Privacy Policy

1. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other applicable data protection laws is:

Johanna Rossmanith

Fasanenweg 2

61209 Echzell

Germany

Email: kontakt@johanna-rossmanith.de

2. Scope of Processing of Personal Data

We generally process personal data of our users only to the extent necessary to provide a functional website and our content and services. The processing of personal data regularly takes place only with the user’s consent or where a legal basis permits such processing.

3. Collection and Storage of Access Data / Server Log Files (Technically Necessary)

When accessing our website, our system automatically collects data and information from the computer system of the accessing device.

The following data is collected:

  • IP address (anonymized / shortened)

  • Date and time of access

  • Websites from which the user’s system accesses our website

  • Websites accessed by the user’s system via our website

  • Browser type and operating system used

  • Amount of data transmitted

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in technical provision, security, and optimization of the website).

Storage duration: The data is deleted as soon as it is no longer necessary for the purpose of its collection – generally after a maximum of 7 days.

4. Cookies and Similar Technologies

Our website uses cookies and comparable technologies (local storage, session storage, etc.).

Necessary cookies (technically required)

These ensure the functionality of the website (e.g., shopping cart, language settings).

Legal basis: Section 25(2) No. 2 TDDDG in conjunction with Art. 6(1)(f) GDPR.

Optional / non-essential cookies (analytics, marketing, external media)

These are only set after your explicit consent.

Legal basis: Section 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.

You may withdraw your consent at any time via our cookie banner (at the bottom of the page or under “Cookie Settings”). Alternatively, you can block or delete cookies in your browser settings.

5. Appointment Booking via Calendly

For booking an initial consultation (“Book Initial Consultation”), we use the service Calendly provided by Calendly LLC, 3423 Piedmont Road NE, Atlanta, GA 30305, USA.

When you click on the “Book Initial Consultation” button, a Calendly pop-up window opens where you can select and schedule an appointment.

The following data is processed:

  • First and last name

  • Email address

  • Selected appointment (date and time)

  • Any additional information you provide in the booking form

Legal basis: Art. 6(1)(a) GDPR (consent). By clicking “Book Initial Consultation” and entering your data, you consent to the processing.

Data transfer to the USA

Calendly is a U.S.-based company. Data transfers to the USA are based on Standard Contractual Clauses (Art. 46(2)(c) GDPR) and, where applicable, the EU–US Data Privacy Framework, provided Calendly is certified.

Storage duration: Your data is stored by Calendly until the appointment has taken place and related communication has been completed, unless statutory retention obligations apply.

Further information:

Calendly’s Privacy Policy: https://calendly.com/privacy

6. Data Sharing

Your personal data will not be transferred to third parties for purposes other than those listed below.

We only share your data:

  • With data processors (e.g., hosting providers, email service providers) in accordance with Art. 28 GDPR

  • If there is a legal obligation (Art. 6(1)(c) GDPR)

  • For the establishment, exercise, or defense of legal claims (Art. 6(1)(f) GDPR)

7. Contact (Email, Contact Form)

If you contact us (e.g., by email or contact form), the data you provide (name, email address, possibly telephone number, message content) will be stored to process your inquiry.

Legal basis:

Art. 6(1)(b) GDPR (pre-contractual measures / contract performance) or

Art. 6(1)(f) GDPR (legitimate interest in responding to inquiries).

Storage duration: The data is deleted as soon as it is no longer necessary for the purpose (generally after the conversation has been completed), unless statutory retention obligations apply.

8. Your Rights as a Data Subject

You have the right:

  • To access your stored personal data (Art. 15 GDPR)

  • To rectification of inaccurate data (Art. 16 GDPR)

  • To erasure (Art. 17 GDPR)

  • To restriction of processing (Art. 18 GDPR)

  • To data portability (Art. 20 GDPR)

  • To object to processing (Art. 21 GDPR)

  • To withdraw your consent at any time (without affecting the lawfulness of processing carried out before withdrawal)

To exercise your rights, simply send us an email to the address listed above.

You also have the right to lodge a complaint with a supervisory authority. In the federal state of Hesse, this is:

The Hessian Commissioner for Data Protection and Freedom of Information

Gustav-Stresemann-Ring 1

65189 Wiesbaden

Germany

Postal address: Postfach 3163, 65021 Wiesbaden

Email: poststelle@datenschutz.hessen.de

Phone: +49 611 1408-0

Website: https://datenschutz.hessen.de

An online complaint form is available on the authority’s website under “Submit Complaint.”

9. Amendments to This Privacy Policy

We reserve the right to amend this Privacy Policy as necessary to ensure it always complies with current legal requirements or to reflect changes in our services (e.g., introduction of new tools). The updated version will apply to your next visit.