Privacy Policy

Responsible Authority

Susanne Weisheit
Am Berg 13
51519 Odenthal

Phone: +49 (0) 163 253 60 18
Email: s.weisheit@rethinking-organisations.de

and

Anna Stachow
Württembergische Str. 44
10707 Berlin, Germany

Phone: +49 (0) 176 345 405 78
Email: hallo@anna-stachow.de

and

Mathis Kleinschnittger
Bristolstr. 19
13349 Berlin

Phone: +49 (0) 163 712 64 53
Email: mk@kleinschnittgercoaching.de

and

Karin Schwettmann
Christinenstraße 3
10119 Berlin

Phone: +49 (0) 151 44 98 49 98
Email: kar.schwettmann@gmail.com

General Information

In compliance with our legal obligations, we wish to inform you about the collection and use of your personal data.

When you access our website, certain personal information may be collected. This can occur when you voluntarily provide data, such as your email address. In addition, some data may be gathered automatically by our systems whenever you visit the site, regardless of the device or software you are using.

Any data you submit in our app is provided voluntarily. You will not face any disadvantage if you choose not to provide information. However, certain services or contractual agreements cannot be provided without specific data, which we will always highlight when required.

All personal data on this website is collected and processed strictly in accordance with applicable data protection laws, particularly the General Data Protection Regulation (GDPR). Legal terms used herein are defined in Art. 4 GDPR.

Under the GDPR, data processing is permitted mainly in the following scenarios:

• According to Art. 6(1)(a) and Art. 7 GDPR, if you have provided consent for the processing of your data; this Privacy Policy explains in detail the purposes and circumstances under which your data will be used.
• According to Art. 6(1)(b) GDPR, when processing is necessary for the negotiation, execution, or fulfillment of a contract.
• According to Art. 6(1)(f) GDPR, if a legitimate interest assessment demonstrates that processing is necessary to safeguard our interests, including analyzing, optimizing, and securing our website, profiling for advertising, and storing access logs with potential involvement of third-party providers.

Inventory Data

We collect inventory or registration data only to the extent required to establish, manage, or modify a contract (including non-monetary agreements) between the user and us. This may include:

• Customer information (e.g., name, address)
• Contact details (e.g., email address, telephone number)
• Service information (e.g., services requested, duration, payment)

At the start of the user relationship, we will request this data and clearly indicate which pieces of information are necessary for the establishment of the user account.

Usage Data

We also collect usage data to enable the provision of services on our website. This can include:

• Usage information (e.g., visited pages, visit duration, interaction with services)
• Content data (e.g., data, text, images, audio, or videos you upload)
• Metadata (e.g., device type, location, IP address)

Usage data is only combined when necessary for billing purposes. Otherwise, data is processed pseudonymously unless you object. You may send such objections at any time to the contact provided in the “About Us” section or the responsible authority named in this Privacy Policy.

The legal basis for this data processing is our legitimate interest under Art. 6(1)(f) GDPR to analyze website usage, and, where applicable, Art. 6(1)(b) GDPR for contract negotiation.

Additionally, our hosting provider collects server log information automatically during each website visit. This includes:

• IP address
• Browser type and version
• Hostname
• Visit time
• Referring page
• Name of the visited page
• Exact usage time
• Amount of data transferred

This information is solely used for statistical purposes and does not identify individual users.

Advertising

We will always request your explicit consent under Art. 4(11) GDPR before sending you any advertisements, except in cases of promoting products similar to those you have already purchased. This applies, for instance, when subscribing to our newsletter or completing a contact form. You may withdraw your consent at any time as explained in the “Consent” section.

If we use your personal data for direct marketing, you also have the right to object to such use at any time. Objections can be submitted through any of our contact methods, particularly via email to the address listed in the “Legal Notice” section, without any formal requirements. Once you object, we will no longer use your data for direct marketing purposes.

Initial Contact via Electronic Communication

If you contact us electronically (e.g., email, fax, phone, messenger), we will store and process the data you provide (e.g., name, contact details, content of your message). This processing is based on our legitimate interest in efficient communication (Art. 6(1)(f) GDPR) and, where relevant to a contract inquiry or execution, also Art. 6(1)(b) GDPR.

We will only share such information with third parties if necessary for contract fulfillment (Art. 6(1)(b) GDPR), justified by overriding interests for service efficiency (Art. 6(1)(f) GDPR), based on your consent (Art. 6(1)(a) GDPR), or if legally required.

You may request information about the purpose, origin, and recipients of your data at any time without cost. You may also request corrections, deletion, or restriction of processing. You may object to further processing, request data portability, and file a complaint with the competent supervisory authority.

Data will be retained only as long as necessary for the stated purpose, unless longer retention is required to assert our rights, fulfill other legitimate interests, or comply with statutory obligations (e.g., tax or limitation periods).

Consent

Whenever we request your consent for data processing, we will clearly and transparently explain the purpose of your consent. Granting consent is entirely voluntary, and benefits obtainable via consent are also available without it.

You have the right to revoke your consent at any time without formal requirements, for example via our contact form, email, or an unsubscribe link if provided. Revocation does not affect the lawfulness of data processing conducted prior to withdrawal.

Retention Period

Data is generally stored only as long as necessary for the processing purpose. Extended retention may occur if required for asserting rights or fulfilling legitimate interests.

• Inventory data necessary for contract execution (including unpaid services) is retained until full contract fulfillment or termination, plus applicable limitation periods (generally 2–3 years), plus additional buffer for possible interruptions.
• Usage data collected during website use is retained only as long as needed for site functionality and legitimate interest. Statistical data is stored pseudonymously.
• Legal obligations (e.g., tax law) may require longer retention periods, typically 6–10 years.

