Privacy Policy

I, Inna Gendelman, am responsible for this website and for the integrated analytics and video services. The protection of your personal data is very important to me. I treat your data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

Below I inform you about how I process your personal data when you visit my website or contact me by email.

1. Controller

The controller responsible for the data processing on this website is:
Inna Gendelman
Address: Rückerstr. 7, 10119 Berlin, Germany
Email: call@gendelman.de

2. What data do I process and how?

2.1 Provision of the website and creation of log files

Each time our website is accessed, our system automatically collects data and information from the computer of the accessing device. The following data is temporarily stored:

• Information about the browser type and version used
• Operating system and internet service provider
• IP address
• Date and time of access
• Referrer URL and pages visited on our website

The processing of this connection data is necessary in order to technically enable access to our website, to ensure the lasting functionality and security of our systems and to administer the website. For this purpose, the connection data is stored on a time-limited basis and reduced in content to the necessary minimum and kept in internal log files. This serves in particular to trace the cause of repeated or abusive access that could impair the stability or security of our website and to initiate appropriate countermeasures.

The legal basis is Art. 6 (1) lit. b GDPR, insofar as the access to the site occurs in the course of initiating or performing a contract, and otherwise Art. 6 (1) lit. f GDPR based on our legitimate interest in enabling access to the website as well as the lasting functionality and security of our systems. The automatic transmission of connection data and the log files derived from it do not, however, constitute access to information on the end device within the meaning of the national implementing laws of the EU ePrivacy Directive, in Germany § 25 TDDDG. In any event, such access would also be strictly necessary. Art. 6 (1) lit. f GDPR (legitimate interest in ensuring the secure operation of the website). The data is stored in log files for up to 7 days and then deleted, unless further statutory retention periods apply.

2.2 Contact

If you write me an email or contact me via a contact form, I process the data you provide (e.g. name, email address, message) to respond to your enquiry.

To schedule an appointment, I use the software "Calendly" of Calendly, LLC, 3423 Piedmont Road NE, Atlanta, GA 30305-1754. Further information on data processing by Calendly can be found in the provider's privacy notice: https://calendly.com/legal/privacy-notice.

When you book an appointment for a call with me, you will automatically be sent an invitation to a virtual meeting. For this I use the services of Zoom Communications, Inc. ("Zoom"). Further information on data processing by Zoom can be found in the provider's privacy notice: https://www.zoom.com/en/trust/privacy/privacy-statement/.

The legal basis for the described data processing is Article 6 (1) sentence 1 lit. b) and f) GDPR (pre-contractual measure, performance of contract or balancing of interests, based on the interest in responding to enquiries from customers and other persons).

2.3 Website tracking

When you visit my website, technically necessary cookies are set. You can additionally consent to the use of statistical cookies via the cookie banner.

• Necessary cookies: These are required for the operation of the website and cannot be deactivated.
• Statistical cookies: These help me to better understand how the website is used. I use Lovable Analytics, which is integrated into the website builder I use. The data collected is anonymised and does not allow conclusions to be drawn about individual persons.

The legal basis for the described data processing is Art. 6 (1) lit. f GDPR insofar as necessary cookies are concerned, justified by the interest in operating the website properly, and otherwise Art. 6 (1) lit. a GDPR – your consent.

2.4 Embedding of YouTube videos

I have embedded videos on my website that are hosted on the YouTube platform (a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). When a page containing such a video is accessed, a connection is established to YouTube's servers – possibly in the USA.

The storage of information on your device takes place on the basis of § 25 (1) TDDDG.

When the video is played, data such as your IP address and usage data may be transmitted to YouTube. If you are logged in to your Google account, YouTube can associate this information with your profile.

Further information: https://policies.google.com/privacy?hl=en

2.5 Payment processing via Stripe

For the booking and payment of certain online courses, I use the payment service provider Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland ("Stripe").

If you want to purchase a paid online course and click on the corresponding purchase or booking button, you will be redirected to Stripe's payment page. The payment is then processed directly via Stripe. As part of this process, Stripe processes the personal data required for payment processing, in particular master data, contact data, payment data and transaction data.

I only receive from Stripe the information necessary to confirm and carry out the booking (e.g. payment status, transaction ID). Full payment data such as credit card numbers or bank details are not transmitted to me and are not stored by me.

The processing takes place for the performance of the contract in accordance with Art. 6 (1) lit. b GDPR. In addition, Stripe may process data on the basis of its own data protection responsibilities. Further information on data processing by Stripe can be found in Stripe's privacy policy at: https://stripe.com/privacy.

2.6 Email address for access to the online course on YouTube

My online course is provided via non-publicly accessible YouTube videos. In order to grant you, as a buyer, access to the content, I use the email address you provided at the time of purchase to authorise access via YouTube. This email address is transmitted to Google (YouTube).

Legal basis: Art. 6 (1) lit. b GDPR (performance of contract) and, where applicable, Art. 6 (1) lit. a GDPR (consent).

If you do not want your email address to be transmitted to YouTube, please contact me before purchasing. In that case we will find an alternative way to provide the content to you (e.g. via a cloud link or direct download).

2.7 Social Media

I maintain online presences on the social networks Instagram, operated by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland, as well as a LinkedIn company page (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland). On these pages I publish content and engage with users.

When you use these pages, Meta processes personal data of visitors (e.g. through cookies and similar technologies) also for its own purposes. We have no influence on this data processing; the privacy notices of Facebook (https://www.facebook.com/privacy/policy) and Instagram (https://www.facebook.com/privacy/policy) apply.

I receive so-called Page Insights from Meta, i.e. statistical, anonymised evaluations of user behaviour (e.g. demographic information, interests, interactions). These help me to optimise my content and offerings. For this processing, Meta and I are jointly responsible pursuant to Art. 26 GDPR. You can find the corresponding agreement here: https://www.facebook.com/legal/terms/page_controller_addendum.

If you contact me directly on one of these pages or share content with me, I process your data as an independent controller in order to handle your enquiry (Art. 6 (1) lit. b, f GDPR).

Further information on the respective data processing as well as your rights can be found in the providers' privacy policies:

• Instagram: Privacy information, Page Insights agreement
• LinkedIn (company page): Privacy information, Page Insights Joint Controller Addendum

3. Is data processed outside the EU?

I use services that may involve data processing in third countries such as the USA (e.g. YouTube, Lovable Analytics).

In such cases, your data is transferred either on the basis of an adequacy decision of the EU Commission (e.g. under the EU-US Data Privacy Framework) or using the Standard Contractual Clauses provided by the EU Commission. I always ensure an adequate level of data protection with my service providers.

4. How long is your data stored?

I only store your personal data for as long as is necessary for the respective purpose. For example:

• Email enquiries are deleted after the communication has been completed.
• Cookies are stored in accordance with your consent or deleted upon withdrawal.
• Email addresses for course access are stored for as long as access to the course content is required.

5. What rights do you have?

Under the GDPR you have the following rights:

• Information: You can request information about the data stored about you.
• Rectification: You can request the rectification of inaccurate or incomplete data.
• Erasure: You can request the erasure of your data, unless statutory retention obligations apply.
• Restriction: You have the right to restrict processing under certain conditions.
• Objection: You can object to the data processing on grounds relating to your particular situation.
• Data portability: You can request your data in a structured, commonly used format.
• Complaint: You have the right to lodge a complaint with a data protection supervisory authority.

Contact for data protection enquiries: call@gendelman.de