Privacy Policy

For Elisabeth Ignasiak
Version 1.0
As of November 2025

This privacy policy fulfills my information obligations under Articles 13 and 14 of the General Data Protection Regulation (GDPR). It is important to me to provide you with transparent information about the type, scope, purpose, and duration of my processing of personal data and the measures I take to protect your personal data. This privacy policy has been in effect since November 2025. If updates to this document become necessary due to further development of the website or changes in requirements, I will document this here and clearly mark the amended version. Personal data is collected on this website.

The foundations of a trusting partnership are transparency and reliability: I therefore assure you that your personal data will be processed in accordance with the applicable regulations for the protection of personal data. I process your personal data exclusively with your active consent, solely for the purpose of contract processing or to protect my legitimate interests. By processing, I mean the collection, transmission, storage, but also processing on behalf of and deletion of your personal data. How and why your personal data is processed is explained in detail below.

Table of Contents

Responsible for data processing
General information on data processing
Data collection on this website
Data collection in the context of contract initiation
Profiles on social networks
Your rights as a data subject

1. Responsible for data processing

Responsible for data processing in accordance with Art. 4 No. 7 GDPR:

No data protection officer has been appointed for this website.

2. General information on data processing

1. Extent of processing personal data
I only process personal data on this website to the extent necessary to provide a functional website and my content and services. The processing of personal data on this website is regularly only carried out with active consent. The configuration of the consent management tool (colloquially known as a cookie banner) on this website ensures that you actively consent to the processing of your personal data. An exception applies in cases where prior consent cannot be obtained for technical reasons and the processing of the data is permitted by law.

2. Legal basis for the processing of personal data
When I obtain consent from the data subject, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis. When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) of the GDPR serves as the legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures. If the processing is necessary to safeguard my legitimate interest as an entrepreneur or that of a third party and if the interests, fundamental rights, and freedoms of the data subject do not outweigh the former interest, Art. 6 (1) lit. f GDPR serves as the legal basis for the processing.

3. Data deletion and storage period
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Storage may also take place if this has been provided for by the European or national legislator in regulations, laws, or other provisions. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires. Unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.

3. Data collection on this website

Provision of the website and creation of log files
Each time you visit this website, the system automatically collects data and information from your device’s operating system. The following data is collected:

Your IP address
Date and time of access
Time difference between the requesting host and the web server
Type of request
Client information (client type, client version)
Your operating system (device, device OS version)
Website from which you accessed my website
Content of the request or specification of the file retrieved that was transmitted to you
Access status (successful transmission, error, etc.)
The amount of data transferred in bytes

This website is hosted via the infrastructure of Greenhost BV, i.e., stored and made available for retrieval. The web server used stores the aforementioned server log files. An AV contract has been concluded with the provider.

Purpose of processing: Hosting of the website
Legal basis and legitimate interest: Processing is based on my overriding legitimate interest (Art. 6 (1) (f) GDPR) in the security and stability of my website by commissioning a service provider to provide infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services
Data recipient: Greenhost BV, Wibautstraat 131 D, 1091 GL Amsterdam NL
Privacy policy

Cookie consent with Borlabs Cookie
This website uses cookie consent technology from Borlabs Cookie. The tool allows you to actively consent to the storage of cookies and to document your consent. When you visit this website, a cookie is stored in your browser, which stores the consents you have given or the revocation of these consents. This data is not passed on to the provider of Borlabs Cookie. Borlabs Cookie does not store any personal data. The cookie is automatically deleted.

Provider: Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg, Germany
Details on data processing by Borlabs Cookie

Email contact
You can send me emails using the address provided. In this case, the personal data transmitted with the email will be processed.

Purpose of processing: Processing your request
Legal basis: The legal basis for the processing of your personal data is Art. 6 (1) lit. b GDPR for pre-contractual or contractual matters

Newsletter
I use the WordPress plugin The Newsletter Plugin to send our newsletter.
When you subscribe to the newsletter, we store the data you provide (email address and name) solely for the purpose of sending the newsletter.

The data is processed on the basis of your consent in accordance with Art. 6 (1) (a) GDPR.
You can revoke your consent at any time with future effect—for example, via the unsubscribe link in the newsletter or by sending an informal message to the above contact address.

The Newsletter Plugin does not process any data on external servers, but stores subscriber data exclusively in the database of this website (hosted in the EU).

