Imprint │ Privacy policy

Emmeline Luc-Umansky

Haus der Schweiz
Unter den Linden 24
10117 Berlin, Germany

info@emmelineluc.com

 

  1. General information on data protection processing

Thank you for your interest in my website. The protection of your privacy is very important to me. Below I inform you in detail about the handling of your data. I collect and use personal data of my users only to the extent necessary to provide a functional website and my content and services. The collection and use of personal data of my users is regularly only carried out with the consent of the user. An exception applies in those cases where it is not possible to obtain prior consent for factual reasons and the processing of the data is permitted by legal regulations.

  1. Legal basis for the processing of personal data

Insofar as I obtain the consent of the users for the processing operations of personal data, art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis. When processing personal data that is necessary for the performance of a contract to which the user is a party, art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures. Insofar as processing of personal data is necessary for the fulfillment of a legal obligation to which my company is subject, art. 6 para. 1 lit. c GDPR serves as the legal basis. In the event that vital interests of the users of another natural person make processing of personal data necessary, art. 6 para. 1 lit. d GDPR serves as the legal basis. If the processing is necessary to protect a legitimate interest of my company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the first-mentioned interest, art. 6 para.1 f GDPR serves as the legal basis for the processing.

  1. Disclosure of data to third parties and third-party providers
    • Within the framework of the statutory provisions, I am entitled to commission other companies and persons to perform tasks on my behalf for the fulfillment of which the disclosure of personal data is necessary.
    • Personal data is only passed on to third parties on the basis of legal permits and within the framework of legal requirements.
    • I only pass on user data to third parties if this is necessary, for example, based on art. 6 para lit. b GDPR for contractual purposes, or if I use services within the scope of my legitimate interests, art. 6 para. lit. f GDPR. If I commission third parties with the processing of data within the framework of a so-called order processing contract, this is done on the basis of art. 28 GDPR. If I use third-party services to provide my services, I take appropriate legal precautions and technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal provisions.
    • Personal data may also be transferred to servers outside the EU or to trusted third parties that have their servers outside the EU. You should be aware that many countries do not offer the same legal protections for personal information that you enjoy in the EU. While your personal information is located in another country, courts, law enforcement and national security authorities of that country may access it in accordance with those laws. Subject to your express consent or contractually or legally required transfer, I only process or have the data processed outside the EU only in third countries with a recognized level of data protection, contractual obligations through so-called standard contractual clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (art. 44 to art. 49 GDPR).
  2. Storage of access data in server log files
    • You can visit my website without providing any personal information. Each time you visit my website, my system automatically collects data and information from the computer systems of the computer called up. The following data is collected:
  • Name of the accessing computer
  • Date and time
  • Volume of data transferred
  • Requesting Provider
  • IP-Adress
  • Type of browser
  • Interactions with the functions
  • Operating System
  • Device settings
  • Unique device recognition
  • Language settings and cookie data
  • Application ID
    • I only store access data in so-called server log files. This data is not stored together with other personal data.
    • The legal basis for the temporary storage of the data is art. 6 para. 1 lit. f GDPR. The purpose of the data processing is to ensure the trouble-free operation of the website and the improvement of my offer. These purposes are also my legitimate interest in data processing according to art. 6 para. 1 lit. f GDPR. The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
      The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object.
  1. Cookies
    • A cookie is a simple small file that can be sent together with the pages of an internet address and stored by the web browser on the computer or other device. The information stored in it may be sent to my servers or the servers of relevant third parties during subsequent visits.
    • A script is a piece of program code that allows my website to function properly and interactively. This code is executed on my server or on my device.
    • A web beacon (also called a pixel tag), is a small invisible text fragment or image on a website that is used to monitor traffic on the website. To make this possible, various data from you is stored using web beacons.
    • Some cookies ensure that parts of my website function properly and that your user preferences remain known. By placing functional cookies, I make it easier for you to visit my website. This way, you do not have to repeatedly enter the same information when visiting my website. I may place these cookies without your consent.
    • I use analytical cookies to optimize the website experience for my users. These analytical cookies provide me with insights into how my website is used. I will ask for your permission to set analytical cookies.
    • Marketing / tracking cookies are cookies or other form of local storage used to create user profiles to display advertisements or track the user on this website or across multiple websites for similar marketing purposes.
    • The legal basis for the use of cookies is subject to your consent pursuant to art. 6 para. 1, lit. a GDPR, art. 6 para. 1, lit. f GDPR. The purpose is the simplified presentation of my website and the analysis and optimization of the offer.
    • After leaving my website, the cookies remain stored on your device and enable me to recognize your Internet browser the next time you visit.
    • You have sole control over the use of technically necessary cookies. You can set your internet browser so that you are informed about the setting of cookies and decide individually about their acceptance or generally exclude the acceptance of cookies for certain cases. Cookies that have already been stored can be deleted at any time. This can be done automatically.
    • In case of non-acceptance of cookies, the functionality of my website may be limited.
  2. Webhosting Site Ground
    • My website is hosted by the provider Siteground, SiteGround Hosting EOOD, 6 Olimpiyska Str., 1166 Sofia, Bulgaria. For the purpose of providing and delivering the website, provider data are processed.
    • This involves the following data:
  • Name
  • Contact details
  • IP addresses,
  • contact requests
  • Meta and communication data
  • contractual data,

The data won´t be stored beyond the time of the access.

