Privacy Policy
"The longest journey begins with a single step"
Patanjali

Imprint and privacy policy

Imprint:

Operator of the Site:


AgadoPro-Academy
Website Address: https://agadopro-academy.com
Responsible Party: Attila Jezsó
Location: Silvanerweg 17a, D-78464 Konstanz, Germany

How to Contact Us:
E-mail: [email protected]

Social Media and Other Online Presences:
This legal notice also applies to our online presences where applicable. Currently, there are no active social media profiles.


Liability and Copyright Information:

Disclaimer: The content provided on our online platform has been compiled with meticulous care and to the best of our knowledge. However, this information is provided for general guidance only and does not constitute legally binding advice unless explicitly stated (e.g., legal notices, privacy policy, general terms and conditions, or consumer cancellation rights). We reserve the right to modify or delete the contents of this site at any time, without affecting our contractual obligations. All offers are non-binding and subject to change.

External Links: Content on external websites, to which we provide direct or indirect links, is not under our control, and we do not assume any responsibility for such content. The respective providers of these external sites are solely liable for their content, especially regarding any damages arising from the utilization of the available information.

Copyright and Trademark Rights: All materials presented on our website, including texts, photographs, graphics, trademarks, and logos are protected by copyright and trademark laws. They are owned by us or licensed to us and may only be used with prior consent from the rightful owners.

Reporting Legal Violations: Please inform us if you observe any legal violations on our site. We commit to removing any illegal content or links immediately upon notice.

Privacy Policy:

  1. Introduction Our privacy policy aims to inform you about how we process your personal data when you use our services, register for our webinar, subscribers our newsletter  or visit our website. This policy applies to all personal data processing activities conducted by us, both as part of providing our services and specifically through our websites, mobile applications, and external online presences, like social media profiles.

Effective Date: March 28, 2025.

  1. Responsible Entity AgadoPro-Academy, represented by Attila Jezsó, located at Silvanerweg 17a, 78464 Konstanz, Germany. Contact us via email at [email protected].
  2. Overview of Processing Activities This section provides a summary of the types of data processed and the purposes for which they are processed. More detailed information is provided in the subsequent sections of this policy.
  3. Plugins and Privacy Policies We utilize various plugins to enhance functionality and user experience. Each plugin adheres to its privacy practices, as detailed in the respective sections below.

Privacy Policy:

1 Introduction

With the following privacy policy, we would like to explain to you what types of your personal data (hereinafter also referred to as “data”) we process, for what purposes and to what extent. The privacy policy applies to all processing of personal data carried out by us, both in the context of the provision of our services and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as “online offer”).

Status: March 28, 2025.

Table of contents

1 Introduction

See above

AgadoPro-Academy

Attila Jezsó

Silvanerweg 17a

78464 Konstanz

E-mail address: [email protected]

We process personal data for multiple purposes, including conducting webinars, sending newsletters, managing our WooCommerce webshop, and facilitating affiliate programs through YITH plugins. Our activities involve collecting registration details for webinars, subscriber information for newsletters, customer data for transactions, and affiliate data for marketing purposes made through our webshop. We utilize this data for communication, promotional efforts, order fulfillment, enhancing user experience, and managing affiliate links.

Webinar Platforms: We use Zoom and Microsoft Teams for conducting webinars. These platforms collect names, email addresses, and technical information like user device data, location information, and usage statistics. Both platforms adhere to the EU-US Privacy Shield framework, ensuring compliance with GDPR.

Email Marketing: We utilize MailChimp, a part of The Rocket Science Group LLC based in Atlanta, Georgia, USA, to manage our newsletter subscriptions and email marketing campaigns. MailChimp helps us synchronize and analyze subscriber data for targeted communications.

WooCommerce Plugins:

  • WooCommerce: Manages all e-commerce activities, including handling customer orders, payments, and shipping.
  • WPML and WooCommerce Multilingual: These plugins enable multilingual support for our webshop, allowing us to serve customers in various languages.
  • Paid Memberships Pro and WooCommerce Subscriptions: These tools manage user subscriptions and recurring payments.
  • LearnDash LMS: Manages our online courses, tracking user progress and engagement.
  • Stripe: Processes payments securely.
  • Google for WooCommerce: Integrates Google Analytics and Ads for better e-commerce tracking and marketing optimisation.
  • YITH Plugins: Provide additional e-commerce functionalities like wishlists, product add-ons, and affiliate marketing tools.

1. WordPress

Our website address is: https://agadopro-academy.com.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where your data is sent

Visitor comments may be checked through an automated spam detection service.

We are using several plugins. 

 

2. WPML

WPML uses cookies to identify the visitor’s current language, the last visited language and the language of users who have logged in.

While you use the plugin, WPML will share data regarding the site through Installer. No data from the user itself will be shared.

3. WPML Translation Management

WPML Translation Management will send the email address and name of each manager and assigned translator as well as the content itself to Advanced Translation Editor and to the translation services which are used.

4. WPML String Translation

WPML String Translation will send all strings to WPML’s Advanced Translation Editor and to the translation services which are used.

5. Activity Log

If you are a registered user, we save your content activity like create/update/delete posts and comments.

6. EU VAT

By using this extension, you may be storing personal data or sharing data with an external service. Learn more about how this works, including what you may want to include in your privacy policy.

7. Paid Membership Pro

Data Collected to Manage Your Membership

At checkout, we will collect your name, email address, username, and password. This information is used to setup your account for our site. If you are redirected to an offsite payment gateway to complete your payment, we may store this information in a temporary session variable to setup your account when you return to our site.

At checkout, we may also collect your billing address and phone number. This information is used to confirm your credit card. The billing address and phone number are saved by our site to prepopulate the checkout form for future purchases and so we can get in touch with you if needed to discuss your order.

At checkout, we may also collect your credit card number, expiration date, and security code. This information is passed to our payment gateway to process your purchase. The last 4 digits of your credit card number and the expiration date are saved by our site to use for reference and to send you an email if your credit card will expire before the next recurring payment.

When logged in, we use cookies to track some of your activity on our site including logins, visits, and page views.

8. The Password Protected Plugin

The Password Protected plugin stores a cookie on successful password login containing a hashed version of the entered password. It does not store any information about the user. The cookie stored is namedbid_n_password_protected_authwherenis the blog ID in a multisite network

9. Woocommerce

We collect information about you during the checkout process on our store.

What we collect and store

While you visit our site, we’ll track:

  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
  • Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!

We’ll also use cookies to keep track of cart contents while you’re browsing our site.

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:

  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them

If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for XXX years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.

We will also store comments or reviews, if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.

Our team members have access to this information to help fulfill orders, process refunds and support you.

What we share with others

We share information with third parties who help us provide our orders and store services to you; for example —

Payments

We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.

Please see the PayPal Privacy Policy for more details.

10. WooCommerce Multilingual & Multicurrency

WooCommerce Multilingual & Multicurrency will use cookies to understand the basket info when using languages in domains and to transfer data between the domains.

WooCommerce Multilingual & Multicurrency will also use cookies to identify the language and currency of each customer’s order as well as the currency of the reports created by WooCommerce. WooCommerce Multilingual extends these reports by adding the currency’s information.

11. Learndash

This sample language includes the basics around what personal data your LMS may be collecting, storing and sharing, as well as who may have access to that data. Depending on what settings are enabled and which additional plugins are used, the specific information shared by your site will vary. We recommend consulting with a lawyer when deciding what information to disclose on your privacy policy.
We collect information about you during the course purchase process (PayPal, Stripe, and/or 2Checkout), as well as information relating to your course progression and quiz performance.

What we collect and store

When you purchase from us, we’ll ask you to provide email address. We’ll use this information for purposes, such as, to:

–Send you information about your account and order

–Create your account for our LMS

If you register a free account then we will store your email address.

We store information about you for as long as your account exists.

We store course progress, including completion status, quiz scores, assignments and/or essay submissions (if applicable).

We will also store comments on courses, lessons, topics, assignments, and essays if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Group Leaders can access:

–Order information such as your enrolled courses, course progress and username / email address.

Any additional information added in your WordPress User Profile can also be visible to the administrator(s).

