PRIVACY POLICY
Dear visitor,
Thank you for your interest in my website. Of course, I take data protection very seriously. Therefore, I comply with my obligation to provide information according to Art. 13 GDPR and describe what happens to your data while you are on my website, or we engage in business contact.
Responsible for this website is:
Nevena Paesler
Rheindorfer Str. 138
53225 Bonn
Phone: +49 170 7410650
Email: coaching@nevenapaesler.de
Webserver
When you visit my website, the webserver processes and stores certain data from your device. I want to mention at this point that my webserver is hosted by my provider 1&1 IONOS SE („IONOS“ Elgendorfer Straße 57 56410 Montabaur Germany) and operated exclusively in Germany.
Without the following data, you cannot access the website:
-
Customer domain: This records that you are accessing my domain.
-
Client IP: IP addresses are only stored in anonymous form in the log files.
-
Timestamp: This refers to the date and time of your access.
-
Request line: Files or links that you clicked on my website (e.g. images).
-
Size of downloaded content.
-
Referrer: Shows which website you came from to my site.
-
User agent: The data is sent from your system to my webserver and includes information about the type and version of your browser and operating system.
The legal basis for this processing is Art. 6 para. 1 lit. f) GDPR. My legitimate interest is to be able to display the website on visitors‘ devices and to ensure the functionality of the website. I also need the data to optimize the website and to trace attacks on my systems.
Cookies
My website uses so-called session or flash cookies. These are small text files that are stored on the system from which you visit my website. They are needed, for example, to display the website on your system.
The legal basis for the use of technically necessary cookies is Art. 6 para. 1 lit. f) GDPR. My legitimate interest is to ensure the proper functioning of the website.
In addition, if you allow it, I also use so-called persistent cookies that are used beyond the session („session-crossing cookies“).
If you agree to the use of persistent cookies, cookies from third-party providers may be stored in your browser, which analyze your usage behavior. I use these cookies to optimize my website and make it interesting for my visitors.
The use of technically unnecessary cookies only takes place with your consent (in accordance with Art. 6 para. 1 lit. a) GDPR). You can revoke your consent at any time by changing the settings in your browser or by changing the privacy settings.
Disclosure of personal data
The data collected when accessing my website is generally not disclosed to third parties without your consent. However, as already mentioned, I use the service provider „IONOS“ to provide you with this website. It may happen that „IONOS“ becomes aware of personal data. I have carefully selected this service provider, especially with regard to data protection and data security. All webserver settings have been carefully checked and configured, and I have taken all necessary measures for data protection-compliant processing.
Contact Form
You have the option to contact me through the contact form on my website. In order to process and respond to your inquiry, I require your name and email address. I will store this data until your request has been processed and any follow-up questions have been answered, unless it is needed in connection with the establishment, execution or termination of legal transactions.
The legal basis for this processing is Art. 6 para. 1 lit. b) of the GDPR. Without this data, I cannot process your request.
Surveys
I conduct surveys on various topics on my website. My surveys are generally anonymous. All information is voluntary. You can decide for yourself which questions to answer and which to skip. The results of the surveys are statistically evaluated by me and used to optimize/expand my range of services.
Since your information is not combined with other data (e.g. your IP address) and I cannot draw any conclusions about your person, no processing of personal data takes place in this context.
I create and manage the surveys with Google Forms. For more information, please see the section „Google Forms.“
In the course of the surveys, you will be asked if you are interested in a workshop. If you confirm this, you will occasionally receive emails with information such as the selection of topics, possible dates, or participation conditions. This information only relates to the aforementioned workshop, so it is not an advertising newsletter. Nevertheless, you can unsubscribe from the workshop emails at any time using the „unsubscribe“ function at the end of these emails.
I use MailerLite to create, manage, and send workshop emails. For more information about MailerLite, please see the section „MailerLite.“
MailerLite
MailerLite is a service that can be used, among other things, to organize and analyze newsletter delivery. The provider is UAB „MailerLite“, J. Basanaviciaus 15, LT-03108 Vilnius, Lithuania (hereinafter „MailerLite“).
I use MailerLite, as described in the „Surveys“ section, for sending workshop information and for sending a classic newsletter.
The data you enter for the purpose of receiving the newsletter or workshop information will be stored on MailerLite servers.