  • The legal basis for the data processing is the legitimate interest (absolute technical necessity for the provision and delivery of the service “website” expressly requested through you calling up my website) in accordance with art. 6 para. 1 lit. f GDPR.
  • .Within the scope of the order processing relationship, SiteGround acts exclusively according to my instructions and has been contractually obligated to comply with the provisions of data protection law within the meaning of art. 28 GDPR. In this context, SiteGround will process your data only to the extent necessary to fulfill its performance obligations and will follow my instructions with respect to such data.
  • For details, please refer to the privacy policy of SiteGround: https://www.siteground.com/privacy.htm. Data protection agreement https://www.siteground.com/term/307.htm?scid=4&lang=en.
  1. Contact Form, E-mail Contact
    • A contact form is available on my website, which can be used for electronic contact. As soon as you use this option, the data entered in the mask is transmitted to us and stored. These data are:
    • Name
    • Last name
    • E-Mail
    • Service the user ist interested in
    • The following data is also stored at the time the message is sent:
    • IP address of the user
    • Date and time of contact
    • The data is used exclusively for the processing of the conversation. The legal basis for the processing of data transmitted in the course of contacting me via the form or when sending an e-mail is art. 6 para.1 lit. f GDPR. If the contact aims at the conclusion of a contract, the additional legal basis for the processing is art. 6 para. 1 lit. b GDPR. The processing of the personal data from the mask of the contact form serves me solely to process the contact. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in processing the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of my information technology systems. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the mask of the contact form and those sent by e-mail, this is the case when the conversation with you has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified. The additional personal data collected during the sending process will be deleted after a period of three weeks at the latest.
    • The contact form works through Dubsado, Dubsado LLC, 3225 Mcleod Drive, Suite 100, Las Vegas, Nevada 89121, United States (hereinafter “Dubsado”).
    • The legal basis for the use of Dubsado is art. 6 para. 1 lit. f GDPR as well as standard data protection clauses within the framework of an order processing agreement. The purpose of using Dubsado is the simplified conversation with the users. This also constitutes the legitimate interest.
    • You can find more information about the privacy policy of Dubsado under the following link: https://www.dubsado.com/legal/privacy-policy

 

