Privacy Policy
This Privacy Policy explains how we collect, use, and disclose personal information collected from users ("you" or "user") of our website https://www.herfinancialfreedom.net/ ("Website"). By using our Website, you agree to the collection and use of your personal information as described in this Privacy Policy.
​
Authorized persons:
Cristina Jaeger
Email address:
cristina@herfinancialfreedom.net
Imprint:
https://www.herfinancialfreedom.net/imprint
​
Last updated 19 August 2024.
​
Information We Collect
We may collect personal information that you voluntarily provide to us when you use our Website, such as your name, email address, and other contact information. We may also collect information automatically as you navigate and interact with our Website, such as usage data, IP addresses, cookies, and other tracking technologies. Also by submitting any forms, you acknowledge and agree that the hFF may use your provided details, such as: Inventory data, Payment data, Contact details, Content data, Contract data, Usage data, Meta, communication and process data, Applicant data, Image and / or video recordings, Event data, Data Subject (Customers, Employees, Interested parties, Communication partner, User, Applicat, Challenge/Competition and competition participants, Business and contractual partners, Pupils / students / participants, Participant and Trained people).
With the purpose of Provision of contractual services and customer service, Contact requests and communication, Direct marketing, Range measurement, Tracking, Office and organizational procedures, Remarketing, Conversion measurement, Target group formation, Affiliate tracking, Management and answering of inquiries, Application process, Conducting competitions and competitions/challenge, Feedback, Marketing, Profiles with user-related information, Provision of our online offer and user friendliness, Information technology infrastructure.
​
You can unsubscribe from the newsletter at any time by clicking the "unsubscribe" link provided in each email. Rest assured that we will handle your information with utmost care and respect your privacy.
​
Use of Personal Information
We may use the personal information we collect for various purposes, including:
-
To provide and improve our services, products, and content on the Website
-
To respond to your inquiries, comments, and feedback
-
To send you marketing communications, newsletters, and promotional materials
-
To comply with applicable laws, regulations, and legal processes
-
To protect the rights, property, and safety of our users and the public
​
Disclosure of Personal Information
We may share your personal information with third parties for various purposes, including:
-
Service providers who help us operate and manage our Website
-
Business partners, affiliates, and vendors who assist us in providing our services
-
Legal, regulatory, or government authorities as required by law or to protect our rights
-
Other users, with your consent or as part of the normal functioning of our Website
​
Newsletter Tracking
The herFinancialFreedom newsletters utilize what are known as counting pixels. A counting pixel is a small graphic element embedded within emails sent in HTML format. Its purpose is to facilitate log file recording and analysis, allowing for statistical assessment of the success or effectiveness of online marketing campaigns. By means of the embedded counting pixel, herFinancialFreedom is able to ascertain whether an email has been opened by an individual and identify which links within the email have been accessed by that individual.
Any personal data gathered through the counting pixels embedded in our newsletters is stored and analyzed by the data controller. This is done to enhance the distribution of newsletters and to tailor the content of future newsletters more precisely to the preferences of the recipient. Importantly, this personal data is not shared with any third parties. Individuals whose data is collected have the right to withdraw their previously provided consent through the double opt-in process at any time. Upon such withdrawal, the data controller will proceed to delete this personal data. Furthermore, opting out of newsletter reception is automatically regarded as a withdrawal of consent by herFinancialFreedom.
​
Deletion of data
The data processed by us will be deleted in accordance with the legal requirements as soon as their consent permitted for processing is revoked or other permits are no longer available (e.g. if the purpose of processing this data has ceased to exist or is not necessary for the purpose). If the data is not deleted because it is necessary for other and legally permissible purposes, its processing is limited to these purposes. This means that the data is blocked and not processed for other purposes. This applies e.g. for data that must be kept for commercial or tax reasons or their storage for assertion, Exercise or defense of legal claims or to protect the rights of another natural or legal person is required. Our data protection information can also contain further information on the storage and deletion of data that are of primary importance for the respective processing.
​
Data Security
We take reasonable measures to protect the security of your personal information and to prevent unauthorized access, use, or disclosure. However, please note that no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.
​
Use of cookies
Cookies are small text files or other memory notes that store information on end devices and read information from the end devices. E.g. to save the login status in a user account, a shopping cart content in an e-shop, the called up content or used functions of an online offer. Cookies can also be used for different purposes, e.g. for the functionality, security and convenience of online offers as well as the creation of analyzes of the flow of visitors. We use cookies in accordance with legal regulations. We therefore obtain prior consent from users, unless this is not required by law. In particular, consent is not necessary if it is absolutely necessary to store and read out the information, including cookies, in order to provide the users with service they expressly request (i.e. our online offer). The revocable consent is clearly communicated to the users and contains the information on the respective use of cookies. Information on data protection legal bases: The data protection legal basis on which we process users' personal data using cookies depends on whether we ask users for consent. If the users consent, the legal basis for processing your data is the declared consent. Otherwise, the data processed using cookies are processed on the basis of our legitimate interests (e.g. in a business operation of our online offer and improvement of its usability) or, if this is done within the scope of fulfilling our contractual obligations, if the use of cookies is necessary to fulfill our contractual obligations. For what purposes we process cookies, We will clarify this in the course of this data protection declaration or as part of our consent and processing processes.
Storage duration: The following types of cookies are distinguished in terms of storage duration:
-
Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and has closed his end device (e.g. browser or mobile application).
-
Permanent cookies: Permanent cookies remain stored even after the end device has been closed. For example, the login status can be saved or preferred content displayed directly when the user visits a website again. Likewise, the data of the users collected with the help of cookies can be used to measure the range. Unless we provide users with explicit information about the type and storage period of cookies (e.g. B. as part of obtaining consent), users should assume that cookies are permanent and that the storage period can be up to two years.
Users can revoke the consent they have given at any time and also file an objection to the processing in accordance with the legal requirements. Users can also explain their objection via the settings of their browser, e.g. by deactivating the use of cookies (although this may also limit the functionality of our online services).
​
Processing of cookie data based on consent
We use a method for cookie consent management, within the framework of which the consent of the user in the use of cookies, or. the processing and providers mentioned in the context of the cookie consent management process can be obtained and managed and revoked by the users. The declaration of consent is saved in order not to have to repeat its query again and to be able to prove the consent in accordance with the legal obligation. The storage can be carried out on the server side and / or in a cookie (so-called opt-in cookie, or using comparable technologies) in order to be able to assign the consent to a user or his device. Subject to individual information on the providers of cookie management services, the following information applies: The duration of the storage of the consent can be up to two years. A pseudonymous user identifier is formed and, at the time of consent, information on the scope of consent as well as the browser, system and device used.
​
Your Rights
a) Right to Confirmation
Every data subject has the right, as granted by the European directive and regulation provider, to request confirmation from the data controller regarding the processing of personal data related to them. If a data subject wishes to exercise this right of confirmation, they can contact an employee of the controller at any time.
b) Right to Information
Every individual affected by the processing of personal data has the right, in accordance with the European directive and regulation, to obtain free information from the data controller at any time about the personal data stored concerning them, as well as a copy of this information. The European directive and regulation provider has also specified that data subjects have the right to be informed about the following:
-
The purposes of processing
-
The categories of processed personal data
-
Recipients or categories of recipients to whom the personal data has been or will be disclosed, especially for recipients in third countries or international organizations
-
If possible, the envisaged duration for which the personal data will be stored, or, if not possible, the criteria used to determine that duration
-
The existence of the right to rectification, erasure, restriction of processing, or objection
-
The right to lodge a complaint with a supervisory authority
-
If the personal data is not collected from the data subject: all available information about the data's origin
-
The existence of automated decision-making, including profiling, along with meaningful information about the logic involved and the envisaged consequences for the data subject
Additionally, data subjects have the right to know if their personal data has been transferred to a third country or international organization. If such transfer has taken place, the data subject also has the right to receive information about the appropriate safeguards in connection with the transfer.
