loaderimg
What
image
  • imageAction, Protection & Regeneration
  • imageArt & Storytelling
  • imageCommons & Reciprocity
  • imageCommunity Building
  • imageCommunity-Led Action
  • imageConservation & Protection
  • imageContemplative Traditions
  • imageContributing & Supporting
  • imageCulture, Community & Connection
  • imageEco-Pedagogy
  • imageEducation & Training
  • imageEnvironmental Activism
  • imageExploring & Orienting
  • imageFestivals & Gatherings
  • imageGrief, Ritual & Ceremony
  • imageIndigenous & Traditional Knowledge
  • imageInitiating & Connecting
  • imageInner Awareness & Practice
  • imageLearning, Research & Education
  • imageMeditation & Mindfulness
  • imagePlace-Based Initiatives
  • imagePracticing & Deepening
  • imageRegenerative Agriculture
  • imageResearch & Science
  • imageRewilding & Restoration
  • imageSomatic & Body-Based Practices
  • imageSpiritual Ecology
  • imageSystems Thinking
  • image• Personal Dot
  • image• Project & Initiative Dot
Where
image
contacts Sign In
image

Privacy Policy

================================================================================
PREAMBLE
================================================================================

With the following Privacy Policy, we would like to inform you about the types
of your personal data (hereinafter also referred to as “data”) we process, for
what purposes, and to what extent. This Privacy Policy applies to all processing
of personal data carried out by us, both in connection with the provision of our
services and in particular on our website, in mobile applications, and within
external online presences, such as our social media profiles (hereinafter
collectively referred to as the “online offering”).

The terms used are not gender-specific.

Last updated: March 10, 2026


================================================================================
TABLE OF CONTENTS
================================================================================

1. Preamble
2. Controller
3. Overview of Processing Activities
4. Applicable Legal Bases
5. Security Measures
6. Transmission of Personal Data
7. International Data Transfers
8. General Information on Data Storage and Deletion
9. Rights of Data Subjects
10. Provision of the Online Offering and Web Hosting
11. Use of Cookies
12. Registration, Login and User Account
13. Community Features
14. Blogs and Publication Media
15. Contact and Inquiry Management
16. Presences on Social Networks (Social Media)
17. Plug-ins and Embedded Functions and Content
18. Management, Organisation and Utilities
19. Changes and Updates
20. Definitions


================================================================================
1. CONTROLLER
================================================================================

Christian Stocker
Friedberger Landstraße 86
60316 Frankfurt am Main
Germany

Email: support@eco-awareness.earth


================================================================================
2. OVERVIEW OF PROCESSING ACTIVITIES
================================================================================

The following overview summarises the types of data processed and the purposes
of their processing, and refers to the data subjects concerned.

Types of Data Processed
———————–
– Inventory data
– Employee data
– Payment data
– Location data
– Contact data
– Content data
– Contract data
– Usage data
– Meta, communication and procedural data
– Log data

Categories of Data Subjects
—————————-
– Employees
– Prospective customers
– Communication partners
– Users
– Third parties
– Whistleblowers

Purposes of Processing
———————–
– Provision of contractual services and fulfilment of contractual obligations
– Communication
– Security measures
– Reach measurement
– Tracking
– Office and organisational procedures
– Target group formation
– Organisational and administrative procedures
– Feedback
– Marketing
– Profiles with user-related information
– Provision of our online offering and user-friendliness
– Information technology infrastructure
– Whistleblower protection
– Public relations


================================================================================
3. APPLICABLE LEGAL BASES
================================================================================

Applicable legal bases under the GDPR: The following provides an overview of
the legal bases of the GDPR on the basis of which we process personal data.
Please note that, in addition to the provisions of the GDPR, national data
protection regulations may apply in your or our country of residence or
domicile. Should more specific legal bases also be applicable in individual
cases, we will inform you of these in the Privacy Policy.

– Consent (Art. 6(1)(a) GDPR): The data subject has given consent to the
processing of their personal data for one or more specific purposes.

– Contract performance and pre-contractual enquiries (Art. 6(1)(b) GDPR):
Processing is necessary for the performance of a contract to which the data
subject is party, or in order to take steps at the request of the data subject
prior to entering into a contract.

– Legal obligation (Art. 6(1)(c) GDPR): Processing is necessary for compliance
with a legal obligation to which the controller is subject.

– Legitimate interests (Art. 6(1)(f) GDPR): Processing is necessary for the
purposes of the legitimate interests pursued by the controller or by a third
party, except where such interests are overridden by the interests or
fundamental rights and freedoms of the data subject.

National data protection regulations in Germany: In addition to the data
protection regulations of the GDPR, national data protection regulations apply
in Germany. These include, in particular, the Act on Protection against Misuse
of Personal Data in Data Processing (Federal Data Protection Act – BDSG). The
BDSG contains, in particular, special provisions on the right to information,
the right to erasure, the right to object, the processing of special categories
of personal data, processing for other purposes, and transmission, as well as
automated individual decision-making, including profiling. The data protection
laws of the individual federal states may also apply.


================================================================================
4. SECURITY MEASURES
================================================================================

We implement appropriate technical and organisational measures in accordance
with the legal requirements, taking into account the state of the art, the
costs of implementation, and the nature, scope, context and purposes of
processing, as well as the risk of varying likelihood and severity to the rights
and freedoms of natural persons.

These measures include, in particular, ensuring the confidentiality, integrity
and availability of data by controlling physical and electronic access to the
data, as well as access, input, transmission, ensuring availability and
separation of the data. We have also established procedures to ensure the
exercise of data subjects’ rights, the deletion of data, and responses to data
breaches. We also take the protection of personal data into account when
developing or selecting hardware, software and processes in accordance with the
principle of data protection by design and privacy-friendly default settings.

TLS/SSL encryption (HTTPS): In order to protect the data of users transmitted
via our online services from unauthorised access, we use TLS/SSL encryption
technology. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are
the cornerstones of secure data transfer on the Internet. These technologies
encrypt the information transmitted between the website or app and the user’s
browser (or between two servers), protecting the data from unauthorised access.
TLS, as the more advanced and secure version of SSL, ensures that all data
transmissions meet the highest security standards. When a website is secured by
an SSL/TLS certificate, this is signalled by the display of HTTPS in the URL,
which serves as an indicator for users that their data is being transmitted
securely and in encrypted form.


================================================================================
5. TRANSMISSION OF PERSONAL DATA
================================================================================

In the course of processing personal data, it may be transmitted to or
disclosed to other entities, companies, legally independent organisational
units, or persons. Recipients of this data may include, for example, service
providers commissioned with IT tasks, or providers of services and content
embedded in a website. In such cases, we observe the legal requirements and, in
particular, conclude appropriate contracts or agreements with the recipients of
your data that serve to protect your data.


================================================================================
6. INTERNATIONAL DATA TRANSFERS
================================================================================

Data processing in third countries: If we process data in a third country
(i.e., outside the European Union (EU) or the European Economic Area (EEA)), or
if this occurs in the context of the use of third-party services or the
disclosure or transfer of data to other persons, entities or companies, this
will only take place in accordance with the legal requirements.

For data transfers to the USA, we primarily rely on the Data Privacy Framework
(DPF), which was recognised as a safe legal framework by an adequacy decision
of the EU Commission dated 10 July 2023. In addition, we have concluded
standard contractual clauses with the respective providers, which meet the
requirements of the EU Commission and establish contractual obligations to
protect your data.

This dual safeguard ensures comprehensive protection of your data: the DPF
forms the primary level of protection, while the standard contractual clauses
serve as an additional safeguard. Should changes occur within the DPF
framework, the standard contractual clauses will serve as a reliable fallback.
This ensures that your data remains adequately protected even in the event of
political or legal changes.

