Privacy Policy
Contact address
BAA International GmbH
Akazienstrasse 3a
10823 Berlin
Germany
contact@baa.international
Commercial register entry
Registered company name: BAA International GmbH
Number: HRB 244564 B (as of 01.08.2022)
Register court: Amtsgericht Charlottenburg
VAT number
DE355158884
1. An overview of data protection
General information
The following information will provide you with an easy-to-navigate overview of what will happen with your personal data when you visit this website. The term “personal data” comprises all data that can be used to personally identify you.
Data recording on this website
Who is the responsible party for the recording of data on this website (i.e., the “controller”)?
The data on this website is processed by the operator of the website, whose contact information is available under the section “Information about the responsible party (referred to as the “controller” in the GDPR)” in this Privacy Policy.
How do we record your data?
We collect your data as a result of your sharing of your data with us. This may, for instance, be information you enter into our contact forms.
Other data shall be recorded by our IT systems automatically or after you consent to its recording during your website visit. This data comprises primarily technical information (e.g., web browser, operating system, or time the site was accessed).
What are the purposes we use your data for?
A portion of the information is generated to guarantee the error-free provision of the website. Other data may be used to analyse your user patterns.
What rights do you have as far as your information is concerned?
You have the right to receive information about the source, recipients, and purposes of your archived personal data at any time without having to pay a fee for such disclosures. You also have the right to demand that your data be rectified or eradicated. If you have consented to data processing, you have the option to revoke this consent at any time, which shall affect all future data processing.
Moreover, you have the right to demand that the processing of your data be restricted under certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervising authority.
Please do not hesitate to contact us at any time if you have questions about this or any other data protection-related issues.
Analysis tools and tools provided by third parties
There is a possibility that your browsing patterns will be statistically analysed when you visit this website. Such analyses are performed primarily with what we refer to as analysis programs. For detailed information about these analysis programs, please consult the sections below.
2. Hosting
We are hosting the content of our website at the following provider:
Tilda (https://tilda.cc)
For details, please view the data privacy policy of Tilda: https://tilda.cc/privacy.
We use Tilda based on Art. 6(1)(f) GDPR. We have a legitimate interest in the most reliable depiction of our website possible. If appropriate consent has been obtained, the processing is carried out exclusively based on Art. 6(1)(a) GDPR and § 25 (1) TTDSG (German Telecommunications and Telemedia Data Protection Act), insofar as the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting). This consent can be revoked at any time.
3. General information and mandatory information
Data protection
The operators of this website and its pages take the protection of your personal data very seriously. Hence, we handle your personal data as confidential information and in compliance with the statutory data protection regulations and this Privacy Policy.
We advise you that the transmission of data via the Internet (i.e., through e-mail communications) may be prone to security gaps. It is not possible to completely protect data against third-party access.
Information about the responsible party (controller)
The data processing controller on this website is:
BAA International GmbH
Akazienstrasse 3a
10823 Berlin / Germany
Phone: +49 152 24313918
E-mail: contact@baa.international
The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g., names, e-mail addresses, etc.).
Storage duration
Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for which it was collected no longer applies.
If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, the deletion will take place after these reasons cease to apply.
General information on the legal basis for data processing
If you have consented to data processing, we process your personal data based on Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR (if special categories of data are processed). In the case of explicit consent to the transfer of personal data to third countries, the data processing is also based on Art. 49(1)(a) GDPR.
If your data is required for the fulfilment of a contract or for the implementation of pre-contractual measures, we process your data based on Art. 6(1)(b) GDPR.
If your data is required for the fulfilment of a legal obligation, we process it based on Art. 6(1)(c) GDPR.
Furthermore, data processing may be carried out based on our legitimate interest according to Art. 6(1)(f) GDPR. Information on the relevant legal basis in each individual case is provided in the following paragraphs of this privacy policy.
Designation of a data protection officer
We have appointed a data protection officer.