What we share with others

In this section you should list who you’re sharing data with, and for what purpose. This could include, but may not be limited to, analytics/reporting tools, marketing services (such as email services like MailChimp), payment gateways, gamification programs, and third party embeds.

We share information with third parties who help us provide our orders and store services to you; for example – [insert third party platforms and short description of their purpose]

Payments

In this subsection you should list which third party payment processors you’re using to take payments on your store since these may handle customer data. We’ve included PayPal below as an example, but you should remove any of these if they are not in use on your site.

We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.

Please see the PayPal Privacy Policy for more details.

12. Woocommerce Subscription

By using WooCommerce Subscriptions, you may be storing personal data and depending on which third-party payment processors you’re using to take subscription payments, you may be sharing personal data with external sources.

What we collect and store

For the purposes of processing recurring subscription payments, we store the customer’s name, billing address, shipping address, email address, phone number and credit card/payment details.

What we share with others

What personal information your store shares with external sources depends on which third-party payment processor plugins you are using to collect subscription payments. We recommend that you consult with their privacy policies to inform this section of your privacy policy.

If you are using PayPal Standard or PayPal Reference transactions please see the PayPal Privacy Policy for more details.

13. Mailchimp for WooCommerce

When shopping, we keep a record of your email and the cart contents for up to 30 days on our server. This record is kept to repopulate the contents of your cart if you switch devices or needed to come back another day. Read our privacy policy here.

14. YITH Plugins

What we collect and store

While you visit our site, we’ll track:

  • Visits to the store: we’ll use this to generate statistics for affiliates and administrators.
  • Location, IP address and browser type: we’ll use this just for statistics, and to let administrators supervise traffic generated by affiliates.
  • Affiliate’s name, username, email address: we’ll use this information to register and keep track of affiliates.

We’ll also use cookies to keep track of visits and sales generated by affiliates.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

  • Affiliates’ personal details;
  • System-generated commissions;
  • Payments sent to the affiliates;
  • Visits and sales generated through the referral links.

Our team members have access to this information to correctly manage the affiliation system, and perform the required actions in order to prevent customers from any inappropriate usage of the affiliate program.

What we share with others

We send payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the commission total and payment information.

Please see the PayPal Privacy Policy for more details.

15. Google for Woocommerce

What we collect and store

While you visit our site, we’ll track:

  • Visits to the store: we’ll use this to generate statistics for affiliates and administrators.
  • Location, IP address and browser type: we’ll use this just for statistics, and to let administrators supervise traffic generated by affiliates.
  • Affiliate’s name, username, email address: we’ll use this information to register and keep track of affiliates.

We’ll also use cookies to keep track of visits and sales generated by affiliates.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

  • Affiliates’ personal details;
  • System-generated commissions;
  • Payments sent to the affiliates;
  • Visits and sales generated through the referral links.

Our team members have access to this information to correctly manage the affiliation system, and perform the required actions in order to prevent customers from any inappropriate usage of the affiliate program.

What we share with others

We send payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the commission total and payment information.

Please see the PayPal Privacy Policy for more details.

16. Woocommerce for Shipping & TAX

By using this extension, you may be storing personal data or sharing data with external services. Learn more about how this works, including what you may want to include in your privacy policy.

17. Stripe

By using this extension, you may be storing personal data or sharing data with an external service. Learn more about how this works, including what you may want to include in your privacy policy.

This plugin/extension sets the following cookies:

18. API Keys

We make use of certain API keys, in order to provide specific features.

These API keys may include the following third party services: Google Maps and PayPal.

We use various plugins such as Zoom and Microsoft Teams for webinar registrations. Each plugin adheres to its privacy policy, ensuring data collected through these platforms is handled securely.

19. Microsoft Team

https://www.microsoft.com/en-gb/privacy/privacystatement

20. ZOOM

https://www.zoom.com/en/trust/privacy/privacy-statement/

We maintain publicly accessible pages (“Pages”) on the following social networking sites

LinkedIn

on Facebook, Instagram

We use our pages to provide information about our services, events and other activities and to enable you to contact us. The social networks on which we operate our pages provide us with statistics about user interactions, including data such as the number of users, account names, likes, comments and aggregated demographic data. The legal basis for this is Art. 6 par. 1 lit. b or lit. f GDPR. Our legitimate interest here is to optimise the experience for visitors to our websites according to their interests.

We operate the respective websites in joint responsibility with the network. We do not influence the data processed by the networks under their responsibility. For more information on the processing of your data by the networks, please refer to the privacy policy of the respective network.

For more information on the division of responsibilities, please click here:

LinkedIn: https://legal.linkedin.com/pages-joint-controller-addendum?fbclid=IwAR1J4l862RSK-d4k0zqz5gNXoXtRlqzO2fn2J54chhVKBswWya1dfS0SN7c
Facebook: https://www.facebook.com/legal/terms/page_controller_addendum
Instagram: https://www.facebook.com/legal/terms/page_controller_addendum

 

We collect the following data when you register for a webinar: name, email address, position, and employer. We also process communications and questions submitted during webinars.

Microsoft Team

https://www.microsoft.com/en-gb/privacy/privacystatement

ZOOM

https://www.zoom.com/en/trust/privacy/privacy-statement/

Inventory data (e.g. names, addresses, languages ).

Content data (e.g. entries in online forms).
Contact data (e.g. e-mail, telephone numbers).
Meta/communication data (e.g. device information, IP addresses).
Usage data (e.g. websites visited, interest in content, access times).
Categories of data subjects
Communication partners.
Users (e.g. website visitors, users of online services).
Purposes of the processing
Contact enquiries and communication.

      • Paid Membership Pro: Collects names, emails, addresses, phone numbers.

      • Woocommerce & Woocommerce Subscription: Collects extensive user information during the checkout process, including name, billing and shipping addresses, payment details, and other contact information.

      • Learndash: Collects email addresses and stores course progress, quiz scores, and other learning management data.

      • MailChimp:

        Data we process: We manage newsletter subscriptions and webinar registrations using MailChimp. The data collected includes:

        • Name

        • Email address

        • Communication Languages 
        • Optional information provided by users such as industry or job position.

      • Data we process with Zoom and Microsoft Teams:

        • Zoom: We collect names, email addresses, and technical information like user device data, location information, and usage statistics during webinar registrations and virtual meetings.

        • Microsoft Teams: Similar to Zoom, we collect names, email addresses, and potentially other voluntary information such as job title or department during webinar registrations and team meetings.

The processing of your data for webinar registration is based on contractual necessity (Article 6(1)(b) GDPR), while the use of your data for sending newsletters is based on your consent (Article 6(1)(a) GDPR).

We adhere to the General Data Protection Regulation (GDPR) for processing personal data. Below, we detail the specific articles of the GDPR that form the legal foundation for our data processing activities. Additionally, it’s important to note that national data protection laws of your or our country of residence may also apply. Where more specific legal bases are applicable, these will be detailed within our privacy policy.

    1. Consent (Article 6(1)(a) GDPR): Data processing is based on the explicit consent given by the data subject for one or more specific purposes. This means that you have agreed to the processing of your personal data for a particular use.

    2. Contract Fulfillment and Pre-contractual Inquiries (Article 6(1)(b) GDPR): Processing is necessary for the performance of a contract to which the data subject is a party, or to take steps at the data subject’s request before entering into a contract. This applies to actions that are directly related to contract management and execution.

    3. Legitimate Interests (Article 6(1)(f) GDPR): Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the rights, interests, or freedoms of the data subject which require protection of personal data. The specific interests being pursued will be detailed as necessary within the context of individual processing activities.

Plugin Compliance: To ensure comprehensive GDPR compliance, each plugin used on our platforms is evaluated and operated in accordance with these legal bases. We ensure that the plugins adhere to the necessary GDPR standards, maintaining data protection and security at all times.

We take appropriate technical and organisational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.

The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access, input, disclosure, safeguarding availability and separation of the data. Furthermore, we have established procedures that ensure the exercise of data subject rights, the deletion of data and responses to data threats. Furthermore, we already take the protection of personal data into account during the development and selection of hardware, software and processes in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.