For data transfers to other third countries, corresponding security measures
apply, in particular standard contractual clauses, explicit consent or legally
required transfers. Information on third-country transfers and applicable
adequacy decisions can be found in the information provided by the EU
Commission at:
https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_en


================================================================================
7. GENERAL INFORMATION ON DATA STORAGE AND DELETION
================================================================================

We delete personal data that we process in accordance with the statutory
provisions as soon as the underlying consents are revoked or no further legal
bases for processing exist. This applies to cases where the original purpose of
processing no longer applies or the data is no longer needed. Exceptions apply
where statutory obligations or special interests require longer retention or
archiving of the data.

In particular, data that must be retained for commercial or tax law reasons, or
whose storage is necessary for the pursuit of legal claims or the protection of
the rights of other natural or legal persons, must be archived accordingly.

Our privacy notices contain additional information on the retention and deletion
of data that specifically applies to certain processing operations.

Where multiple retention periods or deletion deadlines are specified for a piece
of data, the longest period shall always apply. Data no longer retained for its
originally intended purpose, but retained due to statutory requirements or other
reasons, is processed exclusively for the reasons justifying its retention.

The following general deadlines apply for retention and archiving under German law:

– 10 years: Books and records, annual financial statements, inventories,
management reports, opening balance sheets, together with the working
instructions and other organisational documents necessary for their
understanding (§ 147(1)(1) in conjunction with (3) AO, § 14b(1) UStG,
§ 257(1)(1) in conjunction with (4) HGB).

– 8 years: Accounting vouchers, such as invoices and cost receipts (§ 147(1)
(4) and (4a) in conjunction with (3)(1) AO and § 257(1)(4) in conjunction
with (4) HGB).

– 6 years: Other business documents: received commercial or business letters,
reproductions of dispatched commercial or business letters, other documents
relevant for taxation (§ 147(1)(2), (3), (5) in conjunction with (3) AO,
§ 257(1)(2) and (3) in conjunction with (4) HGB).

– 3 years: Data required for consideration of potential warranty and
compensation claims or similar contractual claims and rights, and for handling
related enquiries, based on past business experience and common industry
practices (§§ 195, 199 BGB).

Deadlines begin at the end of the year: Unless a deadline expressly commences
on a specific date and is at least one year in duration, it automatically
commences at the end of the calendar year in which the triggering event
occurred.


================================================================================
8. RIGHTS OF DATA SUBJECTS
================================================================================

Rights of data subjects under the GDPR: As a data subject, you have various
rights under the GDPR, which arise in particular from Articles 15 to 21 GDPR:

– Right to object: You have the right to object at any time, on grounds
relating to your particular situation, to the processing of personal data
concerning you which is based on Art. 6(1)(e) or (f) GDPR; this also applies
to profiling based on these provisions. If the personal data concerning you is
processed for the purpose of direct marketing, you have the right to object at
any time to the processing of personal data concerning you for the purpose of
such marketing, including profiling insofar as it is related to such direct
marketing.

– Right to withdraw consent: You have the right to withdraw consent granted at
any time.

– Right of access: You have the right to request confirmation as to whether
relevant data is being processed and to receive information about such data,
as well as further information and a copy of the data in accordance with the
statutory provisions.

– Right to rectification: You have the right, in accordance with the statutory
provisions, to request the completion of data concerning you or the
rectification of inaccurate data concerning you.

– Right to erasure and restriction of processing: In accordance with the
statutory provisions, you have the right to request that data concerning you
be deleted without delay, or alternatively to request a restriction of the
processing of the data in accordance with the statutory provisions.

– Right to data portability: You have the right to receive data concerning you
that you have provided to us in a structured, commonly used and
machine-readable format, or to request its transmission to another controller,
in accordance with the statutory provisions.

– Complaint to a supervisory authority: Without prejudice to any other
administrative or judicial remedy, you have the right to lodge a complaint
with a supervisory authority, in particular in the Member State of your
habitual residence, place of work or place of the alleged infringement, if you
consider that the processing of personal data relating to you infringes the
provisions of the GDPR.


