top of page

Let me inspire you.

Privacy Policy

Introduction
With the following privacy policy, we would like to inform you about which types of your personal data (hereinafter also referred to as “data”) we process for which purposes and to what extent in the course of providing our application.
The terms used are gender-neutral.
Last updated: 27 January 2026
Table of Contents

  • Introduction

  • Controller

  • Overview of Processing Activities

  • Relevant Legal Bases

  • Security Measures

  • Deletion of Data

  • Use of Cookies

  • Business Services

  • Payment Processing

  • Provision of the Online Offering and Web Hosting

  • Registration, Login and User Account

  • Single Sign-On Login

  • Blogs and Publishing Media

  • Contact and Inquiry Management

  • Communication via Messenger Services

  • Video Conferences, Online Meetings, Webinars

  • Newsletters and Electronic Notifications

  • Web Analytics, Monitoring and Optimization

  • Social Media Presences

  • Management, Organization and Support Tools

Controller
Pratima Akademie
Email address: info@pratima-akademie.com
Imprint / Legal Notice: www.pratima-akademie.com
Overview of Processing Activities
The following overview summarizes the types of data processed and the purposes of processing and refers to the affected groups of persons.
Types of data processed

  • Inventory data

  • Payment data

  • Contact data

  • Content data

  • Contract data

  • Usage data

  • Meta/communication data

Special categories of data

  • Health data

Categories of data subjects

  • Customers

  • Employees

  • Prospective customers

  • Communication partners

  • Users

  • Business and contractual partners

Purposes of processing

  • Provision of contractual services and customer service

  • Handling contact requests and communication

  • Security measures

  • Direct marketing

  • Reach measurement

  • Tracking

  • Office and organizational procedures

  • Administration and response to inquiries

  • Feedback

  • Marketing

  • Profiles with user-related information

  • Registration procedures

  • Provision of our online offering and user-friendliness

  • IT infrastructure

Relevant Legal Bases
Below you will find an overview of the legal bases under the GDPR on which we process personal data:

  • Consent – The data subject has given consent to the processing of their personal data for one or more specific purposes.

  • Performance of a contract and pre-contractual measures – Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

  • Legal obligation – Processing is necessary for compliance with a legal obligation to which the controller is subject.

  • Legitimate interests – Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, unless such interests are overridden by the interests or fundamental rights and freedoms of the data subject requiring protection of personal data.

Security Measures
In accordance with the legal requirements, taking into account the state of the art, implementation costs, and the nature, scope, circumstances and purposes of processing as well as the varying likelihood and severity of risks to the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.
These measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data, access to the data itself, input, disclosure, securing availability and separation of data. Furthermore, we have established procedures to ensure the exercise of data subject rights, the deletion of data and responses to data security incidents. We also consider the protection of personal data during the development and selection of hardware, software and procedures, in accordance with the principle of data protection by design and by default.
TLS encryption (https): To protect data transmitted via our online offering, we use TLS encryption. You can recognize encrypted connections by the prefix “https://” in your browser’s address bar.
Processing of Data in Third Countries
If we process data in a third country (i.e., outside Liechtenstein and Switzerland) or if processing takes place in the context of using third-party services or disclosing/transmitting data to other persons, entities or companies, this is done only in accordance with the legal requirements.
Deletion of Data
The data processed by us will be deleted in accordance with the legal requirements as soon as the consents permitting processing are withdrawn or other permissions cease to apply (e.g., if the purpose of processing no longer applies or the data is no longer required for that purpose).
If data is not deleted because it is required for other legally permissible purposes, processing will be restricted to these purposes. This means the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons or whose storage is necessary for the assertion, exercise or defense of legal claims or to protect the rights of another natural or legal person.
Within this privacy policy, we may provide users with further information about the deletion and retention of data that applies specifically to the respective processing activities.
Use of Cookies
Cookies are small text files or other storage notes that store information on end devices and read information from end devices. For example, to store login status in a user account, a shopping cart in an e-commerce shop, the content accessed or functions used in an online offering. Cookies may also be used for different purposes, e.g., ensuring functionality, security and convenience of online offerings and creating analyses of visitor flows.
Notes on Consent
We use cookies in accordance with legal requirements. Therefore, we obtain prior consent from users unless it is not legally required. Consent is not necessary in particular if storing and reading information, including cookies, is strictly necessary in order to provide users with a telemedia service explicitly requested by them (i.e., our online offering). The revocable consent is clearly communicated to users and includes information about the respective cookie usage.
Notes on Data Protection Legal Bases
The legal basis under data protection law for processing users’ personal data with cookies depends on whether we ask users for consent. If users consent, the legal basis is their consent. Otherwise, the data processed with the help of cookies is processed on the basis of our legitimate interests (e.g., in the economically efficient operation of our online offering and improving its usability) or, if the use of cookies is necessary, in order to fulfill our contractual obligations.
We inform users about the purposes for which we process cookies in the course of this privacy policy or within our consent and processing procedures.
Storage Duration
With regard to storage duration, the following types of cookies are distinguished:

  • Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after a user leaves an online offering and closes their end device (e.g., browser or mobile application).

  • Persistent cookies: Persistent cookies remain stored even after the end device is closed. For example, login status can be stored or preferred content displayed directly when users revisit a website. Likewise, data collected with cookies may be used for reach measurement. If we do not provide users with explicit information about the type and storage duration of cookies (e.g., when obtaining consent), users should assume that cookies are persistent and that the storage duration may be up to two years.

General Notes on Withdrawal and Objection (Opt-Out)
Users may withdraw their consent at any time and also object to processing in accordance with the GDPR. Users can also declare their objection via their browser settings, e.g., by disabling the use of cookies (which may restrict the functionality of our online services).
Further Notes on Processing Procedures, Methods and Services

  • Processing of cookie data on the basis of consent: We use a cookie consent management procedure within which users’ consents to the use of cookies and/or the processing and providers named within the consent management procedure can be obtained, managed and revoked. The declaration of consent is stored so that it does not have to be requested again and so that consent can be proven in accordance with legal requirements. Storage can take place server-side and/or in a cookie (so-called opt-in cookie) or by means of comparable technologies, in order to be able to assign consent to a user or their device. Subject to individual information about providers of cookie management services, the following applies: the storage duration of consent can be up to two years. A pseudonymous user identifier is created and stored together with the time of consent, details about the scope of consent (e.g., which categories of cookies and/or service providers) as well as the browser, system and end device used.

Business Services
We process data of our contractual and business partners, e.g., customers and prospective customers (collectively “contractual partners”), within the framework of contractual and comparable legal relationships and related measures as well as within the framework of communication with contractual partners (or prior to a contract), e.g., in order to respond to inquiries.
We process this data to fulfill our contractual obligations. This includes in particular obligations to provide agreed services, any updating obligations and remedies for warranty and other service disruptions. In addition, we process the data to safeguard our rights and for the purpose of administrative tasks associated with these obligations as well as for corporate organization. We also process the data on the basis of our legitimate interests in proper and economically efficient management and in security measures to protect our contractual partners and our business operations from misuse, threats to their data, secrets, information and rights (e.g., by involving telecommunications, transport and other auxiliary services as well as subcontractors, banks, tax and legal advisors, payment service providers or financial authorities). Within the framework of applicable law, we only disclose data of contractual partners to third parties insofar as this is necessary for the aforementioned purposes or for compliance with legal obligations. Contractual partners are informed about further forms of processing, e.g., for marketing purposes, within this privacy policy.
We delete the data after the expiry of statutory warranty and comparable obligations, i.e., generally after four years, unless the data is stored in a customer account, e.g., as long as it must be retained for legal archiving reasons. The statutory retention period is ten years for tax-relevant documents as well as for commercial books, inventories, opening balance sheets, annual financial statements, work instructions and other organizational documents and accounting records required to understand these documents, and six years for received commercial or business letters and copies of sent commercial or business letters. The period begins at the end of the calendar year in which the last entry was made, the inventory, opening balance sheet, annual financial statement or management report was prepared, the commercial or business letter was received or sent, or the accounting record was created; or in which the record was made or the other documents were created.
If we use third-party providers or platforms to provide our services, the terms and conditions and privacy notices of the respective third-party providers or platforms apply in the relationship between users and those providers.