BAA International GmbH
Datenschutzkoordinator
Akazienstrasse 3a
10823 Berlin / Germany
Phone: +49 152 24313918
E-mail: contact@baa.international
Information on data transfer to the USA and other non-EU countries
Among other things, we use tools of companies domiciled in the United States or other from a data protection perspective non-secure non-EU countries. If these tools are active, your personal data may potentially be transferred to these non-EU countries and may be processed there. A data protection level comparable to that in the EU cannot be guaranteed in all cases. Data transfers, where applicable, are safeguarded using appropriate mechanisms (e.g., Standard Contractual Clauses).
4. Recording of data on this website
Cookies
Our websites and pages use what the industry refers to as “cookies.” Cookies are small data packages that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or are permanently archived on your device (permanent cookies).
Cookies can be issued by us (first-party cookies) or by third-party companies (third-party cookies). Third-party cookies enable the integration of certain services of third-party companies into websites (e.g., cookies for handling payment services).
Cookies are technically essential in many cases since certain website functions would not work in the absence of these cookies. Other cookies may be used to analyse user behaviour or for promotional purposes.
Cookies required for the performance of electronic communication transactions, for the provision of certain functions you want to use or those necessary for the optimisation of the website, shall be stored based on Art. 6(1)(f) GDPR unless a different legal basis is cited. Where consent is required, processing occurs exclusively based on Art. 6(1)(a) GDPR and § 25(1) TTDSG; this consent may be revoked at any time. You can change your cookie preferences at any time via the Cookie settings button displayed on our website.
Consent management
Our website uses consent technology provided by Cookiebot (by Usercentrics) to obtain, manage, and document your consent to the storage of cookies on your end device and to the use of certain technologies in a data protection-compliant manner. Cookies that are not technically necessary are set only with your consent. You can change or withdraw your consent at any time via the Cookie settings button displayed on our website. The use of consent management technology is based on Art. 6(1)(c) GDPR (legal obligation to document consent where required) and, where applicable, Art. 6(1)(f) GDPR (legitimate interest in the effective administration and documentation of consent).
Contact form
If you submit inquiries to us via our contact form, the information provided in the contact form, as well as any contact information provided therein, will be stored by us in order to handle your inquiry and in the event that we have further questions. We will not share this information without your consent.
The processing of these data is based on Art. 6(1)(b) GDPR if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of requests (Art. 6(1)(f) GDPR) or on your agreement (Art. 6(1)(a) GDPR) if this has been requested; consent can be revoked at any time.
The information you have entered shall remain with us until you ask us to delete it, revoke your consent to storage or if the purpose no longer applies, subject to mandatory legal retention periods.
Request by e-mail or telephone
If you contact us by e-mail or telephone, your request, including all resulting personal data (name, request), will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.
These data are processed on the basis of Art. 6(1)(b) GDPR if your inquiry is related to the fulfilment of a contract or is required for the performance of pre-contractual measures. In all other cases, the data are processed based on our legitimate interest in the effective handling of inquiries (Art. 6(1)(f) GDPR) or based on your consent (Art. 6(1)(a) GDPR) if it has been obtained; consent can be revoked at any time.
Mandatory statutory provisions, in particular statutory retention periods, remain unaffected.
Additional tools used for bookings, webinars, communication and automation
Calendly (appointment scheduling)
We use Calendly to allow visitors to book introductory calls or consultations. When you use the Calendly booking form, Calendly processes the information you enter (e.g., name, email address, company, selected time slot and any notes you provide) and may process technical data necessary to provide the scheduling service.
Purpose: appointment scheduling and communication before/after the meeting.
Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) and/or Art. 6(1)(f) GDPR (legitimate interest in efficient scheduling).
Zoom (webinars and online meetings)
We use Zoom to host online webinars and meetings. When you register for or join a Zoom session, Zoom processes your registration data (e.g., name, email, and any information you provide during registration), as well as technical and usage data (e.g., IP address, device/browser information, session duration). Depending on the session settings, audio/video and chat messages may also be processed.
Purpose: delivery of webinars/meetings, access management, and session administration.
Legal basis: Art. 6(1)(b) GDPR (performance of a contract) and/or Art. 6(1)(f) GDPR (legitimate interest in delivering online events).