Essential cookies

To ensure a fully functional, optimized, and secure website, we use cookies and similar technologies (pixels, web beacons, tags) in line with Art. 6(1)(f) GDPR.

Cookies are stored on your device and may be:

• Session cookies – automatically deleted when you leave our website
• Persistent cookies – stored until you delete them, allowing recognition of your browser on return visits

Our website only uses cookies essential for its operation. No external tracking or advertising cookies are used.

You can manage or block cookies via your browser settings:

• Chrome: delete cookies
• Safari: delete cookies
• Firefox: delete cookies
• Edge: delete cookies
• Internet Explorer: delete cookies

Blocking cookies may reduce functionality. More information on controlling third-party cookies:

• About Ads
• Your online choices
• Network Advertising

Data Transfer

Transfer to Third Parties

We do not share your data with third parties unless legally permitted or necessary.

Data may be transferred under the following circumstances:

• Required for contract execution, in line with Art. 6(1)(b) GDPR
• Necessary to ensure efficient service provision based on our legitimate interests, Art. 6(1)(f) GDPR
• Based on your explicit consent, Art. 6(1)(a) GDPR
• Required by law or requested by government authorities, Art. 6(1)(c) GDPR

All instances of data sharing with third parties are disclosed in this Privacy Policy.

Users’ Rights

You have the right to request information at any time about personal data we hold about you, free of charge. Identity verification may be required to prevent misuse.

Correction, Deletion, Restriction

You may request the correction of inaccurate data, completion of incomplete data, restriction of processing, or deletion of your data. This applies if processing is no longer justified, consent has been withdrawn, or processing is unlawful. Corrections, blocking, or deletion will be implemented promptly as permitted by law.

Objection

You may withdraw any consent given for processing of personal data at any time without formal requirements (e.g., via contact form, email, or unsubscribe link). Withdrawal does not affect prior processing.

Data Portability

You may request a machine-readable copy of data we hold about you.

Complaint

If you believe your data protection rights have been violated, you can file a complaint with the competent supervisory authority. A list of authorities can be found here.

Changes to the Privacy Policy

We reserve the right to update this Privacy Policy when factual or legal circumstances change. Such updates do not affect the validity of prior consent.

Online calendar / Calendly

We use Calendly (https://calendly.com/de), a service of Calendly LLC, USA, for scheduling appointments. Data entered during scheduling (including IP address) is transmitted to Calendly and may be processed in the USA under Standard Contractual Clauses and the EU-US Data Privacy Framework.

A data processing agreement ensures Calendly processes data only on our instructions. Data is used for appointment management and statistics and will not be shared with third parties. Data is stored only as long as necessary for the purpose, contractual obligations, legitimate interests, or statutory requirements.

Online Meetings / Zoom X

Sometimes we use external communication platforms (Zoom X, Telekom Deutschland GmbH) for video, audio, webinars, and online meetings. The legal basis may be:

• Contract execution, Art. 6(1)(b) GDPR
• Consent for recordings, Art. 6(1)(a) GDPR
• Legitimate interest in optimized online offerings, Art. 6(1)(f) GDPR

Data entered or displayed during sessions (e.g., name, email, usage data, audio/video, chat logs, screen sharing) is transmitted to the provider. Only pseudonymized identifiers are sent to register the meeting in the US.

We have a processing agreement with the provider ensuring GDPR compliance. Data is stored only as long as necessary for consent, contract fulfillment, legitimate interests, or legal requirements. Data is not shared with third parties, except for internal analysis or provider security/marketing purposes. For further use, see: https://www.telekom.de/­datenschutzhinweise.

Social Media Links

General Information

Our website contains links to social media platforms. Clicking these links may transmit data to the respective platforms. Social media platforms may store cookies, track usage, and target advertisements according to your interests. Please review the privacy policies of these platforms before using them.

LinkedIn

We link to our LinkedIn profile (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland). Simply visiting our website does not notify LinkedIn, but clicking the link does. Data may be transferred to the USA.

We have a data processing agreement with LinkedIn and ensure transfers are compliant with GDPR through Standard Contractual Clauses and the EU-US Data Privacy Framework. For more information, see LinkedIn’s privacy policy: https://www.LinkedIn.com/legal/­privacy-policy.

Social Media Fan Page

We maintain a presence on the social media platform LinkedIn.

Jointly Responsible: LinkedIn Ireland Limited Company Wilton Place Dublin 2, Ireland

Contact LinkedIn: https://www.LinkedIn.com/help/­LinkedIn/ask/PPQ?lang=de

When you visit our LinkedIn profile, some of your data may be transferred to the United States.

We have ensured that such data transfers are legally compliant, based on a contract that uses Standard Contractual Clauses, and LinkedIn is certified under the EU-US Data Privacy Framework. Consequently, transfers to the USA are legally secure, in accordance with the adequacy decision issued on 10.07.2023.

A data processing agreement with LinkedIn ensures that your personal data is processed solely on our instructions and in accordance with the GDPR. More details are available in LinkedIn’s privacy policy: https://www.LinkedIn.com/legal/­privacy-policy.

LinkedIn also provides us with statistical reports, which are generated independently by LinkedIn and then shared with us. These reports may include interaction metrics and other anonymized statistical data.

If you are logged into LinkedIn, you have various options to control how your data is processed by the platform. Your privacy settings can be managed directly through LinkedIn, as explained in their privacy documentation.

You may also deactivate LinkedIn’s advertising cookie via this opt-out link: https://www.LinkedIn.com/­psettings/guest-controls/­retargeting-opt-out

Status of the Privacy Policy: 28.10.2025