  • Types of data processed: Inventory data (e.g., names, addresses); payment data (e.g., bank details, invoices, payment history); contact data (e.g., email, phone numbers); contract data (e.g., subject matter, term, customer category); usage data (e.g., websites visited, interest in content, access times); meta/communication data (e.g., device information, IP addresses).

  • Data subjects: Customers; prospective customers; business and contractual partners.

  • Purposes of processing: Provision of contractual services and customer service; security measures; contact requests and communication; office and organizational procedures; administration and answering of inquiries.

Further Notes on Processing Procedures, Methods and Services

  • Customer account: Contractual partners can create an account within our online offering (e.g., customer/user account, “customer account”). If registration is required, contractual partners will be informed accordingly and about the information required for registration. Customer accounts are not public and cannot be indexed by search engines. As part of registration as well as subsequent logins and use of the customer account, we store customers’ IP addresses and access times in order to be able to prove registration and prevent misuse. If customers terminate their customer account, the data relating to the customer account will be deleted, unless retention is required by law. It is the customers’ responsibility to back up their data after termination.

  • Shop and e-commerce: We process customer data in order to enable the selection, purchase/ordering of selected products, goods and related services, as well as payment and delivery/performance. If necessary for order fulfillment, we use service providers, in particular postal services, freight forwarders and shipping companies. For payment processing we use banks and payment service providers. Required information is marked as such within the order or comparable purchase process and includes information necessary for delivery/provision and billing as well as contact information for possible queries.

  • Consulting & training: We process data of our clients and prospective clients and other principals or contractual partners (“clients”) in order to provide our services. The processed data, type, scope, purpose and necessity of processing are determined by the underlying contractual relationship. In the course of our activity we may also process special categories of data, in particular health-related information of clients, possibly relating to their sex life or sexual orientation, as well as data revealing racial and ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership. Where required, we obtain explicit consent and otherwise process special categories of data only where it serves clients’ health, the data is public, or other legal permissions apply. Where necessary for contract performance, protection of vital interests, required by law or based on consent, we disclose or transmit clients’ data to third parties or processors in compliance with professional requirements, e.g., authorities, billing offices, as well as IT, office or similar service providers.

  • Online trainings & online programs: We process participant data to provide course and training services. The processed data, type, scope, purpose and necessity depend on the underlying contractual relationship. This generally includes information about courses and services used and—if part of our offering—personal specifications and results of participants. Processing may include performance assessment and evaluation of our services and those of course and training instructors.

  • Events: We process data of participants in events and similar activities (“participants” and “events”) in order to enable participation and related services/actions. If we process health-related, religious, political or other special categories of data, this is done within the scope of obviousness (e.g., for topic-oriented events), for health prevention, safety, or based on consent. Required information is marked as such in the contract/order process and includes information necessary for service provision and billing as well as contact information for possible queries. If we gain access to end-customer, employee or other persons’ information, we process it in accordance with legal and contractual requirements.

Payment Processing
Within the framework of contractual and other legal relationships, due to legal obligations or based on our legitimate interests, we offer efficient and secure payment options and, in addition to banks and credit institutions, use other service providers (collectively “payment service providers”).
The data processed by payment service providers includes inventory data such as name and address; bank data such as account or credit card numbers; passwords, TANs and checksums; as well as contract-, amount- and recipient-related information. This information is required to conduct transactions. The entered data is processed and stored only by the payment service providers. This means we do not receive any account or credit card-related information, but only information confirming or rejecting payment. In some cases, payment service providers may transmit data to credit agencies. This transmission serves identity and creditworthiness checks. We refer to the terms and privacy notices of the payment service providers.
The terms and privacy notices of the respective payment service providers apply to payment transactions and can be accessed on their websites or transaction applications. We also refer to them for further information and for exercising rights of withdrawal, access and other data subject rights.

