Last updated: June 28, 2019
Thank you for your interest in my work.
1. Data controller
If you have any questions regarding my privacy practices, please feel free to send me an email.
2. Data collection
Personal data means any information relating to an identified or identifiable natural person. Such data could be, for example, your name, address, or email address. Information that cannot be attributed to an individual person doesn’t constitute personal data.
I process the personal data that I receive when you visit my website, when you make a request on my website or via email, when you sign up for my email newsletter, when you make a purchase on the site.
a) Web server log
Every time you visit my website, data on your access is stored and processed temporarily in log files. This processing comprizes data such as the date, time, and duration of your visit, request details, IP address, and the type of browser and operating system you use. This information is used to monitor and maintain the security of the site and to troubleshoot and maintain the website and server, and isn’t merged with other data sources. This processing is based on my legitimate interest (Article 6(1)(f) GDPR) to ensure system security.
b) Contact form & other requests on the site or via email
When you use the contact form to send a message, I record your name and email address, which I use to respond to your message and to process your request. If you don’t provide this information, I won’t be able to process your inquiry via the contact form. Likewise, when you contact me by email, I process that information. This processing is based on my legitimate interest (Article 6(1)(f) GDPR) to reply to inquiries.
Transactional email with MailGun:
When you make a request on my website, whether it be through the contact form, newsletter signup, or booking forms, I use a trusted third party service, MailGun, to send transactional emails. I use this service to improve delivery and to ensure that my emails land in your inbox, not in your spam folder. This processing is based on my legitimate interest (Article 6(1)(f) GDPR) to provide a reliable and secure service.
c) Email newsletter and email marketing
When you sign up for my email newsletter, I record your name and your email address, which I use to deliver the newsletter. When you sign up, you’ll receive a confirmation email containing a link you need to click to complete the registration process (double opt-in). This additional confirmation step is necessary before I can add you to my mailing list, to make sure that the newsletter was expressly requested by you. This processing is based on your consent (Article 6(1)(a) GDPR). It goes without saying that if you don’t provide your email address, I won’t be able to deliver my newsletter to you.
Should you no longer wish to receive my newsletter, you can opt out at any time by using the corresponding unsubscribe link at the end of each newsletter.
If you opt out of receiving my email newsletter your opt-out does not apply to personal data provided as a result of other transactions, such as purchases.
Email marketing with Mailchimp:
I use a trusted third party service, Mailchimp, to send out my newsletter. When you enter your email to sign up for my newsletter, Mailchimp temporarily collects your email address for the purpose of sending you a link to confirm your subscription. Only when you confirm your subscription will your email address be saved permanently, unless you unsubscribe from my newsletter or I remove your email address from my newsletter list. Mailchimp also automatically collects the date and time of your signup and your IP address for the purpose of documentation of consent, as well as geolocation (based on your IP address, Mailchimp approximates your general location such as Portland, Oregon when you interact with my newsletter to calculate your time zone), language settings, favorite email client, preferred email format, and the date and time when you last updated your profile information. This processing is based on my legitimate interest (Article 6(1)(f) GDPR) to provide a reliable and secure newsletter service.
Newsletter-tracking (Open and Click):
Mailchimp allows me to measure subscriber engagement and analyze the performance of my newsletter. When you open a newsletter, a file that has been integrated into the newsletter connects to Mailchimp’s servers to determine whether a newsletter has been opened and which links were possibly clicked on. Technical data, such as the time of access, IP address, type of browser and operating system, is also collected at that time. This data is used to analyze newsletter campaigns and to optimize my newsletter service. Processing is based on my legitimate interests (Article 6(1)(f) GDPR) to maintain an engaged email list and to minimize cost, to personalize and to improve my newsletter, and to analyze and increase sales.
I use open tracking and click tracking in emails to give me a general overview of my subscriber engagement. Open tracking tells me if my subscribers open the emails I send. My campaign report will show which contacts opened my newsletter, and how many total opens the newsletter received. Click tracking allows me to see if subscribers have clicked links in my newsletter. My campaign report will show which contacts clicked on my links, and how many times each link was clicked in total.
Each time I send an email campaign through Mailchimp, Mailchimp embeds a tiny invisible graphic in the bottom of my HTML email. This open tracker graphic, or web beacon, is unique to each newsletter I send. When someone opens my newsletter with images turned on, that graphic is downloaded from Mailchimp’s server, and is recorded as an open on my campaign report. Likewise, Mailchimp adds tracking information to each click-through URL. Each time a subscriber clicks a link in the newsletter, the tracking information redirects them through Mailchimp’s servers and sends them to the intended web address. That redirect through Mailchimp’s server is logged in my campaign report as a click.