Using MailerLite, I am able to analyze my newsletter campaigns. For example, I can statistically evaluate how many newsletters were opened and which links were clicked. This allows me to determine, among other things, which links were clicked particularly frequently.
Further, personalized newsletter tracking does not take place.
The legal basis for this processing is Art. 6 para. 1 lit. a) GDPR in conjunction with § 7 UWG.
Storage duration
The data you provide to me for the purpose of subscribing to the newsletter will be stored by me until you unsubscribe from the newsletter or the newsletter service provider and will be deleted after you unsubscribe from the newsletter distribution list or when the purpose no longer applies. I reserve the right to delete or block email addresses from my newsletter distribution list at my own discretion, in accordance with my legitimate interests under Art. 6 para. 1 lit. f GDPR. Data that has been stored by me for other purposes will not be affected.
After you have unsubscribed from the newsletter distribution list, your email address will be stored by me or the newsletter service provider, if necessary, in a blacklist to prevent future mailings. The data in the blacklist will only be used for this purpose and will not be merged with other data. This serves both your and my interest in complying with legal requirements when sending newsletters (Art. 6 para. 1 lit. c GDPR). The storage in the blacklist is not limited in time. You can request at any time that we delete your data from the blacklist or the distribution list.
IONOS WebAnalytics
This website uses the analysis services of IONOS WebAnalytics (hereinafter: IONOS). The provider is 1&1 IONOS SE, Elgendorfer Straße 57, D – 56410 Montabaur. As part of the analyses with IONOS, visitor numbers and behavior (e.g. number of page views, duration of a website visit, bounce rates), visitor sources (i.e., from which page the visitor comes), visitor locations, as well as technical data (browser and operating system versions) can be analyzed. For this purpose, IONOS stores the following data in particular:
-
Referrer (previously visited website)
-
requested website or file
-
type and version of browser
-
operating system used
-
type of device used
-
time of access
-
IP address in anonymized form (is only used to determine the location of access)
According to IONOS, the data collection is completely anonymized so that it cannot be traced back to individual persons. Cookies are not stored by IONOS WebAnalytics.
The storage and analysis of the data is based on Art. 6 para. 1 lit. f) DSGVO. I have a legitimate interest in the statistical analysis of user behavior in order to optimize both my website and my advertising. If consent has been requested, the processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a) DSGVO. You can revoke your consent at any time with effect for the future.
You can find further information on data collection and processing by IONOS WebAnalytics in IONOS’s privacy policy at the following link:
WP Statistics
This website uses the WP Statistics analysis tool to statistically evaluate visitor access. The provider is Veronalabs, ARENCO Tower, 27th Floor, Dubai Media City, Dubai, Dubai 23816, UAE (https://veronalabs.com).
With WP Statistics, I can analyze the use of my website. WP Statistics records, among other things, log files (IP address, referrer, used browsers, origin of the user, used search engine) and actions that website visitors have taken on the page (e.g. clicks and views).
The data collected with WP Statistics is stored exclusively on my web server.
The use of this analysis tool is based on Art. 6 para. 1 lit. f) DSGVO. I have a legitimate interest in the anonymized analysis of user behavior in order to optimize both my website and my advertising. If consent has been requested, the processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a) DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time, with effect for the future.
IP anonymization
I use WP Statistics with anonymized IP. Your IP address will be shortened so that it can no longer be directly assigned to you.
Google Web Fonts
To ensure that my website is always displayed the same on the different systems and browsers of my visitors, I use Google Web Fonts. The Google Fonts are installed locally. There is no connection to servers of Google.
Email and Phone inquiries
If you contact me by email or phone, your inquiry, including any resulting personal data (name, inquiry), will be stored and processed by me for the purpose of processing your request. I will not disclose this data without your consent.
The processing of this data is based on Art. 6 para. 1 lit. b) GDPR, provided that your inquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on my legitimate interest in the effective handling of the requests directed to me (Art. 6 para. 1 lit. f) GDPR) or on your consent (Art. 6 para. 1 lit. a) GDPR), provided that it has been requested; the consent can be revoked at any time with effect for the future.
The data you send to me via contact requests will remain with me until you request me to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after completion of processing your request). Mandatory legal provisions – in particular statutory retention periods – remain unaffected.
Google Forms
I have integrated Google Forms on this website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as Google).
