Cookies, privacy and policies
Privacy Policy
1. Data Protection at a Glance
General Information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data by which you can be personally identified. Detailed information on data protection can be found in the full privacy policy listed below.
Data Collection on This Website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. Their contact details can be found in the section “Information on the Responsible Party” in this privacy policy.
How do we collect your data?
Some data is collected when you provide it to us, for example by entering data into a contact form.
Other data is collected automatically or after your consent when you visit the website through our IT systems. This includes mainly technical data (e.g. internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter this website.
What do we use your data for?
Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyze user behavior.
What rights do you have regarding your data?
You have the right at any time to obtain information free of charge about the origin, recipients, and purpose of your stored personal data. You also have the right to request correction or deletion of this data. If you have given consent to data processing, you may revoke this consent at any time for the future. Furthermore, you have the right, under certain circumstances, to request restriction of the processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority.
You may contact us at any time regarding this or any other questions related to data protection.
2. Hosting
We host the content of our website with the following provider:
Stephen J. Thompson
Bildgasse 2
6020 Innsbruck, Österreich
Tel.: +49 15236333691
E-Mail: steven@breathingsoul.com
Squarespace
The provider is Squarespace Ireland Ltd., Le Pole House, Ship Street Great, Dublin 8, Ireland (hereinafter “Squarespace”).
Squarespace is a tool for creating and hosting websites. When you visit our website, your data is processed on Squarespace servers. Personal data may also be transferred to Squarespace Inc., 8 Clarkson St, New York, NY 10014, USA. Squarespace also stores cookies that are required for the display of the website and to ensure security (essential cookies).
The use of Squarespace is based on Art. 6(1)(f) GDPR. We have a legitimate interest in providing a reliable presentation of our website. If consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TTDSG, insofar as consent includes the storage of cookies or access to information on the user’s device (e.g. device fingerprinting). Consent can be revoked at any time.
Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses.
Details can be found here:
https://support.squarespace.com/hc/de/articles/360000851908-DSGVO-und-Squarespace
Squarespace is certified under the EU–US Data Privacy Framework (DPF).
Data Processing Agreement
We have concluded a data processing agreement (DPA) with Squarespace. This agreement ensures that personal data of our website visitors is processed only in accordance with our instructions and in compliance with the GDPR.
Squarespace Video Hosting
Videos on this website are hosted directly via the website builder Squarespace.
When you visit a page that contains an embedded video, a connection to Squarespace servers is established in order to display the video. In this process, technical data such as your IP address, browser type, device information, and the time of access may be processed.
The use of Squarespace video hosting is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in providing video content in a stable, secure, and user-friendly manner.
If consent is requested (e.g. via a cookie consent banner), processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent may be revoked at any time.
Data processing is carried out by Squarespace Ireland Ltd. Personal data may be transferred to Squarespace Inc. in the United States. Such data transfers are safeguarded by the EU Commission’s Standard Contractual Clauses and the EU–US Data Privacy Framework.
3. General Information and Mandatory Disclosures
Data Protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.
When using this website, various personal data are collected. Personal data is data by which you can be personally identified. This privacy policy explains what data we collect and what we use it for, as well as how and for what purpose this occurs.
We point out that data transmission over the internet (e.g. communication by email) may have security vulnerabilities. Complete protection of data against access by third parties is not possible.
Information on the Responsible Party
The responsible party for data processing on this website is:
The responsible party is the natural or legal person who determines the purposes and means of processing personal data.
Storage Duration
Unless a more specific storage period is stated in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent, your data will be deleted unless other legally permissible reasons for storage exist (e.g. tax or commercial retention periods). In such cases, deletion occurs after these reasons no longer apply.
Legal Bases for Data Processing
If you have given consent, we process your personal data based on Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR for special categories of data.
If consent includes the transfer of data to third countries, processing is additionally based on Art. 49(1)(a) GDPR.
If cookies or similar technologies are used, processing is additionally based on § 25(1) TTDSG. Consent can be revoked at any time.
If data is required for contract fulfillment or pre-contractual measures, processing is based on Art. 6(1)(b) GDPR.
If processing is required to fulfill a legal obligation, it is based on Art. 6(1)(c) GDPR.
Processing may also be based on our legitimate interest pursuant to Art. 6(1)(f) GDPR.
Recipients of Personal Data
In the course of our business activities, we cooperate with external parties. Personal data is transferred only if necessary for contract fulfillment, legal obligations, legitimate interest, or another legal basis. When using processors, data is transferred only based on a valid data processing agreement.