I measure the success of my newsletter by collecting statistical data, i.e., I measure whether the newsletter is opened, when it is opened, and which links are clicked. My goal is to learn about your reading habits so that I can better tailor my content to them. Unfortunately, it is not possible to opt out of the success measurement separately; in this case, the entire newsletter subscription must be canceled. The following data is collected:

Information about browser & system
IP address
Time of access
Interests
Purpose of collection: Performance measurement, technical improvement of services
Legal basis and legitimate interest: Performance measurement in connection with the use of the shipping service provider is based on my legitimate interest pursuant to Art. 6 (1) (f) GDPR. The processing of your personal data is based exclusively on your consent in accordance with Art. 6 (1) (a) GDPR. You can revoke this consent at any time by unsubscribing from the newsletter.
Storage period: The above-mentioned personal data will be stored until you unsubscribe from the newsletter and will be deleted after unsubscribing.
Data recipient: Active Campaign, 1 North Dearborn Street, 5th floor, Chicago, IL 60602, USA
Privacy policy: https://www.activecampaign.com/legal/privacy-policy
Third country transfer: The adequate level of data protection is ensured by the use of the EU standard contractual clauses: https://www.activecampaign.com/legal/newscc

Google Analytics in conjunction with Google Tag Manager

This website uses Google Analytics in conjunction with Google Tag Manager. Google Tag Manager is used to optimize marketing measures. Google Tag Manager is a product of Google Ireland Limited. The service does not set cookies and does not process personal data, but may trigger so-called tags that can lead to the collection of data. The data is only passed on in anonymized form. Deactivating Google Tag Manager will deactivate all tracking tags triggered via Google Tag Manager.

Google Analytics is a web analytics service provided by Google Ireland Limited. Google uses cookies to provide its services, personalize advertising, and analyze traffic. Usage and user-related information, such as IP address, location, time, or frequency of visits to this website, is transmitted to a Google server in the USA and stored there. Google Analytics is used with the anonymization function, i.e., Google shortens the IP address within the EU or the EEA. Google only receives this information if you have consented to the use of Google Analytics when entering the website.

Purpose of processing: Analysis of usage behavior on this website.
Legal basis and legitimate interest: My legitimate interest (Art. 6 (1) (f) GDPR) lies in the analysis, optimization, and economic operation of my website.
Data recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy policy: https://policies.google.com/privacy
Third country transfer: The adequate level of data protection is ensured by the use of the EU standard contractual clauses: https://cloud.google.com/terms/data-processing-terms
Right to object: https://tools.google.com/dlpage/gaoptout?hl=de

Calendly
I use Calendly to book appointments. When you make an appointment, Calendly collects and processes data on my behalf. This data includes:

Name
Address
Email address
Phone number (optional)
Purpose of processing: Appointment scheduling
Legal basis and legitimate interests: Data processing is based on my overriding legitimate interest (Art. 6 (1) (f) GDPR) in providing a stable and professional appointment booking system.
Data recipient: Calendly, 271 17th St NW, Ste 1000, Atlanta, GA 30363 USA, https://calendly.com/de/
Calendly privacy policy: https://calendly.com/de/pages/privacy
Transfer to third countries: Standard contractual clauses, which can be viewed at the following link: https://calendly.com/de/pages/dpa.
Storage period until revocation. Processing will then be restricted.

Online Meetings via Google Meet
I usually conduct workshops and meetings online using the Google Meet video conferencing system.

Purpose: Execution of the offer
Legal basis: When you book an offer with me, I process your personal data in accordance with Art. 6 (1) (b) GDPR within the scope of the contractual measures.
Telecommunications service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy policy: https://policies.google.com/privacy

Google Meet is part of the Google Workspace services.
A data processing agreement has been concluded with Google in accordance with Art. 28 GDPR.
In individual cases, data may also be transferred to third countries (in particular the USA).
Google undertakes to comply with the EU standard contractual clauses pursuant to Art. 46 GDPR.

Online Meetings via Zoom
On request, workshops and meetings can be held online via the Zoom video conferencing system.

Purpose: Implementation of the offer
Legal basis: If you book an offer with me, I will process your personal data in accordance with Art. 6 (1) (b) GDPR within the framework of the contractual measures.
Telecommunications service provider: Zoom Video Communications Inc., San José, California
Privacy policy: https://explore.zoom.us/de/gdpr/

Online Meetings and Webinars via MS Teams

We use Microsoft Teams from Microsoft Corporation (USA) to conduct webinars. In doing so, we process personal data such as name, email address, profile photo (if applicable), and technical information (e.g., IP address, date, time, duration, type of access). Content from chats, audio and video recordings may also be affected if you actively use these functions. Webinars may be recorded for documentation or training purposes, but only after prior notice. You decide for yourself whether you want to participate in a recording. During a recording, your name, chat contributions, audio, and image may be stored.