  1. Dubsado
    • I use the CRM system Dubsado on this website. The provider is Dubsado LLC, 3225 Mcleod Drive, Suite 100, Las Vegas, Nevada 89121, United States (hereinafter “Dubsado”).
    • Among other things, Dubsado enables me to manage existing and potential customers as well as customer contacts and to organize sales and communication processes. The use of the CRM system also enables me to analyze and optimize my customer-related processes. Customer data is stored on Dubsado’s servers. Details about the functions of Dubsado can be found here: https://www.dubsado.com/.
    • The use of Dubsado is based on art. 6 para. 1 lit. f. GDPR. The legitimate interest is to provide the most efficient customer management and customer communication possible. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.
    • Data transfer to third countries outside the European Union is based on the standard contractual clauses of the EU Commission. For details, please refer to the privacy policy of Dubsado: https://www.dubsado.com/legal/privacy-policy.
  2. Zoom
    • I use the tool “Zoom”, a service offered by Zoom Video Communications, Inc, San Jose, 55 Almaden Boulevard, Suite 600, San Jose, CA 95113, to conduct webinars, video and/or telephone conferences and/or online meetings (“online Meetings”).
    • In this context the following data may be processed:
    • – First Name
    • – Surname
    • – Phone number
    • – e-mail address
    • – Password (if no “Single-Sign-On” is used)
    • – Subscriber IP address
    • – Device/hardware information
    • – For recordings: MP4 of all video, audio and presentation recordings, M4A file of all audio recordings, text file of online meeting chat.
    • – For dial-in with telephone: information about incoming and outgoing phone number, country name, start and end time, if necessary further connection data like IP address of the device
    • You may have the opportunity to use the chat, question or survey functions in an “online meeting”. In this respect, the text entries you make are processed in order to display them in the “online meeting” and, if necessary, to protocol these entries. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the end device will be processed accordingly for the duration of the meeting. You can turn off or mute the camera or microphone yourself at any time via the “Zoom” applications.
    • In order to participate in an “online meeting” or to enter the “meeting room”, you must at least provide information about your name.
    • I use “Zoom” to conduct “online meetings”. If I want to record “online meetings”, I will transparently inform you in advance and – if necessary – ask for your consent. The fact of the recording will also be displayed to you in the “Zoom” app.
    • If it is necessary for the purposes of documenting the results of an “online meeting”, I will log the chat content. However, this will not usually be the case. In the case of webinars, I may also process questions asked by webinar participants for purposes of recording and following up on webinars. If you are registered as a user with “Zoom”, then reports of “online meetings” (meeting metadata, telephone dialing data, questions and answers in webinars, survey functions in webinars) may be stored by “Zoom” for up to one month. Automated decision-making within the meaning of art. 22 GDPR is not used.
    • Insofar as you access the website of “Zoom”, the provider of “Zoom” is responsible for data processing. However, calling up the website is only necessary for the use of “Zoom” in order to download the software for the use of “Zoom”. You can also use “Zoom” if you enter the respective meeting ID and, if applicable, further access data for the meeting directly in the “Zoom” app. If you do not want to or cannot use the “Zoom” app, then the basic functions can also be used via a browser version, which you can also find from the “Zoom” website.
    • If, in connection with the use of “Zoom”, personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component in the use of “Zoom”, then art. 6 para. 1 lit. f GDPR is the legal basis for data processing. In these cases, my interest is in the effective implementation of “online meetings”.
    • In all other cases, the legal basis for data processing when conducting “online meetings” is art. 6 para. 1 lit. b GDPR, insofar as the meetings are conducted in the context of contractual relationships.
    • If there is no contractual relationship, the legal basis is art. 6 para. 1 lit. f GDPR. Here, too, my interest is in the effective conduct of “online meetings”.
    • Personal data processed in connection with participation in “online meetings” will not be disclosed to third parties as a general rule unless it is specifically intended for disclosure. Please note that the content of “online meetings”, as well as personal meetings, is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.
    • Other recipients: The provider of “Zoom” necessarily obtains knowledge of the above data to the extent provided for in our order processing agreement with “Zoom”.
    • „ Zoom” is a service provided by a provider from the USA. A processing of personal data thus also takes place in a third country. I have concluded an order processing agreement with the provider of “Zoom” that complies with the requirements of art. 28 GDPR
    • “An appropriate level of data protection is guaranteed on the one hand by the conclusion of the so-called EU standard contractual clauses. As additional protective measures, I have also configured Zoom so that only data centers in the EU, the EEA, or secure third countries such as Canada or Japan are used to conduct “online meetings”.
  • You can find more information about the privacy policy of “Zoom” under the following link: https://explore.zoom.us/en/gdpr/
  1. Paypal
    • I offer the option to process the payment transaction via the payment service provider PayPal (PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg). This is in line with my legitimate interest in offering an efficient and secure payment method (art. 6 para. 1 lit. f GDPR). In this context, I share the following data with PayPal to the extent necessary for the performance of the contract (art. 6 para. 1 lit b. GDPR).
    • Name
    • First name
    • Last name
    • E-mail address
    • Customer number
    • Order number
    • Date and time of transaction
    • Transaction amount
    • place
    • The processing of the data provided under this section is not required by law or contract. I cannot process a payment through PayPal without the submission of your personal data. [You have the option to choose another payment method].
    • PayPal carries out a credit check for various services such as payment by direct debit to ensure your willingness and ability to pay. This corresponds to the legitimate interest of PayPal according to art. 6 para. 1 lit. f GDPR and serves the execution of the contract according to art. 6 para. 1 lit. b GDPR. For this purpose, your data (name, address and date of birth, bank account details) will be passed on to credit agencies. I have no influence on this process and only receive the result of whether the payment has been made or rejected or a check is pending.
    • You can find more information about objection and removal options under the following link: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
