Privacy Policy

Information on the Handling of Personal Data for Users of Our Website/Software and Participants in Our Training Programs

1. Introduction and Initial Definitions

 

The protection of your personal data is very important to us. This applies to all visitors to our website, users of our software, participants in our training programs, as well as all individuals who use or intend to use our services (hereinafter collectively referred to as “users”).

 

We place great importance on the responsible and transparent handling of your data and, of course, comply with the requirements of the GDPR and other applicable data protection laws. The use of our website, software, or training programs—or any interest in such use—will hereinafter be referred to as “use of our services.”

 

We strive to handle your data with care and protect it to the best of our ability. For this reason, we make every effort to meet the requirements of the GDPR and other data protection legislation.

 

In the following, we will explain how we process your data on our website. We aim to use clear and transparent language so that you can truly understand what happens with your data.

 

2. General Information

 

2.1 Processing of Personal Data and Other Terms

Data protection applies to the processing of personal data. “Personal data” refers to any data that can identify you personally or can be attributed to you. This includes, for example, the IP address of the device (PC, laptop, smartphone, etc.) you use to access our services. Such data is considered to be processed when “anything happens” to it. For instance, when using the website, your IP address is transmitted by your browser to our hosting provider and stored automatically. This constitutes processing (according to Art. 4 No. 2 GDPR) of personal data (as defined in Art. 4 No. 1 GDPR).

These and other legal definitions can be found in Article 4 of the GDPR.

 

2.2 Applicable Regulations and Laws – GDPR, BDSG, and TDDDG

The scope of data protection is governed by legislation. This includes, most notably, the GDPR (General Data Protection Regulation) as a European regulation and the BDSG (Federal Data Protection Act) as national legislation in Germany, as well as other national and international laws.

Additionally, in Germany, the TDDDG (Act on Data Protection and Privacy in Telecommunications and Telemedia) supplements the provisions of the GDPR, especially with regard to the use of cookies.

 

2.3 The Controller

The controller is the entity responsible for data processing under the GDPR. This is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

You can contact the controller at:

 

TradeNeon FZCO

 

Legal Representative: Marnie Aramruck 

IFZA Business Park, DDP, Dubai Silicon Oasis

00000 Dubai, United Arab Emirates

mail@tradeneon.com

Further contact information: www.tradeneon.com/impressum

 

 

2.4 How Data is Generally Processed

As already mentioned, there are certain data (e.g., IP addresses) that are collected automatically. This data is primarily needed for the technical operation of the website. Whenever we use personal data beyond this or collect other types of data, we will inform you accordingly or obtain your consent.

There is also personal data that you actively provide to us (e.g., by filling out and submitting a form).

You will find more detailed information about this below.

 

2.5 Your Rights

The GDPR and other data protection laws provide you with extensive rights. These include, for example, the right to receive free information about the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction, restriction, or deletion of this data, or to file a complaint with the competent data protection supervisory authority. Any consent you have given can be revoked at any time with effect for the future.

Details on what these rights entail and how to exercise them can be found in the final section of this privacy policy.

 

2.6 Data Protection – Our Perspective

For us, data protection is more than just a legal obligation. Personal data has significant value, and careful handling of such data should be a given in our digitalized world. Furthermore, users should be empowered to decide for themselves what happens with their data, when, and by whom.

For this reason, we are committed to complying with all legal requirements, only collect the data necessary for us, and of course treat such data confidentially.

 

2.7 Disclosure and Deletion

Disclosure and deletion of data are important and sensitive issues. Therefore, we would like to briefly inform you in advance about our general approach in this regard.

Data is only disclosed if there is a legal basis for doing so and only when absolutely necessary. This may particularly be the case when a so-called data processor is involved and a data processing agreement pursuant to Art. 28 GDPR has been concluded.

We delete your data when the purpose and legal basis for processing cease to apply, and no other legal obligations prevent deletion. Article 17 GDPR also provides a good overview of this.

Please refer to the remainder of this privacy policy for more detailed information and contact the controller if you have specific questions.

 

2.8 Hosting

Our websites, software downloads, software functions, etc., are hosted externally. The personal data collected from users is stored on the servers of the hosting provider. This includes both the automatically collected and stored log files (see below for more details), as well as all other data users submit.

External hosting is used to ensure the secure, fast, and reliable provision of our website and serves, in this context, to fulfill our contractual obligations to potential and existing customers.

The legal basis for processing is in particular Art. 6(1)(a), (b), and (f) GDPR, as well as § 25(1) TDDDG, where user consent has been given.

Our hosting provider only processes data necessary to fulfill its contractual obligations and acts as our data processor, meaning it is bound by our instructions. We have entered into a corresponding data processing agreement with our hosting provider.

 

We use the following hosting provider:

Hetzner

Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany

info@hetzner.com

https://www.hetzner.com/legal/privacy-policy

2.9 Legal Basis

The processing of personal data always requires a legal basis. Article 6(1) sentence 1 of the GDPR provides the following legal bases:

 

1. a) The data subject has given consent to the processing of their personal data for one or more specific purposes;
2. b) The processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
3. c) The processing is necessary for compliance with a legal obligation to which the controller is subject;
4. d) The processing is necessary in order to protect the vital interests of the data subject or of another natural person;
5. e) The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
6. f) The processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

 

In the following sections, we will specify the exact legal basis applicable to each type of processing.

 

3. What Happens When You Use Our Services

When you make use of our services, we process personal data about you.

 

To protect this data against unauthorized access by third parties, we use SSL, TLS, or similar encryption technologies on our software and website. You can recognize an encrypted connection, for example, by the presence of “https://” or a lock icon in your browser’s address bar.

 

Below, we explain which data is collected when you use our services, for what purpose, and based on which legal basis.

 

3.1 Data Collection When Using Our Services

 

When accessing the website, the software, or participating in online trainings, certain information is automatically stored in so-called server log files. This includes the following:

• Browser type and version
• Operating system used
• Referrer URL
• Hostname of the accessing device
• Time of the server request
• IP address

 

These data are temporarily necessary to ensure smooth access to our services. Specifically, they serve the following purposes:

• System security of the website
• System stability of the website
• Error diagnosis on the website
• Establishing a connection to the website
• Display of the website and software
• Participation in training programs
• Booking of services
• Execution of services

 

Data processing is carried out pursuant to Art. 6(1)(f) GDPR and is based on our legitimate interest in ensuring the functionality and security of the website/software.

Whenever possible, these data are stored in a pseudonymized form and are deleted after the intended purpose has been fulfilled.