 

We may share your data with third-party service providers involved in hosting webinars and managing email communications. All third parties are vetted to ensure they comply with GDPR standards.

 

All plugins: It is implied that all plugins, as part of their integration into the website, adhere to certain security standards to protect user data.

Data necessary for the operation of our webshop and other services is disclosed to third-party service providers under strict compliance with GDPR. This includes data handling by Zoom, Microsoft Teams, MailChimp, and various WooCommerce plugins that enhance the functionality of our site.

As part of our processing of personal data, data may be transferred to other bodies, companies, legally independent organisational units or persons or disclosed to them. The recipients of this data may include, for example, payment institutions in the context of payment transactions, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, in particular, conclude corresponding contracts or agreements with the recipients of your data that serve to protect your data.

  • Woocommerce: Describes the conditions under which customer data is stored and the duration. Also notes that team members such as Administrators and Shop Managers have access to customer information.
  • Woocommerce Subscription: Shares customer data with third-party payment processors depending on the payment plugin used.
  • Event Ticket: Collects and retains event-related data such as attendee names, email addresses, and ticket information.
  • Payments via PayPal: Outlines the sharing of necessary payment data with PayPal.
  • Stripe: Mentions potential data storage and sharing with Stripe.
  • MailChimp: Disclosure to Third Parties: We use MailChimp for managing our email marketing and newsletter campaigns. Although MailChimp operates in the USA, it ensures the security of data processing in compliance with EU data protection regulations.
  • Zoom: Zoom Video Communications, Inc., based in the USA, provides the platform we use for webinars. Their data protection compliance is detailed in their Privacy Policy: Zoom Privacy Policy.
  • Microsoft Teams: Operated by Microsoft Corporation, also based in the USA, it is used for collaborative meetings and webinars. For more detailed information, refer to Microsoft Privacy Statement.
  • Microsoft Teams/Zoom: Data may be transferred to third countries if we use international services for webinars or email hosting. We ensure all data transfers comply with GDPR through standard contractual clauses or equivalent safeguards.

If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or if the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, this will only take place in accordance with the legal requirements.

Subject to express consent or contractually or legally required transfer, we only process or have the data processed in third countries with a recognised level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (Art. 44 to 49 GDPR, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de ).

MailChimp: Data Processing in Third Countries: MailChimp services are based in the USA, but there is no explicit data transfer to third countries. All data protection measures comply with GDPR requirements.

Zoom: As Zoom is headquartered in the USA, data processing involves data transfer outside the EU. Zoom adheres to the EU-US Privacy Shield framework.

Microsoft Teams: Also headquartered in the USA, data transfer occurs under the EU-US Privacy Shield framework and Microsoft’s binding corporate rules, which Microsoft reports as compliant with EU data protection laws.

Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed their browser.

Permanent cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved or favourite content can be displayed directly when the user visits a website again. The interests of users who are used for reach measurement or marketing purposes can also be stored in such a cookie.

First-party cookies: First-party cookies are set by us.

Third-party cookies (also: third-party cookies): Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.

Necessary (also: essential) cookies: Cookies may be necessary for the operation of a website (e.g. to save logins or other user input or for security reasons).

Statistical, marketing and personalisation cookies: Cookies are also generally used to measure reach and when a user’s interests or behaviour (e.g. viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used, for example, to show users content that matches their potential interests. This process is also referred to as “tracking”, i.e. tracking the potential interests of users. If we use cookies or “tracking” technologies, we will inform you separately in our privacy policy or when obtaining consent.

Notes on legal bases: The legal basis on which we process your personal data with the help of cookies depends on whether we ask you for your consent. If this is the case and you consent to the use of cookies, the legal basis for processing your data is the consent you have given. Otherwise, the data processed using cookies will be processed on the basis of our legitimate interests (e.g. in the business operation of our online offering and its improvement) or, if the use of cookies is necessary to fulfil our contractual obligations.

Storage period: If we do not provide you with explicit information on the storage period of permanent cookies (e.g. as part of a so-called cookie opt-in), please assume that the storage period can be up to two years.

General information on revocation and objection (opt-out): Depending on whether the processing is based on consent or legal permission, you have the option at any time to revoke any consent you have given or to object to the processing of your data by cookie technologies (collectively referred to as “opt-out”). You can initially declare your objection using your browser settings, e.g. by deactivating the use of cookies (although this may also restrict the functionality of our online offering). An objection to the use of cookies for online marketing purposes can also be declared using a variety of services, especially in the case of tracking, via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/. In addition, you can obtain further objection notices in the context of the information on the service providers and cookies used.

Processing of cookie data on the basis of consent: Before we process or have data processed in the context of the use of cookies, we ask users for their consent, which can be revoked at any time. Before consent has not been given, cookies that are absolutely necessary for the operation of our online offering are used at most.

Processed data types: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).

Data subjects: Users (e.g. website visitors, users of online services).

Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a. GDPR), Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

  • Paid Membership Pro: Utilizes cookies to track user activity including logins, visits, and page views.
  • The Password Protected Plugin: Stores a cookie on successful password entry.
  • Woocommerce: Uses cookies to track basket contents and user activity during site navigation.
  • See more information in the Point 4.

We may include so-called affiliate links on our website or other references to offers and services from third-party providers (we refer to them collectively as “affiliate links”). If you as a user follow these affiliate links or subsequently take advantage of the offers, we may receive a commission or other benefits from these third-party providers (hereinafter collectively referred to as “commission”).

In order to be able to track whether the users have used the offers of an affiliate link linked by us, it is necessary for the respective third-party providers to know that the users have followed an affiliate link placed on our site. The assignment of these affiliate links to the relevant business transactions or other actions (e.g. purchases) is used exclusively for commission settlement. It will be deleted as soon as it is no longer required for this purpose.

For the purposes of precisely this assignment of affiliate links, the affiliate links can be supplemented with values that may be part of the link or stored in another way, e.g. in a cookie. Such values may include, for example, the source website (referrer), the time, an online identifier of the operator of the website on which the exact affiliate link was located, an online identifier of the relevant offer, the type of link or offer used and an online identifier of the respective site visitor.

Notes on legal bases: If we ask users to consent to the use of third-party providers, the legal basis for the processing of data is consent. In addition, their use may be part of our (pre-)contractual service if the use of third-party providers has been agreed in this context. Otherwise, user data is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to explicitly draw your attention to the information on the use of cookies in this privacy policy.

Processed data types: Data relating to the contracts (e.g. term, subject matter of the contract, etc.), usage data (e.g. pages visited, interest in content, access times), meta/communication data (e.g. device information, and/or IP addresses).

Data subjects: Users (e.g. website visitors, users of various online services).

Purposes of processing: Tracking of affiliate links.

Legal bases: Consent (Art. 6 Para. 1 S. 1 lit. a GDPR), Contract fulfilment and pre-contractual enquiries (Art. 6 Para. 1 S. 1 lit. b. GDPR), Legitimate interests (Art. 6 Para. 1 S. 1 lit. f. GDPR).

Services used and service providers:

As of 17/03/2024: none.

YITH Affiliate Tools:

Our website utilises YITH plugins to manage affiliate programs. These tools help us track and manage affiliate links, ensuring that referrals are accurately recorded and affiliates are properly compensated. All affiliate data is processed in accordance with GDPR, ensuring that affiliate partners’ data is protected.

MailChimp:

Third Party Relationships: We utilize MailChimp, owned by The Rocket Science Group LLC. For more information on their cookie policies, please visit: MailChimp Cookies Policy.

Google Fonts

We use Google Fonts on our website. These are the “Google Fonts” of Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. You do not need to log in or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you do not need to worry that your Google account data will be transmitted to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will take a closer look at exactly how the data is stored. Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts that Google makes available to its users free of charge. Many of these fonts are published under the SIL Open Font Licence, while others are published under the Apache licence. Both are free software licences.

What data is stored by Google?

When you visit our website, the fonts are loaded via a Google server. This external call transmits data to the Google server. In this way, Google also recognises that you or your IP address is visiting our website. The Google Fonts API was developed to reduce the use, storage and collection of end user data to what is necessary for the proper provision of fonts. Incidentally, API stands for “Application Programming Interface” and serves, among other things, as a data transmitter in the software sector.

