapps/mpp/ua/privacy-full
Gallup (CliftonStrengths program)
As part of our online coaching course, our participants take part in the CliftonStrengths talent assessment program, offered by Gallup, Inc., located at 901 F Street, NW, Washington D.C., 20004, USA (hereinafter referred to as "Gallup"). The test gives participants the opportunity to receive personalized reports on their unique talents and strengths. To this end, the participant answers the test questions, which are then analyzed by Gallup to produce a report.
To participate in the CliftonStrengths program, each course participant receives an access code from us, which they can use on the Gallup website. The course participant is then prompted to set up a user account with Gallup.
Participation in the CliftonStrengths program is voluntary. We provide the access codes separately via email, which the participant can use for their own registration on the Gallup website. If the course participant registers for, completes, and finishes the program, we will be able to view the results on Gallup, but not the specific responses to individual questions within the program. This data processing is necessary to fulfill the contract based on Art. 6(1)(b) of the GDPR.
When registering for and participating in the CliftonStrengths program, Gallup collects personal data such as inventory data (e.g., name, e-mail address, phone number), test data (e.g., participant's answers), and meta/communication data (e.g., IP address), which is transferred to the USA.
You can find Gallup's privacy policy here: https://www.gallup.com/privacy
MailChimp
As part of the online coaching course, we use Mailchimp, a service provided by The Rocket Science Group LLC, located at 675 Ponce de Leon Ave NE, Suite 50000, Atlanta, GA 30308, USA, for sending emails within the course. Mailchimp's parent company is Intuit Inc., located at 2700 Coast Ave, Mountain View, CA 94043, USA. The service helps us manage communication with our course participants.
Among other things, inventory data (e.g., email address, name) is processed for the purpose of dispatch.
Data processing is carried out to fulfill the contract based on Art. 6(1)(b) GDPR and our legitimate interest pursuant to Art. 6(1)(f) GDPR in communicating with our course participants easily and efficiently through a central application, such as for sending course-relevant information.
As part of the service, data is transferred to the USA. Data processing is based on the Standard Contractual Clauses (SCCs) established by the European Commission. Details can be found here: https://mailchimp.com/de/help/mailchimp-european-data-transfers/
We have a "Data Processing Agreement" with Mailchimp, in which we require Mailchimp to protect our customers' data and not to share it with third parties. This contract can be viewed at the following link: https://mailchimp.com/de/legal/data-processing-addendum/
You can find MailChimp's privacy policy here: https://www.intuit.com/privacy/statement/
Clarity
We use the Clarity service on our website, an analytics tool provided by Microsoft Ireland Operations Limited, located at One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland, to better understand user experience and optimize the offerings on this website. Clarity's technology helps us gain a better understanding of our users' experiences, such as how much time they spend on different pages, how far they scroll, and which links or areas are clicked on most frequently. Clarity uses cookies and other technologies to collect information about user behavior and the corresponding devices. Personal data is processed for this purpose, including the IP address of the device, which is recorded and stored exclusively in anonymized form. In addition, the screen size, device type, information about the browser used, and location (region only) are recorded. Clarity stores this information in a pseudonymized user profile for up to one year. This is done based on your consent, which you can revoke at any time. The information is neither used by Clarity nor by us to identify individual users, nor is it combined with other data about individual users. You can find more information in Microsoft's privacy policy at https://privacy.microsoft.com/de-de/privacystatement.
Status of this Data Privacy Statement
June 2024