Revocation of Consent
You may revoke any consent you have given at any time. The legality of processing carried out before the revocation remains unaffected.
Right to Object (Art. 21 GDPR)
If data processing is based on Art. 6(1)(e) or (f) GDPR, you have the right to object at any time for reasons arising from your particular situation.
If data is processed for direct advertising purposes, you may object at any time. After objection, data will no longer be used for advertising purposes.
Right to Lodge a Complaint
In the event of GDPR violations, you have the right to lodge a complaint with a supervisory authority, particularly in your country of residence or workplace.
Right to Data Portability
You have the right to receive data processed automatically based on your consent or a contract in a commonly used, machine-readable format, or to have it transferred to another controller where technically feasible.
Right of Access, Rectification, and Erasure
You have the right at any time to obtain free information about your stored personal data, its origin, recipients, and purpose, as well as the right to rectification or erasure.
Right to Restriction of Processing
You may request restriction of processing in cases such as disputed accuracy, unlawful processing, or pending interest balancing after objection.
SSL / TLS Encryption
This website uses SSL/TLS encryption for security reasons. Encrypted connections are indicated by “https://” and the lock symbol in the browser.
4. Data Collection on This Website
Cookies
This website uses cookies. Cookies are small data packets and do not harm your device. They may be session cookies or persistent cookies.
Cookies may be first-party or third-party cookies. Some cookies are technically necessary, while others are used for analytics or advertising.
Necessary cookies are stored based on Art. 6(1)(f) GDPR. If consent is requested, processing is based on Art. 6(1)(a) GDPR and § 25(1) TTDSG.
You can configure your browser to manage or disable cookies. Disabling cookies may limit website functionality.
Contact Form
If you send inquiries via the contact form, your details will be stored for processing your request.
Processing is based on Art. 6(1)(b), (f), or (a) GDPR. Data remains stored until deletion is requested or the purpose ceases.
Contact by Email, Phone, or Fax
If you contact us via email, phone, or fax, your inquiry and related data will be stored to process your request.
Processing is based on Art. 6(1)(b), (f), or (a) GDPR. Data will be deleted upon request or when no longer required.
5. Plugins and Tools
Adobe Fonts
This website uses Adobe Fonts for consistent font display.
Provider: Adobe Systems Incorporated, San Jose, CA, USA.
When accessing the website, your browser loads fonts directly from Adobe servers. Adobe may receive your IP address. According to Adobe, no cookies are stored.
Processing is based on Art. 6(1)(f) GDPR (legitimate interest in uniform typography).
Data transfer to the USA is based on the EU Standard Contractual Clauses.
Adobe is certified under the EU–US Data Privacy Framework (DPF).
Acuity Scheduling
This website uses Acuity Scheduling, an online appointment scheduling service provided by Squarespace, Inc.
When you book an appointment via Acuity Scheduling, personal data such as your name, email address, phone number, appointment details, and any additional information you provide is processed for the purpose of managing and fulfilling appointments.
Acuity Scheduling uses cookies and similar technologies that are necessary for the functionality, security, and proper operation of the booking process.
The processing of this data is based on Art. 6(1)(b) GDPR (performance of a contract or pre-contractual measures) and Art. 6(1)(f) GDPR (legitimate interest in providing an efficient booking system). If consent is requested, processing is based on Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent may be revoked at any time.
Data processing is carried out by Squarespace Ireland Ltd. Personal data may be transferred to Squarespace Inc., USA. These data transfers are safeguarded by the EU Commission’s Standard Contractual Clauses and the EU–US Data Privacy Framework.
A data processing agreement (DPA) has been concluded with the provider in accordance with Art. 28 GDPR.
Further information can be found in Acuity’s privacy policy.
Squarespace Audio Hosting
Audio content on this website is hosted directly via the website builder Squarespace.
When you visit a page that contains embedded audio, a connection to Squarespace servers is established to enable playback. In this process, technical data such as your IP address, browser type, device information, and time of access may be processed.
The use of Squarespace audio hosting is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in providing audio content in a stable, secure, and user-friendly manner.
If consent is requested (e.g. via a cookie consent banner), processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent may be revoked at any time.
Data processing is carried out by Squarespace Ireland Ltd. Personal data may be transferred to Squarespace Inc. in the United States. Such transfers are safeguarded by the EU Commission’s Standard Contractual Clauses and the EU–US Data Privacy Framework.