 

If the server log files allow for the identification of a data subject, the data will be stored for a maximum of 14 days. An exception applies in the event of a security-related incident. In such cases, the server log files will be retained until the issue has been resolved and fully investigated.

There is no merging of this data with other data.

 

Additional Data Collected in the Context of Using Our Services

 

In addition to server log data, we collect—depending on the feature being used—other data necessary for the provision of our services:

 

Ablefy (Sales and Payment Processing)

 

In the context of orders placed via our Ablefy platform, the following additional data is processed:

• Ordered products/services
• Date and time of the order
• Chosen payment method
• Billing and, if applicable, shipping address

 

This data is necessary for contract fulfillment and the provision of booked services (Art. 6(1)(b) and (f) GDPR).

 

Customer Portal (Login-Based Access to Content)

 

When logging into our customer portal, personal data such as:

• Username
• User account settings

 

are processed and stored to provide personalized functions and content (Art. 6(1)(b) and (f) GDPR).

Futures Insights (Software Module)

 

Within the Futures Insights module, users can apply individual settings. The following data may be stored depending on usage:

• Favorites (e.g., markets, instruments)
• Display and usage preferences (e.g., color schemes, zoom levels)

 

These settings are stored to enable a personalized user experience and restore your preferred interface (Art. 6(1)(b) and (f) GDPR).

 

LOI (Level of Interest – Client Applications)

 

When using LOI modules in third-party software such as ATAS or Bookmap, the following client-side data are processed:

• Linking of the user account with the application
• Usage history of the application (e.g., date, version, load times of level data)

 

This data is used exclusively for product functionality and is not processed for marketing or tracking purposes (Art. 6(1)(b) and (f) GDPR).

 

Ablefy acts as a data processor on our behalf under a data processing agreement pursuant to Art. 28 GDPR.

3.2 Cookies

 

3.2.1 General Information

When using our services, so-called cookies are used. These are data records—pieces of information—stored by your device’s browser that are related to our website.

By placing cookies, we can make navigation on the website easier for the user.

In our cookie consent tool and within the software, you will find full information about the cookies we use on our website and in connection with the use of our services (if applicable, based on your consent).

 

3.2.2 Rejecting Cookies

You can manage all cookies that are not technically necessary.

In many cases, you can prevent cookies from being set by adjusting your browser settings. Below are links to instructions for commonly used browsers:

• Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen?redirectslug=Cookies+l%C3%B6schen&redirectlocale=de

 

• Google Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=de

 

• Microsoft Edge: https://support.microsoft.com/de-de/windows/l%C3%B6schen-und-verwalten-von-cookies-168dab11-0753-043d-7c16-ede5947fc64d

 

• Safari: https://support.apple.com/de-de/guide/mdm/mdmf7d5714d4/web
•  and https://support.apple.com/de-de/guide/safari/sfri11471/mac

 

 

If you use another browser, we recommend searching for the name of your browser together with “delete and manage cookies” in a search engine and following the official link provided by your browser developer.

 

Alternatively, you can manage your cookie preferences via:

• www.aboutads.info/choices/
• www.youronlinechoices.com

 

 

Please note that fully blocking or deleting cookies may impair the functionality of our website.

 

3.2.3 Technically Necessary Cookies

We also use technically necessary cookies to ensure our services function properly and in accordance with applicable laws. These cookies help make our website more user-friendly. Some features cannot be displayed without the use of cookies.

The legal basis for this depends on the specific case and is provided by Art. 6(1)(b), (c), and/or (f) GDPR.

 

3.2.4 Technically Non-Essential Cookies

In addition, we use cookies that are not technically essential. These cookies, for example, help us analyze user behavior or offer features that are not strictly required for the functionality of our services.

The legal basis for such processing is your consent in accordance with Art. 6(1)(a) GDPR.

Technically non-essential cookies are only set with your consent, which you can withdraw at any time using the cookie consent tool.

3.3 Data Processing Through User Input

 

3.3.1 Data We Collect Directly

We offer the following services: coaching, online courses, and software. In this context, we collect data such as name, surname, email address, payment details (in the case of a contract), postal address, and phone number.

 

Specifically, we collect the following personal data:

• Name
• Email address
• Address
• Phone number
• If applicable, payment details upon conclusion of a contract

 

The legal basis for this data processing is Art. 6(1)(b) GDPR.

The data will be deleted once the respective purpose ceases to apply and deletion is permitted under legal requirements.

3.3.2 Contacting Us

 

1. a) Email

If you contact us via email, we process your email address and, if applicable, any additional data contained in your message. These are stored on the mail server and, in some cases, on the respective end devices. Depending on the nature of your inquiry, the legal basis is regularly Art. 6(1)(f) GDPR or Art. 6(1)(b) GDPR. The data will be deleted as soon as the purpose of the processing ceases to apply and deletion is permitted under legal requirements.

 

1. b) Contact Form

We provide a contact form for getting in touch with our company.

This form typically collects your first and last name, phone number, email address, and the content of your message. The data is stored on our web server and forwarded internally to the appropriate email addresses.

The legal basis for this data processing is Art. 6(1)(f) GDPR, as we have a legitimate interest in responding to your inquiry and offering a simple way to get in touch. If the purpose of the contact is to enter into a contract, the additional legal basis is Art. 6(1)(b) GDPR.

We delete this data no later than 3 months after receipt unless it is required for an existing contractual relationship.

We use the contact form provided by:

DIVI WordPress Theme & Plugin

Element Themes Inc., 977 West Napa Street #1002, Sonoma, CA 95476, USA

https://www.elegantthemes.com/policy/privacy/

 

 

1. c) Appointment Scheduling Tool / Chats – Bookly

To enable users to schedule appointments with us, we use Bookly, a service provided by NOTA-INFO Ltd., Coolgardie Avenue, London, England, E4 9HP.

To book an appointment, personal data such as name, email address, phone number, appointment time, and the subject of the appointment are collected via a designated form. These data are used for planning, executing, and, if necessary, following up on the appointment.

 

Bookly may set cookies on our website to collect and store data. These cookies are only set with your consent. You may revoke and manage your consent at any time via our cookie consent tool. The legal basis is Art. 6(1)(a) GDPR and § 25(1) TDDDG, where the consent includes accessing or storing information on the user’s device as defined by TDDDG.

Personal data entered via Bookly is processed according to Art. 6(1)(b) GDPR.

 

A transfer of data to third countries, particularly the UK, may occur. Where required, appropriate safeguards such as adequacy decisions or standard contractual clauses are applied.

