Privacy policy

DATA PROTECTION INFORMATION

Welcome to my website https://www.functionalmedicinecoaching.de/ Caroline Beer Coaching


In the following privacy information you will find out what happens to your data, the so-called personal data, and why. Furthermore I will tell you how I protect your data, when the data will be deleted and which rights you have thanks to data protection. First of all: I comply with the data protection laws and the European basic data protection regulation and protect your privacy as best I can.


But I want to be completely open: The Internet thrives on data exchange and still has many security gaps. Even if your data is encrypted when you visit my website, there is always a residual risk when exchanging data with other websites. If you visit other websites - for example via a link on my website - please note that this data protection declaration does not apply to these external websites. I would also like to point out that e-mails are an unencrypted and therefore fundamentally insecure communication medium.


However, I am of the opinion that education and knowledge about data protection help to better assess possible dangers. For this reason I have prepared this data protection declaration. To the best of my knowledge and belief, the following information is compiled in accordance with Article 13 EU-DSGVO.


I process personal data (hereafter: data) of my clients (customers), suppliers and business partners in automated and non-automated form. This involves the following data: Name and address, date of birth, telephone numbers (if available fixed and mobile) and - if available - e-mail address. In addition, health data and information are also processed within the scope of my service. This always under the aspect of necessity, legality and purpose appropriate, in accordance with Article 5 DSGVO.


In addition, the bank details are recorded as voluntary information. Under "processing of data" are understood, for example, the following operations: The collection, recording, organisation, storage, use, transmission, dissemination and deletion of data (Article 4 No. 2 of the Basic Data Protection Regulation - DSGVO).


Who can you contact?

In the company, § 38 BDSG (as amended) applies. The responsible body within the meaning of the data protection laws, in particular the EU Basic Data Protection Regulation (DSGVO), is

Caroline Beer Coaching

Caroline Beer

Erftstraße 102

41460 Neuss

phone: +49 177 7373233

e-mail: carolinebeer@mail.de

What are your rights?


You can contact me at any time if you have questions about your rights in data protection or if you want to assert one of your following rights.

Right of withdrawal according to art. 7 para. 3 DSGVO (e.g. you can contact me if you want to cancel a previously given consent to receive a newsletter)

Right to information according to art. 15 DSGVO (e.g. you can contact me if you want to know which data I have stored about you)


Correction according to Art. 16 DSGVO (e.g. you can contact me if your e-mail address has changed and you want me to replace the old e-mail address)

Deletion according to art. 17 DSGVO (e.g. you can contact me if you want me to delete certain data I have stored about you)


Restriction of processing in accordance with Art. 18 DSGVO (e.g. you can contact me if you do not want me to delete your e-mail address, but only use it to send you e-mails that are absolutely necessary)


Data transferability according to art. 20 DSGVO (e.g. you can contact me to receive your data stored with me in a compressed format, e.g. because you want to make the data available to another website)


Opposition according to Art. 21 DSGVO in the case of processing operations pursuant to Article 6 para. 1, letters e. and f. (e.g. you can contact me if you do not agree with one of the advertising or analysis procedures stated here)


Right to complain to the competent supervisory authority in accordance with Art. 77 para. 1 f DSGVO (e.g. you can also contact the data protection supervisory authority directly in the event of complaints)


The competent supervisory authority is:

State Commissioner for Data Protection and

Freedom of Information North Rhine-Westphalia

Cavalry Road 2-4

40213 Düsseldorf

Phone: 0211 38424-0

fax: 0211 38424-10

e-mail: poststelle@ldi.nrw.de


Categories of persons concerned

Visitors and users of the online offer (in the following we will refer to the persons concerned collectively as "users").

Furthermore, customers/clients, suppliers, service providers and business partners

Purpose of the processing


  • Provision of the online offer, its functions and contents
  • Responding to contact requests and communication with users
  • Safety and security measures
  • Reach measurement / marketing and analytics (cookie)


In addition, personal data will only be processed within the scope of my business purpose in accordance with article 6 DSGVO and article 9 DSGVO paragraph 2 lit. h. This always under the aspect of necessity, legality and purpose appropriate, in accordance with Article 5 DSGVO.