    • Your data will be stored until the payment processing is completed. This also includes the period required for the processing of refunds, claims management and fraud prevention. Due to regulations under commercial and tax law, I am obliged to store your address, payment and order data for a period of ten years. However, I will restrict processing after 5 years i.e. your personal data will only be used to maintain legal obligations.
  2. Stripe
    • I offer the option to process the payment transaction via the payment service provider Stripe, ℅ Legal Process, 510, Townsend St., San Francisco, CA 94103 respectively Stripe Payments Europe Limited 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland: Stripe Legal (Stripe). This is in line with my legitimate interest in offering an efficient and secure payment method (art. 6 para. 1 lit. f GDPR). In this context, I share the following data with Stripe to the extent necessary for the performance of the contract (art. 6 para. 1 lit b. GDPR).
  • Name of the cardholder
  • E-mail address
  • Customer number
  • Order number
  • Bank details
  • Credit card data
  • Credit card validity period
  • Credit card verification number (CVC)
  • Date and time of transaction
  • Transaction amount
  • Name of the provider
  • Place
  • Processing of the data provided under this section is not required by law or contract. I cannot process a payment via Stripe without the submission of your personal data. It is possible for you to choose another payment method.
  • Stripe has a dual role in data processing activities as a controller and processor. As a controller, Stripe uses your submitted data to comply with regulatory obligations. This is in accordance with Stripe’s legitimate interest (pursuant to art. 6 para. 1 lit. f GDPR) and serves the performance of the contract (pursuant to art. 6 para. 1 lit. b GDPR). I have no influence on this process.
  • Stripe acts as an order processor in order to be able to complete transactions within the payment networks. Within the scope of the order processing relationship, Stripe acts exclusively according to my instructions and has been contractually obligated to comply with the provisions of data protection law within the meaning of art. 28 GDPR.
  • Stripe has implemented compliance measures for international data transfers. These apply to all global activities where Stripe processes personal data of individuals in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs).
  • For more information about opting out and opting in with Stripe, please visit: https://stripe.com/privacy-center/legal.
  • Your data will be stored until the payment processing is completed. This also includes the period required for the processing of refunds, claims management and fraud prevention. Due to regulations under commercial and tax law, I am obliged to store your address, payment and order data for a period of ten years. However, I will restrict processing after 5 years i.e. your personal data will only be used to maintain legal obligations.
  1. ConvertKit
    • On our website there is the possibility to subscribe to a free newsletter which contains updates regarding actual offered or additional courses and also blog updates. When registering for the newsletter, the data from the mask is transmitted to us:
    • Name
    • E-Mail
    • The personal data is processed exclusively for sending the newsletter. The personal data will not be passed on to third parties.
    • The legal basis for the processing of personal data is art. 6 para. 1 lit. a GDPR. The collection of personal data serves to deliver the newsletter.
    • The collection of other data during the registration process serves to prevent misuse of the services or e-mail address used.
    • Your personal data will be stored as long as the subscription is active. You can cancel your subscription to the newsletter at any time. For this purpose, there is a corresponding link in each newsletter. This also allows you to revoke your consent to the processing of personal data collected during the registration process.
    • The dispatch of my newsletter will be done by the email marketing service ConvertKit, a service of the American company, ConvertKit LLC, 750 W Bannock Street 761, Boise ID, 83702, USA.
    • The legal basis for the use of ConvertKit is art. 6 para. 1 lit. f GDPR as well as standard data protection clauses within the framework of an order processing agreement. The purpose of using ConvertKit is the simplified and automated sending of our newsletters. This also constitutes the legitimate interest.
    • You can find more information about the privacy policy of ConvertKit under the following link: https://convertkit.com/security
    • For more information about the purpose and scope of data processing and their data processing, please refer to the privacy policy of ConvertKit ( https://convertkit.com/privacy)
  2. Matomo (formerly Piwik).
    • I use the software “Matomo” (www.matomo.org) on this website, a service provided by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand. The software sets a cookie (a text file) on your research, with which your browser can be recognized. If subpages of my website are called up, the following data is stored:
    • – the IP address of the user, shortened by the last two bytes (anonymized)
    • – the sub-page called up and the time of the call-up
    • – the page from which the user accessed my website (referrer)
    • – which browser with which plugins, which operating system and which screen resolution is used
    • – the time spent on the website
    • – the pages that are visited from the accessed sub-page
    • The data collected with Matomo is stored on my own servers. It will not passed on to third parties.
    • The legal basis on which I process personal data using Matomo is art. 6 para 1, lit. f GDPR.
    • The data is needed to analyze the surfing behavior of users and to obtain information about use of the individual components of the website. This enables me to continuously optimize the website and its user-friendliness. These purposes are the basis of my legitimate interest according to art. 6 para. 1 lit. f GDPR. By anonymizing the IP address, I consider the interest of users in the protection of personal data. The data will never be used to personally identify the user of the website and will not be merged with other data.
    • The data will be deleted when it is no longer needed for my purposes.
    • You can object the recording of data in the manner described above in three different ways:
      • you can completely prevent the storage of cookies in your browser. However, this means that you may no longer be able to use some functions of my website that require identification (shopping cart, orders, personal settings, etc.).
      • you can activate the “Do-not-track” setting in your browser. My Matomo system is configured to respect this setting.
      • you can create a so-called opt-out cookie with a mouse click below, which is valid for two years. It has the effect that Matomo will not register your further visits. Note, however, that the opt-out cookie will be deleted if you delete all cookies.
  1. Your rights
    • Right to information
    • Right of revocation
    • Right of rectification or erasure
    • Right to restriction of processing
    • Right to object to processing
    • Right to data portability

In addition, you have the right to complain to a data protection supervisory authority about the processing of your personal data by us.