================================================================================
9. PROVISION OF THE ONLINE OFFERING AND WEB HOSTING
================================================================================

We process users’ data in order to provide them with our online services. For
this purpose, we process the user’s IP address, which is necessary to transmit
the contents and functions of our online services to the user’s browser or
end device.

– Types of data processed: Usage data (e.g. page views and dwell time, click
paths, intensity and frequency of use, types of devices and operating systems
used, interactions with content and functions); Meta, communication and
procedural data (e.g. IP addresses, time details, identification numbers,
persons involved); Log data (e.g. log files relating to logins or the
retrieval of data or access times).

– Data subjects: Users (e.g. website visitors, users of online services).

– Purposes of processing and legitimate interests: Provision of our online
offering and user-friendliness; information technology infrastructure
(operation and provision of information systems and technical devices
(computers, servers etc.)); security measures.

– Retention and deletion: Deletion in accordance with the information in the
section “General Information on Data Storage and Deletion”.

– Legal bases: Legitimate interests (Art. 6(1)(f) GDPR).

Further information on processing operations, procedures and services:

Provision of the online offering on rented storage space: For the provision of
our online offering, we use storage space, computing capacity and software
rented from or otherwise obtained from a server provider (also referred to as a
“web host”). Legal bases: Legitimate interests (Art. 6(1)(f) GDPR).

Web host: United Domains AG, Gautinger Str. 10, 82319 Starnberg, Germany.
Website: https://www.united-domains.de
Privacy Policy: https://www.united-domains.de/datenschutz/

Collection of access data and log files: Access to our online offering is
logged in the form of “server log files”. Server log files may include the
address and name of the web pages and files accessed, the date and time of
access, the amount of data transferred, notification of successful retrieval,
browser type and version, the user’s operating system, referrer URL (the
previously visited page), and typically IP addresses and the requesting
provider. Server log files may be used for security purposes, e.g. to avoid
overloading the servers (particularly in the case of abusive attacks, so-called
DDoS attacks), and to ensure the utilisation of the servers and their stability.
Legal bases: Legitimate interests (Art. 6(1)(f) GDPR). Deletion of data: Log
file information is stored for a maximum period of 30 days and then deleted or
anonymised. Data whose further retention is required for evidentiary purposes is
exempt from deletion until the final resolution of the respective incident.


================================================================================
10. USE OF COOKIES
================================================================================

The term “cookies” refers to functions that store and retrieve information on
users’ end devices. Cookies may also be used for different purposes, such as
ensuring the functionality, security and convenience of online offerings, and
for the creation of analyses of visitor flows. We use cookies in accordance with
the statutory provisions. Where required, we obtain the prior consent of users.
Where consent is not required, we rely on our legitimate interests. This applies
where storing and retrieving information is essential to provide explicitly
requested content and functions — this includes, for example, the saving of
settings and ensuring the functionality and security of our online offering.
Consent may be withdrawn at any time. We clearly inform users about the scope
of cookies used.

Notes on legal bases: Whether we process personal data using cookies depends on
consent. Where consent has been given, it serves as the legal basis. Without
consent, we rely on our legitimate interests as set out above.

Storage duration: The following types of cookies are distinguished:
– Temporary cookies (also: session cookies): Temporary cookies are deleted at
the latest after a user has left an online offering and closed their end
device (e.g. browser or mobile application).
– Permanent cookies: Permanent cookies remain stored even after the end device
is closed. For example, the login status may be saved and preferred content
displayed directly when the user revisits a website. Cookies used for reach
measurement purposes may also be used. Unless otherwise stated, cookies and
similar storage methods may be stored on users’ devices for a period of up to
two years.

General information on withdrawal and objection (opt-out): Users may withdraw
their consent at any time and also object to processing in accordance with the
statutory provisions, including via their browser’s privacy settings.