Google Fonts stores CSS and font requests securely at Google and is therefore protected. The collected usage figures allow Google to determine how well the individual fonts are received. Google publishes the results on internal analysis pages, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the Google Fonts BigQuery database. Entrepreneurs and developers use the Google web service BigQuery to analyse and move large amounts of data.

However, it should be noted that every Google Font request also automatically transfers information such as language settings, IP address, browser version, browser screen resolution and browser name to the Google servers. It is not clear whether this data is also stored or whether it is clearly communicated by Google.

How long and where is the data stored?

Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This enables us to use the fonts with the help of a Google stylesheet. A stylesheet is a format template that can be used to quickly and easily change the design or font of a website, for example.

The font files are stored by Google for one year. Google’s aim is to fundamentally improve the loading time of websites. If millions of websites refer to the same fonts, they are cached after the first visit and immediately reappear on all other websites visited later. Sometimes Google updates font files to reduce file size, increase language coverage and improve design.

How can I delete my data or prevent data storage?

The data that Google stores for one day or one year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. To delete this data prematurely, you must contact Google support at https://support.google.com/?hl=de&tid=331658329046. In this case, you can only prevent data storage if you do not visit our site.

Unlike other web fonts, Google allows us unrestricted access to all fonts. This means we have unlimited access to a sea of fonts and can therefore optimise our website. You can find out more about Google Fonts and other issues at https://developers.google.com/fonts/faq?tid=331658329046. Although Google addresses data protection issues there, it does not provide any really detailed information about data storage. It is relatively difficult to obtain really precise information from Google about stored data.

Legal basis

If you have consented to the use of Google Fonts, the legal basis for the corresponding data processing is this consent. According to Art. 6 para. 1 lit. a GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as may occur when Google Fonts is used.

We also have a legitimate interest in using Google Fonts to optimise our online service. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests). Nevertheless, we only use Google Font if you have given your consent.

Google also processes your data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This may entail various risks for the legality and security of data processing.

Google uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR) as the basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfer there. Standard Contractual Clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Processing Terms, which also correspond to the standard contractual clauses for Google Fonts, can be found at https://business.safety.google/adsprocessorterms/.

You can also find out which data is generally collected by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/.

Google Analytics

We use Google Analytics to analyse website usage. The data obtained from this is used to optimise our website and advertising measures.

Google Analytics is provided to us by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google processes the website usage data on our behalf and is contractually obliged to take measures to ensure the security and confidentiality of the processed data.

The following data is recorded during your visit to the website

  • Pages viewed
  • Orders including sales and products ordered
  • The achievement of “website goals” (e.g. contact enquiries and newsletter registrations)
  • Your behaviour on the pages (e.g. length of stay, clicks, scrolling behaviour)
  • Your approximate location (country and city)
  • Your IP address (in abbreviated form, so that no clear assignment is possible)
  • Technical information such as browser, internet provider, end device and screen resolution
  • Source of origin of your visit (i.e. via which website or advertising medium you came to us)
  • Personal data such as name, address or contact details are never transmitted to Google Analytics.

This data is transferred to Google servers in the USA. We would like to point out that the same level of data protection cannot be guaranteed in the USA as within the EU.

Google Analytics stores cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID with which you can be recognised on future visits to the website.

The recorded data is stored together with the randomly generated user ID, which makes it possible to analyse pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form indefinitely.

No affiliate links related to Zoom or Microsoft Teams.

If you do not agree to the collection of data, you can prevent this by installing the browser add-on once to deactivate Google Analytics or by rejecting cookies via our cookie settings dialogue

    •  
    •  
    •  

To ensure our online services are provided securely and efficiently, we employ the services of one or more web hosting providers. These services allow our content to be accessed from servers either owned or managed by these providers. We utilize a variety of infrastructure and platform services, including computing capacity, storage space, database services, security services, and technical maintenance services to support this delivery.

Data Processed: As part of our hosting services, we process all information related to users of our online service that is generated during their use and communication. This typically includes:

  • IP addresses, essential for delivering content to browsers.
  • Entries made within our online services or external websites.

Collection of Access Data and Log Files: We, or our web hosting provider, collect data every time a server is accessed. These server log files include:

  • The addresses and names of the accessed web pages and files.
  • Date and time of access.
  • Volume of data transferred.
  • Notification of successful access.
  • Type and version of the browser used.
  • Operating system of the user.
  • Referrer URL (the previously visited page).
  • IP addresses and the identity of the requesting provider.

These log files are primarily used for security purposes, such as preventing server overloads (particularly in the case of abusive attacks, e.g., DDoS attacks) and ensuring optimal server utilization and stability.

Types of Processed Data:

  • Content data (e.g., entries in online forms).
  • Usage data (e.g., websites visited, interest in content, access times).
  • Meta/communication data (e.g., device information, IP addresses).

Data Subjects:

  • Users (e.g., website visitors, users of online services).

Legal Basis:

  • Processing is based on our legitimate interests (Art. 6(1)(f) GDPR), which include operating and improving the stability and security of our online offer.

Specific Plugin Data Collection:

  • Paid Membership Pro: Collects names, email addresses, physical addresses, phone numbers, and credit card information during the checkout process.
  • Woocommerce & Woocommerce Subscription: Collects comprehensive user information during the checkout process, including names, billing and shipping addresses, payment details, and additional contact information.
  • Learndash: Collects email addresses and records course progress, quiz scores, and other learning management system data.

When you contact us through various means such as a contact form, email, telephone, or social media, we process the information provided by you to the extent necessary to respond to your inquiries and any associated requests.

When you contact us via forms, email, or telephone, your data is processed to respond to your inquiries related to webinars or subscriptions.

Purpose of Processing: We process these inquiries within the framework of contractual or pre-contractual relationships to fulfill our contractual obligations or to respond to pre-contractual inquiries. Additionally, we process data based on our legitimate interests in providing prompt and effective responses to user inquiries.

Types of Data Processed:

  • Inventory Data: Such as names and addresses.
  • Contact Data: Including email addresses and telephone numbers.
  • Contact language: for the correct communications 
  • Content Data: Such as the entries made in online forms.

Data Subjects:

  • Communication Partners: These are individuals who initiate contact with us through any of the available communication channels.

Purposes of Processing:

  • To handle and respond to contact inquiries and communications effectively, ensuring that user concerns and questions are addressed promptly.

Legal Bases:

  • Contract Fulfillment and Pre-contractual Inquiries: (Art. 6 Para. 1 S. 1 lit. b GDPR) — The processing is necessary for the performance of a contract to which the data subject is party, or in order to take steps at the request of the data subject prior to entering into a contract.
  • Legitimate Interests: (Art. 6 Para. 1 S. 1 lit. f GDPR) — Processing is necessary for the purposes of the legitimate interests pursued by us, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

Email Marketing (MailChimp): our newsletters are sent via the MailChimp platform, which uses high security measures to protect your privacy. For more information about MailChimp’s security practices, please see MailChimp Security. When you subscribe to our newsletter, we explicitly ask for your consent to process your email address and other data.

    •  

Principles of Data Avoidance and Minimisation: We adhere strictly to the principles of data avoidance and minimisation. Accordingly, we store your personal data only as long as necessary to fulfill the purposes outlined in this policy or as mandated by the various retention periods prescribed by law. Once the specific purpose has ceased or these periods have expired, the related data is routinely blocked or deleted in accordance with legal requirements.

Criteria for Deletion:

  • Revocation of Consent: Data processed based on consent will be deleted if the consent is revoked, provided there is no other legal ground for processing.
  • Cessation of Purpose: Data will be deleted once it is no longer necessary for the purposes for which it was processed, unless legal retention obligations apply.
  • Legal Obligations: Data that must be retained due to legal requirements relating to commercial or tax laws will be preserved as required by law and blocked from other processing, and deleted when legal obligations permit.