 

The general legal basis for using Bookly is Art. 6(1)(f) GDPR, as we have a legitimate interest in directly communicating with customers, potential customers, and other interested parties and in processing inquiries as efficiently as possible.

The data is stored until the data subject requests deletion, revokes their consent, or the purpose of storage no longer applies. Mandatory statutory retention periods remain unaffected.

 

Data processing on these external sites is the sole responsibility of the respective third-party providers. Please consult their respective privacy policies.

Further information:

https://www.booking-wp-plugin.com/privacy/

 

 

1. d) Contact via Chaty

We use the tool “Chaty” on our website, provided by Premio LLC (8 The Green, Suite 4331, Dover, DE 19901, USA). Chaty appears as a small icon on the edge of the screen and enables users to contact us quickly and easily.

Through the integrated contact form, visitors can send a message directly to us. In this process, personal data such as name, email address, and message content are collected and forwarded to us to process your request.

 

The processing of this data is based on Art. 6(1)(b) GDPR if the request is related to the initiation or performance of a contractual relationship, and on Art. 6(1)(f) GDPR based on our legitimate interest in effective and user-friendly communication.

Data processing on external pages is the responsibility of the respective providers. Please refer to their privacy policies for more information.

 

More information about data processing by Chaty:

https://chaty.app/privacy-policy

 

 

In addition to Art. 6(1)(b) and (f) GDPR, Art. 6(1)(a) GDPR also applies when tracking features or cookies are used.

The data will be deleted once they are no longer necessary for the stated purposes and there are no statutory retention obligations.

Data may be transferred to the USA, protected by standard contractual clauses.

 

1. e) Personality Test via AidaForm

We use AidaForm, a service provided by AidaForm LLC, 651 N Broad St, Suite 206, Middletown, DE 19709, USA (website: https://aidaform.com), to conduct our personality test.

Responses entered during the test are processed by us exclusively in anonymized form. There is no association with any identifiable individual. The data is used solely to generate a personalized result at the end of the test. No further storage or linking of personal data to the test results occurs. The test results are deleted afterward.

The legal basis for this data processing is Art. 6(1)(a) GDPR.

More information on data processing by AidaForm can be found here:

https://aidaform.com/privacy-policy.html

 

 

The transfer of personal data to the USA may occur and is based on the EU Commission’s standard contractual clauses pursuant to Art. 46 GDPR.

The data will be deleted once they are no longer required for the stated purposes and no statutory retention obligations exist.

3.4 Cookie Consent Tool

 

3.4.1 CookieYes

To ensure that only cookies with a valid legal basis are set, we use the consent management tool CookieYes. This service is provided by Mozilor Limited, 3 Warren Yard, Wolverton Mill, Milton Keynes, England, MK12 5NW, United Kingdom.

We use CookieYes to obtain and document users’ consent for the storage of certain cookies in their browsers or for the use of certain technologies in a data protection-compliant manner.

When you visit our website, your consent or withdrawal of consent is stored in your browser. A connection is established with the servers of CookieYes for this purpose.

The legal basis is Art. 6(1)(c) GDPR. CookieYes is used to obtain legally required consent for the use of cookies.

The data collected will be stored until the website visitor requests deletion, CookieYes deletes the data, or the purpose of data storage no longer applies.

Statutory retention obligations remain unaffected.

3.5 Newsletter

 

3.5.1 ActiveCampaign

We use ActiveCampaign to provide our newsletter services. This service is offered by ActiveCampaign Inc., 1 N Dearborn, 5th Floor, Chicago, Illinois 60602, USA.

This service allows us to organize and analyze the delivery of newsletters. The data you enter to receive the newsletter is stored on ActiveCampaign’s servers in the United States.

 

With the help of ActiveCampaign, we can analyze interactions with our newsletters. In addition, conversion rates can be tracked, and newsletter recipients can be categorized to tailor content to different target groups.

You can opt out of this analysis at any time via the link included in each newsletter.

 

The legal basis for this processing is Art. 6(1)(a) GDPR and § 25(1) TDDDG. Your consent can be withdrawn at any time by unsubscribing from the newsletter. The legality of the data processing carried out prior to withdrawal remains unaffected.

For data transfers to the USA, the standard contractual clauses (SCC) of the European Commission apply.

 

Data will be deleted at the end of our contract with ActiveCampaign, unless you withdraw your consent earlier. In that case, your data will be removed from the mailing list.

 

In addition, after unsubscribing, your email address will be placed on a blacklist and stored separately from other data for an indefinite period of time. The legal basis for this is Art. 6(1)(f) GDPR. This serves both your interest and ours in operating a newsletter in compliance with legal regulations.

 

Further details:

• https://www.activecampaign.com/privacy-policy

 

• https://www.activecampaign.com/legal/scc

 

• https://www.activecampaign.com/de/legal/gdpr-updates/privacy-shield

 

 

Data transfers to the USA may occur. Protection is ensured through standard contractual clauses of the European Commission and, where applicable, certifications under the EU-U.S. Data Privacy Framework.

 

3.6 Mailing Service

 

3.6.1 Ablefy – Our Sales Platform

For automated processing of bookings, payments, and related communication, we use the platform Ablefy (https://ablefy.io/). After a purchase is made via our payment pages, Ablefy sends transactional emails necessary for contract fulfillment.

 

These include, among others:

• Order and payment confirmations
• Access information for purchased content or courses
• Invoice delivery
• Notifications of cancellations or subscription changes

 

These emails are not promotional in nature and serve exclusively to fulfill contractual obligations pursuant to Art. 6(1)(b) GDPR.

 

Email communication takes place via the infrastructure provided by Ablefy. Your data will not be shared with third parties for advertising purposes.

For more information on how Ablefy processes data, please refer to their privacy policy:

https://myablefy.com/privacy

 

 

The data will be deleted once it is no longer required for the stated purposes and no statutory retention obligations apply.

3.7 Analytics and Tracking Tools

 

3.7.1 Google Analytics

We use Google Analytics on our website and in our software. Google Analytics is a web analytics service provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics uses cookies to recognize users and analyze their behavior. These cookies are only set with your consent. This consent can be withdrawn at any time and managed through our cookie consent tool.

 

The legal basis for processing is Art. 6(1)(a) GDPR and § 25(1) TDDDG.

The information collected is generally transferred to a Google server in the USA and stored there.

 

On July 10, 2023, the European Commission adopted an adequacy decision for the USA. Google LLC is certified under the EU-U.S. Data Privacy Framework. However, since Google servers are located worldwide and transfers to third countries (e.g., Singapore) cannot be ruled out, the EU Commission’s standard contractual clauses (SCC) also apply.

 

Google Analytics uses IP anonymization. The user’s IP address is shortened within EU member states (or the European Economic Area) so that it can no longer be traced back to a natural person. In addition, Google is contractually committed under the Google Ads Data Processing Terms to ensure adequate data protection. Google analyzes website usage and activity and provides related services. These Data Processing Terms apply to companies subject to the EU GDPR, the California Consumer Privacy Act (CCPA), or similar legislation.

 

You can prevent Google from collecting and processing your data (such as your IP address) by using a browser plugin. You can find the plugin and more information at:

https://tools.google.com/dlpage/gaoptout?hl=en

 

 

The data retention period depends on the type of data processed. Each customer can determine how long Google Analytics should retain data before it is automatically deleted. The maximum lifetime of a Google Analytics cookie is two years.

 

Further information on how Google uses your data can be found at:

https://support.google.com/analytics/answer/6004245?hl=en

 

For additional inquiries, you may contact:

support-deutschland@google.com

 

3.7.2 YouTube

As part of our services, we use and embed YouTube videos within our software and websites. YouTube is an online video platform provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

When you start a video, a connection is established to YouTube’s servers. After a video is played, YouTube may place cookies on the user’s device to store preferences and settings and to serve personalized advertisements. The information obtained may also be used for video statistics, usability improvements, and fraud prevention.

 

The legal basis for processing is Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as consent includes access to information on the user’s device or the storage of cookies under TDDDG. This consent may be revoked at any time.

 

Further information:

https://policies.google.com/privacy

 

3.7.3 Google Conversion Tracking

We also use Google Conversion Tracking as part of our services. Google Conversion Tracking is a web analytics service provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Conversion Tracking uses cookies for identification purposes. It allows us to determine the number of users and track which actions visitors perform on our website.

 

The legal basis for processing is Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent may be withdrawn at any time.

Data will be deleted as soon as it is no longer required for processing purposes.

 

Further information:

https://policies.google.com/privacy?hl=en

 

3.7.4 Google Ads Remarketing

We also use Google Ads Remarketing. This is a web analytics service provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads Remarketing uses cookies to assign website visitors to specific target groups and deliver personalized advertisements accordingly.

 

The legal basis for processing is Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent may be withdrawn at any time.

 

Further details:

https://www.google.com/settings/ads/onweb/

 

https://policies.google.com/technologies/ads?hl=en

 

3.7.5 Google Tag Manager

We also use Google Tag Manager, a service provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager does not store cookies or analyze data itself. It is used solely for the administration of tools integrated via the Tag Manager. However, the user’s IP address is collected and may be transmitted to Google’s parent company in the United States.

 

The legal basis for processing is Art. 6(1)(f) GDPR. We have a legitimate interest in managing and integrating various tools on our website in a simple and efficient manner.

 

Further information:

https://policies.google.com/privacy?hl=en

 

3.7.6 Google Ads

We also use Google Ads, an online advertising platform by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

This service enables us to link advertisements in the Google search engine to specific keywords and to display targeted ads based on existing user data. Cookies are used for conversion tracking.

 

The legal basis for processing is Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent may be withdrawn at any time.

For data transfers to the USA, the standard contractual clauses (SCC) of the European Commission apply.

 

Further information:

https://privacy.google.com/businesses/controllerterms/mccs/

 

3.7.7 Meta Pixel

We use Meta Pixel as part of our services. Meta Pixel is a conversion tracking tool provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Meta Pixel allows us to track user behavior after they have been redirected to our website via a Facebook ad.

Meta Pixel uses cookies for its own advertising purposes. Data collected by Meta is stored and processed in a way that may link it to the respective user profile.

 

Collected data may also be transferred to the United States or other third countries.

For data transfers to the U.S., the European Commission’s standard contractual clauses (SCC) apply.

 

The legal basis for processing is Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent may be withdrawn at any time.

 

If personal data is collected via Meta Pixel and transmitted to Meta, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible under Art. 26 GDPR.

This joint responsibility is limited solely to the collection and transfer of data to Meta. A joint processing agreement has been concluded for this purpose:

https://www.facebook.com/legal/controller_addendum

 

 

We are responsible for providing the data protection information regarding the use of the Meta tool and for implementing the tool in a legally compliant manner. Meta is responsible for the security of its products. As a result, data subjects must assert their rights regarding data processed by Meta directly with Meta.

 

Further details:

https://de-de.facebook.com/about/privacy/

 

https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

 

https://www.youronlinechoices.com/uk/your-ad-choices

 

https://www.facebook.com/legal/EU_data_transfer_addendum

 

https://de-de.facebook.com/help/566994660333381

 

3.7.8 Facebook Conversion API

We also use Facebook Conversion API. This is a web analytics service provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

Facebook Conversion API allows us to capture user interactions and transmit them to Facebook to optimize advertising performance on the platform.

 

The collected data may also be transferred to the United States and other third countries.

For transfers to the U.S., the standard contractual clauses (SCC) of the European Commission apply:

• https://www.facebook.com/legal/EU_data_transfer_addendum

 

• https://de-de.facebook.com/help/566994660333381

 

 

The legal basis for this processing is Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be withdrawn at any time.

 

If personal data is collected and transmitted to Facebook using Meta Pixel, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for the processing under Art. 26 GDPR. This joint responsibility is limited exclusively to the collection and transmission of data to Facebook.

A joint processing agreement is in place:

https://www.facebook.com/legal/controller_addendum

 

 

We are responsible for providing the data protection information and implementing the Facebook tools in a legally compliant manner on our website. Facebook is solely responsible for the security of its products. Therefore, data subjects must assert their rights regarding data processed by Facebook directly with Facebook.

 

Further information:

https://de-de.facebook.com/about/privacy/

 

3.7.9 Facebook Custom Audiences

We also use Facebook Custom Audiences, a web analytics service provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

When using our online offering, personal data of the website visitor is collected. If the user consents to the use of Facebook Custom Audiences, this data will be transmitted to Facebook to serve relevant advertisements and define target audiences.

 

The legal basis for processing is Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent may be withdrawn at any time.

 

For data transfers to the U.S., the standard contractual clauses (SCC) of the European Commission apply:

• https://www.facebook.com/legal/terms/customaudience

 

• https://www.facebook.com/legal/terms/dataprocessing

 

3.7.10 ActiveCampaign

We use ActiveCampaign, a platform for marketing automation and email marketing provided by ActiveCampaign Inc., 1 N Dearborn St, 5th Floor, Chicago, IL 60602, USA.