Google Forms allows me to create online forms to capture messages, inquiries, and other inputs from my website visitors in a structured way. All inputs you make are processed on Google’s servers. Google Forms stores a cookie in your browser that contains a unique ID (NID cookie). This cookie stores various information such as your language settings.
The use of Google Forms is based on my legitimate interest in identifying your request in the most user-friendly way possible (Art. 6 para. 1 lit. f) GDPR). If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a) GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g. device fingerprinting) in accordance with the TTDSG. The consent can be revoked at any time.
The data you enter in the form will remain with me until you request me to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after completion of processing your request). Mandatory legal provisions – in particular retention periods – remain unaffected.
For more information, please refer to Google’s privacy policy at https://policies.google.com/.
Google Calendar
For my appointment scheduling, I use the calendar tool „Google Calendar“ from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter Google). If I invite you to an appointment via the calendar or you book an appointment with me via the calendar tool, the data provided during the appointment scheduling will be transmitted to Google. This usually includes your email address and the data that I provide in the appointment (name, type of appointment), or additional data that you provide.
The legal basis for this processing is Art. 6 para. 1 lit. b) GDPR. Without the provision of the above-mentioned information, scheduling an appointment via my calendar or the calendar tool is not possible.
Zoom
I use Zoom to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter referred to as „Online Meetings“). Zoom is a service provided by Zoom Video Communications, Inc. which is based in the USA.
When using Zoom, various types of data are processed. The extent of the data processing also depends on the information you provide before or during participation in an „Online Meeting“.
The following personal data may be subject to processing:
User information
First name, last name, phone number (optional), email address, password (if „single sign-on“ is not used), profile picture (optional), department (optional)
Meeting metadata
Topic, description (optional), participant IP addresses, device/hardware information
In recordings (optional)
MP4 file of all video, audio, and presentation recordings, M4A file of all audio recordings, text file of the online meeting chat.
When dialing in by phone
Information on incoming and outgoing phone numbers, country name, start and end time. Additional connection data such as the device’s IP address may be stored if necessary.
Text, audio, and video data
You may have the option to use the chat, question, or survey function in an „online meeting“. In this case, the text input you provide will be processed to display and possibly log it in the „online meeting“. To enable video display and audio playback, the data from your device’s microphone and any video camera will be processed during the meeting. You can turn off or mute the camera or microphone at any time using the Zoom applications.
To participate in an „online meeting“ or enter the „meeting room“, you must provide at least your name.
If I want to record „online meetings“, I will inform you transparently in advance and, if necessary, ask for your consent. The fact of the recording will also be displayed in the Zoom app.
If it is necessary for the purpose of logging the results of an online meeting, I will log the chat content. However, this will not usually be the case.
In the case of webinars, it may also be necessary for me to process questions asked by webinar participants for the purpose of recording and follow-up of webinars.
If you are registered as a user with Zoom, reports on „online meetings“ (meeting metadata, phone dial-in data, questions and answers in webinars, survey function in webinars) can be stored with Zoom for up to one month.
Personal data processed in connection with participation in „online meetings“ will generally not be disclosed to third parties unless they are intended for disclosure. Please note that content from „online meetings,“ like in-person meetings, is often intended to communicate information with customers, prospects, or third parties and is therefore intended for disclosure.
Other recipients
The provider of Zoom necessarily becomes aware of the above data, to the extent that this is provided for in my data processing agreement with Zoom.
Zoom is a service provided by a US-based provider. Processing of personal data therefore also takes place in a third country. We have concluded a data processing agreement with the provider of Zoom that complies with the requirements of Art. 28 GDPR.
An adequate level of data protection is ensured, among other things, by the conclusion of the so-called EU standard contractual clauses. As additional protective measures, I have also configured my Zoom settings so that only data centers in the EU, the EEA, or secure third countries such as Canada or Japan are used for conducting „online meetings“.
Legal basis for data processing
If personal data of the persons employed by me are processed, § 26 BDSG is the legal basis for data processing. If personal data are not necessary for the establishment, performance, or termination of the employment relationship but are nevertheless an essential part of using Zoom, Art. 6 para. 1 lit. f) GDPR is the legal basis for data processing. In these cases, my legitimate interest lies in the effective conduct of „online meetings“.
In addition, the legal basis for data processing in the context of conducting „online meetings“ is Art. 6 (1) (b) GDPR, insofar as the meetings are conducted within the scope of contractual relationships.