To exercise this right to information, a data subject can contact an employee of the controller at any time.
c) Right to Rectification
Every individual affected by the processing of personal data has the right, as granted by the European directive and regulation, to request the prompt correction of inaccurate personal data concerning them. Furthermore, taking into account the purposes of processing, data subjects have the right to request the completion of incomplete personal data through a supplementary statement.
To exercise this right of rectification, a data subject can contact an employee of the controller at any time.
d) Right to Erasure (Right to Be Forgotten)
Every individual affected by the processing of personal data has the right, as granted by the European directive and regulation provider, to demand the data controller's immediate erasure of personal data concerning them under certain circumstances, provided that processing is not necessary. These circumstances include:
-
The personal data was collected or processed for purposes for which it is no longer needed.
-
The data subject revokes their consent, on which the processing was based, and there's no other legal basis for processing.
-
The data subject objects to the processing and there are no overriding legitimate grounds for processing.
-
The personal data was processed unlawfully.
-
Erasure is necessary to fulfill a legal obligation under Union or Member State law.
-
The personal data was collected in relation to information society services.
If any of these circumstances apply and a data subject wishes to have their personal data deleted from herFinancialFreedom's records, they can contact an employee of the controller at any time. The herFinancialFreedom employee will promptly arrange for the data to be deleted.
If personal data has been made public by herFinancialFreedom and there's an obligation to erase it, the company will take reasonable steps, including technical measures, to inform other data controllers processing the data, to delete links to or copies of the data. The necessary arrangements will be made on a case-by-case basis.
e) Right to Restriction of Processing
Every individual affected by the processing of personal data has the right, in accordance with the European directive and regulation, to demand the controller to restrict processing under certain conditions. These conditions include:
-
The data subject contests the accuracy of the personal data, allowing the controller to verify accuracy.
-
Processing is unlawful, but the data subject opposes erasure and requests restriction instead.
-
The controller no longer needs the personal data for processing, but the data subject requires it to establish, exercise, or defend legal claims.
-
The data subject has objected to processing under Article 21(1) of the GDPR, pending verification of whether the legitimate grounds of the controller override those of the data subject.
If any of these conditions are met and a data subject wishes to restrict the processing of their personal data held by herFinancialFreedom, they can contact an employee of the controller at any time. Employees of herFinancialFreedom will promptly initiate the necessary restrictions.
f) Right to Data Portability
Every individual affected by the processing of personal data has the right, as granted by the European directive and regulation, to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format. They also have the right to transmit this data to another controller without hindrance, if the processing is based on consent or a contract and is carried out by automated means.
To exercise this right to data portability, a data subject can contact a herFinancialFreedom employee at any time.
g) Right to Object
Every individual affected by the processing of personal data has the right, as granted by the European directive and regulation, to object to the processing of personal data based on Article 6(1)(e) or (f) of the GDPR. This includes objection to profiling based on these provisions.
In case of objection, herFinancialFreedom will cease processing personal data unless compelling legitimate grounds for processing override the interests, rights, and freedoms of the data subject or for legal claims.
If herFinancialFreedom processes personal data for direct marketing purposes, the data subject has the right to object at any time. This also applies to profiling related to direct marketing. If a data subject objects, herFinancialFreedom will cease processing personal data for this purpose.
Additionally, if personal data is processed for scientific, historical research, or statistical purposes, the data subject can object to the processing, unless the processing is necessary for the performance of a task carried out in the public interest.
To exercise the right to object, a data subject can directly contact any employee of herFinancialFreedom.
h) Automated Decisions Including Profiling
Every individual affected by the processing of personal data has the right, as granted by the European directive and regulation provider, not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects them, unless certain conditions are met. These conditions include necessity for contract fulfillment, explicit consent, or provisions of Union or Member State law.
If data subjects wish to assert rights related to automated decisions, they can contact an employee of herFinancialFreedom at any time.
i) Right to Withdraw Consent
Every individual affected by the processing of personal data has the right, as granted by the European directive and regulation, to withdraw consent to the processing of personal data at any time. To exercise the right to withdraw consent, a data subject can contact an employee of herFinancialFreedom at any time
​
Transmission of personal data
As part of our processing of personal data, it happens that the data is transmitted to other bodies, companies, legally independent organizational units or persons or that they are disclosed to them. The recipients of this data can e.g. Service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and in particular conclude corresponding contracts or. Agreements that protect your data are made with the recipients of your data.
​
Third-Party Links
Our Website may contain links to third-party websites or services that are not owned or controlled by us. We are not responsible for the privacy practices or content of such third-party websites. We encourage you to review the privacy policies of these websites before providing any personal information.
​
Management and/or organization tools
We use services, platforms and software from other providers (hereinafter referred to as „ third party provider ”) for the purposes of organizing, managing, planning and providing our services. When selecting third-party providers and their services, we observe the legal requirements.
In this context, personal data can be processed and stored on the servers of third-party providers. This can affect various data that we process in accordance with this data protection declaration. This data can include master data and user contact details, data on processes, contracts, other processes and their content.
If users are referred to the third-party providers or their software or platforms as part of communication, business or other relationships with us, the third-party providers can use usage data and metadata for security purposes, for service optimization or for marketing purposes. We therefore ask that the data protection information of the respective third-party provider be observed.
​
-
Calendar Booking: Online scheduling and appointment management; Service provider: Calendly LLC., 271 17th St NW, Ste 1000, Atlanta, Georgia, 30363, USA; Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO); Website: https://calendly.com/de; Data protection declaration: https://calendly.com/pages/privacy; Order processing contract: https://calendly.com/dpa; Standard contractual clauses (guarantee of data protection level for processing in third countries): https://calendly.com/dpa.
​​
Video conferencing, online meetings, webinars and screen sharing
We set platforms and applications from other providers (hereinafter referred to as "conference platforms ”) for the purpose of holding video and audio conferences, Webinars and other types of video and audio meetings (hereinafter referred to as "conference"). When selecting the conference platforms and their services, we observe the legal requirements. Data processed by conference platforms: As part of attending a conference, the conference platforms process the personal data of the participants mentioned below. The scope of processing depends on the one hand on, which data is required during a specific conference (e.g. specification of access data or clear names) and which optional information is provided by the participants. In addition to processing to carry out the conference, the data of the participants can also be processed by the conference platforms for security purposes or service optimization. The processed data includes personal data (first name, last name), contact information (email address, telephone number), access data (access codes or passwords), profile images, information on the professional position / function, the IP address of Internet access, Information on the end devices of the participants, their operating system, the browser and its technical and linguistic settings, information on the content-related communication processes, i.e. Entries in chats and audio and video data, as well as the use of other available functions (e.g. surveys). The content of the communications is encrypted to the extent technically provided by the conference providers. If the participants are registered as users on the conference platforms, further data can be processed in accordance with the agreement with the respective conference provider.as well as the use of other available functions (e.g. surveys). The content of the communications is encrypted to the extent technically provided by the conference providers. If the participants are registered as users on the conference platforms, further data can be processed in accordance with the agreement with the respective conference provider.as well as the use of other available functions (e.g. surveys). The content of the communications is encrypted to the extent technically provided by the conference providers. If the participants are registered as users on the conference platforms, further data can be processed in accordance with the agreement with the respective conference provider. Logging and recording: If text entries, participation results (e.g. surveys) as well as video or audio recordings are logged, the participants will be informed transparently in advance and they will be asked – if necessary – for consent. Data protection measures of the participants: Please note the details of the processing of your data by the conference platforms and select the optimal security and data protection settings for you as part of the settings of the conference platforms. Please also ensure the duration of a video conference for data and personal protection in the background of your recording (e.g. by notifying roommates, closing doors and using them, as far as technically possible, the function to blur the background). Links to the conference rooms and access data may not be passed on to unauthorized third parties.
Information on legal bases: If, in addition to the conference platforms, we also process the data of the users and ask the users for their consent to the use of the conference platforms or certain functions (e.g. B. Consent to a recording of conferences), the legal basis of the processing is this consent. Furthermore, our processing may be necessary to fulfill our contractual obligations (e.g. in lists of participants, in the case of processing conversation results, etc.). In addition, the data of the users are processed on the basis of our legitimate interests in efficient and secure communication with our communication partners.
Processed data types: Inventory data (e.g. names, addresses); Contact details (e.g. email, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. visited websites, interest in content, access times); Meta, Communication and process data (e.g. B. IP addresses, times, identification numbers, consent status).
Affected persons: Communication partner; Users (e.g. website visitors, users of online services); Trained people. With the processing purposes of provision of contractual services and customer service; Contact requests and communication; Office and organizational procedures.
Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. F) DSGVO).​
​
Privacy Provisions on the use of Zoom
The controller has integrated components of the Zoom video conferencing service on this website. Zoom provides online video conferencing and communication solutions.
Service provider: Zoom Video Communications, Inc., 55 Almaden Blvd., Suite 600, San Jose, CA 95113, USA; Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO); Website: https://zoom.us; Data protection declaration: https://zoom.us/docs/de-de/privacy-and-legal.html; Order processing contract: https://zoom.us/docs/de-de/privacy-and-legal.html (referred to as Global DPA); Standard contractual clauses (guarantee of data protection level for processing in third countries): https://zoom.us/docs/de-de/privacy-and-legal.html (Signed as Global DPA).
Data Collection and Usage: When a user accesses individual pages of this website operated by the controller, which contain Zoom video conferencing components, the user's web browser may automatically interact with Zoom's servers to facilitate video conferencing sessions. Zoom enables real-time audio and video communication and may require the downloading of specific software or applications to support these interactions.
During the usage of Zoom's services on our website, Zoom may collect data related to the user's video and audio interactions, which includes video and audio data, as well as any content shared or displayed during the video conferencing session. Zoom may also collect technical data such as IP addresses, device information, and connection details to ensure the quality and security of the video conferencing experience.
Data Transmission to Zoom: As a video conferencing service, Zoom processes the data necessary for enabling online video communication, including transmitting video and audio data between participants. Users of Zoom's services may have their video and audio data transmitted to Zoom's servers for the purpose of facilitating the video conferencing session. This data may be processed and stored by Zoom in accordance with their privacy policies.
For more detailed information about how Zoom handles data and to understand the applicable data protection regulations, please refer to the following resources:
-
Zoom Privacy Policy: https://zoom.us/privacy
-
Zoom Security: https://zoom.us/security
​
Trustpilot
We utilize Trustpilot as a third-party review platform to gather and display customer reviews. Trustpilot may collect personal data such as your name, email address, and review content. This data is used to verify and publish your review on our website and Trustpilot's platform. Trustpilot processes this data in accordance with their privacy policies. When you submit a review on Trustpilot, the platform may collect personal data related to your review, including your name, contact details, and review content. This data is processed to authenticate and display reviews. We do not control Trustpilot's data processing practices and are not responsible for any actions or omissions by Trustpilot. For detailed information on how Trustpilot handles your personal data, please refer to their Privacy Policy.
​
Cloud services
We use software services accessible via the Internet and executed on the servers of their providers for the storage and management of content (e.g. document storage and management, exchange of documents, Content and information with certain recipients or publication of content and information).
In this context, personal data can be processed and stored on the providers' servers, insofar as they are part of communication processes with us or otherwise, as set out in the context of this data protection declaration, be processed. This data can include master data and user contact details, data on processes, contracts, other processes and their content. The providers of cloud services also process usage data and metadata, which they use for security purposes and for service optimization.
If we use the cloud services for other users or publicly accessible websites to form or similar. Providing documents and content, providers can save cookies on users' devices for web analysis purposes or to remember user settings (e.g. in the case of media control).
-
Processed data types: Inventory data (e.g. names, addresses); Contact details (e.g. email, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. visited websites, interest in content, access times); Meta, Communication and process data (e.g. B. IP addresses, times, identification numbers, consent status); Image and / or video recordings (e.g. B. Photographs or video recordings of a person)
-
Affected persons: Customers; Employees (e.g. employees, applicants, former employees); Interested parties; Communication partner.
-
Processing purposes: Office and organizational procedures; Information technology infrastructure (operation and provision of information systems and technical devices (computers, servers, etc.).); Provision of contractual services and customer service.
-
Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. F) DSGVO).
Use of Google forms and access to Google Drive
Google Forms: The controller may utilize Google Forms to collect information from users. Google Forms is an online survey and data collection tool offered by Google LLC. Users may be prompted to fill out forms for various purposes, such as feedback, registrations, or inquiries.
Service provider: Google Cloud EMEA Limited, 70 Sir John Rogerson’s Quay, Dublin 2, Ireland; Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO); Website: https://cloud.google.com/; Data protection declaration: https://policies.google.com/privacy; Order processing contract: https://cloud.google.com/terms/data-processing-addendum; Standard contractual clauses (guarantee of data protection level for processing in third countries): https://cloud.google.com/terms/eu-model-contract-clause; Additional Information: https://cloud.google.com/privacy.
Google Drive Access: In some instances, the controller may provide access to documents or resources hosted on Google Drive, a cloud storage service provided by Google LLC.
Data Collection and Usage: When users interact with Google Forms or access documents on Google Drive via links provided on this website, the controller does not directly collect personal data through these services. However, Google may collect and process data as per their respective terms of service and privacy policies.
Third-Party Service Provider: Google Forms and Google Drive are services provided by Google LLC. You can find more information about Google's data practices in their Privacy Policy: https://policies.google.com/privacy
User Responsibility: Users accessing Google Forms or Google Drive content are advised to review and understand Google's terms of service and privacy policy. The controller does not control the data processing practices of Google and shall not be held responsible for any actions, omissions, or data processing performed by Google as part of their services.
​
Communication via messenger
We use messenger for the purposes of communication and therefore ask that the following information on the functionality of the messenger, on encryption, on the use of the metadata of communication and on your options for objection be observed.
You can also use us in alternative ways, e.g. contact via phone or email. Please use the contact options communicated to you or the contact options specified in our online offer.
In the case of end-to-end encryption of content (i.e. the content of your message and attachments), we would like to point out that the communication content (i.e., the content of the message and attached images) are encrypted from end to end. This means that the content of the messages is not visible, not even by the messenger providers themselves. You should always use a current version of the messenger with activated encryption to ensure the encryption of the message content.
However, we would also like to point out to our communication partners that the providers of the messengers do not see the content, but can find out, that and when communication partners communicate with us as well as technical information about the device used by the communication partners and, depending on the settings of their device, location information (so-called metadata) are processed.
Information on legal bases: If we ask communication partners for permission before communicating with them via Messenger, the legal basis for our processing of their data is their consent. Otherwise, if we do not ask for consent and e.g. contact us on your own, we use Messenger in relation to our contractual partners as well as in the context of the contract initiation as a contractual measure and in the case of other interested parties and communication partners based on our legitimate interests in fast and efficient communication and fulfillment of the needs of our communication partner in communication via messenger. We would also like to point out that we will not transmit the contact details communicated to us to the Messenger for the first time without your consent. Revocation, objection and deletion: You can revoke your consent at any time and object to communication with us via Messenger at any time. In the case of communication via messenger, we delete the messages according to our general deletion guidelines (i.e.g., as described above, after the end of contractual relationships, in the context of archiving specifications etc.) and otherwise, as soon as we can assume that we have answered any information from the communication partners, if no reference to a previous conversation is to be expected and the deletion does not conflict with any legal retention requirements.