ActiveCampaign helps us create, manage, and analyze email campaigns, contact lists, and marketing automation workflows.

 

The data processed may include email addresses, contact details, IP addresses, usage and interaction data with sent content, and technical metadata such as browser type and operating system.

 

The purpose of processing is to automate marketing and communication processes, analyze user behavior, and optimize campaigns.

 

The legal basis for processing is Art. 6(1)(a) GDPR (if consent is given), and additionally Art. 6(1)(f) GDPR based on our legitimate interest in effective marketing measures.

ActiveCampaign sets cookies for analysis and tracking purposes to measure campaign performance and personalize content. These cookies are only set with your consent, in accordance with Art. 6(1)(a) GDPR.

 

Personal data may be transferred to the United States. Standard Contractual Clauses (SCC) are used to ensure an adequate level of data protection.

 

Data will be deleted once it is no longer necessary for the stated purpose and there are no legal retention obligations.

 

Further information:

https://www.activecampaign.com/legal/privacy-policy/

 

3.7.11 Divi

We use “Divi,” a WordPress theme with built-in analytics and tracking functionality, provided by Elegant Themes, Inc., 584 Castro St #123, San Francisco, California, 94114, USA.

Divi enables website design and management and allows for the analysis of user behavior, including A/B testing and interaction analysis.

 

Processed data may include IP addresses, browser information, page views, click behavior, and other technical metadata.

The purpose of processing is to optimize website structure, analyze user behavior, and improve interaction options.

 

The legal basis for processing is our legitimate interest under Art. 6(1)(f) GDPR to continuously improve our offering and adapt it to users’ needs. In individual cases, consent under Art. 6(1)(a) GDPR may also apply, especially for optional tracking features.

Divi may set cookies to track usage and interactions. If these cookies are not technically necessary, they are only used with consent in accordance with Art. 6(1)(a) GDPR.

 

Data may be transferred to the United States. Standard Contractual Clauses (SCC) are used to ensure an adequate level of protection.

 

Data will be deleted once it is no longer required for the stated purposes and there are no legal retention obligations.

 

Further information:

https://www.elegantthemes.com/policy/privacy/

 

3.8 WebinarGeek

 

We use the platform WebinarGeek (https://www.webinargeek.com/ ) to provide our free trading crash course.

 

Registration takes place via a form on our website. After submitting the form, users receive a confirmation email (double opt-in). Only after confirming their email address will users receive access to the crash course provided through WebinarGeek.

 

During this process, the user’s name and email address are collected. This data is necessary to provide the course and to add the user to our newsletter distribution list at ActiveCampaign—of course, only after successful double opt-in.

 

Processing is carried out based on Art. 6(1)(b) GDPR (for pre-contractual measures) and Art. 6(1)(a) GDPR (consent to receive the newsletter).

Processing by WebinarGeek may involve transfers to third countries. These are protected by appropriate safeguards under Art. 46 GDPR.

 

Data will be deleted once they are no longer required for the stated purposes and there are no statutory retention obligations.

 

Further information:

https://www.webinargeek.com/privacy

3.9 Social Media Profiles

In addition to our website, we also maintain a presence on social media platforms. This serves to present our company and provide an opportunity for users to contact us. We also use social media platforms to run advertisements and publish job postings.

Below, we outline which data we and the respective social networks may process when you visit or interact with our profiles.

3.9.1 LinkedIn

We maintain a LinkedIn profile at https://www.linkedin.com/. This social network is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

 

1. a) Interaction with Our Company Profile

When you visit our LinkedIn profile and interact with us there, we process personal data—both the publicly available data on your profile and the data you provide in posts, comments, or direct messages. If you like or share content, we may see your public profile.

The legal basis for this processing is Art. 6(1)(f) GDPR. We have a legitimate interest in providing relevant and engaging content and enabling the functionality of our LinkedIn profile.

If your inquiry is related to a contract or necessary for pre-contractual measures, the legal basis is Art. 6(1)(b) GDPR.

 

1. b) Page Insights

LinkedIn provides us with aggregated statistics and insights (so-called Page Insights) about how users interact with our company page. These include data on the number of profiles that view, comment on, or otherwise engage with our posts, as well as demographic summaries and other data that help us understand interaction with our LinkedIn profile.

These Page Insights consist of aggregated data only. LinkedIn does not provide us with personal data of members in relation to Page Insights, nor are we able to link them to specific users.

 

When running advertisements, LinkedIn provides us with information about the types of people who saw our ads and the success of the ads. We only receive personally identifiable data if the individual has consented to such processing. We may also receive information from LinkedIn about which ads led to specific actions or purchases.

 

The purpose of this processing is to analyze our reach and tailor our content and advertising to user interests. The insights help us create audience-specific content and better promote our company and services.

The legal basis for processing is our legitimate interest under Art. 6(1)(f) GDPR.

Page Insights processing is carried out under joint responsibility with LinkedIn in accordance with Art. 26(1) GDPR.

We have entered into a corresponding agreement with LinkedIn, which is available at:

https://legal.linkedin.com/pages-joint-controller-addendum

 

 

LinkedIn contact information:

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

You may contact LinkedIn’s Data Protection Officer at:

https://www.linkedin.com/help/linkedin/ask/TSO-DPO

 

3.9.2 Processing by LinkedIn

When visiting our company profile, LinkedIn may independently process additional personal data. In this case, the processing is the sole responsibility of LinkedIn and is beyond our knowledge or control.

For more information, please refer to LinkedIn’s privacy policy:

https://de.linkedin.com/legal/privacy-policy

 

3.9.3 Facebook

We operate a Facebook fan page at https://www.facebook.com/. This social network is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

 

1. a) Interaction with Our Company Profile

When visiting our Facebook profile and interacting with us, we process personal data—both the publicly available data on your profile and any personal data included in posts, comments, or direct messages sent to us.

By interacting (e.g., liking or sharing), we may see your profile and public information.

The legal basis for this processing is Art. 6(1)(f) GDPR. We have a legitimate interest in providing engaging content and ensuring the functionality of our Facebook profile.

If your inquiry is related to a contract or necessary for pre-contractual measures, the legal basis is Art. 6(1)(b) GDPR.

 

1. b) Page Insights

As described in Meta’s Privacy Policy under “How do we use your information?”, Meta collects and uses data to provide page administrators with analytics (so-called Page Insights). This applies to our Facebook page as well.

 

Page Insights are aggregated statistics created based on specific user interactions with pages and associated content (e.g., viewing a page or video, subscribing to a page, liking or unliking it, etc.) and logged by Meta’s servers.