Recording: if a session is recorded, this will be clearly disclosed prior to the start of the session.
Brevo (email communication and contact management)
We use Brevo (formerly Sendinblue) to manage contacts and send email communications (e.g., webinar confirmations, reminders, follow-up emails, and—only if you have opted in—marketing updates). Brevo processes contact data such as name, email address, company, and interaction metadata (e.g., opens/clicks) depending on the communication type.
Legal basis: transactional communications: Art. 6(1)(b) GDPR; marketing communications: Art. 6(1)(a) GDPR (consent; you can unsubscribe at any time).
Zapier (automation and integrations)
We may use Zapier to automate workflows between our tools (e.g., transferring webinar registrations or purchase confirmations to our contact management system). For this purpose, relevant contact data (e.g., name, email, purchase/registration status) may be transmitted through Zapier.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in efficient administration) and/or Art. 6(1)(b) GDPR where automation is required to deliver a purchased service.
We configure integrations to transmit only the minimum data required for the respective workflow.
5. Social media links
Our website contains links to our social media profiles (e.g., LinkedIn, Instagram, Substack). These are simple hyperlinks. If you click on a link, you will be redirected to the respective platform. The platform provider may process personal data under its own responsibility and in accordance with its own privacy policy (e.g., IP address, device and browser information, and—if you are logged in—your account data). We do not control and are not responsible for data processing carried out by these platforms.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in maintaining our public presence and providing communication channels).
6. Analysis tools and advertising
Google Tag Manager
We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Tag Manager itself does not create user profiles, does not store cookies and does not carry out independent analyses; it only manages and runs the tools integrated via it. However, it does collect your IP address, which may also be transferred to Google’s parent company in the United States.
Legal basis: Art. 6(1)(f) GDPR, or Art. 6(1)(a) GDPR and § 25(1) TTDSG where consent is required.
Google Analytics
This website uses the functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics enables us to analyse the behaviour patterns of website visitors. Google Analytics uses technologies that allow recognition of the user for the purpose of analysing user behaviour patterns (e.g., cookies or device fingerprinting). Website use information recorded by Google is, as a rule, transferred to a Google server in the United States.
Legal basis: your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG; you may revoke your consent at any time.
Google Ads / Google AdSense
We use Google Ads and may use Google AdSense. These services enable us to display ads and measure performance. The use of these services occurs based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG; you may revoke your consent at any time.
LinkedIn Insight Tag
This website uses the Insight Tag from LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland). The Insight Tag allows us to obtain information about visitors to our website and to measure conversions and retargeting.
Legal basis: consent pursuant to Art. 6(1)(a) GDPR and § 25 TTDSG, or legitimate interest pursuant to Art. 6(1)(f) GDPR where applicable; consent can be revoked at any time.
7. Newsletter
Newsletter data
If you would like to subscribe to the newsletter offered on this website, we will need your e-mail address and information that allows us to verify that you are the owner of the e-mail address provided and that you consent to the receipt of the newsletter. We shall use such data only for sending the requested information and shall not share such data with any third parties.
The processing of the information entered into the newsletter subscription form shall occur exclusively based on your consent (Art. 6(1)(a) GDPR). You may revoke your consent at any time by clicking the “Unsubscribe” link in the newsletter. Data deposited for the purpose of subscribing will be stored until you unsubscribe and deleted afterwards, subject to statutory retention periods.
8. Plug-ins and tools
YouTube (expanded data protection mode)
Our website may embed videos of YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). We use YouTube in the expanded data protection mode. When you start to play a YouTube video, a connection to YouTube’s servers will be established; YouTube may place cookies or similar technologies.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in presenting content) or Art. 6(1)(a) GDPR and § 25(1) TTDSG where consent is required; consent can be revoked at any time.
Google Maps
This website uses Google Maps (Google Ireland Limited). To enable the use of Google Maps features, your IP address must be stored and is generally transferred to Google servers in the United States.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest) or Art. 6(1)(a) GDPR and § 25(1) TTDSG where consent is required.