Restriction of Processing:

  • In situations where legal or practical obstacles prevent the immediate deletion of data (e.g., special requirements for data preservation during ongoing investigations or litigation), the processing of such data will be restricted. This entails blocking the data and ensuring it is not processed for purposes other than those legally permitted.

Additional Notes:

  • WooCommerce: Customer data is managed under specific conditions detailing storage duration and access rights. Only authorized team members, such as Administrators and Shop Managers, have access to this information for legitimate business operations.
  • WooCommerce Subscription: Data necessary for managing subscriptions, such as payment information, is shared with third-party payment processors according to the selected payment plugin.
  • Event Ticket: Data related to event attendees, such as names and email addresses, is retained to manage event participation and for record-keeping purposes.

Further Information:

  • More detailed information regarding the deletion of personal data and the specific data protection practices for different processing activities can be found in the relevant sections of this privacy policy.
  • Data collected for webinar registrations and newsletter subscriptions is retained only as long as necessary for their intended purposes and is deleted or anonymized once it is no longer required, except in cases where legal obligations necessitate longer retention.

We ask you to inform yourself regularly about the content of our privacy policy. We will amend the privacy policy as soon as changes to the data processing carried out by us make this necessary. We will inform you as soon as the changes require your co-operation (e.g. consent) or other individual notification.

If we provide addresses and contact information of companies and organisations in this privacy policy, please note that the addresses may change over time and please check the information before contacting us.

As a data subject under the General Data Protection Regulation (GDPR), you are entitled to several rights, as outlined in Articles 15 to 21 of the GDPR:

  • Right to Object: You may object to the processing of your personal data at any time based on your specific situation, especially when data processing is based on Article 6(1)(e) or (f) of the GDPR, which includes profiling based on these provisions. If your personal data is processed for direct marketing purposes, you have the right to object at any time to this processing, including profiling related to direct marketing.
  • Right to Withdraw Consent: You have the right to withdraw your consent to the processing of your personal data at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
  • Right to Information: You have the right to confirm whether data concerning you is being processed and, if so, to access the personal data and receive the following information:
    • The purposes of the processing.
    • The categories of personal data concerned.
    • The recipients or categories of recipients to whom the personal data have been or will be disclosed.
    • The envisaged period for which the personal data will be stored, or if not possible, the criteria used to determine that period.
  • Right to Rectification: You have the right to have any incomplete or inaccurate personal data corrected without undue delay.
  • Right to Erasure and Restriction of Processing: You have the right to request the erasure of personal data concerning you under certain conditions or alternatively seek the restriction of processing of your data.
  • Right to Data Portability: You can receive your personal data, which you have provided to a controller, in a structured, commonly used, and machine-readable format. You also have the right to transmit those data to another controller without hindrance.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your habitual residence, place of work, or place of the alleged GDPR infringement.

Specific Rights for Users of Zoom and Microsoft Teams:

  • Data subjects have the right to access, amend, or delete their personal data stored by Zoom and Microsoft Teams at any time. They also have the right to object to certain processing activities and request restriction of processing under certain circumstances.

General Rights across All Platforms and Plugins:

  • Data subjects have the right to access, rectify, or delete their personal data across all platforms and plugins used by our website. They can also object to certain processing activities and request the restriction of processing as outlined in the GDPR. We provide links to the privacy policies of third-party service providers for detailed information on how they manage user data.

Complaint Mechanisms:

  • Data subjects have the right to lodge complaints against AgadoPro-Academy or the data processor at the Hungarian National Authority for Data Protection and Freedom of Information (NAIH) or to seek legal recourse. European residents may also file complaints via the European Online Dispute Resolution platform: EU Online Dispute Resolution. Please note that AgadoPro-Academy does not participate in alternative dispute resolution procedures.

This section provides an overview of terms used in this privacy policy. Many terms are derived from law, primarily defined in Article 4 of the GDPR. The legal definitions are binding, while the following explanations are intended primarily to aid understanding. Terms are listed in alphabetical order:

  • Controller: “Controller” refers to the natural or legal person, public authority, agency, or other bodies which, alone or jointly with others, determines the purposes and means of the processing of personal data.
  • MailChimp: For additional information on rights regarding data stored by MailChimp, please visit: BFDI Rights to Information.
  • Microsoft Teams: Comprehensive details on data handling and user rights can be found at Microsoft Privacy.
  • Personal data: “Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., a cookie), or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
  • Processing: “Processing” encompasses any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means. This term covers practically every handling of data, including collection, analysis, storage, transmission, or erasure.
  • Plugins: Software components that add specific features to an existing computer program, enhancing its capabilities and the user experience on our website. Plugins used include:
    • WooCommerce: Manages e-commerce activities.
    • WPML: Provides multilingual support.
    • YITH Plugins: Enhance WooCommerce with features like wishlists, product add-ons, and affiliate functionalities.
  • Zoom: Further details about your data protection rights are available on their website: Zoom Legal.

 

Privacy Policy:

  1. Introduction Our privacy policy aims to inform you about how we process your personal data when you use our services or visit our website. This policy applies to all personal data processing activities conducted by us, both as part of providing our services and specifically through our websites, mobile applications, and external online presences, like social media profiles.

    Effective Date: May 9, 2024.

  2. Responsible Entity AgadoPro-Academy, represented by Attila Jezsó, located at Silvanerweg 17a, 78464 Konstanz, Germany. Contact us via email at [email protected].

  3. Overview of Processing Activities This section provides a summary of the types of data processed and the purposes for which they are processed. More detailed information is provided in the subsequent sections of this policy.

  4. Plugins and Privacy Policies We utilize various plugins to enhance functionality and user experience. Each plugin adheres to its privacy practices, as detailed in the respective sections below.

Privacy policy:

1 Introduction

With the following privacy policy, we would like to explain to you what types of your personal data (hereinafter also referred to as “data”) we process, for what purposes and to what extent. The privacy policy applies to all processing of personal data carried out by us, both in the context of the provision of our services and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as “online offer”).

Status: 09 Mai 2024.

Table of contents

    1. Introduction
    2. Responsible
    3. Overview of the processing operations
    4. Plugin and their Privat policy 
    5. Pages on Social Networks

    6. Types of data processed

    7. Relevant legal bases
    8. Security measures
    9. transfer and disclosure of personal data
    10. data processing in third countries
    11. use of cookies
    12. Affiliate programmes and affiliate links
    13. provision of the online offer and web hosting
    14. making contact
    15. deletion of data
    16. changes and updates to the privacy policy
    17. rights of the data subjects
    18. definitions of terms

 

2 Responsible

AgadoPro-Academy

Attila Jezsó

Silvanerweg 17a

78464 Konstanz

E-mail address: [email protected]

3 Overview of the processing operations

The following overview summarises the types of data processed and the purposes of their processing and refers to the data subjects.

4 Plugin and their Privat policy 

We are using several plugins. 

  • Paid Membership Pro

      • Data Collected to Manage Your Membership

        At checkout, we will collect your name, email address, username, and password. This information is used to setup your account for our site. If you are redirected to an offsite payment gateway to complete your payment, we may store this information in a temporary session variable to setup your account when you return to our site.

        At checkout, we may also collect your billing address and phone number. This information is used to confirm your credit card. The billing address and phone number are saved by our site to prepopulate the checkout form for future purchases and so we can get in touch with you if needed to discuss your order.

        At checkout, we may also collect your credit card number, expiration date, and security code. This information is passed to our payment gateway to process your purchase. The last 4 digits of your credit card number and the expiration date are saved by our site to use for reference and to send you an email if your credit card will expire before the next recurring payment.

        When logged in, we use cookies to track some of your activity on our site including logins, visits, and page views.

  • The Password Protected Plugin

    • The Password Protected plugin stores a cookie on successful password login containing a hashed version of the entered password. It does not store any information about the user. The cookie stored is named bid_n_password_protected_auth where n is the blog ID in a multisite network

  • Woocommerce

    • What data is collected

      Information shared with a payment provider to process payments includes:

      • Name
      • Email
      • Address
      • Phone
      • City/State/Zip
      • Unique payment identifier
      • Payment provider identifier
    • We collect information about you during the checkout process on our store.