Recipients of your data may include other participants and Microsoft in the context of providing the service. Data processing is carried out on the basis of legal regulations: with your consent (Art. 6 (1) (a) GDPR), for the performance of a contract (Art. 6 (1) (b)), for legitimate interests (Art. 6 (1) (f)), or in accordance with collective agreements (Art. 88 GDPR). Our legitimate interest lies, among other things, in digital communication with you. You have the right to object to this processing.

Data may be transferred to third countries such as the USA. Microsoft is certified under the Data Privacy Framework. Alternatively, we use EU standard contractual clauses. The data will be deleted as soon as it is no longer required for its original purpose and there are no legal retention periods. Automated decisions (e.g., profiling) do not take place.

4. Data collection in the context of contract initiation

We use Less Annoying CRM, a cloud-based customer relationship management system from Less Annoying CRM LLC (St. Louis, Missouri, USA).
In this system, we store contact details (e.g., name, email address, organization, telephone number if applicable) of active business partners, customers, and interested parties, insofar as this is necessary for the management of inquiries, projects, or offers.

Processing is based on Art. 6 (1) lit. b GDPR (contract initiation or fulfillment) or Art. 6 (1) lit. f GDPR (legitimate interest in efficient customer communication).

A data processing agreement has been concluded with Less Annoying CRM, incorporating the EU standard contractual clauses pursuant to Art. 46 GDPR, in order to ensure an adequate level of data protection.

Further information on data protection at Less Annoying CRM can be found at: https://www.lessannoyingcrm.com/privacy.

5. Profiles on social networks

I use social networks to actively engage with customers, prospects, and users and to provide information about my services and products. When interacting with customers via these platforms, personal data is processed both by me and by the respective platform operator. These processing activities are carried out under joint responsibility with the respective platform operators in accordance with Art. 26 GDPR. The general information on data processing in this document applies to the processing activities I carry out.

I am not responsible for the processing activities of the respective platforms; the information provided by the platform operators applies. At this point, I would like to point out that the active use of social media such as Facebook, Instagram, or Twitter is solely your personal responsibility. This applies in particular to the functions of commenting, sharing, rating, etc. Below you will find a list of all social media platforms on which I operate a profile.

Youtube
I operate a YouTube channel under the name Elisabeth Ignasiak

YouTube is a video portal that has been a subsidiary of Google LLC since 2006. The portal offers content producers the opportunity to make their video content available to an online audience free of charge.

Joint Controller: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Privacy notice: https://policies.google.com/privacy?hl=de

LinkedIn
You can find me on LinkedIn under Elisabeth Ignasiak

LinkedIn is a social network used to maintain and build business contacts. Using LinkedIn is free of charge in the basic version. In principle, you can view my LinkedIn profile in a limited way even without registering on the platform. Log out of LinkedIn or deactivate “stay signed in,” delete the cookies stored on your device, and restart your browser. Limited use means that interactions (likes, comments, shares, messages, etc.) are not possible, as these require logging in.

Joint Controller: LinkedIn Germany GmbH, Sendlinger Straße 12, Hofstatt, 80331 Munich
Parent company: LinkedIn Inc., Sunnyvale, California, USA
Privacy notice: https://de.linkedin.com/legal/privacy-policy?trk=public_profile_v3_desktop_footer-privacy-policy

6. Your rights as a data subject

If your personal data is processed, you are a data subject (see Art. 4(1) GDPR). As such, you have the following rights with respect to me as the controller:

6.1 Right of access

You may contact me in writing at any time to inquire whether I process personal data concerning you. If such processing exists, I will provide you with the following information:

(1) the purposes for which the personal data is processed;

(2) the categories of personal data being processed;

(3) the recipients or categories of recipients to whom your personal data has been disclosed or will be disclosed;

(4) the planned duration of storage of your personal data or, if precise information is not possible, the criteria used to determine the storage period;

(5) the existence of a right to rectification or deletion of your personal data, a right to restriction of processing, or a right to object to such processing;

(6) the existence of a right to lodge a complaint with a supervisory authority;

(7) all available information about the source of the data if the personal data was not collected from the data subject;

(8) the existence of automated decision-making, including profiling under Art. 22(1) and (4) GDPR, and—at least in such cases—meaningful information about the logic involved as well as the scope and intended effects of such processing on the data subject.