9. eCommerce and payment service providers
Processing of customer and contract data
We collect, process, and use personal customer and contract data for the establishment, content arrangement and modification of our contractual relationships. Data with personal references to the use of this website (usage data) will be collected, processed, and used only if this is necessary to enable the user to use our services or required for billing purposes. The legal basis for these processes is Art. 6(1)(b) GDPR. The collected customer data shall be deleted upon completion of the order or termination of the business relationship and upon expiration of any existing statutory archiving periods.
Stripe (payment processing)
For paid services (e.g., webinar tickets), we use Stripe as a payment service provider. Stripe processes payment data (e.g., transaction amount, payment method, billing details) and may process identifiers required for fraud prevention and payment security. We do not receive your full payment card details; these are processed directly by Stripe.
Purpose: payment processing, fraud prevention, accounting, and fulfilment of the purchased service.
Legal basis: Art. 6(1)(b) GDPR (contract), Art. 6(1)(c) GDPR (legal obligations, e.g., accounting/tax), and Art. 6(1)(f) GDPR (fraud prevention).
10. Custom services
Handling applicant data
We offer website visitors the opportunity to submit job applications to us (e.g., via e-mail, via postal services, or by submitting an online job application form). We process personal data submitted in conjunction with an application if required to make a decision concerning the establishment of an employment relationship.
Legal basis: § 26 BDSG (German law), Art. 6(1)(b) GDPR (contract negotiations) and—where applicable—Art. 6(1)(a) GDPR (consent).
Data archiving period
If we are unable to make you a job offer, or you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted based on our legitimate interests (Art. 6(1)(f) GDPR) for up to 6 months from the end of the application procedure. Afterwards, the data will be deleted, and the physical application documents will be destroyed. Longer storage may apply if required for legal disputes or if statutory retention requirements preclude deletion.
Admission to the applicant pool
If we do not make you a job offer, you may be able to join our applicant pool. Admission is based exclusively on your express agreement (Art. 6(1)(a) GDPR). You may revoke your agreement at any time; in that case, data will be deleted unless legal reasons for storage apply. Data from the applicant pool will be deleted no later than two years after consent has been granted.
BAA International GmbH
Akazienstrasse 3a
10823 Berlin
Germany
contact@baa.international
Commercial register entry
Registered company name: BAA International GmbH
Number: HRB 244564 B (as of 01.08.2022)
Register court: Amtsgericht Charlottenburg
VAT number
DE355158884
1. An overview of data protection
General information
The following information will provide you with an easy-to-navigate overview of what will happen with your personal data when you visit this website. The term “personal data” comprises all data that can be used to personally identify you.
Data recording on this website
Who is the responsible party for the recording of data on this website (i.e., the “controller”)?
The data on this website is processed by the operator of the website, whose contact information is available under the section “Information about the responsible party (referred to as the “controller” in the GDPR)” in this Privacy Policy.
How do we record your data?
We collect your data as a result of your sharing of your data with us. This may, for instance, be information you enter into our contact forms.
Other data shall be recorded by our IT systems automatically or after you consent to its recording during your website visit. This data comprises primarily technical information (e.g., web browser, operating system, or time the site was accessed).
What are the purposes we use your data for?
A portion of the information is generated to guarantee the error-free provision of the website. Other data may be used to analyse your user patterns.
What rights do you have as far as your information is concerned?
You have the right to receive information about the source, recipients, and purposes of your archived personal data at any time without having to pay a fee for such disclosures. You also have the right to demand that your data be rectified or eradicated. If you have consented to data processing, you have the option to revoke this consent at any time, which shall affect all future data processing.
Moreover, you have the right to demand that the processing of your data be restricted under certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervising authority.
Please do not hesitate to contact us at any time if you have questions about this or any other data protection-related issues.
Analysis tools and tools provided by third parties
There is a possibility that your browsing patterns will be statistically analysed when you visit this website. Such analyses are performed primarily with what we refer to as analysis programs. For detailed information about these analysis programs, please consult the sections below.
2. Hosting
We are hosting the content of our website at the following provider:
Tilda (https://tilda.cc)
For details, please view the data privacy policy of Tilda: https://tilda.cc/privacy.