Reservation of reference to other communication channels: Finally, we would like to point out that for reasons of your security, we reserve the right not to answer inquiries about Messenger. This is the case if e.g. Contract internals require special confidentiality or a response via messenger does not meet the formal requirements. In such cases, we refer you to more adequate communication channels.
Processed data types such as Contact details (e.g. email, telephone numbers); Usage data (e.g. visited websites, interest in content, access times); Meta, communication and process data (e.g. B. IP addresses, times, identification numbers, consent status).​ With the processing purposes of contact requests and communication; Direct marketing (e.g. by email or post).
Legal basis: Consent (Art. 6 Para. 1 P. 1 lit. a) DSGVO); Eligible interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO).
Further information on processing processes, processes and services:
​
Privacy Provisions on the use of WhatsApp
WhatsApp Communication: The controller may use WhatsApp as a communication channel for users. WhatsApp is a messaging application that allows users to send text messages, voice messages, multimedia content, and engage in real-time communication.
Service Provider: WhatsApp Messenger with end-to-end encryption; Service provider: WhatsApp Ireland Limited, 4 Grand Canal Quay, Dublin 2, D02 KH28, Ireland; Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO); Website: https://www.whatsapp.com/; Data protection declaration: https://www.whatsapp.com/legal.
Data Collection and Usage: When users communicate with the controller through WhatsApp, the controller may collect and process the personal data shared during the conversation. This data may include text messages, images, videos, and other multimedia content exchanged on the platform.
Data Transmission to WhatsApp: WhatsApp processes the data exchanged between users on its platform in accordance with its own terms of service and privacy policy. Users should be aware that using WhatsApp involves data transmission to WhatsApp's servers, which may be located in different countries.
For more information on how WhatsApp collects, processes, and uses data, please refer to WhatsApp's Terms of Service: https://www.whatsapp.com/legal/#terms-of-service and Privacy Policy: https://www.whatsapp.com/legal/#privacy-policy
User Responsibility: Users communicating with the controller through WhatsApp are advised to review WhatsApp's terms of service and privacy policy. The controller does not control the data processing practices of WhatsApp and shall not be held responsible for any actions, omissions, or data processing performed by WhatsApp as part of their services.
​
Business Services
We process this data to meet our contractual obligations. This includes, in particular, the obligations to provide the agreed services, any updating obligations and remedial measures in the event of warranty and other service disruptions. In addition, we process the data to protect our rights and for the purpose of the administrative tasks associated with these obligations as well as the company organization. In addition, we process the data based on our legitimate interests in proper and business management as well as security measures to protect our contractual partners and our business operations from misuse, risk to their data, secrets, Information and rights. Within the framework of the applicable law, we only pass on the data of contractual partners to third parties to the extent that this is necessary for the aforementioned purposes or for the fulfillment of legal obligations. About other forms of processing, e.g. for marketing purposes, the contractual partners are informed in the context of this data protection declaration.
The statutory retention period for documents relevant to tax law as well as for commercial books, inventories, opening balance sheets, annual financial statements, the work instructions and other organizational documents and booking documents required to understand these documents for ten years, as well as for received trade and business letters and reproductions of the sent trade and business letters for six years. The period begins at the end of the calendar year in which the last entry is made in the book, the inventory, the opening balance sheet, the annual financial statements or the management report, the commercial or business letter has been received or sent or the booking receipt has been created, the recording has been made or the other documents have been created.
Insofar as we use third-party providers or platforms to provide our services, the terms and conditions and data protection notices of the respective third-party providers or platforms apply in the relationship between the users and the providers.
-
Processed data types: Inventory data (e.g. names, addresses); Payment data (e.g. bank details, invoices, payment history); Contact details (e.g. email, telephone numbers); Contract data (e.g. object of contract, term, customer category).
-
Affected persons: Interested parties; Business and contract partners; Pupils / students / participants; Customers.
-
Processing purposes: Provision of contractual services and customer service; Contact requests and communication; Office and organizational procedures; Management and response of inquiries.
-
Legal basis: Fulfillment of contracts and pre-contractual inquiries; Legal obligation; Authorized interests.
Education and training services: We process the data of the participants in our education and course offers in order to be able to provide them with our program services. The data processed here, the type, scope, purpose and necessity of their processing are determined according to the underlying contractual and training relationship. Processing forms also include performance evaluation and evaluation of our services and that of teachers. As part of our work, we can also use special categories of data, Here in particular, information on the health of trainees and trainees as well as data from which ethnic origin, political opinions, religious or ideological convictions emerge. If necessary, we will get, express consent of the trainees and trainees and otherwise only process the special categories of data if it is for the provision of training services, for the purposes of health care, social protection or the protection of vital interests of trainees and trainees is required.
Coaching: We process the data of our clients as well as interested parties and other clients or contractual partners (uniformly referred to as "clients") in order to be able to provide them with our services. The processed data, the type, scope, purpose and necessity of their processing are determined according to the underlying contractual and client relationship. As part of our work, we can also use special categories of data, here in particular information on the health of clients, possibly with reference to their sex life or sexual orientation, as well as data from which the racial and ethnic origin, political opinions, process religious or ideological beliefs or union membership. If necessary, we will get, an express consent of the clients and process the special categories of data otherwise if this serves the health of the clients, the data is public or other legal permits are available. If it is necessary for our fulfillment of the contract, for the protection of vital interests or legally required, or if the clients have given their consent, we disclose or transmit the client's data to third parties or agents, e.g. Authorities, accounting offices as well as in the area of IT, office or comparable services; Legal basis.
Online courses and online training: We process the data of the participants in our online courses and online training (uniformly referred to as "participants") in order to be able to provide them with our course and training services. The data processed here, the type, scope, purpose and necessity of their processing are determined according to the underlying contractual relationship. The data basically includes information on the courses and services used and, as far as part of our range of services, personal specifications and results of the participants. Processing forms also include performance evaluation and evaluation of our services as well as that of course and training managers.
Events: We process the data of the participants of the events, events and similar activities we offer or organize (hereinafter referred to as "participants" and "events"), to enable them to participate in the events and take advantage of the services or actions associated with participation, provided that we process health-related data, religious, political or other special categories of data, then this takes place within the scope of the obviousness (e.g. for thematically oriented events or for health care, safety or with the consent of those affected). The required information is marked as such in the context of the conclusion of the order, order or comparable contract and includes the information required for the provision of services and billing as well as contact information in order to be able to keep any feedback. Insofar as we have access to information from end customers, employees or other persons, we process it in accordance with the legal and contractual requirements.
​
We offer our services on online platforms operated by other service providers. In this context, in addition to our data protection information, the data protection information of the respective platforms applies. This applies in particular with regard to the implementation of the payment process and the procedures used on the platforms for measuring the reach and for marketing interests.
-
Processed data types: Inventory data (e.g. names, addresses); Payment data (e.g. bank details, invoices, payment history); Contact details (e.g. email, telephone numbers); Contract data (e.g. object of contract, term, customer category); Usage data (e.g. visited websites, interest in content, access times); Meta, communication and process data (e.g. B. IP addresses, times, identification numbers, consent status. With the processing purposes of provision of contractual services and customer service; Marketing.