  • Types of data processed: Inventory data; payment data; contract data; usage data; meta/communication data.

  • Data subjects: Customers; prospective customers.

  • Purposes of processing: Provision of contractual services and customer service.

Provision of the Online Offering and Web Hosting
We process users’ data in order to provide our online services. For this purpose, we process the user’s IP address, which is necessary to transmit the content and functions of our online services to the users’ browser or end device.

  • Types of data processed: Usage data; meta/communication data; content data.

  • Data subjects: Users (e.g., website visitors, users of online services).

  • Purposes of processing: Provision of our online offering and user-friendliness; IT infrastructure; security measures.

Further Notes on Processing Procedures, Methods and Services

  • Provision of the online offering on rented storage space: For the provision of our online offering, we use storage space, computing capacity and software that we rent or otherwise obtain from a server provider (“web host”).

  • Collection of access data and log files: Access to our online offering is logged in so-called server log files. Server log files may include the address and name of accessed websites and files, date and time of access, transmitted data volumes, successful access message, browser type and version, the user’s operating system, referrer URL (previously visited page) and usually IP addresses and the requesting provider. Server log files may be used for security purposes (e.g., to prevent server overload, especially in the event of abusive attacks such as DDoS attacks) and to ensure server utilization and stability. Deletion: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data that must be retained for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified.

  • Email sending and hosting: Our web hosting services also include sending, receiving and storing emails. For these purposes, recipient and sender addresses as well as further information regarding email transmission (e.g., involved providers) and the content of the respective emails are processed. These data may also be processed for spam detection purposes. Please note that emails on the internet are generally not sent encrypted. As a rule, emails are encrypted during transport, but (unless end-to-end encryption is used) not on the servers from which they are sent and received. We therefore cannot assume responsibility for the transmission path of emails between the sender and receipt on our server.

  • All-Inkl: Services in the field of providing IT infrastructure and related services (e.g., storage space and/or computing capacity); provider: Neue Medien Münnich, owner: René Münnich, Hauptstraße 68 | D-02742 Friedersdorf, Germany; website: https://all-inkl.com; privacy policy: https://all-inkl.com/datenschutzinformationen/

  • Onepage.io: Provision and operation of websites, blogs and other online offerings; provider: Onepage GmbH, Hanauer Landstraße 172, 60314 Frankfurt am Main, Germany; website: https://onepage.io/de; privacy policy: https://onepage.io/de/datenschutzerklarung

Special Notes on Applications (Apps)
We process data of users of our application insofar as it is necessary to provide the application and its functionalities, monitor its security and further develop it. We may also contact users in compliance with legal requirements if communication is required for administration or use of the application. Otherwise, we refer to the processing of user data in this privacy policy.
Legal bases: Processing of data necessary for providing the functionalities of the application serves the performance of contractual obligations. This also applies if providing functions requires permissions by users (e.g., enabling device functions). If processing is not required for providing functionalities but serves the security of the application or our business interests (e.g., collection of data for optimization or security purposes), it is based on our legitimate interests. If users are expressly asked for consent, processing is based on that consent.

  • Types of data processed: Inventory data; meta/communication data; payment data; contract data.

  • Data subjects: Users.

  • Purposes of processing: Provision of contractual services and customer service.

Further Notes on Processing Procedures, Methods and Services

  • Commercial use: We process data of users of our application, registered users and any test users (“users”) to provide our contractual services and, based on legitimate interests, to ensure security and further develop the application. Required information is marked accordingly and may include information necessary for service provision and billing as well as contact information for possible queries.

  • Storage of a universal unique identifier (UUID): The application stores a universal unique identifier (“UUID”) for the purpose of analyzing use and functionality as well as storing user settings. This identifier is generated upon installation (but is not linked to the device, i.e., not a device identifier in that sense), remains stored between starts and updates of the application, and is deleted when users remove the application from their device.

  • Device permissions: Use of the application or its functions may require user permissions to access certain device functions or data stored on or accessible via the device. By default, these permissions must be granted by users and can be revoked at any time in device settings. The procedure may vary depending on the device and software. Users may contact us if they need explanations. Please note that denial or revocation of permissions may affect the functionality of our application.