Relevant legal bases for the processing


In accordance with Art. 13 DSGVO I inform you about the legal basis of my data processing. For users from the area of application of the Basic Data Protection Regulation (DSGVO), i.e. the EU and the EEC, the following applies unless the legal basis is stated in the data protection declaration:


the legal basis for obtaining consent is Art. 6 para. 1 lit. a and Art. 7 DSGVO


the legal basis for processing for the purpose of fulfilling my services and carrying out contractual measures as well as answering inquiries is Art. 6 para. 1 lit. b DSGVO;


the legal basis for the processing for the fulfilment of my legal obligations is Art. 6 para. 1 lit. c DSGVO;

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO serves as the legal basis.


the legal basis for the processing necessary to perform a task carried out in the public interest or in the exercise of official authority delegated to the controller is Art. 6 para. 1 lit. e FADP.


the legal basis for the processing necessary to safeguard my legitimate interest is Art. 6 para. 1 lit. f DSGVO.


the processing of data for purposes other than those for which they were collected is governed by Art. 6 para. 4 DSGVO.


the processing of special categories of data (in accordance with Art. 9 para. 1 DSGVO) is governed by the provisions of Art. 9 para. 2 DSGVO.


Deletion of data and storage duration

Unless otherwise stated, I will delete your data as soon as they are no longer needed, e.g. your e-mail address after unsubscribing from my newsletter. Your data will also be blocked or deleted if a storage period prescribed by law expires, unless it is necessary to store the data for the purpose of concluding or fulfilling a contract. Certain data may have to be kept longer for legal reasons. Of course, you can request information about the stored data and their retention periods at any time.


Visit my website

When you visit my website, SSL or TLS encryption is used to protect the transmission of incoming and outgoing requests. You can recognize an encrypted connection by the fact that the address line of your browser starts with "https://" and by the lock symbol in your browser line. If you just want to browse my website, no personal data will be collected, except for the data your browser transmits to enable you to visit the website, first of all:


  • Name of the website you are visiting (e.g. the website you have just visited)
  • Date and time of retrieval (e.g. 11:45 on 25.05.2018)
  • transmitted data volume (e.g. 2427 bytes)
  • Message about successful retrieval (e.g. information whether there was an error when the page was called)
  • Browser type and version (e.g. the used browser Firefox 60.0.1)
  • the operating system of the user (e.g. macOS 10.13.4)
  • Referrer URL (the previously visited page)
  • IP address and the requesting provider (e.g. 95.91.215.example or 2a02:8109:9440:1198:bdb1:551f:example)
  • Status codes (e.g. status code 200: request successfully processed)


Most interesting for you as a visitor of my website is the IP address, since this is data that can theoretically be traced back to you as a person. As a protective measure in favour of your privacy, all data will be deleted from my website 7 days after your visit. The purpose of the temporary storage of the data at the beginning is to ensure the connection as well as accessibility and correct display of my website. The IP address and the technical data already mentioned are necessary to display the website, to avoid display problems for visitors and to correct error messages. The legal basis is the so-called legitimate interest, which has been examined in the context of the aforementioned protective measures and in accordance with the European data protection requirements from Art. 6 Para. 1 lit. f DSGVO.


SSL Encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to me as site operator. You can recognize an encrypted connection by the fact that the address line of your browser changes from "http://" to "https://" and by the lock symbol in your browser line.

The provider of the SSL certificate is https://www.digicert.com/de/.

If SSL encryption is activated, the data you transmit to me cannot be read by third parties.


Security measures

In accordance with the legal requirements and taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the varying probability of occurrence and severity of the risk to the rights and freedoms of natural persons, I will take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk.