Payment procedure
In the context of contractual and other legal relationships, Due to legal obligations or otherwise based on our legitimate interests, we offer the data subjects efficient and secure payment options and, in addition to banks and credit institutions, use other service providers (in summary "payment service provider").
The data processed by the payment service providers include inventory data, e.g. the name and address, bank details, e.g. Account numbers or credit card numbers, passwords, TANs and checksums as well as the contract, Total and recipient-related information. The information is required to carry out the transactions. However, the entered data is only processed by the payment service providers and stored by them. This means that we do not receive any account or credit card-related information, but only information with confirmation or negative information of the payment. Payment service providers may transmit the data to business information agencies. This transmission is intended for the identity and credit check. We refer to the terms and conditions and the data protection information of the payment service providers.
The terms and conditions and data protection notices of the respective payment service providers apply to the payment transactions, which are published within the respective websites or. Transaction applications are available. We also refer to them for further information and assertion of revocation, information and other affected rights. We processed data such as Inventory data (e.g. names, addresses); Payment data (e.g. bank details, invoices, payment history); Contract data (e.g. subject of the contract, term, customer category); Usage data (e.g. visited websites, interest in content, access times); Meta, communication and process data (e.g. B. IP addresses, times, identification numbers, consent status); Contact details (e.g. email, telephone numbers).​ With the processing purposes of provision of contractual services and customer service.​
​
Apple Pay: Payment services (technical connection of online payment methods); Service provider: Apple Inc., Infinite Loop, Cupertino, CA 95014, USA; Legal basis: Fulfillment of contracts and pre-contractual inquiries (Art. 6 Para. 1 P. 1 lit. b) DSGVO); Website: https://www.apple.com/de/apple-pay/; Data protection declaration: https://www.apple.com/legal/privacy/de-ww/.
Google Pay: Payment services (technical connection of online payment methods); Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: Fulfillment of contracts and pre-contractual inquiries (Art. 6 Para. 1 P. 1 lit. b) DSGVO); Website: https://pay.google.com/intl/de_de/about/; Data protection declaration: https://policies.google.com/privacy.
Mastercard: Payment services (technical connection of online payment methods); Service provider: Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium; Legal basis: Fulfillment of contracts and pre-contractual inquiries (Art. 6 Para. 1 P. 1 lit. b) DSGVO); Website: https://www.mastercard.de/de-de.html; Data protection declaration: https://www.mastercard.de/de-de/datenschutz.html.
PayPal: Payment services (technical connection of online payment methods) (e.g. PayPal, PayPal Plus, Braintree); Service provider: PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg; Legal basis: Fulfillment of contracts and pre-contractual inquiries (Art. 6 Para. 1 P. 1 lit. b) DSGVO); Website: https://www.paypal.com/de; Data protection declaration: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
Visa: Payment services (technical connection of online payment methods); Service provider: Visa Europe Services Inc., London branch, 1 Sheldon Square, London W2 6TT, GB; Legal basis: Fulfillment of contracts and pre-contractual inquiries (Art. 6 Para. 1 P. 1 lit. b) DSGVO); Website: https://www.visa.de; Data protection declaration: https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html.
​
Application process
The application process requires that applicants provide us with the data necessary for their assessment and selection. Which information is required can be found in the job description or, in the case of online forms, in the information there. The required information includes information about the person, such as the name, address, contact options and evidence of the qualifications required for a job. Upon request, we would also be happy to provide you with the information you need. If made available, applicants can send us their applications using an online form. The data is transmitted to us encrypted according to the state of the art. Applicants can also send us their applications via email. However, we ask you to note that emails are generally not sent encrypted on the Internet. As a rule, emails are encrypted during transport, but not on the servers from which they are sent and received. We can therefore not assume any responsibility for the transfer route of the application between the sender and the reception on our server.
For the purposes of applying, submitting applications and selecting applicants, we can, in compliance with legal requirements, applicant management or. Use recruitment software and third-party platforms and services.
Applicants can contact us about the type of application or send us the application by post.
As special categories of personal data within the meaning of Art. 9 Para. 1 DSGVO (e.g. health data, such as severely disabled status or ethnic origin) are requested from applicants as part of the application process, so that the person responsible or the person concerned can exercise his or her rights arising from labor law and the law of social security and social protection and can fulfill his or her obligations in this regard, their processing takes place according to Art. 9 Para. 2 lit. b. DSGVO, in the case of the protection of vital interests of applicants or other persons acc. Art. 9 para. 2 lit. c. DSGVO or for the purposes of preventive health care or occupational medicine, for assessing the employability of the employee, for medical diagnostics,for health or social care or for the management of systems and services in the health or social field acc. Art. 9 para. 2 lit. H. DSGVO. In the event of a voluntary notification of the special categories of data, they are processed on the basis of Art. 9 Para. 2 lit. a. DSGVO.
​
Challenges
We only process personal data of the participants in competitions and competitions in compliance with the relevant data protection regulations, insofar as the processing is contractually necessary to provide, carry out and process the competition, the participants have consented to the processing or the processing serves our legitimate interests (e.g. the security of the competition or the protection of our interests against misuse by possible recording of IP addresses when submitting competition entries).
If contributions from the participants are published as part of the competitions (e.g. as part of a vote or presentation of the competition entries or the winners or reporting on the competition), we would like to point out, that the names of the participants can also be published in this context. Participants can object to this at any time. If the competition takes place within an online platform or a social network (e.g. Facebook or Instagram, hereinafter referred to as "online platform"), the usage and data protection regulations of the respective platforms also apply. In these cases, we would like to point out that we are responsible for the information provided by the participants as part of the competition and that inquiries regarding the competition should be directed to us. All participants will be automatically subscribed in our newsletter for marketing purposes. Furthermore, the data of the participants can be saved longer, e.g. in the form of reporting on the competition in online and offline media.
Processed data types: Inventory data (e.g. names, addresses); Content data (e.g. entries in online forms); Meta, communication and process data (e.g. B. IP addresses, times, identification numbers, consent status).​​
Legal basis: Fulfillment of contracts and pre-contractual inquiries (Art. 6 Para. 1 P. 1 lit. b) DSGVO).
Surveys
We conduct surveys and surveys to provide information for the survey or. Survey purpose to collect. The surveys and surveys carried out by us (hereinafter "surveys") are evaluated anonymously. Personal data is only processed to the extent that this is necessary for the provision and technical implementation of the surveys (e.g. processing of the IP address, to display the survey in the user's browser or to enable the survey to be resumed using a cookie).
Processed data types: Contact details (e.g. email, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. visited websites, interest in content, access times); Meta, communication and process data (e.g. B. IP addresses, times, identification numbers, consent status).​
Processing purposes: Feedback and testimonials
Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. F) DSGVO)
​
-
Typeform: Creation of forms as well as surveys and administration of participant contributions; Service provider: TYPEFORM SL, Carrer Bac de Roda, 163, local, 08018 – Barcelona, Spain; Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO); Website: https://www.typeform.com/; Data protection declaration: https://admin.typeform.com/to/dwk6gt/.
-
Google Forms: The controller may utilize Google Forms to collect information from users. Google Forms is an online survey and data collection tool offered by Google LLC. Users may be prompted to fill out forms for various purposes, such as feedback, registrations, or inquiries.
Newsletter and electronic notifications
We only send newsletters, emails and other electronic notifications (hereinafter "Newsletter") with the consent of the recipient or a legal permit. If the content of the newsletter is specifically described as part of a registration for the newsletter, it is decisive for the consent of the users. Our newsletters also contain information about our services and us. To register for our newsletters, it is generally sufficient to provide your email address. However, we can ask you to make a name for personal reference in the newsletter, or other information, if this is necessary for the purposes of the newsletter.