      What we collect and store

      While you visit our site, we’ll track:

      • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
      • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
      • Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!

      We’ll also use cookies to keep track of basket contents while you’re browsing our site.

      When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:

      • Send you information about your account and order
      • Respond to your requests, including refunds and complaints
      • Process payments and prevent fraud
      • Set up your account for our store
      • Comply with any legal obligations we have, such as calculating taxes
      • Improve our store offerings
      • Send you marketing messages, if you choose to receive them

      If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.

      We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for XXX years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.

      We will also store comments or reviews, if you choose to leave them.

      Who on our team has access

      Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

      • Order information like what was purchased, when it was purchased and where it should be sent, and
      • Customer information like your name, email address, and billing and shipping information.

      Our team members have access to this information to help fulfill orders, process refunds and support you.

      What we share with others

      We share information with third parties who help us provide our orders.

      Payments

      We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.

      Please see the PayPal Privacy Policy for more details.

  • Woocommerce Subscription

What we collect and store

For the purposes of processing recurring subscription payments, we store the customer’s name, billing address, shipping address, email address, phone number and credit card/payment details.

What we share with others

What personal information your store shares with external sources depends on which third-party payment processor plugins you are using to collect subscription payments. We recommend that you consult with their privacy policies to inform this section of your privacy policy.

If you are using PayPal Standard or PayPal Reference transactions please see the PayPal Privacy Policy for more details.

  • Learndash

What we collect and store

When you purchase from us, we’ll ask you to provide email address. We’ll use this information for purposes, such as, to:

–Send you information about your account and order

–Create your account for our LMS

If you register a free account then we will store your email address.

We store information about you for as long as your account exists.

We store course progress, including completion status, quiz scores, assignments and/or essay submissions (if applicable).

We will also store comments on courses, lessons, topics, assignments, and essays if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Group Leaders can access:

–Order information such as your enrolled courses, course progress and username / email address.

Any additional information added in your WordPress User Profile can also be visible to the administrator(s).

What we share with others

In this section you should list who you’re sharing data with, and for what purpose. This could include, but may not be limited to, analytics/reporting tools, marketing services (such as email services like MailChimp), payment gateways, gamification programs, and third party embeds.

We share information with third parties who help us provide our orders and store services to you; for example – [insert third party platforms and short description of their purpose]

Payments

In this subsection you should list which third party payment processors you’re using to take payments on your store since these may handle customer data. We’ve included PayPal below as an example, but you should remove any of these if they are not in use on your site.

We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.

Please see the PayPal Privacy Policy for more details.

  • EU VAT

By using this extension, you may be storing personal data or sharing data with an external service. Learn more about how this works, including what you may want to include in your privacy policy.

  • Stripe

This plugin/extension sets the following cookies:

  • Event Ticket

What personal data we collect and why we collect it

Event, Attendee, and Ticket Purchaser Information

If you create, submit, import, save, or publish event ticket information, as well as obtain RSVPs or purchase tickets to events, such information is retained in the local database:

      1. Attendees information (RSVPs and Tickets): name and email address
      2. Ticket information (RSVPs and Tickets): name, email address, and ticket number/SKU (via check-in page)
      3. Ticket purchaser information: name and email address
      4. Ticket purchaser billing address, which is collected through the use of WooCommerce, Easy Digital Downloads, or PayPal

Please note: The website owner can collect nearly any Attendee Information requested from ticket buyers by creating a custom registration form.

API Keys

We make use of certain API keys, in order to provide specific features.

These API keys may include the following third party services: Google Maps and PayPal.

5 Pages on Social Networks

We maintain publicly accessible pages (“Pages”) on the following social networking sites

LinkedIn

on Facebook, Instagram

We use our pages to provide information about our services, events and other activities and to enable you to contact us. The social networks on which we operate our pages provide us with statistics about user interactions, including data such as the number of users, account names, likes, comments and aggregated demographic data. The legal basis for this is Art. 6 par. 1 lit. b or lit. f GDPR. Our legitimate interest here is to optimise the experience for visitors to our websites according to their interests.

We operate the respective websites in joint responsibility with the network. We do not influence the data processed by the networks under their responsibility. For more information on the processing of your data by the networks, please refer to the privacy policy of the respective network.

For more information on the division of responsibilities, please click here:

LinkedIn: https://legal.linkedin.com/pages-joint-controller-addendum?fbclid=IwAR1J4l862RSK-d4k0zqz5gNXoXtRlqzO2fn2J54chhVKBswWya1dfS0SN7c
Facebook: https://www.facebook.com/legal/terms/page_controller_addendum
Instagram: https://www.facebook.com/legal/terms/page_controller_addendum

 6 Types of data processed

Inventory data (e.g. names, addresses).
Content data (e.g. entries in online forms).
Contact data (e.g. e-mail, telephone numbers).
Meta/communication data (e.g. device information, IP addresses).
Usage data (e.g. websites visited, interest in content, access times).
Categories of data subjects
Communication partners.
Users (e.g. website visitors, users of online services).
Purposes of the processing
Contact enquiries and communication.

      • Paid Membership Pro: Collects names, emails, addresses, phone numbers, and credit card information during checkout.

      • Woocommerce & Woocommerce Subscription: Collects extensive user information during the checkout process, including name, billing and shipping addresses, payment details, and other contact information.

      • Learndash: Collects email addresses and stores course progress, quiz scores, and other learning management data.

7 Relevant legal bases

We adhere to the General Data Protection Regulation (GDPR) for processing personal data. Below, we detail the specific articles of the GDPR that form the legal foundation for our data processing activities. Additionally, it’s important to note that national data protection laws of your or our country of residence may also apply. Where more specific legal bases are applicable, these will be detailed within our privacy policy.

    1. Consent (Article 6(1)(a) GDPR): Data processing is based on the explicit consent given by the data subject for one or more specific purposes. This means that you have agreed to the processing of your personal data for a particular use.

    2. Contract Fulfillment and Pre-contractual Inquiries (Article 6(1)(b) GDPR): Processing is necessary for the performance of a contract to which the data subject is a party, or to take steps at the data subject’s request before entering into a contract. This applies to actions that are directly related to contract management and execution.

    3. Legitimate Interests (Article 6(1)(f) GDPR): Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the rights, interests, or freedoms of the data subject which require protection of personal data. The specific interests being pursued will be detailed as necessary within the context of individual processing activities.

Plugin Compliance: To ensure comprehensive GDPR compliance, each plugin used on our platforms is evaluated and operated in accordance with these legal bases. We ensure that the plugins adhere to the necessary GDPR standards, maintaining data protection and security at all times.

8 Security measures

We take appropriate technical and organisational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.

The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access, input, disclosure, safeguarding availability and separation of the data. Furthermore, we have established procedures that ensure the exercise of data subject rights, the deletion of data and responses to data threats. Furthermore, we already take the protection of personal data into account during the development and selection of hardware, software and processes in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.

All plugins: It is implied that all plugins, as part of their integration into the website, adhere to certain security standards to protect user data.

9 Transmission and disclosure of personal data

As part of our processing of personal data, data may be transferred to other bodies, companies, legally independent organisational units or persons or disclosed to them. The recipients of this data may include, for example, payment institutions in the context of payment transactions, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, in particular, conclude corresponding contracts or agreements with the recipients of your data that serve to protect your data.

      • Woocommerce: Describes the conditions under which customer data is stored and the duration. Also notes that team members such as Administrators and Shop Managers have access to customer information.

      • Woocommerce Subscription: Shares customer data with third-party payment processors depending on the payment plugin used.

      • Event Ticket: Collects and retains event-related data such as attendee names, email addresses, and ticket information.

      • Payments via PayPal: Outlines the sharing of necessary payment data with PayPal.
      • Stripe: Mentions potential data storage and sharing with Stripe.

10 Data processing in third countries

If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or if the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, this will only take place in accordance with the legal requirements.

Subject to express consent or contractually or legally required transfer, we only process or have the data processed in third countries with a recognised level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (Art. 44 to 49 GDPR, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de ).