These measures shall include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling the physical access to the data, as well as the access, input, disclosure, security of availability and separation of the data relating to them. In addition, procedures are in place to ensure that data subjects' rights are exercised, data is deleted, and data is reacted to threats to the data. Furthermore, I take the protection of personal data into account already during the development and selection of hardware, software and procedures, according to the principle of data protection by designing technology and by using data protection-friendly default settings. Here in particular my online offer and the information compiled here.


Cooperation with contract processors, jointly responsible parties and third parties

If, in the course of my processing, I disclose data to other persons and companies (processors, jointly responsible parties or third parties), transfer them to them or otherwise grant them access to the data, this will only be done on the basis of a legal authorization.


I make sure that collaborations with business partners and service providers are either regulated by a contract processing agreement or that a declaration of commitment to confidentiality and adherence to data and business secrets has been concluded.


Transfers to third countries

If data is processed in a third country (i.e. countries outside the European Union) or if this is done in the context of using services of third parties (software, applications etc.), this is only done if it is necessary to fulfill my (pre-)contractual obligations. Or if I have your consent to do so. Subject to legal or contractual permissions, I will only process or allow the data to be processed in a third country if the legal requirements are met. This means that the processing is carried out, for example, on the basis of special guarantees, such as the officially recognized establishment of a level of data protection corresponding to that of the EU (e.g. for the USA through the "Privacy Shield") or compliance with officially recognized special contractual obligations.


Blog

As a further source of information about my services, insights and interesting products I run a blog on my website. The blog is a subpage. Here I inform my clients/customers and interested parties through small contributions, field reports and short stories. You can use this blog as part of my web presence. No separate registration or log-in is required.


Contact me at

When contacting me (e.g. via contact form, e-mail, telephone or social media), the user's details will be used to process the contact request and its handling in accordance with Art. 6 Par. 1 lit. b. (within the scope of contractual/pre-contractual relations), Art. 6 para. 1 lit. f. (other inquiries) DSGVO are processed. User data may be stored, for example, in a customer relationship management system ("CRM system") or generally system-based. Inquiries that are not relevant or do not need to be stored will be deleted. The Google tool ReCaptcha is used for the security of your data entries in the contact form environment.


ReCaptcha:

On my website the functions of "ReCaptcha" for the detection of bots, e.g. when entering data into online forms, are integrated. The behavioral data of the users (e.g. mouse movements or queries) are evaluated in order to distinguish humans from bots (e.g. robots).


Service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Headquarters of the company is: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA Further information can be found at: https://www.google.com/recaptcha/ and in their privacy policy: https://policies.google.com/privacy as well as in their Privacy Shield (guaranteeing the level of data protection when processing data in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&status=Active and also about the possibility of objection (opt-out).


Inquiry by e-mail, telephone or fax

If you contact me by e-mail or telephone, your inquiry including all personal data (name, inquiry) will be stored and processed by me for the purpose of processing your request. I will not pass on this data without your consent.


The processing of this data is based on Art. 6 para. 1 lit. b DSGVO, if your inquiry is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases the processing is based on your consent (Art. 6 para. 1 lit. a DSGVO) and/or on my legitimate interest (Art. 6 para. 1 lit. f DSGVO), as I am very interested in the effective processing of the inquiries addressed to me.


Appointment booking form

You have the possibility to contact me via my appointment booking form. You can give me the following data:

  • Name
  • e-mail address
  • Phone number


As a protective measure, contact is established - just like visits to the rest of the website - via an encrypted connection. Furthermore, I apply the principle of data minimization and only enter the data actually required in the contact form. After the successful establishment of contact with you and if the data is no longer needed for communication with you, your data will be deleted immediately. The sole purpose of the requested data is to contact you, which is why the data is only used for this purpose. The legal basis is the so-called legitimate interest, which has been examined to pursue the purpose and within the framework of the aforementioned protective measures and in accordance with the European data protection requirements from Art. 6 Para. 1 lit. f DSGVO. Furthermore, the processing of your data is also necessary for the fulfilment of the pre-contract/contract or pre-contractual measures (contacting and offer). Art. 6 para. 1 lit. b DSGVO

Online scheduling with circuityscheduling.