Meta provides us with aggregated statistics and insights to show how people interact with our company page. These statistics include reach, page views, likes, and more. They also include anonymized demographic information such as age, gender, and location as indicated in the user’s Facebook profile.

We can use filters to view insights based on date range, specific posts, and demographic groups. These insights are anonymized; we cannot identify individual users.

 

This processing helps us analyze our reach and tailor our content and advertising to user interests, thereby maximizing value for our audience.

The legal basis is our legitimate interest under Art. 6(1)(f) GDPR.

Processing of personal data through Page Insights is carried out jointly with Meta in accordance with Art. 26(1) GDPR.

We have entered into a joint controller agreement with Meta, available here:

https://www.facebook.com/legal/terms/page_controller_addendum

 

 

Meta contact information:

• Online: https://www.facebook.com/help/contact/1650115808681298
• Postal: Meta Platforms Ireland Limited, ATTN: Privacy Operations, Merrion Road, Dublin 4, D04 X2K5, Ireland
• Data Protection Officer contact: https://www.facebook.com/help/contact/540977946302970

More about Page Insights:

https://de-de.facebook.com/legal/terms/page_cntroller_addendum

 

 

1. c) Processing of Personal Data and Cookies by Meta

When accessing a Facebook page, your device’s IP address is transmitted to Facebook. According to Facebook, IP addresses from Germany are anonymized.

Facebook also stores information about users’ devices (e.g., through the “Login Notification” feature), which may enable Facebook to associate IP addresses with individual users.

 

If you are logged in to Facebook, a cookie with your Facebook ID is stored on your device. This allows Facebook to track your visit and how you interacted with our page.

Embedded Facebook buttons on websites or in software can also allow Facebook to track your visits and link them to your profile. These data can be used to tailor content or advertisements to your interests.

 

Information on how to manage or delete your personal data can be found in Facebook’s Privacy Center:

https://www.facebook.com/privacy/center/

 

 

More information on Facebook’s data handling:

http://de-de.facebook.com/about/privacy

 

:

3.9.4 Instagram

We operate an Instagram profile. This social media platform is provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

 

1. a) Interaction with Our Company Profile

When visiting our Instagram profile and interacting with us there, we process personal data. This includes publicly available information on user profiles as well as personal data contained in posts, comments, or direct messages. Through interactions such as liking or sharing content, we can view the user’s public profile.

The legal basis for this processing is Art. 6(1)(f) GDPR. We have a legitimate interest in providing relevant and engaging content and ensuring the functionality of our Instagram profile.

If your inquiry relates to the performance of a contract or pre-contractual steps, the legal basis is Art. 6(1)(b) GDPR.

 

1. b) Insights

As explained in Meta’s Data Policy under “How do we use your information?” (https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect), Meta collects and uses information to provide analytics services (so-called “Insights”) for page administrators. This also applies to our Instagram profile.

Insights are aggregated statistics based on specific user interactions with pages and associated content, collected and logged by Meta’s servers. These may include:

• How many people view and interact with our products, services, or content, including posts, videos, pages, ads, shops, and sponsored content (when shown on Meta products);
• How users interact with our content, websites, apps, and services;
• The demographics of the users engaging with our content or using our services.

 

Meta provides us with aggregated reports and insights to show how well our content, features, products, and services perform.

We do not receive access to personal data, only to summarized reports. We can set filters to analyze reach, based on time periods, specific posts, and demographic groupings. These insights are anonymized and cannot be traced back to individuals.

 

The purpose of this processing is to analyze our reach and adapt our content and advertising to user interests. This helps us understand how our content and ads are consumed and optimize them accordingly.

The legal basis for this processing is our legitimate interest under Art. 6(1)(f) GDPR.

 

Processing of personal data through Insights is carried out jointly with Meta in accordance with Art. 26(1) GDPR.

We have entered into a joint controller agreement with Meta, available at:

https://www.facebook.com/legal/terms/page_controller_addendum

 

 

Meta contact information:

• Online: https://www.facebook.com/help/contact/1650115808681298
• Postal: Meta Platforms Ireland Limited, ATTN: Privacy Operations, Merrion Road, Dublin 4, D04 X2K5, Ireland
• Instagram Data Protection Officer: https://www.facebook.com/help/contact/540977946302970

 

More about Insights: https://de-de.facebook.com/help/pages/insights

 

Instagram Privacy Policy: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect

 

 

1. c) Processing of Personal Data and Cookies by Meta

When accessing an Instagram page, your device’s IP address is transmitted to Meta. According to Meta, IP addresses from Germany are anonymized. Meta also stores information about users’ devices (e.g., for login notifications), which may allow Meta to associate IP addresses with specific users.

If you are logged into Instagram, a cookie with your Instagram ID is stored on your device. This allows Meta to track your visit to our page and analyze usage behavior.

Embedded Meta buttons on websites may also allow Meta to associate visits with your Instagram profile and deliver personalized content or advertising.

 

Further information:

https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect

 

3.9.5 YouTube

We operate a profile on YouTube, a video platform provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This platform enables us to publish video content and interact with our audience.

 

1. a) Data Processing by Us

We process data from visitors to our YouTube channel, including statistics on profile visits, video watch time, user interactions (e.g., likes, comments), and information about users who actively interact with our content (e.g., subscriptions or direct communication).

Any data entered on YouTube, such as usernames and content published by users, becomes visible to us through interactions with our profile.

We process this data to facilitate communication and optimize the reach and relevance of our content.

The legal basis for processing is our legitimate interest under Art. 6(1)(f) GDPR.

 

1. b) Data Processing by YouTube

When visiting or interacting with our YouTube channel, YouTube collects personal data such as IP addresses, device information, geographic data, and platform activity (e.g., watched videos, likes, comments, subscriptions). This data may be collected via cookies and similar technologies stored on the user’s device.

YouTube uses this data to operate and improve the platform, deliver personalized advertising, conduct analytics, and evaluate content performance.

This processing is based on your consent, which you provide by accepting YouTube’s cookie policy.

Data collected by YouTube may be shared within the Google group or with third parties located outside the European Union, including the U.S. Google LLC is certified under the EU-U.S. Data Privacy Framework, ensuring an adequate level of data protection.

 

We have no control over the scope or nature of YouTube’s data processing and no effective means to influence or monitor it.

For more information on how YouTube processes personal data, see:

https://policies.google.com/privacy?hl=de&gl=en

 

 

3.9.6 Google Business Profile

We maintain a Google Business Profile and use the associated services provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

 

1. a) Data Processing by Google

The Google page and its features are used under Google’s sole responsibility. This applies especially to social and interactive functions (e.g., commenting, sharing, rating, direct messages). When you visit and interact with our Google Business Profile, Google collects your IP address and other data stored on your device as cookies.