– Types of data processed: Meta, communication and procedural data (e.g.
IP addresses, time details, identification numbers, persons involved).
– Data subjects: Users (e.g. website visitors, users of online services).
– Legal bases: Legitimate interests (Art. 6(1)(f) GDPR); Consent
(Art. 6(1)(a) GDPR).

Processing of cookie data on the basis of consent: We use a consent management
solution by means of which users’ consent to the use of cookies or to the
procedures and providers named in the consent management solution is obtained.
This procedure serves to obtain, log, manage and revoke consent, in particular
relating to the use of cookies and comparable technologies used to store, read
and process information on users’ end devices. Legal bases: Consent
(Art. 6(1)(a) GDPR).


================================================================================
11. REGISTRATION, LOGIN AND USER ACCOUNT
================================================================================

Users may create a user account. During registration, users are informed of the
required mandatory details, which are processed for the purposes of providing
the user account on the basis of contractual performance. The processed data
includes, in particular, login information (username, password, and an email
address).

As part of the use of our registration and login functions and the use of the
user account, we store the IP address and the time of the respective user action.
This is stored on the basis of our legitimate interests as well as those of
users in protection against misuse and other unauthorised use. This data is
generally not passed on to third parties unless it is necessary to pursue our
claims or there is a legal obligation to do so.

Users may be informed by email about processes relevant to their user account,
such as technical changes.

– Types of data processed: Inventory data; contact data; content data; usage
data; log data.
– Data subjects: Users.
– Purposes of processing: Provision of contractual services; security measures;
organisational and administrative procedures; provision of our online offering
and user-friendliness.
– Retention and deletion: Deletion in accordance with the section “General
Information on Data Storage and Deletion”. Deletion upon cancellation.
– Legal bases: Contract performance and pre-contractual enquiries
(Art. 6(1)(b) GDPR); Legitimate interests (Art. 6(1)(f) GDPR).

Further notes:
– Registration with real names: Due to the nature of our community, we ask
users to use our offering only under their real names. The use of pseudonyms
is not permitted.
– User profiles are public: User profiles are publicly visible and accessible.
– Deletion of data after cancellation: If users have cancelled their account,
their data relating to the user account will be deleted, subject to a legal
permission, obligation or consent of the users.
– No obligation to retain data: Users are responsible for backing up their data
prior to the end of the contract upon cancellation. We are entitled to
irreversibly delete all data stored during the contract period.


================================================================================
12. COMMUNITY FEATURES
================================================================================

The community features we provide allow users to enter into conversations with
each other or otherwise exchange information. Please note that the use of
community features is only permitted in compliance with the applicable legal
situation, our terms and guidelines, and the rights of other users and third
parties.

– Types of data processed: Inventory data; usage data.
– Data subjects: Users.
– Purposes of processing: Provision of contractual services; security measures;
provision of our online offering and user-friendliness.
– Legal bases: Contract performance and pre-contractual enquiries
(Art. 6(1)(b) GDPR); Legitimate interests (Art. 6(1)(f) GDPR).

Further notes:
– User contributions are public: Contributions and content created by users are
publicly visible and accessible.
– Protection of own data: Users decide for themselves what data they disclose
about themselves within our online offering. We ask users to protect their
data and to publish personal information only with care and only to the extent
necessary.


================================================================================
13. BLOGS AND PUBLICATION MEDIA
================================================================================

We use blogs or comparable means of online communication and publication
(hereinafter “publication medium”). Readers’ data is only processed for the
purposes of the publication medium to the extent necessary for its presentation
and communication between authors and readers, or for security reasons.

– Types of data processed: Inventory data; contact data; content data; usage
data; meta, communication and procedural data.
– Data subjects: Users.
– Purposes of processing: Feedback; provision of our online offering and
user-friendliness; security measures; organisational and administrative
procedures.
– Legal bases: Legitimate interests (Art. 6(1)(f) GDPR).