  • No location history and no movement profiles: Location data is used only selectively and not processed to create a location history or movement profile.

Single Sign-On Login
“Single Sign-On” (SSO) refers to procedures that allow users to log into our online offering using a user account with a Single Sign-On provider (e.g., a social network). The prerequisite is that users are registered with the SSO provider and enter the required access data in the designated online form or are already logged into the SSO provider and confirm the SSO login via a button.
Authentication is carried out directly with the respective SSO provider. In the course of such authentication, we receive a user ID with the information that the user is logged in with the SSO provider under this user ID and an ID not usable by us for other purposes (so-called “user handle”). Whether additional data is transmitted depends solely on the SSO method used, the data releases selected during authentication, and the data users have approved in privacy settings with the SSO provider. Depending on provider and user choice, different data may be transmitted; typically this includes email address and username. The password entered with the SSO provider is neither visible to us nor stored by us.
Users are requested to note that information stored with us may be automatically synchronized with their SSO account; however, this is not always possible or actually performed. For example, if users change their email address, they must update it manually in their account with us.
We may use SSO—where agreed with users—as part of or prior to contract performance, where users have requested it; process it on the basis of consent, where consent is required; and otherwise use it based on our legitimate interests and users’ interest in an effective and secure login system.
If users decide they no longer want to use the link to their SSO account, they must remove the connection within their SSO account. If users want to delete their data with us, they must cancel their registration with us.

  • Types of data processed: Inventory data; contact data; usage data; meta/communication data.

  • Data subjects: Users; communication partners.

  • Purposes of processing: Provision of contractual services and customer service; security measures; registration procedures; direct marketing.

ActiveCampaign: Email marketing platform; provider: ActiveCampaign, Inc., 1 N Dearborn, 5th Floor, Chicago, Illinois 60602, USA; legal basis: legitimate interests (Art. 6(1)(f) GDPR); website: https://www.activecampaign.com; privacy policy: https://www.activecampaign.com/privacy-policy/; standard contractual clauses (ensuring an adequate level of data protection for processing in third countries).
Contact and Inquiry Management
When contacting us (e.g., via contact form, email, telephone or social media) as well as within existing user and business relationships, the data provided by the inquiring persons is processed insofar as this is necessary to respond to contact inquiries and any requested measures.

  • Types of data processed: Contact data; content data; usage data; meta/communication data.

  • Data subjects: Communication partners.

  • Purposes of processing: Contact requests and communication; administration and answering of inquiries; feedback; provision of our online offering and user-friendliness.

Contact form: If users contact us via our contact form, email or other communication channels, we process the data communicated to us in this context for the purpose of handling the request.
Communication via Messenger Services
We use messenger services for communication and therefore ask you to observe the following notes regarding the functionality of messengers, encryption, the use of communication metadata and your options to object.
You can also contact us via alternative channels, e.g., telephone or email. Please use the contact options provided to you or stated within our online offering.
In the case of end-to-end encryption of content (i.e., content of your message and attachments), we point out that communication contents (i.e., the message content and attached images) are encrypted end-to-end. This means message contents are not viewable—not even by the messenger providers themselves. You should always use an up-to-date version of the messenger with encryption enabled so that encryption of message content is ensured.
However, we also inform our communication partners that messenger providers may not see the content, but can learn that and when communication partners communicate with us, and may process technical information about the device used and—depending on device settings—location information (so-called metadata).
Notes on legal bases: If we ask communication partners for permission before communicating via messenger, the legal basis is their consent. Otherwise, if we do not request consent and you contact us on your own initiative, we use messengers in relation to contractual partners and in the context of initiating contracts as a contractual measure, and for other interested parties and communication partners on the basis of our legitimate interests in fast and efficient communication and in meeting the needs of our communication partners to communicate via messenger. We also note that we do not transmit the contact data provided to us to the messenger providers for the first time without your consent.
Withdrawal, objection and deletion: You may withdraw consent at any time and object to communication with us via messenger at any time. In the case of messenger communication, we delete messages in accordance with our general deletion policies (e.g., as described above after the end of contractual relationships, in the context of archiving requirements, etc.) and otherwise as soon as we can assume that any information requests have been answered, if no reference to a previous conversation is expected and no statutory retention obligations prevent deletion.
Reservation of referral to other communication channels: Finally, for security reasons we reserve the right not to answer inquiries via messenger. This is the case, for example, if contractual details require special confidentiality or if a response via messenger does not meet formal requirements. In such cases, we will refer you to more appropriate communication channels.