You also have the right to be informed whether your personal data is transferred to a third country or an international organization. In this context, you may request to be informed about appropriate safeguards in accordance with Art. 46 GDPR relating to the transfer.

You may exercise this right by contacting me by email with the subject line: Request for access.

6.2 Right to rectification
If you find that your personal data is incorrect and/or incomplete, you have the right to rectification and/or completion. Please send me an email with the subject line: Request for rectification. I will process your request as quickly as possible and confirm the correction.

6.3 Right to restriction of processing
You may request the restriction of processing of your personal data under the following conditions:

(1) if you contest the accuracy of the data;

(2) if the processing is unlawful and you oppose deletion of the personal data and instead request restriction of its use;

(3) if I no longer need the personal data for processing purposes; or

(4) if you have objected to processing under Art. 21(1) GDPR and it has not yet been determined whether my legitimate grounds override yours.

To request restriction of processing, send me an email with the subject line: Restriction of processing.

If the processing of your personal data has been restricted, this data—aside from storage—may only be processed with your consent, for the establishment, exercise or defense of legal claims, to protect the rights of another natural or legal person, or for reasons of important public interest of the Union or a Member State.

If the restriction of processing is lifted under the above conditions, I will inform you prior to doing so.

6.4 Right to Deletion

You have the right to demand the immediate deletion of your personal data. I am required to delete this data without delay if one of the following grounds applies:

(1) Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed.

(2) You withdraw your consent on which the processing was based (Art. 6(1)(a) or Art. 9(2)(a) GDPR), and there is no other legal basis for processing.

(3) You object to processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object pursuant to Art. 21(2) GDPR.

(4) Your personal data was unlawfully processed.

(5) Deletion is required to comply with a legal obligation under Union law or Member State law to which I am subject.

(6) Your personal data was collected in relation to information society services offered under Art. 8(1) GDPR.

6.4.2 Notification to third parties
If I have made your personal data public and am obliged under Art. 17(1) GDPR to delete it, I will take reasonable steps to inform other controllers that you request deletion of any links to, copies, or replications of your personal data.

6.4.3 Exceptions
The right to erasure does not apply to the extent processing is necessary:

(1) for exercising the right to freedom of expression and information;

(2) for compliance with a legal obligation requiring processing;

(3) for reasons of public interest in the area of public health (Art. 9(2)(h), (i) and Art. 9(3) GDPR);

(4) for archiving purposes in the public interest, scientific or historical research, or statistical purposes under Art. 89(1) GDPR, where the right of erasure would likely render impossible or seriously impair the achievement of the objectives of such processing; or

(5) for the establishment, exercise or defense of legal claims.

You may exercise this right by emailing me with the subject line: Delete my personal data.

6.5 Right to notification
If you have exercised your right to rectification, deletion, or restriction of processing, I am obliged to notify all recipients to whom I have disclosed your personal data of this correction, deletion, or restriction, unless this proves impossible or involves disproportionate effort.

You have the right to request information about these recipients.

6.6 Right to data portability
You have the right to receive the personal data you have provided to me in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller without hindrance on my part. Please email me your request for data portability, and I will check whether it is technically feasible.

6.7 Right to object

You have the right to object at any time to processing of your personal data carried out on the basis of my overriding legitimate interest (Art. 6(1)(f) GDPR), including profiling based on this provision.

I will then no longer process your personal data unless compelling legitimate grounds for the processing can be demonstrated that outweigh your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.

If your personal data is processed for direct marketing, you have the right to object at any time. This also applies to profiling insofar as it is related to direct marketing. If you object to processing for direct marketing purposes, your personal data will no longer be processed for those purposes.

6.8 Right to withdraw consent
You have the right to withdraw your consent to data processing at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

6.9 Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates the GDPR. The supervisory authority will inform you of the status and outcome of the complaint, including the possibility of judicial remedy.

Berlin
The Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstr. 219, 10969 Berlin
Visitor entrance: Puttkamer Str. 16–18 (5th floor)
Phone: 030/138 89–0
Fax: 030/215–50 50
Email: mailbox@datenschutz-berlin.de
Website: http://www.datenschutz-berlin.de