If there is no contractual relationship, the legal basis is Art. 6 (1) (f) GDPR. Again, my interest is in the effective conduct of „online meetings“.
TuCalendi
To provide my visitors with the possibility to quickly and easily book appointments with me, I use „TuCalendi“ by „APPLOAD SOLUTIONS S.L.“. TuCalendi is a cloud application that offers meeting scheduling as a service. By integrating with my calendar tool, visitors can simply choose an available time slot and book it. To confirm the booking and reserve it for the user, the user’s name and email address are transmitted to APPLOAD SOLUTIONS S.L. and forwarded from there to my calendar. More information on data protection at „TuCalendi“ can be found here: https://www.tucalendi.com/en/privacy
The legal basis for this processing is Art. 6 (1) lit. f) GDPR. My legitimate interest is to simplify the scheduling and organization of appointments for myself and my visitors. Alternatively, appointments can also be requested by contact form or email.
Eventbrite
From time to time I offer events on various topics. Registration (and billing for paid events) takes place through the provider Eventbrite.
Eventbrite Inc. is a Delaware corporation with its principal place of business at 155 5th Street, Floor 7, San Francisco, CA 94103, Reg. No. 4742147, USA („Eventbrite“). For users located in the European Economic Area („EEA“) or Switzerland, Eventbrite Inc. acts as a data controller with respect to personal data collected through the Services. Eventbrite’s agent for the purposes of European data protection legislation is Eventbrite NL BV, located at Silodam 402, 1013AW, Amsterdam, The Netherlands.
Please note that it cannot be ruled out that the data you enter when purchasing tickets via Eventbrite will be transmitted to Eventbrite Inc. in the USA.
You can find Eventbrite’s privacy policy here: https://www.eventbrite.de/help/de/topics/bedingungen-und-richtlinien/
Images
During our events, we may take photographs or video recordings for public relations and marketing purposes and publish them on our website or social media.
We will not photograph event visitors directly (single shot) without being asked. However, it cannot be ruled out that individual persons may be recognisable as „bystanders“.
We have a legitimate interest within the meaning of Art. 6 para. 1 lit. f) DSGVO in publishing such image material. We would like to convey impressions of our events and attract potential visitors for the purpose of advertising.
Data protection officer
I am not legally obliged to appoint a data protection officer and therefore will not do so. However, I attach great importance to processing your data in compliance with data protection regulations and with the greatest care. For this purpose, I have engaged an external consultant.
Rights of data subjects
As a data subject, you have several rights under data protection law, which I would like to list here:
Right to information
You have the right to request information about your data processed by me. If an information request is not made in writing, I may ask for evidence that you are the person you claim to be. After all, I do not want to disclose your data to unauthorized persons.
Right to rectification
Of course, you can also contact me at any time if I have stored incorrect or outdated data about you. I will then correct it.
Right to erasure
If you no longer wish me to store or process your data in the future, you can request the deletion of your data if this is legally permissible. If I still need your data for legal reasons (e.g. legal proof obligations) or for a legitimate interest (e.g. to defend against legal claims), your data will be restricted in processing.
Right to object
You have the right to object to me processing your data based on a legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR. Here, I reserve the right to carefully examine and evaluate the special personal situation you have described.
Right to data portability
If legally permissible, you have the right to receive the data that I process about you in a generally machine-readable format in order to transfer it to a comparable service provider. I will only carry out a direct transfer to another service provider if it is technically possible for me and the associated effort is proportionate.
Right of revocation
If I process data about you based on your consent pursuant to Art. 6 para. 1 lit. a) GDPR, you have the right to revoke this consent at any time, with effect for the future. The legality of the processing carried out up to the revocation based on the consent shall remain unaffected.
Right to lodge a complaint
If you are not satisfied with the processing of your data by me, you can contact me at any time. In addition, you also have the right to lodge a complaint with a supervisory authority for data protection.
The websites of the respective German supervisory authorities for data protection can be found here: https://www.datenschutzkonferenz-online.de/datenschutzaufsichtsbehoerden.html
You can contact me at any time with questions or concerns about data protection or your rights as a data subject at: coaching@nevenapaesler.de. I will respond as quickly as possible, but no later than within 14 days.
Changes to Data Privacy Policy
As I update this data privacy policy on appropriate occasions, you can always find the current version here.
Date: November 1st, 2023.