This data may enable Google to associate IP addresses with individuals or user accounts. Google uses this data to provide us, as the profile administrator, with statistical information about usage. Data may be transferred to countries outside the EU. Details on data collection and use by Google can be found in their privacy policy.

 

If you contact us via direct message through the Business Profile or other Google services, we cannot rule out that such messages may be read or analyzed by Google, either by automated means or by staff. We recommend avoiding the transmission of personal data through such channels and choosing an alternative form of communication as soon as possible.

 

Your use of this service is subject to Google’s privacy policy, which you accepted when using their services.

More information: https://policies.google.com/privacy?hl=de

 

 

 

1. b) Data Processing by Us

We do not collect or process additional data through our Google Business Profile beyond what is described above.

If you contact us or leave a review, we may process your public profile data and the content of the review or comment.

The legal basis is our legitimate interest under Art. 6(1)(f) GDPR in presenting our company and enabling feedback to promote and represent our services externally.

3.9.7 Vimeo

We operate a Vimeo profile. This service is provided by Vimeo Inc., 555 West 18th Street, New York, NY 10011, USA.

 

1. a) Data Processing by Us

We process data of visitors to our profile using statistics provided by Vimeo. This includes data on profile visits, video play durations, user interactions (e.g., likes, comments), and identifiable users who actively engage with our page, such as through subscriptions or direct communication via Vimeo.

Information entered by users on Vimeo, especially usernames and content posted under their accounts, becomes visible to us through interactions and is processed accordingly.

We use this data to facilitate communication and optimize our content in terms of reach and target audience.

The legal basis for processing is our legitimate interest pursuant to Art. 6(1)(f) GDPR.

 

1. b) Data Processing by Vimeo

We have no control over the nature, scope, or use of data processed by Vimeo, nor over any disclosure of such data to third parties.

Vimeo processes both voluntarily submitted data (such as name, username, email address, or phone number) and shared content to infer interests and deliver targeted advertising on third-party sites.

Vimeo may use analytics tools to evaluate usage. Certain non-personal activity data (such as number of profile or media clicks, video view durations) is visible via the account dashboard.

Vimeo also collects data when content is viewed without a user account. These so-called “log data” include IP address, technical device details (e.g., browser type, operating system), visited pages, search queries before visiting Vimeo, and activity on the platform. These may be tracked using cookies or similar technologies.

 

More information about Vimeo’s data processing:

https://help.vimeo.com/hc/de/sections/12397318942993-Datenschutz

 

3.10 Third-Party Content

 

3.10.1 Vimeo (Embedded Videos)

We use Vimeo to embed videos into our services. Vimeo is a plugin that allows for integration of videos from the Vimeo platform and is provided by Vimeo Inc., 555 West 18th Street, New York, NY 10011, USA.

When a user visits a website where a Vimeo video is embedded, a connection is established to Vimeo’s servers. Vimeo may collect information about which website was accessed and the user’s IP address.

If you are logged in to Vimeo, this data may be associated with your personal user account. Clicking the play button may also trigger such an association. You can prevent this by logging out of your Vimeo account before visiting our site.

The legal basis for processing is Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be withdrawn at any time.

Data transfers to the USA are protected by the EU Commission’s Standard Contractual Clauses (SCC).

Further information: https://vimeo.com/privacy

 

3.10.2 Google Fonts

We use Google Fonts to ensure uniform display of fonts. This service is provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

When a user visits a website that uses Google Fonts, the browser connects to Google’s servers. No cookies are set, but the user’s IP address is collected and may be used for analytical purposes.

The legal basis is Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as consent includes access to device information or the storage of cookies. Consent can be withdrawn at any time.

 

More details:

• https://developers.google.com/fonts/faq?hl=de

 

• https://policies.google.com/privacy?hl=de

 

 

3.10.3 Google reCAPTCHA

We use Google reCAPTCHA, a plugin provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

This service determines whether form entries are made by a human or an automated system. The analysis runs automatically in the background upon visiting the website. Various information is collected and transmitted to Google, without a separate notice to the user.

The legal basis is Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be withdrawn at any time.

 

More details:

• https://policies.google.com/privacy?hl=de
• https://policies.google.com/terms?hl=de

3.10.4 Wordfence

We use Wordfence, a firewall and malware scanner service provided by Defiant Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA.

To protect our website against unauthorized access or cyberattacks, we maintain a permanent connection to Wordfence servers. Accesses are compared with Wordfence’s database and users may be blocked if necessary.

The legal basis is Art. 6(1)(f) GDPR. We have a legitimate interest in protecting our web presence effectively.

Data transfers to the USA are protected by the EU Commission’s Standard Contractual Clauses (SCC).

 

More information:

https://www.wordfence.com/help/general-data-protection-regulation/

 

3.10.5 Zapier

We use Zapier, a service that enables synchronization between different platforms. This service is provided by Zapier Inc., Market St. #62411, San Francisco, CA 95104-5401, USA.

Zapier may be used to automatically publish website content to our social media channels. Depending on its functionality, various personal data may be processed.

The legal basis is Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be withdrawn at any time.

Data transfers to the USA are protected by the EU Commission’s Standard Contractual Clauses (SCC).

 

More information:

• https://zapier.com/tos
• https://zapier.com/privacy/

3.10.6 WP-Optimize

We use WP-Optimize, provided by Updraft WP Software Ltd., Welsh ICE Britannia House, Caerphilly Business Park, Caerphilly, Wales, CF83 3GG.

WP-Optimize is a WordPress optimization tool for database cleaning, image compression, and page caching to enhance performance.

It includes features like automatic database cleaning, lossless and lossy image compression, device-specific caching, CSS/JS minimization, GZIP compression, and centralized site management via UpdraftCentral.

WP-Optimize may also set cookies. These are only set with user consent under Art. 6(1)(a) GDPR.

For other data processing, the legal basis is Art. 6(1)(f) GDPR, as we have a legitimate interest in website performance optimization.

 

More information:

https://getwpo.com/data-protection-and-privacy-centre/

 

3.10.7 YOAST SEO

We use YOAST SEO on our website. This service is provided by Yoast B.V., Don Emanuelstraat 3, 6602GX Wijchen, Netherlands.

This SEO plugin helps improve website visibility in search engines.

The YOAST SEO WordPress plugin does not process personal data.

 

More information:

https://yoast.com/help/gdpr/

 

 

Hier ist die vollständige und juristisch korrekte englische Übersetzung des Abschnitts 3.11 bis 4.1.9 deiner Datenschutzerklärung:

3.11 Audio and Video Conferencing

 

3.11.1 Google Meet

We use Google Meet for communication with customers and individuals interested in our services. Google Meet is an online conferencing tool provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

When using this tool for video or audio conferencing, personal data is processed by us and the service provider. This includes all information you provide while using the tool, as well as metadata related to the conference. Additionally, technical data required for the tool’s functionality is processed. Any files shared during the session may also be stored on the provider’s servers.

Google Meet may use cookies. These are only set with user consent, which can be withdrawn at any time. The legal basis for this is Art. 6(1)(a) GDPR.

 

In other cases, data processing by Google Meet is based on Art. 6(1)(b) GDPR, as communication may be related to contract performance or pre-contractual obligations.

We also use this tool to facilitate communication with our company, which constitutes a legitimate interest under Art. 6(1)(f) GDPR.

 

Data is stored until the data subject requests deletion, revokes consent, or the purpose of processing no longer applies. Cookies remain on the device until manually deleted. Statutory retention requirements remain unaffected.

 

More information: https://policies.google.com/privacy?hl=de

 

3.11.2 Discord

We also use Discord for communication with customers and interested parties. Discord is an online conferencing tool provided by Discord Inc., 444 De Haro St., Suite 200, San Francisco, CA 94107, USA.

Personal data is processed by us and Discord when using this tool for video or audio communication. This includes all information shared while using the tool, metadata related to the session, and technical data required for its functionality. Any files shared may also be stored on the provider’s servers.

 

Discord may use cookies, which are only set with consent. This consent can be withdrawn at any time. The legal basis is Art. 6(1)(a) GDPR.

Additionally, the legal basis for processing is Art. 6(1)(b) GDPR, as the communication may be contract-related or required for pre-contractual actions.

The tool also supports business communication, which constitutes a legitimate interest under Art. 6(1)(f) GDPR.

 

Data is stored until deletion is requested, consent is withdrawn, or the purpose ceases to apply. Cookies remain until manually deleted. Statutory retention requirements remain unaffected.

For transfers to third countries (e.g., the U.S.), the EU Standard Contractual Clauses (SCC) apply.

 

More information: https://discord.com/privacy

 

3.12 Online Marketplaces

 

3.12.1 Ablefy – Booking and Payment Processing, Data Transfer

We use the Ablefy platform (https://ablefy.io/ ) for the distribution of our digital products and services. Ablefy is a specialized provider for digital payment processing. It provides personalized payment pages accessible only via direct links and not indexed publicly.

 

Ablefy processes personal data under its own data protection responsibility. If certain functions (e.g., email dispatch, webhook integration) are provided on our behalf, this occurs based on a data processing agreement according to Art. 28 GDPR.

 

The following data is automatically transferred to our system for contract fulfillment:

• First and last name
• Email address
• Street, house number, ZIP code, city, country
• Payment method, payment status, order number, transaction token
• Product name, price, subscription type and duration, trial period (if any), and payment plan
• Agreement to terms of service, consent to newsletter or support contact (if applicable)

 

The processing is based on Art. 6(1)(b) GDPR for contract performance and pre-contractual measures. Where consent is explicitly given (e.g., newsletter), processing is additionally based on Art. 6(1)(a) GDPR.

Data transfers to third countries (especially the U.S.) may occur. Protection is ensured via the EU Standard Contractual Clauses (SCC) pursuant to Art. 46 GDPR.

 

More information: https://myablefy.com/privacy

 

4. Additional Important Information

 

We would now like to inform you about your rights in detail and explain how you will be notified of changes to legal data protection requirements.

4.1 Your Rights in Detail

 

4.1.1 Right of Access (Art. 15 GDPR)

You have the right to request information about whether personal data concerning you is being processed. If this is the case, you may request further details on the nature and method of processing. A detailed list is provided in Art. 15(1)(a–h) GDPR.

 

4.1.2 Right to Rectification (Art. 16 GDPR)

You have the right to correct inaccurate personal data and to complete incomplete personal data.

 

4.1.3 Right to Erasure (Art. 17 GDPR)

This “right to be forgotten” allows you to request the deletion of your personal data under certain conditions. This includes situations where the purpose of processing no longer applies, consent has been withdrawn, or the data was processed unlawfully. A complete list of grounds is found in Art. 17(1)(a–f) GDPR.

This right also includes the controller’s obligation under Art. 17(2) GDPR to take reasonable steps to ensure general data erasure.

 

4.1.4 Right to Restriction of Processing (Art. 18 GDPR)

This right is subject to the conditions listed in Art. 18(1)(a–d) GDPR.

 

4.1.5 Right to Data Portability (Art. 20 GDPR)

You have the right to receive your data in a commonly used format and to have it transferred to another controller—provided it concerns data processed on the basis of consent or a contract and is technically feasible (Art. 20(1)(a–b) GDPR).

 

4.1.6 Right to Object (Art. 21 GDPR)

You may object to the processing of your personal data, particularly if your interests outweigh the legitimate interests of the controller or if the processing involves direct marketing or profiling.

 

4.1.7 Right to Individual Decision-Making (Art. 22 GDPR)

You have the right not to be subject to a decision based solely on automated processing (including profiling) that has legal effects or significantly affects you. This right is subject to exceptions under Art. 22(2) and (4) GDPR.

 

4.1.8 Additional Rights

The GDPR includes further rights to notify third parties of rectification, erasure, or restriction of processing under Art. 16, 17, and 18 GDPR—where feasible and not unreasonably burdensome.

You also have the right to withdraw consent at any time under Art. 7(3) GDPR. The withdrawal does not affect the legality of processing based on prior consent.

Additionally, you have similar rights under §§ 32 ff. of the German Federal Data Protection Act (BDSG), which largely mirror those under the GDPR.

 

4.1.9 Right to Lodge a Complaint (Art. 77 GDPR)

You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates the GDPR.

 

5. What If the GDPR Is Abolished or Other Changes Occur?

 

The current version of this Privacy Policy is dated May 8, 2025. From time to time, it may be necessary to update the content of this Privacy Policy to reflect actual or legal developments.

We therefore reserve the right to amend this Privacy Policy at any time. The updated version will be published in the same place, and we recommend that you review this Privacy Policy regularly.

 

Last updated: May 2025

This Privacy Policy was created and legally reviewed by Kanzlei-Kick.de (Attorney Andreas Kick LL.M. (Stellenbosch))