If you’re not okay with an analysis by Mailchimp, please do not subscribe to my newsletter or, if you’re already subscribed, you can unsubscribe by using the corresponding link at the end of each newsletter.
d) Customer data
When you purchase from me, I process basic customer information, such as your full name, email address, shipping address, purchase information, and any additional information you include as a message (such as your time zone). I use this information to supply the service you’ve purchased and to keep records of such transactions. This processing is necessary in order for me to enter into a contract with you (Article 6(1)(b) GDPR). If you don’t provide the required information, I won’t be able to enter into the contract to deliver the service.
No payment details, such as your credit card details, are stored on my server.
Payment processing with Stripe:
Payment processing with PayPal:
I use a trusted third party service, PayPal, to process payments. When you choose PayPal as your payment method, you’ll be redirected to PayPal to make your payment. To process your payment, PayPal collects personal information necessary for payment processing. This processing is necessary in order for me to fulfill a contract with you (Article 6(1)(b) GDPR).
When you submit a testimonial, I process that information along with other information you voluntarily provide, such as your name, location, and photo, which I use to share with my audience. This processing is based on your consent (Article 6(1)(a) GDPR).
Should you no longer wish to provide your testimonial you can withdraw your consent at any time by sending me an email.
This website uses Google Analytics, a website analysis service by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”, text files that are stored on your computer to analyse your use of the website. The information generated by the cookie about your use of this website is usually sent to and stored at a Google server in the U.S.A.
You may prevent the installation of cookies by adjusting the settings of your browser; however, if you do so, you may be unable to use all features of this website. Further, you may prevent the collection of data generated by cookies (including your IP address) and related to the use of this websites as well as the processing of such data by Google by downloading and installing the plug-in under the following link: https://tools.google.com/dlpage/gaoptout
Objection to Data Collection
You may prevent the collection of data by Google Analytics by clicking the following link. Doing so, an Opt-Out-Cookie will be placed which prevents future data collection when visiting our website: Disable Google Analytics
We us the function “Activate IP-Anonymization”. Commissioned by the operators of this website, Google will use this information to evaluate your use of the website, to compile reports on website activities for website operators and to provide other services related to website and internet activities. Google will not merge your IP address with any other data held by Google.
This website places first party cookies to recognize you between sessions and pages. A cookie is a small text file that my website sends to your web browser. Your browser may store the cookie and send it back to my site when you make the next request to the site. This processing is based on my legitimate interest (Article 6(1)(f) GDPR) to provide an optimal browsing experience on my website.
This site uses no third party cookies.
You can disable the setting of cookies and delete already set cookies in your web browser’s settings.
Please note that if you disable the setting of cookies in the web browser you use to use my website, not all functions of the site may be entirely usable.
4. Data retention
I’ll store personal data until I no longer need it for the purpose it was collected for or until the time you ask me to anonymize and/or delete your data, unless further processing is still necessary for the purpose it was collected for or for compliance with a legal obligation to which I’m subject.
- Log data is deleted automatically, which may take up to 6 months for specific files.
- Contact form data is deleted at the end of each year, if applicable.
- I generally archive emails indefinitely.
- Newsletter data is stored indefinitely.
- Customer data is deleted after a period of ten years, if applicable. For tax purposes, German law requires that I keep basic information about my customers (such as full name and billing address) for ten years.
- If I recorded your session upon your request, I store the recording for you for one month, after which I’ll delete it.
- Testimonial data is stored indefinitely.
5. Recipients of personal data
I rely on third party services to maintain my own services.
- Google Analytics, USA
- PayPal, USA
- MailGun, USA
- Mailchimp, USA (Privacy Shield certified)
- Stripe, USA (Privacy Shield certified)
Wherever I collect personal data via this website, that information is encrypted and transmitted to me in a secure way. You can verify this by looking for a lock icon in the address bar and “https” at the beginning of the address of the webpage.
7. Your data rights
- You have the right to access personal data relating to you.
- You have the right to have inaccurate personal data rectified, or completed if it’s incomplete.
- You have the right to erasure (to be forgotten) in certain circumstances.
- You have the right to restrict processing in certain circumstances.
- You have the right to object processing in certain circumstances.
- You have the right to withdraw consent at any time (where relevant).
- You have the right to lodge a complaint with a supervisory authority.
For more information about your data rights visit: gdpr-info.eu.
8. External links
9. Changes to the policy