We use Tilda based on Art. 6(1)(f) GDPR. We have a legitimate interest in the most reliable depiction of our website possible. If appropriate consent has been obtained, the processing is carried out exclusively based on Art. 6(1)(a) GDPR and § 25 (1) TTDSG (German Telecommunications and Telemedia Data Protection Act), insofar as the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting). This consent can be revoked at any time.
3. General information and mandatory information
Data protection
The operators of this website and its pages take the protection of your personal data very seriously. Hence, we handle your personal data as confidential information and in compliance with the statutory data protection regulations and this Privacy Policy.
We advise you that the transmission of data via the Internet (i.e., through e-mail communications) may be prone to security gaps. It is not possible to completely protect data against third-party access.
Information about the responsible party (controller)
The data processing controller on this website is:
BAA International GmbH
Akazienstrasse 3a
10823 Berlin / Germany
Phone: +49 152 24313918
E-mail: contact@baa.international
The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g., names, e-mail addresses, etc.).
Storage duration
Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for which it was collected no longer applies.
If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, the deletion will take place after these reasons cease to apply.
General information on the legal basis for data processing
If you have consented to data processing, we process your personal data based on Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR (if special categories of data are processed). In the case of explicit consent to the transfer of personal data to third countries, the data processing is also based on Art. 49(1)(a) GDPR.
If your data is required for the fulfilment of a contract or for the implementation of pre-contractual measures, we process your data based on Art. 6(1)(b) GDPR.
If your data is required for the fulfilment of a legal obligation, we process it based on Art. 6(1)(c) GDPR.
Furthermore, data processing may be carried out based on our legitimate interest according to Art. 6(1)(f) GDPR. Information on the relevant legal basis in each individual case is provided in the following paragraphs of this privacy policy.
Designation of a data protection officer
We have appointed a data protection officer.
BAA International GmbH
Datenschutzkoordinator
Akazienstrasse 3a
10823 Berlin / Germany
Phone: +49 152 24313918
E-mail: contact@baa.international
Information on data transfer to the USA and other non-EU countries
Among other things, we use tools of companies domiciled in the United States or other from a data protection perspective non-secure non-EU countries. If these tools are active, your personal data may potentially be transferred to these non-EU countries and may be processed there. A data protection level comparable to that in the EU cannot be guaranteed in all cases. Data transfers, where applicable, are safeguarded using appropriate mechanisms (e.g., Standard Contractual Clauses).
4. Recording of data on this website
Cookies
Our websites and pages use what the industry refers to as “cookies.” Cookies are small data packages that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or are permanently archived on your device (permanent cookies).
Cookies can be issued by us (first-party cookies) or by third-party companies (third-party cookies). Third-party cookies enable the integration of certain services of third-party companies into websites (e.g., cookies for handling payment services).
Cookies are technically essential in many cases since certain website functions would not work in the absence of these cookies. Other cookies may be used to analyse user behaviour or for promotional purposes.
Cookies required for the performance of electronic communication transactions, for the provision of certain functions you want to use or those necessary for the optimisation of the website, shall be stored based on Art. 6(1)(f) GDPR unless a different legal basis is cited. Where consent is required, processing occurs exclusively based on Art. 6(1)(a) GDPR and § 25(1) TTDSG; this consent may be revoked at any time. You can change your cookie preferences at any time via the Cookie settings button displayed on our website.
Consent management
Our website uses consent technology provided by Cookiebot (by Usercentrics) to obtain, manage, and document your consent to the storage of cookies on your end device and to the use of certain technologies in a data protection-compliant manner. Cookies that are not technically necessary are set only with your consent. You can change or withdraw your consent at any time via the Cookie settings button displayed on our website. The use of consent management technology is based on Art. 6(1)(c) GDPR (legal obligation to document consent where required) and, where applicable, Art. 6(1)(f) GDPR (legitimate interest in the effective administration and documentation of consent).
Contact form
If you submit inquiries to us via our contact form, the information provided in the contact form, as well as any contact information provided therein, will be stored by us in order to handle your inquiry and in the event that we have further questions. We will not share this information without your consent.