Double opt-in procedure: The registration for our newsletter is basically done in a so-called double opt-in procedure. This means that after registration you will receive an email asking for your registration to be confirmed. This confirmation is necessary so that no one can log in with external email addresses. Registrations for the newsletter are logged in order to be able to prove the registration process according to the legal requirements. This includes storing the registration and confirmation time as well as the IP address. The changes to your data stored with the shipping service provider are also logged.
Deletion and restriction of processing: We can save the email addresses that have been processed for up to three years on the basis of our legitimate interests before we delete them in order to be able to prove a previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for cancellation is possible at any time, provided that the former existence of consent is confirmed at the same time. In the event of obligations to permanently observe contradictions, we reserve the right to save the email address for this purpose alone in a blacklist (so-called "blocklist").
The registration process is logged on the basis of our legitimate interests for the purpose of proving its proper process. As far as we commission a service provider to send emails, this is based on our legitimate interests in an efficient and secure shipping system.
Information about us, our services, promotions and offers.
Processed data types: Inventory data (e.g. names, addresses); Contact details (e.g. email, telephone numbers); Meta, communication and process data (e.g. B. IP addresses, times, identification numbers, consent status); Usage data (e.g. visited websites, interest in content, access times).​
Processing purposes: Direct marketing (e.g. by email or post); Marketing.
Legal basis: Consent (Art. 6 Para. 1 P. 1 lit. a) DSGVO); Eligible interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO).
Possibility of objection (opt-out): You can cancel the receipt of our newsletter at any time, i.e. Revoke your consent or object to further reception. You can either find a link to cancel the newsletter at the end of each newsletter or otherwise use one of the contact options given above, preferably email.
Measurement of opening and click rates: The newsletters contain a pixel-sized file that is retrieved from our server when the newsletter is opened or, if we use a shipping service provider, from its server. As part of this call, technical information such as information about the browser and your system, as well as your IP address and the time of the call, This information is used to technically improve our newsletter based on the technical data or the target groups and their reading behavior based on their call locations (which can be determined using the IP address) or the access times. This analysis also includes determining whether the newsletters are opened, when they are opened and which links are clicked. This information is assigned to the individual newsletter recipients and stored in their profiles until they are deleted. The evaluations serve us to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users. The measurement of the opening rates and the click rates as well as the storage of the measurement results in the profiles of the users and their further processing are based on the consent of the users.
​​
Web analysis, monitoring and optimization
The web analysis (also referred to as "range measurement") is used to evaluate the flow of visitors to our online offer and can contain behavior, interests or demographic information about visitors, e.g. age or gender, include as pseudonymous values. With the help of the range analysis we can e.g. recognize at what time our online offer or its functions or content are used most frequently or invite you to reuse it. We can also understand which areas need optimization. In addition to web analysis, we can also use test procedures to e.g. to test and optimize different versions of our online offer or its components. Unless otherwise stated below, profiles, i.e. Data summarized for a usage process and information is stored in a browser or in an end device and read out from it. The information collected includes in particular visited websites and elements used there as well as technical information such as the browser used, the computer system used and information on usage times. If users have given us consent to the collection of their location data or to the providers of the services we use, location data can also be processed.
The users' IP addresses are also saved. However, we use an IP masking process (i.e., pseudonymization by reducing the IP address) to protect users. Generally, as part of web analysis, A/B-testings and optimization do not save user clard data (such as email addresses or names), but pseudonyms. In other words, we as well as the providers of the software used do not know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective procedures.
Processed data types: Wix analytics; For more information about Wix Analytics and its privacy practices, you can refer to Wix.com's Privacy Policy: https://www.wix.com/about/privacy
Processing purposes: Range measurement (e.g. access statistics, recognition of returning visitors); Profiles with user-related information (creation of user profiles); Tracking (e.g. interest / behavior-related profiling, use of cookies); Provision of our online offer and user friendliness.
Security measures: IP masking (pseudonymization of IP address).
Legal basis: Consent (Art. 6 Para. 1 P. 1 lit. a) DSGVO).
​
Online marketing
We process personal data for the purposes of online marketing, which may include the marketing of advertising space or the presentation of advertising and other content (collectively referred to as "content") based on potential interests of the users and the measurement of their effectiveness.
For these purposes, so-called user profiles are created and saved in a file (so-called "cookie") or similar methods are used, by means of which the information about the user relevant for the presentation of the aforementioned content is stored. This information can e.g. considered content, visited websites, used online networks, but also communication partners and technical information such as the browser used, the computer system used as well as information on usage times and functions used. If users have consented to the collection of their location data, they can also be processed.
The users' IP addresses are also saved. However, we use the available IP masking procedures (i.e., pseudonymization by reducing the IP address) to protect users. In general, no user clard data (such as. Email addresses or names) saved, but pseudonyms. In other words, we as well as the providers of online marketing procedures do not know the actual identity of the users, but only the information stored in their profiles.
The information in the profiles is usually stored in the cookies or using similar methods. These cookies can later generally also use the same online marketing process on other websites, read out and analyzed for the purpose of displaying content as well as supplemented with further data and stored on the server of the online marketing process provider.
In exceptional cases, sound data can be assigned to the profiles. This is the case if the users e.g. Are members of a social network whose online marketing process we use and the network connects the profiles of the users with the aforementioned information. We ask that you note that users have additional agreements with the providers, e.g. by consenting to the registration. We generally only have access to summarized information about the success of our advertisements. However, as part of so-called conversion measurements, we can check which of our online marketing processes have led to a so-called conversion, i.e. e.g. to conclude a contract with us. The conversion measurement is used solely to analyze the success of our marketing measures.
Unless otherwise stated, we ask you to assume that the cookies used are stored for a period of two years.
Processed data types: Content data (e.g. entries in online forms); Usage data (e.g. visited websites, interest in content, access times); Meta, communication and process data (e.g. B. IP addresses, times, identification numbers, consent status); Event data and relate to people or their actions; The data includes e.g. B. Information about visits to websites, interactions with content, functions, installations of apps, purchases of products, etc.; the event data is processed for the purpose of forming target groups for content and advertising information (custom audiences); Event data does not contain the actual content , no login information and no contact information .
​Processing purposes: Range measurement (e.g. access statistics, recognition of returning visitors); Tracking (e.g. interest / behavior-related profiling, use of cookies); Conversion measurement (measurement of the effectiveness of marketing measures); Target group formation; Marketing; Profiles with user-related information (creating user profiles); Provision of our online offer and user-friendliness; Remarketing.​
Legal basis: Consent (Art. 6 Para. 1 P. 1 lit. a) DSGVO); Eligible interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO).
Possibility of objection (opt-out): We refer to the data protection information of the respective provider and the objection options given to the providers. If no explicit opt-out option has been specified, there is the possibility that you will switch off cookies in the settings of your browser. However, this can limit the functions of our online offer. We therefore also recommend the following opt-out options, which are offered in summary for the respective areas: a) Europe: https://www.youronlinechoices.eu.
b) Canada: https://www.youradchoices.ca/choices.
c) USA: https://www.aboutads.info/choices.
d) Cross-territorial: https://optout.aboutads.info.​
-
Facebook pixels and target group formation (custom audiences): With the help of the Facebook pixel (or comparable functions, for the transmission of event data or contact information by means of interfaces in apps), Facebook is on the one hand possible, to determine the visitors of our online offer as a target group for the display of advertisements (so-called „ Facebook ads “). Accordingly, we use the Facebook pixel to view the Facebook ads we place only on Facebook and within the services of the partners cooperating with Facebook (so-called „ Audience Network “ https://www.facebook.com/audiencenetwork/ ), which have also shown an interest in our online offer or which have certain characteristics (e.g. interest in certain topics or products that can be seen on the basis of the websites visited), which we transmit to Facebook (so-called „ Custom Audiences “). With the help of the Facebook pixel, we also want to ensure that our Facebook ads are in the potential interest of the users and do not have a annoying effect. Using the Facebook pixel, we can also understand the effectiveness of Facebook advertisements for statistical and market research purposes by seeing, whether users were forwarded to our website after clicking on a Facebook advertising ad (so-called „ conversion measurement “); Service provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland; Legal basis: Consent (Art. 6 Para. 1 P. 1 lit. a) DSGVO); Website: https://www.facebook.com; Data protection declaration: https://www.facebook.com/about/privacy; Additional Information: Event data of users, i.e. Behavioral and interest information is provided for the purposes of targeted advertising and target group formation on the basis of the agreement on shared responsibility („ addition for responsible persons “, https://www.facebook.com/legal/controller_addendum) processed. Common responsibility is limited to the collection and transmission of data to Meta Platforms Ireland Limited, a company based in the EU. The further processing of the data is the sole responsibility of Meta Platforms Ireland Limited, which in particular the transmission of the data to the parent company Meta Platforms, Inc. in the United States (based on standard contractual clauses between Meta Platforms Ireland Limited and Meta Platforms, Inc.).
-
Facebook ads: Placement of advertisements within the Facebook platform and evaluation of the advertising results; Service provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland; Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO); Website: https://www.facebook.com; Data protection declaration: https://www.facebook.com/about/privacy; Possibility of objection (opt-out): We refer to data protection – and advertising settings in the user profile on the Facebook platform as well as within the framework of Facebook's consent procedure and Facebook's contact options for exercising information and other data subject rights in Facebooks Data protection declaration; Additional Information: Event data of users, i.e. Behavioral and interest information is provided for the purposes of targeted advertising and target group formation on the basis of the agreement on shared responsibility („ addition for responsible persons “, https://www.facebook.com/legal/controller_addendum) processed. Common responsibility is limited to the collection and transmission of data to Meta Platforms Ireland Limited, a company based in the EU. The further processing of the data is the sole responsibility of Meta Platforms Ireland Limited, which in particular the transmission of the data to the parent company Meta Platforms, Inc. in the United States (based on standard contractual clauses between Meta Platforms Ireland Limited and Meta Platforms, Inc.).
-
Google Ads and conversion measurement: Online marketing process for the purpose of placing content and advertisements within the advertising network of the service provider (e.g. B. in search results, in videos, on websites, etc.), so that they are displayed to users who have a presumed interest in the advertisements. We also measure the conversion of the ads, i.e. whether the users took them as an opportunity to interact with the ads and use the advertised offers (so-called conversion). However, we only receive anonymous information and no personal information about individual users; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: Consent (Art. 6 Para. 1 P. 1 lit. a) DSGVO), legitimate interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO); Website: https://marketingplatform.google.com; Data protection declaration: https://policies.google.com/privacy; Additional Information: Types of processing and processed data: https://privacy.google.com/businesses/adsservices; Data processing conditions between controllers and standard contractual clauses for third country transfers of data: https://business.safety.google/adscontrollerterms.
-
Google Ads Remarketing: Google remarketing, also called retargeting, is a technology that includes users who use an online service in a pseudonymous remarketing list, so that users can be shown ads on other online offers based on their visit to the online service; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: Consent (Art. 6 Para. 1 P. 1 lit. a) DSGVO); Website: https://marketingplatform.google.com; Data protection declaration: https://policies.google.com/privacy; Additional Information: Types of processing and processed data: https://privacy.google.com/businesses/adsservices; Data processing conditions between controllers and standard contractual clauses for third country transfers of data: https://business.safety.google/adscontrollerterms.
-
Instagram advertisements: Placement of advertisements within the Instagram platform and evaluation of the advertising results; Service provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland; Legal basis: Consent (Art. 6 Para. 1 P. 1 lit. a) DSGVO); Website: https://www.instagram.com; Data protection declaration: https://instagram.com/about/legal/privacy; Possibility of objection (opt-out): We refer to the data protection – and advertising settings in the profile of the users at the Instagram platform as well as within the framework of Instagram's consent procedures and Instagrams. Contact options for exercising information and other data protection rights in Instagrams Data protection declaration; Additional Information: Event data of users, i.e. Behavioral and interest information is provided for the purposes of targeted advertising and target group formation on the basis of the agreement on shared responsibility („ addition for responsible persons “, https://www.facebook.com/legal/controller_addendum) processed. Common responsibility is limited to the collection and transmission of data to Meta Platforms Ireland Limited, a company based in the EU. The further processing of the data is the sole responsibility of Meta Platforms Ireland Limited, which in particular the transmission of the data to the parent company Meta Platforms, Inc. in the United States (based on standard contractual clauses between Meta Platforms Ireland Limited and Meta Platforms, Inc.).
​
​
Presentations in social networks (social media)
We maintain online presence within social networks and process user data in order to communicate with the users active there or to offer information about us. We would like to point out that user data can be processed outside the European Union. This can result in risks for the users, because e.g. enforcement of users' rights could be made more difficult. Furthermore, the data of users within social networks are usually processed for market research and advertising purposes. For example, based on the usage behavior and the resulting interests of the users, usage profiles can be created. The usage profiles can in turn be used to e.g. To place advertisements inside and outside the networks that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users' computers, in which the usage behavior and the interests of the users are stored. Furthermore, data can be stored in the usage profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them). For a detailed description of the respective processing forms and the options for objection (opt-out), we refer to the data protection declarations and information provided by the operators of the respective networks.
Also in the case of requests for information and the assertion of rights of data subject, we would like to point out that these can be most effectively asserted by the providers. Only the providers have access to the data of the users and can take appropriate measures and provide information. If you still need help, you can contact us. We processed data types such as Contact details (e.g. email, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. visited websites, interest in content, access times); Meta, communication and process data (e.g. B. IP addresses, times, identification numbers, consent status).​
Processing purposes: Contact requests and communication; Feedback (e.g. collecting feedback via online form); Marketing. Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. F) DSGVO).
​​
Privacy Provisions on the use of Instagram
The controller has integrated components of the Instagram service on this website. Instagram is a service that qualifies as an audiovisual platform, enabling users to share photos and videos, as well as disseminate such data on other social networks.
Service Provider: Instagram's services are operated by Instagram LLC, located at 1 Hacker Way, Building 14, First Floor, Menlo Park, CA, USA.
Data Collection and Usage: Each time an individual page of this website, operated by the controller, and containing an Instagram component (Insta button), is accessed, the Internet browser on the user's information technology system is automatically prompted to download a representation of the corresponding component from Instagram. During this technical process, Instagram becomes aware of the specific subpage of our website visited by the user.
If the user is logged in to Instagram while accessing our website, Instagram recognizes the visit and, for the entire duration of the visit, associates it with the specific subpage the user is viewing. This information is collected by the Instagram component and linked to the user's Instagram account. When the user clicks on any of the Instagram buttons integrated into our website, the data and information transmitted are assigned to the user's personal Instagram user account and are stored and processed by Instagram.
Data Transmission to Instagram: Instagram receives information through the Instagram component about the user's visit to our website when the user is logged in to Instagram simultaneously with accessing our website. This occurs whether or not the user interacts with the Instagram component. If the user does not wish such information to be transmitted to Instagram, they can prevent this by logging out of their Instagram account before visiting our website. Service provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland; Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO); Website: https://www.instagram.com; Data protection declaration: https://instagram.com/about/legal/privacy.
For further information and the applicable data protection regulations of Instagram, please refer to the following links: Instagram Help Center: https://help.instagram.com/155833707900388
​
Privacy Provisions on the use of Facebook
The controller has integrated components of the Facebook service on this website. Facebook is a social media platform that allows users to connect with others, share content, and interact through various features.
Service Provider: Facebook's services are operated by Facebook, Inc., located at 1 Hacker Way, Menlo Park, CA 94025, USA. Data Collection and Usage: Whenever an individual page of this website, operated by the controller, contains a Facebook component (Facebook social plug-in), the user's web browser may automatically download a representation of the corresponding component from Facebook's servers. Through this process, Facebook may gather information about the specific subpage of our website that the user has visited. If the user is logged into Facebook while accessing our website, Facebook may associate the visit with the user's account, noting the specific subpage visited for the duration of their stay on our site. The collected information is processed by the Facebook component and linked to the user's personal Facebook account. When the user interacts with any Facebook social plug-ins integrated on our website, the transmitted data and information are connected to the user's Facebook account, and Facebook may store and process this data.
Data Transmission to Facebook: Facebook may receive information through the Facebook component about the user's visit to our website when the user is logged into Facebook during their visit. This occurs irrespective of whether the user engages with the Facebook component. If the user wishes to prevent such data transmission to Facebook, they can log out of their Facebook account before accessing our website.
For additional information and to understand the applicable data protection regulations of Facebook,
Information about page insights https://www.facebook.com/legal/terms/page_controller_addendum)
Further information can be found in the "Information on page insights" https://www.facebook.com/legal/terms/information_about_page_insights_data
Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO); Common responsibility is limited to the collection and transmission of data to Meta Platforms Ireland Limited, a company based in the EU. The further processing of the data is the sole responsibility of Meta Platforms Ireland Limited, which in particular the transmission of the data to the parent company Meta Platforms, Inc. in the United States (based on standard contractual clauses between Meta Platforms Ireland Limited and Meta Platforms, Inc.). Please refer to the following resources:
-
Website: https://www.facebook.com
-
Facebook Data Policy: https://www.facebook.com/policy.php
-
Facebook Cookies Policy: https://www.facebook.com/policies/cookies/
-
Facebook Privacy Shield Notice: https://www.facebook.com/policy.php
​
Privacy Provisions on the use of LinkedIn
LinkedIn Integration: The controller may integrate components of the LinkedIn service on this website. LinkedIn is a professional social network platform that facilitates networking, job searching, and professional content sharing.
Service Provider: LinkedIn's services are operated by LinkedIn Corporation, located at 1000 W. Maude Ave., Sunnyvale, CA 94085, USA.
Data Collection and Usage: When users access individual pages of this website that contain LinkedIn components, the user's web browser may automatically connect to LinkedIn's servers, which in turn may collect information about the user's interactions and activities on the LinkedIn platform.
LinkedIn may collect data such as the user's LinkedIn profile information, connections, and interactions with professional content. This data may be processed and used to enhance the user's experience on LinkedIn and for analytics purposes. Service provider: LinkedIn Ireland Unlimited Company, Wilton Plaza Wilton Place, Dublin 2, Ireland; Legal basis: Authorized interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO); Website: https://www.linkedin.com; Order processing contract: https://legal.linkedin.com/dpa; Standard contractual clauses (guarantee of data protection level for processing in third countries): https://legal.linkedin.com/dpa; Possibility of objection (opt out): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Data Transmission to LinkedIn: If a user is logged into their LinkedIn account while accessing our website, LinkedIn may associate the user's visit with their LinkedIn account. LinkedIn may collect information about the user's interactions on our website and correlate it with their LinkedIn activity.
For more information on how LinkedIn collects, processes, and uses data, please refer to LinkedIn's Privacy Policy: https://www.linkedin.com/legal/privacy-policy
User Responsibility: Users accessing LinkedIn components on our website are advised to review LinkedIn's terms of service and privacy policy. The controller does not control the data processing practices of LinkedIn and shall not be held responsible for any actions, omissions, or data processing performed by LinkedIn as part of their services.
Please ensure that this privacy provision accurately reflects your company's practices and is aligned with the terms of service and privacy policies of LinkedIn. Keep in mind that LinkedIn's policies and practices may change, so it's important to periodically review this provision for updates.
Changes to this Privacy Policy
We may update or modify this Privacy Policy from time to time. Any changes will be effective upon posting the revised Privacy Policy on our Website. We encourage you to review this Privacy Policy periodically for any updates. The last update was on December 18, 2023.
​
Legal or contractual requirements to provide personal data; requirement for contracting; obligation of the affected person to provide personal data; possible consequences of non-provision. We clarify that the provision of personal data is sometimes required by law (e.g., tax regulations) or as a result of contractual obligations (e.g., providing information about contractual partners). In certain instances, it may be necessary to provide personal data in order to enter into a contract that subsequently requires data processing. For example, a data subject may be required to provide personal data if our company is entering into a contract with them. Failure to provide the necessary personal data would result in the inability to conclude the contract with the concerned individual.
Before providing personal data, the data subject must engage with one of our employees. Our employee will assess on a case-by-case basis whether the provision of personal data is legally or contractually required, or is necessary for contract fulfillment. They will clarify whether there is an obligation for the data subject to provide the requested personal data, and also explain the potential consequences if the personal data is not provided.
It's imperative that individuals considering the provision of personal data consult our employees beforehand to understand the legal and contractual implications, ensuring informed decision-making. Our employees will provide clarity on the specific circumstances and potential outcomes related to the non-provision of personal data.
​
Contact and request management
When contacting us (e.g. by post, contact form, email, Telephone or via social media) as well as within the framework of existing user and business relationships, the information of the requesting persons is processed insofar as this is necessary to answer the contact requests and any measures requested.
We processed data types: Contact details (e.g. email, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. visited websites, interest in content, access times); Meta, communication and process data (e.g. B. IP addresses, times, identification numbers, consent status).
With the processing purposes of contact requests and communication; Management and answering inquiries; Feedback (e.g. collecting feedback via online form); Provision of our online offer and user friendliness.
Legal basis: Eligible interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO); Fulfillment of contracts and pre-contractual inquiries (Art. 6 Para. 1 P. 1 lit. b) DSGVO). If users contact us via our contact form, email or other communication channels, we process the data communicated to us in this context to process the reported concern; Legal basis: Fulfillment of contracts and pre-contractual inquiries (Art. 6 Para. 1 P. 1 lit. b) DSGVO), legitimate interests (Art. 6 Para. 1 P. 1 lit. f) DSGVO).
​
Contact Us
If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us at cristina@herfinancialfreedom.net
​
​
Disclaimer
While herFinancialFreedom ("hFF") supports the sharing of personal experience to build up our hFF community, nothing which is shared on or in any of the hFF website, events, newsletters, social media platforms, presentation materials or linked articles or any other communication shall be interpreted as amounting to investment advice or an offer or recommendation to buy, sell or hold any security or other financial product.
The activities of herFinancialFreedom are under no circumstances associated with Cristina's employment as a finance professional within the banking industry.
Any views expressed in the mentioned communication channels reflect the personal perspective of the respective author and not that of hFF. There is no guarantee that using the techniques and ideas presented in these materials will lead to the growth of your investments. Information shared by hFF is for educational purposes only and should not be solely relied upon for making investment decisions. It is advisable to conduct thorough research and exercise careful due diligence. Outcomes will depend on various factors beyond our influence, including your financial situation, experiences, skills, effort, education, and market fluctuations. Investing involves risks, and utilizing the information from hFF is at your own risk. By continuously using our site and engaging with our content, you acknowledge that we hold no responsibility for the decisions you make based on the presented information or for any outcomes resulting from the purchase of our products or services.