  • Types of data processed: Contact data; usage data; meta/communication data.

  • Data subjects: Communication partners.

  • Purposes of processing: Contact requests and communication; direct marketing.

WhatsApp: WhatsApp Messenger with end-to-end encryption; provider: WhatsApp Ireland Limited, 4 Grand Canal Quay, Dublin 2, D02 KH28, Ireland; legal basis: legitimate interests (Art. 6(1)(f) GDPR); website: https://www.whatsapp.com/; privacy policy: https://www.whatsapp.com/legal.
Video Conferences, Online Meetings, Webinars and Screen Sharing
We use platforms and applications of other providers (“conference platforms”) for conducting video and audio conferences, webinars and other types of video/audio meetings (“conferences”). When selecting conference platforms and their services, we comply with legal requirements.
Data processed by conference platforms: As part of participation in a conference, the conference platforms process participants’ personal data described below. The scope depends on which data is required in the specific conference (e.g., access data or real names) and which optional information participants provide. In addition to processing for conducting the conference, participant data may also be processed by the conference platforms for security purposes or service optimization.
Processed data may include: personal data (first and last name), contact information (email address, phone number), access data (access codes or passwords), profile pictures, information about professional position/function, IP address of internet access, participants’ devices, operating system, browser and its technical and language settings, information about communication content, i.e., chat entries, audio and video data, as well as use of other available functions (e.g., polls). Communication contents are encrypted to the extent technically provided by the conference provider. If participants are registered users of the conference platforms, further data may be processed in accordance with the agreement with the respective provider.
Logging and recordings: If text entries, participation results (e.g., polls) and/or video or audio recordings are logged, this will be transparently communicated in advance and—where required—participants will be asked for consent.
Participant data protection measures: Please review the details of data processing by the conference platforms in their privacy policies and choose the security and privacy settings that are best for you. Please also ensure data and privacy protection in the background of your recording during a video conference (e.g., by informing housemates, closing doors, and using background blurring features where available). Links to conference rooms and access data must not be passed on to unauthorized third parties.
Notes on legal bases: If we process user data in addition to the conference platforms and ask users for consent to the use of the conference platforms or certain functions (e.g., consent to recording), the legal basis is consent. Processing may also be required for the performance of contractual obligations (e.g., participant lists, documentation of results). Otherwise, user data is processed on the basis of our legitimate interests in efficient and secure communication.

  • Types of data processed: Inventory data; contact data; content data; usage data; meta/communication data.

  • Data subjects: Communication partners; users; persons depicted.

  • Purposes of processing: Provision of contractual services and customer service; contact requests and communication; office and organizational procedures.

Zoom: Video conferences, web conferences and webinars; provider: Zoom Video Communications, Inc., 55 Almaden Blvd., Suite 600, San Jose, CA 95113, USA; legal basis: legitimate interests (Art. 6(1)(f) GDPR); website: https://zoom.us; privacy policy: https://zoom.us/docs/de-de/privacy-and-legal.html; data processing agreement: https://zoom.us/docs/de-de/privacy-and-legal.html (referred to as Global DPA); standard contractual clauses: https://zoom.us/docs/de-de/privacy-and-legal.html (referred to as Global DPA).
Newsletters and Electronic Notifications
We send newsletters, emails and other electronic notifications (“newsletters”) only with the recipients’ consent or on the basis of legal permission. If the contents of the newsletter are specifically described during registration, they are decisive for user consent. Otherwise, our newsletters contain information about our services and about us.
To subscribe to our newsletters, it is generally sufficient to provide your email address. However, we may ask for a name for personal addressing in the newsletter or additional information if required for newsletter purposes.
Deletion and restriction of processing: We may store unsubscribed email addresses for up to three years on the basis of our legitimate interests before deleting them in order to be able to prove a previously given consent. Processing is restricted to the purpose of possible defense against claims. An individual deletion request is possible at any time, provided that the prior existence of consent is confirmed at the same time. Where there are obligations to permanently respect objections, we reserve the right to store the email address solely for this purpose in a blocklist.
Logging the subscription process is based on our legitimate interests for the purpose of proving proper execution. If we commission a service provider to send emails, this is based on our legitimate interests in an efficient and secure sending system.