The processing of these data is based on Art. 6(1)(b) GDPR if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of requests (Art. 6(1)(f) GDPR) or on your agreement (Art. 6(1)(a) GDPR) if this has been requested; consent can be revoked at any time.
The information you have entered shall remain with us until you ask us to delete it, revoke your consent to storage or if the purpose no longer applies, subject to mandatory legal retention periods.
Request by e-mail or telephone
If you contact us by e-mail or telephone, your request, including all resulting personal data (name, request), will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.
These data are processed on the basis of Art. 6(1)(b) GDPR if your inquiry is related to the fulfilment of a contract or is required for the performance of pre-contractual measures. In all other cases, the data are processed based on our legitimate interest in the effective handling of inquiries (Art. 6(1)(f) GDPR) or based on your consent (Art. 6(1)(a) GDPR) if it has been obtained; consent can be revoked at any time.
Mandatory statutory provisions, in particular statutory retention periods, remain unaffected.
Additional tools used for bookings, webinars, communication and automation
Calendly (appointment scheduling)
We use Calendly to allow visitors to book introductory calls or consultations. When you use the Calendly booking form, Calendly processes the information you enter (e.g., name, email address, company, selected time slot and any notes you provide) and may process technical data necessary to provide the scheduling service.
Purpose: appointment scheduling and communication before/after the meeting.
Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) and/or Art. 6(1)(f) GDPR (legitimate interest in efficient scheduling).
Zoom (webinars and online meetings)
We use Zoom to host online webinars and meetings. When you register for or join a Zoom session, Zoom processes your registration data (e.g., name, email, and any information you provide during registration), as well as technical and usage data (e.g., IP address, device/browser information, session duration). Depending on the session settings, audio/video and chat messages may also be processed.
Purpose: delivery of webinars/meetings, access management, and session administration.
Legal basis: Art. 6(1)(b) GDPR (performance of a contract) and/or Art. 6(1)(f) GDPR (legitimate interest in delivering online events).
Recording: if a session is recorded, this will be clearly disclosed prior to the start of the session.
Brevo (email communication and contact management)
We use Brevo (formerly Sendinblue) to manage contacts and send email communications (e.g., webinar confirmations, reminders, follow-up emails, and—only if you have opted in—marketing updates). Brevo processes contact data such as name, email address, company, and interaction metadata (e.g., opens/clicks) depending on the communication type.
Legal basis: transactional communications: Art. 6(1)(b) GDPR; marketing communications: Art. 6(1)(a) GDPR (consent; you can unsubscribe at any time).
Zapier (automation and integrations)
We may use Zapier to automate workflows between our tools (e.g., transferring webinar registrations or purchase confirmations to our contact management system). For this purpose, relevant contact data (e.g., name, email, purchase/registration status) may be transmitted through Zapier.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in efficient administration) and/or Art. 6(1)(b) GDPR where automation is required to deliver a purchased service.
We configure integrations to transmit only the minimum data required for the respective workflow.
5. Social media links
Our website contains links to our social media profiles (e.g., LinkedIn, Instagram, Substack). These are simple hyperlinks. If you click on a link, you will be redirected to the respective platform. The platform provider may process personal data under its own responsibility and in accordance with its own privacy policy (e.g., IP address, device and browser information, and—if you are logged in—your account data). We do not control and are not responsible for data processing carried out by these platforms.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in maintaining our public presence and providing communication channels).
6. Analysis tools and advertising
Google Tag Manager
We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Tag Manager itself does not create user profiles, does not store cookies and does not carry out independent analyses; it only manages and runs the tools integrated via it. However, it does collect your IP address, which may also be transferred to Google’s parent company in the United States.
Legal basis: Art. 6(1)(f) GDPR, or Art. 6(1)(a) GDPR and § 25(1) TTDSG where consent is required.
Google Analytics
This website uses the functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics enables us to analyse the behaviour patterns of website visitors. Google Analytics uses technologies that allow recognition of the user for the purpose of analysing user behaviour patterns (e.g., cookies or device fingerprinting). Website use information recorded by Google is, as a rule, transferred to a Google server in the United States.