Comments and contributions: When users leave comments or other contributions,
their IP addresses may be stored on the basis of our legitimate interests. This
is done for our security in the event that someone leaves unlawful content in
comments and contributions (insults, prohibited political propaganda, etc.).


================================================================================
14. CONTACT AND INQUIRY MANAGEMENT
================================================================================

When contacting us (e.g. by post, contact form, email, telephone or via social
media) as well as in the context of existing user and business relationships,
the information provided by the enquiring persons is processed to the extent
necessary to respond to the contact enquiries and any requested measures.

– Types of data processed: Contact data; content data; meta, communication and
procedural data.
– Data subjects: Communication partners.
– Purposes of processing: Communication; organisational and administrative
procedures; feedback; provision of our online offering and user-friendliness.
– Legal bases: Legitimate interests (Art. 6(1)(f) GDPR); Contract performance
and pre-contractual enquiries (Art. 6(1)(b) GDPR).

Contact form: When contacting us via our contact form, by email or other
communication channels, we process the personal data transmitted to us to
respond to and process the respective enquiry. This generally includes details
such as name, contact information and, where applicable, further information
communicated to us that is necessary for appropriate processing. We use this
data exclusively for the stated purpose of contact and communication.


================================================================================
15. PRESENCES ON SOCIAL NETWORKS (SOCIAL MEDIA)
================================================================================

We maintain online presences within social networks and process user data in
this context in order to communicate with users active there or to offer
information about us.

We draw attention to the fact that user data may be processed outside the
European Union. This may result in risks for users because, for example, the
enforcement of users’ rights could be made more difficult.

Furthermore, user data within social networks is generally processed for market
research and advertising purposes. For example, usage profiles may be created
based on users’ usage behaviour and resulting interests, which may in turn be
used to place advertisements within and outside the networks that presumably
correspond to users’ interests.

For a detailed description of the respective forms of processing and the
possibilities of objection (opt-out), we refer to the privacy policies and
information provided by the operators of the respective networks.

In the case of requests for information and the assertion of data subject
rights, we also point out that these can most effectively be asserted with the
providers, as only they have access to users’ data and can take appropriate
measures and provide information directly.

– Types of data processed: Contact data; content data; usage data.
– Data subjects: Users.
– Purposes of processing: Communication; feedback; public relations.
– Legal bases: Legitimate interests (Art. 6(1)(f) GDPR).

Instagram: Social network for sharing photos and videos, commenting and
favouriting posts, sending messages, subscribing to profiles and pages.
Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4,
D04 X2K5, Ireland. Website: https://www.instagram.com
Privacy Policy: https://privacycenter.instagram.com/policy/
Legal basis for third-country transfers: Data Privacy Framework (DPF).

Facebook: Profile within the social network Facebook. The controller is jointly
responsible with Meta Platforms Ireland Limited for the collection and
transmission of data from visitors to our Facebook page (“fanpage”). This
includes, in particular, information about user behaviour (e.g. content viewed
or interacted with, actions taken) and device information (e.g. IP address,
operating system, browser type, language settings, cookie data). Users may
submit requests for information or deletion directly to Facebook.
Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4,
D04 X2K5, Ireland. Website: https://www.facebook.com
Privacy Policy: https://www.facebook.com/privacy/policy/
Legal basis for third-country transfers: Data Privacy Framework (DPF),
Standard Contractual Clauses.

LinkedIn: Social network. We are jointly responsible with LinkedIn Ireland
Unlimited Company for the collection (but not the further processing) of data
from visitors used to create “Page Insights” (statistics) for our LinkedIn
profiles. Users may submit requests for information or deletion directly to
LinkedIn.
Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2,
Ireland. Website: https://www.linkedin.com
Privacy Policy: https://www.linkedin.com/legal/privacy-policy
Legal basis for third-country transfers: Data Privacy Framework (DPF),
Standard Contractual Clauses (https://legal.linkedin.com/dpa).
Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

YouTube: We link to content on YouTube. When visiting YouTube pages, Google
may collect data about your usage behaviour.
Service provider: Google Ireland Limited, Gordon House, Barrow Street,
Dublin 4, Ireland. Website: https://www.youtube.com
Privacy Policy: https://policies.google.com/privacy
Legal basis for third-country transfers: Data Privacy Framework (DPF).


================================================================================
16. PLUG-INS AND EMBEDDED FUNCTIONS AND CONTENT
================================================================================

We integrate functional and content elements into our online offering that are
obtained from the servers of their respective providers (hereinafter referred to
as “third-party providers”). These may include, for example, graphics, videos
or maps (hereinafter uniformly referred to as “content”).

Integration always requires that the third-party providers of this content
process the IP address of users, as without the IP address they would not be
able to send the content to their browsers. The IP address is therefore
required for the display of this content or functions.

Notes on legal bases: Where we ask users for their consent to the use of
third-party providers, the legal basis for the processing of data is the
permission granted. Otherwise, user data is processed on the basis of our
legitimate interests (i.e. interest in efficient, economical and user-friendly
services).

– Types of data processed: Usage data; meta, communication and procedural data;
location data; contact data; content data.
– Data subjects: Users.
– Purposes of processing: Provision of our online offering and
user-friendliness; reach measurement; tracking; target group formation;
marketing.
– Retention and deletion: Storage of cookies for up to 2 years.
– Legal bases: Consent (Art. 6(1)(a) GDPR); Legitimate interests
(Art. 6(1)(f) GDPR).

Integration of third-party software, scripts or frameworks (e.g. WordPress
plugins / ListingPro Theme): We integrate software into our online offering
that we retrieve from servers of other providers. In doing so, the respective
providers collect the IP address of users and may process it for the purposes
of transmitting the software to users’ browsers, for security purposes, and
for evaluating and optimising their offering. Legal bases: Legitimate interests
(Art. 6(1)(f) GDPR).

Google Fonts (loaded from Google servers): We use fonts from Google Fonts to
display our online offering in a technically secure, low-maintenance and
efficient manner. The provider of the fonts is informed of the user’s IP
address so that the fonts can be made available in the user’s browser. In
addition, technical data (language settings, screen resolution, operating
system, hardware used) is transmitted, which is necessary for providing the
fonts depending on the devices and technical environment used.
Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4,
Ireland. Website: https://fonts.google.com/
Privacy Policy: https://policies.google.com/privacy
Legal basis for third-country transfers: Data Privacy Framework (DPF).
Further information: https://developers.google.com/fonts/faq/privacy

Note on Google Fonts: If you wish to prevent the transmission of your IP
address to Google when visiting our website, you may use a browser extension
that blocks Google Fonts, or configure your browser accordingly.

Google Maps: We integrate maps from Google Maps. The data processed may include
in particular IP addresses and location data of users.
Service provider: Google Cloud EMEA Limited, 70 Sir John Rogerson’s Quay,
Dublin 2, Ireland. Website: https://mapsplatform.google.com/
Privacy Policy: https://policies.google.com/privacy
Legal bases: Consent (Art. 6(1)(a) GDPR).
Legal basis for third-country transfers: Data Privacy Framework (DPF).

YouTube videos: Video content embedded from YouTube.
Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4,
Ireland. Website: https://www.youtube.com
Privacy Policy: https://policies.google.com/privacy
Legal bases: Consent (Art. 6(1)(a) GDPR).
Legal basis for third-country transfers: Data Privacy Framework (DPF).
Opt-out: https://tools.google.com/dlpage/gaoptout?hl=en
Ad settings: https://myadcenter.google.com/personalizationoff


================================================================================
17. MANAGEMENT, ORGANISATION AND UTILITIES
================================================================================

We use services, platforms and software from other providers (hereinafter
referred to as “third-party providers”) for the purposes of organising,
administering, planning and providing our services. When selecting third-party
providers and their services, we observe the legal requirements.

In this context, personal data may be processed and stored on the servers of
third-party providers. Various data that we process in accordance with this
Privacy Policy may be affected. This data may include, in particular, master
data and contact data of users, data on processes, contracts and other
procedures and their contents.

– Types of data processed: Content data; usage data; meta, communication and
procedural data; payment data; contract data.
– Data subjects: Communication partners; users; prospective customers.
– Purposes of processing: Provision of contractual services; office and
organisational procedures; marketing; provision of our online offering and
user-friendliness.
– Legal bases: Legitimate interests (Art. 6(1)(f) GDPR).


================================================================================
18. CHANGES AND UPDATES
================================================================================

We ask you to regularly inform yourself about the content of our Privacy Policy.
We will update the Privacy Policy as soon as changes to the data processing
carried out by us make this necessary. We will notify you as soon as the changes
require an action on your part (e.g. consent) or another individual notification.

Where we provide addresses and contact information of companies and
organisations in this Privacy Policy, please note that addresses may change over
time and ask you to verify the information before contacting us.


================================================================================
19. DEFINITIONS
================================================================================

Inventory data: Information required for the identification and management of
contractual partners, user accounts, profiles and similar assignments, including
names, contact information and identifiers.

Content data: Information generated during the creation, editing and publication
of content of all kinds, including texts, images, videos, audio files and other
multimedia content, as well as metadata such as tags, descriptions and
publication dates.

Contact data: Essential information enabling communication with persons or
organisations, including telephone numbers, postal addresses, email addresses,
and social media handles.

Log data: Information about events or activities logged in a system or network,
typically including timestamps, IP addresses, user actions, error messages and
other details about system usage.

Meta, communication and procedural data: Categories containing information about
how data is processed, transmitted and managed — including metadata, communication
records, and procedural documentation.

Usage data: Information capturing how users interact with digital products,
services or platforms, including page views, dwell times, click paths, device
information and location data.

Personal data: Any information relating to an identified or identifiable natural
person; a natural person is considered identifiable if they can be identified
directly or indirectly, in particular by means of an identifier such as a name,
an identification number, location data or an online identifier.

Profiling: Any form of automated processing of personal data consisting of the
use of personal data to evaluate certain personal aspects of a natural person,
in particular to analyse or predict aspects concerning performance, economic
situation, health, personal preferences, interests, reliability, behaviour,
location or movements.

Reach measurement (web analytics): The evaluation of visitor flows to an online
offering, potentially including the behaviour or interests of visitors in
particular information, such as the content of web pages.

Location data: Data generated when a mobile device connects to a radio cell,
WiFi or similar technical means; used to indicate the geographical position of
the device.

Tracking: The tracking of users’ behaviour across multiple online offerings,
typically by storing behaviour and interest information in cookies or on the
servers of tracking technology providers.

Controller: The natural or legal person, authority, institution or other body
which, alone or jointly with others, determines the purposes and means of the
processing of personal data.

Processing: Any operation or set of operations performed on personal data,
whether or not by automated means, including collection, recording, organisation,
structuring, storage, adaptation, retrieval, use, disclosure, dissemination,
erasure or destruction.

Contract data: Specific information relating to the formalisation of an
agreement between two or more parties, including the identities of the
contracting parties, the terms and conditions, pricing arrangements and duration.

Payment data: All information required for the processing of payment
transactions, including bank details, transaction data, verification numbers and
billing information.

Target group formation (Custom Audiences): The determination of target groups
for advertising purposes based on interests, usage behaviour or profile data.

================================================================================
Generated with reference to datenschutz-generator.de by Dr. Thomas Schwenke.
Translated and adapted for eco-awareness.earth by Christian Stocker.
================================================================================

The Space between the Dots

Crafted with 💚 in Frankfurt, hosted in Europe, made for Earth.

Linkedin Youtube

The Emerging Field of Eco-Awareness

People in the Field

Re-Source

Legal

© 2026 All Rights Reserved.