  • Types of data processed: Inventory data; contact data; meta/communication data; usage data.

  • Data subjects: Communication partners.

  • Purposes of processing: Direct marketing.

  • Legal bases: Consent (Art. 6(1)(a) GDPR); legitimate interests (Art. 6(1)(f) GDPR).

  • Right to object (opt-out): You may cancel receipt of our newsletter at any time, i.e., withdraw your consent and/or object to further receipt. A cancellation link can be found at the end of each newsletter or you can use one of the contact options above—preferably by email.

Further Notes on Processing Procedures, Methods and Services

  • Measurement of open and click rates: Newsletters contain a so-called web beacon (a pixel-sized file) that is retrieved when the newsletter is opened from our server or, if we use a shipping service provider, from their server. During retrieval, technical information such as browser and system information, your IP address and the time of retrieval are collected. This information is used to technically improve the newsletter, to analyze target groups and their reading behavior based on retrieval locations (determinable via IP address) or access times. This analysis also includes determining whether newsletters are opened, when they are opened, and which links are clicked. This information is assigned to individual recipients and stored in their profiles until deletion. Evaluations help us recognize users’ reading habits and adapt content or send different content according to users’ interests. Measurement of open rates and click rates, storage of results in user profiles and further processing are based on users’ consent. A separate withdrawal of success measurement is not possible; in this case the entire newsletter subscription must be canceled or objected to; then stored profile information will be deleted.

  • ActiveCampaign: Email marketing platform; provider: ActiveCampaign, Inc., 1 N Dearborn, 5th Floor, Chicago, Illinois 60602, USA; website: https://www.activecampaign.com; privacy policy: https://www.activecampaign.com/privacy-policy/; standard contractual clauses: https://www.activecampaign.com/legal/newscc.

Web Analytics, Monitoring and Optimization
Web analytics (also referred to as “reach measurement”) serves to evaluate visitor flows of our online offering and may include behavior, interests or demographic information about visitors, such as age or gender, as pseudonymous values. Reach analysis allows us, for example, to recognize when our online offering, its functions or content are used most frequently or invite reuse. We can also identify which areas require optimization.
In addition to web analytics, we may use testing procedures to test and optimize different versions of our online offering or its components.
Unless otherwise stated below, profiles may be created for these purposes, i.e., data combined into a usage process, and information may be stored in a browser or end device and read from it. Collected information includes websites visited and elements used there, as well as technical data such as the browser and computer system used and usage times. If users have consented to the collection of location data, location data may also be processed.
IP addresses are also stored. However, we use IP masking (pseudonymization by shortening the IP address) to protect users. In general, no clear data (e.g., email addresses or names) is stored in the context of web analytics, A/B testing and optimization, but pseudonyms. This means neither we nor the providers of the software used know the actual identity of users, only the information stored in their profiles for the respective procedures.

  • Types of data processed: Usage data; meta/communication data.

  • Data subjects: Users.

  • Purposes of processing: Reach measurement; profiles with user-related information; tracking; provision of our online offering and user-friendliness.

  • Security measures: IP masking.

Google Analytics: Web analytics, reach measurement and measurement of user flows; provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; legal basis: consent (Art. 6(1)(a) GDPR); website: https://marketingplatform.google.com/intl/de/about/analytics/; privacy policy: https://policies.google.com/privacy; data processing terms: https://business.safety.google/adsprocessorterms; standard contractual clauses: https://business.safety.google/adsprocessorterms; opt-out: https://tools.google.com/dlpage/gaoptout?hl=de; ad settings: https://adssettings.google.com/authenticated; further information: https://privacy.google.com/businesses/adsservices.
Social Media Presences
We maintain online presences within social networks and process user data in this context in order to communicate with users active there or to provide information about us.
We point out that user data may be processed outside the European Union. This may entail risks for users, as enforcement of users’ rights may be more difficult.
Furthermore, user data within social networks is typically processed for market research and advertising purposes. For example, usage profiles may be created based on usage behavior and resulting interests. Usage profiles can then be used to display ads within and outside the networks that presumably correspond to users’ interests. For these purposes, cookies are typically stored on users’ computers in which usage behavior and interests are stored. In addition, data may be stored in usage profiles regardless of the devices used (especially if users are members of the respective platforms and are logged in).
For a detailed presentation of the respective processing activities and opt-out options, we refer to the privacy policies and information provided by the operators of the respective networks.
In the case of information requests and the exercise of data subject rights, we point out that these can be asserted most effectively with the providers. Only the providers have access to user data and can take appropriate measures directly and provide information. If you still need help, you can contact us.

  • Types of data processed: Contact data; content data; usage data; meta/communication data.

  • Data subjects: Users.

  • Purposes of processing: Contact requests and communication; feedback; marketing.

  • Legal basis: Legitimate interests (Art. 6(1)(f) GDPR).

Instagram: Social network; provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; legal basis: legitimate interests (Art. 6(1)(f) GDPR); website: https://www.instagram.com; privacy policy: https://instagram.com/about/legal/privacy.
Facebook Pages: Profiles within the social network Facebook – We are jointly responsible with Meta Platforms Ireland Limited for the collection (but not further processing) of data of visitors to our Facebook Page (“fan page”). This data includes information about the types of content users view or interact with or actions they take, as well as information about the devices used (e.g., IP addresses, operating system, browser type, language settings, cookie data). As explained in Facebook’s data policy, Facebook collects and uses information to provide analytics services (“Page Insights”) to page operators to help them understand how people interact with their pages and associated content. We have entered into a special agreement with Facebook (“Page Insights Controller Addendum”), which regulates in particular which security measures Facebook must observe and in which Facebook agrees to fulfill data subject rights. Users can, for example, submit access or deletion requests directly to Facebook. Users’ rights are not restricted by this agreement. Further information can be found in the “Information about Page Insights Data”. Meta also uses standard contractual clauses for transfers to third countries, including transfers to Meta Platforms, Inc. in the USA.
Management, Organization and Support Tools
We use services, platforms and software from third-party providers (“third-party providers”) for organization, administration, planning and providing our services. When selecting these providers and services, we comply with legal requirements.
In this context, personal data may be processed and stored on the servers of third-party providers. Various data may be affected, which we process in accordance with this privacy policy. Such data may include in particular master data and contact data of users, data about processes, contracts, other processes and their content.
If users are referred to third-party providers or their software or platforms within the framework of communication, business or other relationships, the third-party providers may process usage data and metadata for security purposes, service optimization or marketing purposes. We therefore ask you to observe the privacy policies of the respective third-party providers.

  • Types of data processed: Content data; usage data; meta/communication data.

  • Data subjects: Communication partners; users.

  • Purposes of processing: Contact requests and communication; provision of contractual services and customer service; office and organizational procedures.

  • Legal basis: Legitimate interests (Art. 6(1)(f) GDPR).

WeTransfer: File transfer over the internet; provider: WeTransfer BV, Oostelijke Handelskade 751, Amsterdam, 1019 BW, Netherlands; legal basis: legitimate interests (Art. 6(1)(f) GDPR); website: https://wetransfer.com; privacy policy: https://wetransfer.com/legal/privacy.
Liability
The contents of this website have been compiled and reviewed with due care. However, no guarantee can be given with regard to accuracy, completeness, functionality, timeliness and constant availability. All information is provided without liability; liability is generally excluded.

bottom of page