11 Use of cookies

Cookies are text files that contain data from websites or domains visited and are stored by a browser on the user’s computer. A cookie is primarily used to store information about a user during or after their visit to an online service. The information stored may include, for example, the language settings on a website, the login status, a shopping basket or the location where a video was watched. The term “cookies” also includes other technologies that fulfil the same functions as cookies (e.g. when user information is stored using pseudonymous online identifiers, also known as “user IDs”)

A distinction is made between the following cookie types and functions

Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed their browser.

Permanent cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved or favourite content can be displayed directly when the user visits a website again. The interests of users who are used for reach measurement or marketing purposes can also be stored in such a cookie.

First-party cookies: First-party cookies are set by us.

Third-party cookies (also: third-party cookies): Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.

Necessary (also: essential) cookies: Cookies may be necessary for the operation of a website (e.g. to save logins or other user input or for security reasons).

Statistical, marketing and personalisation cookies: Cookies are also generally used to measure reach and when a user’s interests or behaviour (e.g. viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used, for example, to show users content that matches their potential interests. This process is also referred to as “tracking”, i.e. tracking the potential interests of users. If we use cookies or “tracking” technologies, we will inform you separately in our privacy policy or when obtaining consent.

Notes on legal bases: The legal basis on which we process your personal data with the help of cookies depends on whether we ask you for your consent. If this is the case and you consent to the use of cookies, the legal basis for processing your data is the consent you have given. Otherwise, the data processed using cookies will be processed on the basis of our legitimate interests (e.g. in the business operation of our online offering and its improvement) or, if the use of cookies is necessary to fulfil our contractual obligations.

Storage period: If we do not provide you with explicit information on the storage period of permanent cookies (e.g. as part of a so-called cookie opt-in), please assume that the storage period can be up to two years.

General information on revocation and objection (opt-out): Depending on whether the processing is based on consent or legal permission, you have the option at any time to revoke any consent you have given or to object to the processing of your data by cookie technologies (collectively referred to as “opt-out”). You can initially declare your objection using your browser settings, e.g. by deactivating the use of cookies (although this may also restrict the functionality of our online offering). An objection to the use of cookies for online marketing purposes can also be declared using a variety of services, especially in the case of tracking, via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/. In addition, you can obtain further objection notices in the context of the information on the service providers and cookies used.

Processing of cookie data on the basis of consent: Before we process or have data processed in the context of the use of cookies, we ask users for their consent, which can be revoked at any time. Before consent has not been given, cookies that are absolutely necessary for the operation of our online offering are used at most.

Processed data types: Usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).

Data subjects: Users (e.g. website visitors, users of online services).

Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a. GDPR), Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).

If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

      • Paid Membership Pro: Utilizes cookies to track user activity including logins, visits, and page views.
      • The Password Protected Plugin: Stores a cookie on successful password entry.
      • Woocommerce: Uses cookies to track basket contents and user activity during site navigation.

12 Affiliate programmes and affiliate links

We may include so-called affiliate links on our website or other references to offers and services from third-party providers (we refer to them collectively as “affiliate links”). If you as a user follow these affiliate links or subsequently take advantage of the offers, we may receive a commission or other benefits from these third-party providers (hereinafter collectively referred to as “commission”).

In order to be able to track whether the users have used the offers of an affiliate link linked by us, it is necessary for the respective third-party providers to know that the users have followed an affiliate link placed on our site. The assignment of these affiliate links to the relevant business transactions or other actions (e.g. purchases) is used exclusively for commission settlement. It will be deleted as soon as it is no longer required for this purpose.

For the purposes of precisely this assignment of affiliate links, the affiliate links can be supplemented with values that may be part of the link or stored in another way, e.g. in a cookie. Such values may include, for example, the source website (referrer), the time, an online identifier of the operator of the website on which the exact affiliate link was located, an online identifier of the relevant offer, the type of link or offer used and an online identifier of the respective site visitor.

Notes on legal bases: If we ask users to consent to the use of third-party providers, the legal basis for the processing of data is consent. In addition, their use may be part of our (pre-)contractual service if the use of third-party providers has been agreed in this context. Otherwise, user data is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to explicitly draw your attention to the information on the use of cookies in this privacy policy.

Processed data types: Data relating to the contracts (e.g. term, subject matter of the contract, etc.), usage data (e.g. pages visited, interest in content, access times), meta/communication data (e.g. device information, and/or IP addresses).

Data subjects: Users (e.g. website visitors, users of various online services).

Purposes of processing: Tracking of affiliate links.

Legal bases: Consent (Art. 6 Para. 1 S. 1 lit. a GDPR), Contract fulfilment and pre-contractual enquiries (Art. 6 Para. 1 S. 1 lit. b. GDPR), Legitimate interests (Art. 6 Para. 1 S. 1 lit. f. GDPR).

Services used and service providers:

As of 17/03/2024: none.

Google Fonts

We use Google Fonts on our website. These are the “Google Fonts” of Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services. You do not need to log in or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you do not need to worry that your Google account data will be transmitted to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We will take a closer look at exactly how the data is stored. Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts that Google makes available to its users free of charge. Many of these fonts are published under the SIL Open Font Licence, while others are published under the Apache licence. Both are free software licences.

What data is stored by Google?

When you visit our website, the fonts are loaded via a Google server. This external call transmits data to the Google server. In this way, Google also recognises that you or your IP address is visiting our website. The Google Fonts API was developed to reduce the use, storage and collection of end user data to what is necessary for the proper provision of fonts. Incidentally, API stands for “Application Programming Interface” and serves, among other things, as a data transmitter in the software sector.

Google Fonts stores CSS and font requests securely at Google and is therefore protected. The collected usage figures allow Google to determine how well the individual fonts are received. Google publishes the results on internal analysis pages, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the Google Fonts BigQuery database. Entrepreneurs and developers use the Google web service BigQuery to analyse and move large amounts of data.

However, it should be noted that every Google Font request also automatically transfers information such as language settings, IP address, browser version, browser screen resolution and browser name to the Google servers. It is not clear whether this data is also stored or whether it is clearly communicated by Google.

How long and where is the data stored?

Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This enables us to use the fonts with the help of a Google stylesheet. A stylesheet is a format template that can be used to quickly and easily change the design or font of a website, for example.

The font files are stored by Google for one year. Google’s aim is to fundamentally improve the loading time of websites. If millions of websites refer to the same fonts, they are cached after the first visit and immediately reappear on all other websites visited later. Sometimes Google updates font files to reduce file size, increase language coverage and improve design.

How can I delete my data or prevent data storage?

The data that Google stores for one day or one year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. To delete this data prematurely, you must contact Google support at https://support.google.com/?hl=de&tid=331658329046. In this case, you can only prevent data storage if you do not visit our site.

Unlike other web fonts, Google allows us unrestricted access to all fonts. This means we have unlimited access to a sea of fonts and can therefore optimise our website. You can find out more about Google Fonts and other issues at https://developers.google.com/fonts/faq?tid=331658329046. Although Google addresses data protection issues there, it does not provide any really detailed information about data storage. It is relatively difficult to obtain really precise information from Google about stored data.

Legal basis

If you have consented to the use of Google Fonts, the legal basis for the corresponding data processing is this consent. According to Art. 6 para. 1 lit. a GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as may occur when Google Fonts is used.

We also have a legitimate interest in using Google Fonts to optimise our online service. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests). Nevertheless, we only use Google Font if you have given your consent.

Google also processes your data in the USA, among other places. We would like to point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. This may entail various risks for the legality and security of data processing.

Google uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR) as the basis for data processing with recipients based in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or for data transfer there. Standard Contractual Clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to third countries (such as the USA) and stored there. Through these clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Processing Terms, which also correspond to the standard contractual clauses for Google Fonts, can be found at https://business.safety.google/adsprocessorterms/.

You can also find out which data is generally collected by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/.

Google Analytics

We use Google Analytics to analyse website usage. The data obtained from this is used to optimise our website and advertising measures.

Google Analytics is provided to us by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google processes the website usage data on our behalf and is contractually obliged to take measures to ensure the security and confidentiality of the processed data.