In order to facilitate the scheduling of my offers, the online appointment planner of Acuityscheduling is integrated on my website. It runs over a SSL encryption (like e.g. the electronic banking). This means that the personal data is encrypted (not "listenable") and transmitted over the internet. For this purpose a SSL-capable browser (all modern browsers support SSL) is required.

Further information relevant to data protection can be found at https://www.squarespace.com/privacy. A contract for order processing was concluded with the provider.


Cookies

My website partly uses so called cookies. Cookies are small text files that are usually stored in a folder of your browser. Cookies contain information about the current or last visit to the website:


  • Name of the website
  • Expiration date of the cookie
  • Any value


Unless cookies contain an exact expiration date, they are only temporarily stored and automatically deleted as soon as you close your browser or restart the terminal device. Cookies with an expiration date remain stored even if you close your browser or restart the device. Such cookies are not removed until the specified date or if you delete them manually.


The following types of cookies are used:


1. basic/necessary cookies /essential

These cookies are essential for the functioning of my website. This is for example the assignment of anonymous session IDs to bundle several queries to a web server or the error-free function of registrations and orders.


2. functionality cookies/functionality

These cookies help to save your chosen settings or support other functions when you navigate on my website. For example, your preferred settings can be saved for your next visit or you can save your login data for certain areas of my website.


3. performance/statistics cookies /marketing

These cookies collect information about how you use my website (e.g. the Internet browser used, number of visits, pages called up or the time spent on the website). These cookies do not store any information that allows personal identification of the visitor. The information collected by these cookies is aggregated and therefore anonymous.


4. targeting/third party cookies/marketing

Third-party cookies are cookies that are offered by providers other than the person responsible for operating the website (otherwise, if it is only their cookies, it is called "first-party cookies") These cookies are used for statistical purposes, are anonymous and are analyzed by third parties.


Cookie banner

We use an active cookie banner according to the current ruling of the EUGH. Here you have the possibility to decide for yourself which form of cookies may be used when visiting my website. Please make sure that you pay close attention to the information in the banner and click on the setting you want according to the selection.


If cookies or tracking technologies are used, I will inform you again separately in this privacy information.


Right of objection for direct advertising

A general objection to the use of cookies used for online marketing purposes can be declared for many of the services, especially in the case of tracking, via the US site https://www.aboutads.info/choices/ or the EU site https://www.youronlinechoices.com/. Furthermore, the storage of cookies can be achieved by deactivating them in the browser settings. Please note that in this case not all functions of this online offer can be used.

You can configure, block and delete cookies in the settings of your browser. If you delete all cookies from my website, it is possible that some functions of the website will not be displayed correctly. Helpful information and instructions for common browsers are provided by the Federal Office for Information Security:

https://www.bsi-fuer buerger.de/BSIFB/DE/Empfehlungen/EinrichtungSoftware/EinrichtungBrowser/Sicherheitsmassnahmen/Cookies/cookies_node.html


Webinars and Video Conferences with ZOOM

In order to offer my webinars and also video conferences, I use the product ZOOM. Zoom is a communication software that offers video conferencing, online meetings, chat and mobile collaboration. This enables me to get in direct contact with you and make the content of my webinars accessible to the participants. For participation I will send you a link by e-mail. In Zoom you have the possibility to decide in which way you want to join the video/audio webinar. In some cases and only with your consent and prior information, the webinar will be recorded for training purposes.

When conducting meetings, the participants decide whether they want to participate actively and visibly or just watch. For further information, please visit: https://zoom.us/de-de/feature.html


The zoom client is available for PC, Mac, iOS, Android and BlackBerry, among others.

The provider Zoom has acquired certification of the EU-US Privacy Shield and is committed to data protection in accordance with the EU DSGVO data protection information: https://zoom.us/de-de/privacy.html


I use this videoconferencing software to provide my services online under the aspect of DSGVO Art. 6, lit. b and f.