Legal basis: your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG; you may revoke your consent at any time.
Google Ads / Google AdSense
We use Google Ads and may use Google AdSense. These services enable us to display ads and measure performance. The use of these services occurs based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG; you may revoke your consent at any time.
LinkedIn Insight Tag
This website uses the Insight Tag from LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland). The Insight Tag allows us to obtain information about visitors to our website and to measure conversions and retargeting.
Legal basis: consent pursuant to Art. 6(1)(a) GDPR and § 25 TTDSG, or legitimate interest pursuant to Art. 6(1)(f) GDPR where applicable; consent can be revoked at any time.
7. Newsletter
Newsletter data
If you would like to subscribe to the newsletter offered on this website, we will need your e-mail address and information that allows us to verify that you are the owner of the e-mail address provided and that you consent to the receipt of the newsletter. We shall use such data only for sending the requested information and shall not share such data with any third parties.
The processing of the information entered into the newsletter subscription form shall occur exclusively based on your consent (Art. 6(1)(a) GDPR). You may revoke your consent at any time by clicking the “Unsubscribe” link in the newsletter. Data deposited for the purpose of subscribing will be stored until you unsubscribe and deleted afterwards, subject to statutory retention periods.
8. Plug-ins and tools
YouTube (expanded data protection mode)
Our website may embed videos of YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). We use YouTube in the expanded data protection mode. When you start to play a YouTube video, a connection to YouTube’s servers will be established; YouTube may place cookies or similar technologies.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in presenting content) or Art. 6(1)(a) GDPR and § 25(1) TTDSG where consent is required; consent can be revoked at any time.
Google Maps
This website uses Google Maps (Google Ireland Limited). To enable the use of Google Maps features, your IP address must be stored and is generally transferred to Google servers in the United States.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest) or Art. 6(1)(a) GDPR and § 25(1) TTDSG where consent is required.
9. eCommerce and payment service providers
Processing of customer and contract data
We collect, process, and use personal customer and contract data for the establishment, content arrangement and modification of our contractual relationships. Data with personal references to the use of this website (usage data) will be collected, processed, and used only if this is necessary to enable the user to use our services or required for billing purposes. The legal basis for these processes is Art. 6(1)(b) GDPR. The collected customer data shall be deleted upon completion of the order or termination of the business relationship and upon expiration of any existing statutory archiving periods.
Stripe (payment processing)
For paid services (e.g., webinar tickets), we use Stripe as a payment service provider. Stripe processes payment data (e.g., transaction amount, payment method, billing details) and may process identifiers required for fraud prevention and payment security. We do not receive your full payment card details; these are processed directly by Stripe.
Purpose: payment processing, fraud prevention, accounting, and fulfilment of the purchased service.
Legal basis: Art. 6(1)(b) GDPR (contract), Art. 6(1)(c) GDPR (legal obligations, e.g., accounting/tax), and Art. 6(1)(f) GDPR (fraud prevention).
10. Custom services
Handling applicant data
We offer website visitors the opportunity to submit job applications to us (e.g., via e-mail, via postal services, or by submitting an online job application form). We process personal data submitted in conjunction with an application if required to make a decision concerning the establishment of an employment relationship.
Legal basis: § 26 BDSG (German law), Art. 6(1)(b) GDPR (contract negotiations) and—where applicable—Art. 6(1)(a) GDPR (consent).
Data archiving period
If we are unable to make you a job offer, or you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted based on our legitimate interests (Art. 6(1)(f) GDPR) for up to 6 months from the end of the application procedure. Afterwards, the data will be deleted, and the physical application documents will be destroyed. Longer storage may apply if required for legal disputes or if statutory retention requirements preclude deletion.
Admission to the applicant pool
If we do not make you a job offer, you may be able to join our applicant pool. Admission is based exclusively on your express agreement (Art. 6(1)(a) GDPR). You may revoke your agreement at any time; in that case, data will be deleted unless legal reasons for storage apply. Data from the applicant pool will be deleted no later than two years after consent has been granted.