The following data is recorded during your visit to the website

Pages viewed

Orders including sales and products ordered

The achievement of “website goals” (e.g. contact enquiries and newsletter registrations)

Your behaviour on the pages (e.g. length of stay, clicks, scrolling behaviour)

Your approximate location (country and city)

Your IP address (in abbreviated form, so that no clear assignment is possible)

Technical information such as browser, internet provider, end device and screen resolution

Source of origin of your visit (i.e. via which website or advertising medium you came to us)

Personal data such as name, address or contact details are never transmitted to Google Analytics.

This data is transferred to Google servers in the USA. We would like to point out that the same level of data protection cannot be guaranteed in the USA as within the EU.

Google Analytics stores cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID with which you can be recognised on future visits to the website.

The recorded data is stored together with the randomly generated user ID, which makes it possible to analyse pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form indefinitely.

If you do not agree to the collection of data, you can prevent this by installing the browser add-on once to deactivate Google Analytics or by rejecting cookies via our cookie settings dialogue.

13 Provision of the online offer and web hosting

To ensure our online services are provided securely and efficiently, we employ the services of one or more web hosting providers. These services allow our content to be accessed from servers either owned or managed by these providers. We utilize a variety of infrastructure and platform services, including computing capacity, storage space, database services, security services, and technical maintenance services to support this delivery.

Data Processed: As part of our hosting services, we process all information related to users of our online service that is generated during their use and communication. This typically includes:

      • IP addresses, essential for delivering content to browsers.

      • Entries made within our online services or external websites.

Collection of Access Data and Log Files: We, or our web hosting provider, collect data every time a server is accessed. These server log files include:

      • The addresses and names of the accessed web pages and files.

      • Date and time of access.

      • Volume of data transferred.

      • Notification of successful access.

      • Type and version of the browser used.

      • Operating system of the user.

      • Referrer URL (the previously visited page).

      • IP addresses and the identity of the requesting provider.

These log files are primarily used for security purposes, such as preventing server overloads (particularly in the case of abusive attacks, e.g., DDoS attacks) and ensuring optimal server utilization and stability.

Types of Processed Data:

      • Content data (e.g., entries in online forms).

      • Usage data (e.g., websites visited, interest in content, access times).

      • Meta/communication data (e.g., device information, IP addresses).

Data Subjects:

      • Users (e.g., website visitors, users of online services).

Legal Basis:

      • Processing is based on our legitimate interests (Art. 6(1)(f) GDPR), which include operating and improving the stability and security of our online offer.

Specific Plugin Data Collection:

      • Paid Membership Pro: Collects names, email addresses, physical addresses, phone numbers, and credit card information during the checkout process.

      • Woocommerce & Woocommerce Subscription: Collects comprehensive user information during the checkout process, including names, billing and shipping addresses, payment details, and additional contact information.

      • Learndash: Collects email addresses and records course progress, quiz scores, and other learning management system data.

14 Making contact

When you contact us through various means such as a contact form, email, telephone, or social media, we process the information provided by you to the extent necessary to respond to your inquiries and any associated requests.

Purpose of Processing: We process these inquiries within the framework of contractual or pre-contractual relationships to fulfill our contractual obligations or to respond to pre-contractual inquiries. Additionally, we process data based on our legitimate interests in providing prompt and effective responses to user inquiries.

Types of Data Processed:

      • Inventory Data: Such as names and addresses.

      • Contact Data: Including email addresses and telephone numbers.

      • Content Data: Such as the entries made in online forms.

Data Subjects:

      • Communication Partners: These are individuals who initiate contact with us through any of the available communication channels.

Purposes of Processing:

      • To handle and respond to contact inquiries and communications effectively, ensuring that user concerns and questions are addressed promptly.

Legal Bases:

      • Contract Fulfillment and Pre-contractual Inquiries: (Art. 6 Para. 1 S. 1 lit. b GDPR) — The processing is necessary for the performance of a contract to which the data subject is party, or in order to take steps at the request of the data subject prior to entering into a contract.

      • Legitimate Interests: (Art. 6 Para. 1 S. 1 lit. f GDPR) — Processing is necessary for the purposes of the legitimate interests pursued by us, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

15 Deletion of data

We adhere to the principles of data avoidance and minimization. Therefore, we only store your personal data for as long as is necessary to achieve the purposes mentioned here or as provided for by the various storage periods prescribed by law. After cessation of the respective purpose or expiry of these periods, the corresponding data will be routinely blocked or deleted in accordance with statutory regulations.

Criteria for Deletion:

      • Revocation of Consent: Data processed based on consent will be deleted if the consent is revoked and no other legal ground for processing applies.

      • Cessation of Purpose: Data will be deleted if the purpose for data processing no longer applies and no legal retention requirements need to be fulfilled.

      • Legal Obligations: If data must be retained for legal reasons related to commercial or tax regulations, it will be stored as required by law and blocked from other uses, after which it will be deleted once the legal obligation allows.

Restriction of Processing:

      • If legal or actual obstacles prevent deletion (e.g., special requirements for data preservation for ongoing investigations or litigation), data processing will be restricted. In this case, the data will be blocked and not processed for other purposes.

Additional Notes:

      • Woocommerce: Customer data is stored under specific conditions which detail the duration of storage and access rights. Team members such as Administrators and Shop Managers can access customer information for legitimate business purposes.

      • Woocommerce Subscription: Customer data necessary for managing subscriptions is shared with third-party payment processors as dictated by the chosen payment plugin.

      • Event Ticket: Data such as names and email addresses of event attendees and ticket purchasers is retained to manage event participation and for record-keeping purposes.

Further Information:

      • Detailed information on the deletion of personal data and the individual data protection practices related to different processing activities is available in specific sections of this privacy policy.

16 Changes and updates to the privacy policy

We ask you to inform yourself regularly about the content of our privacy policy. We will amend the privacy policy as soon as changes to the data processing carried out by us make this necessary. We will inform you as soon as the changes require your co-operation (e.g. consent) or other individual notification.

If we provide addresses and contact information of companies and organisations in this privacy policy, please note that the addresses may change over time and please check the information before contacting us.

17 Rights of the data subjects

As a data subject under the General Data Protection Regulation (GDPR), you possess several rights that are detailed in Articles 15 to 21 of the GDPR. These rights include:

      1. Right to Object: You may object to the processing of your personal data at any time on grounds related to your particular situation, particularly when data processing is based on Article 6(1)(e) or (f), including profiling based on these provisions. Additionally, if your personal data is processed for direct marketing purposes, you have the right to object at any time to such processing, including profiling related to direct marketing.

      2. Right to Withdraw Consent: You have the authority to withdraw your consent to data processing at any time, impacting the lawfulness of processing based on consent before its withdrawal.

      3. Right to Information: You are entitled to confirm whether or not data concerning you is being processed, and where that is the case, access to the personal data and the following information:

        • The purposes of the processing.

        • The categories of personal data concerned.

        • The recipients or categories of recipient to whom the personal data have been or will be disclosed.

        • The planned period for which the personal data will be stored, or, if not possible, the criteria used to determine that period.

      4. Right to Rectification: You have the right to have incomplete or inaccurate personal data that concerns you corrected without undue delay.

      5. Right to Erasure and Restriction of Processing: You may request the erasure of personal data concerning you under certain conditions or alternatively seek the restriction of processing of your data.

      6. Right to Data Portability: You can receive the personal data concerning you which you have provided to a controller, in a structured, commonly used, and machine-readable format, and have the right to transmit those data to another controller without hindrance.

      7. Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your habitual residence, place of work, or place of the alleged GDPR infringement.

      Note on Plugins and GDPR Compliance: Each plugin integrated into our service is expected to comply with GDPR standards, aligning with the legal bases for data processing as described within our privacy policy.

      .

18 Definition of Terms

This section provides you with an overview of the terms used in this privacy policy. Many of the terms are taken from the law and are defined above all in Art. 4 GDPR. The legal definitions are binding. The following explanations, on the other hand, are primarily intended to aid understanding. The terms are listed in alphabetical order.

Personal data: “Personal data” means any information relating to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. a cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Controller: “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Processing: “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The term is broad and covers practically every handling of data, be it collection, analysis, storage, transmission or erasure.