Call and video conferencing with Skype


I use Skype as another tool for communicating with my clients/customers via the Internet in the form of calls and video conferences. Please note that before using Skype, users agree to the terms of use.


Skype is a service provided by Skype Communications S.à r.l. (a wholly owned subsidiary of Microsoft Corporation based in Luxembourg) that allows you to send and receive voice, video and instant messages. As part of providing these features, Microsoft collects, uses and shares personal information about the user, including information about the Skype communications (the time and date of the communication, the numbers or user names that are part of the communication). More information about this can be found in the "Skype" section at https://privacy.microsoft.com/de-de/privacystatement/. There is a Skype button on my website. This button is just a regular web link (HTML hyperlink). Only when you open the Skype app installed on your terminal device is it possible to use this communication channel in accordance with Microsoft's Skype Terms of Use.


Online presence

In addition to my own website, I also maintain online presences on Facebook, Instagram and LinkedIn to communicate with the users active there and to inform them about my services. The users' data (e.g. posts and messages) are processed by me exclusively for communication purposes on the basis of voluntary requests and contributions. Of course these can be deleted by the user at any time.

Furthermore, the terms and conditions and the following data processing guidelines of the respective operators apply when calling up these profiles:


Facebook data policy

https://de-de.facebook.com/about/privacy/


Instagram Data Policy

https://help.instagram.com/155833707900388


Youtube Data Policy

https://support.google.com/youtube/answer/2801895?hl=de


Zoom Data Policy

https://zoom.us/de-de/privacy.html


Google Privacy Policy

https://policies.google.com/privacy?hl=de


LinkedIn Data Policy

https://www.linkedin.com/legal/privacy-policy?_l=de_DE


I would therefore like to point out that user data is also used by the operators on their own responsibility (e.g. to personalize their own products, to provide personalized advertisements and other sponsored content, and for market research) and that I have no influence on the scope of this data processing as the operator of the online presence. Among other things, social network operators may also use cookies, which are stored on the various end devices of the users (computers, telephones, tablets, etc.). The concrete scope of data processing depends in each individual case on the data protection/privacy settings selected by the user or activated in the user profile. It is therefore recommended to check these settings at regular intervals; any possible objection possibilities (so-called opt-out) and ways to restrict data processing can be found in the aforementioned data processing guidelines of the operator.


Furthermore, I cannot exclude the possibility that the social network operator may transfer user data to third countries, such as the USA, or that it may be processed by companies affiliated with the social network operators that use the infrastructure, systems and technology of the aforementioned social networks.


In addition, the social network operators also regularly provide page statistics functions that allow me to gain an overview of the reach, page views and contributions of my online presence. I use this data, which is available in aggregated form where available, to adjust my contributions and activities on my online presences and to improve interaction with users. However, I have no influence on the generation, presentation and availability of these statistics. For further information, I refer to the aforementioned data processing guidelines of the respective social network operators.

I use these social networks and platform to provide my services online under the aspect of the DSGVO Art. 6, lit. b and f.


Contradiction advertising e-mails

The use of contact data published within the scope of the imprint obligation for the transmission of not expressly requested advertisement and information materials is hereby contradicted. As the operator of this website, I reserve the right to take legal action in the event of unsolicited advertising material being sent, for example by spam e-mail.


Payments and payment methods

The billing of my service is done in advance (prepayment). For the payment processing you will receive the necessary bank details from me. As far as you use the online offer of your bank, credit institute or savings bank for this purpose, please pay attention to their terms of use.


Prepayment

If you choose the payment method prepayment, we will give you our bank details in the order confirmation and you will receive a confirmation of receipt of payment. With this confirmation your appointment with me is also confirmed binding.

Changes and updates of the privacy policy

Please inform yourself regularly about the content of this data protection information. This is because it will be updated as soon as changes in the data processing performed by me make this necessary.


Status 03/2020



Share by: