Privacy Policy

This privacy policy informs you about the type, scope, and purpose of the processing of personal data (hereinafter referred to as "data") within the scope of our services, as well as within our online offering and the associated websites, functions, and content, including external online presences such as our social media profiles (hereinafter collectively referred to as "online offering").

Regarding the terms used (e.g., "processing" or "controller"), we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

Controller

Officebird by Sara Krause
Alter Stadtweg 22
38110 Braunschweig
sara@theofficebird.com

Legal Notice: https://www.theofficebird.com/imprint

Types of Data Processed

  • Inventory data (e.g., names, addresses)

  • Contact data (e.g., email, phone numbers)

  • Content data (e.g., text input, photographs, videos)

  • Usage data (e.g., visited websites, access times)

  • Meta/communication data (e.g., device information, IP addresses)

  • Contract data (e.g., contract subject, duration)

  • Payment data (e.g., bank details, invoices)

  • Location data

  • Social data in exceptional cases according to § 35 SGB I (e.g., coaching documentation)

Categories of Data Subjects

  • Visitors and users of the online offering

  • Customers and interested parties

  • Communication partners

  • Event participants

  • Clients as part of educational programs

Purposes of Processing

  • Provision of the online offering

  • Responding to contact requests

  • Security measures

  • Reach measurement, marketing

  • Contract execution

  • Newsletter distribution and customer retention

  • Competitions and event organization

  • Web analysis and optimization

  • Online advertising / remarketing

  • Operation of CRM and communication systems

Platforms/Services Used

We use Brevo (formerly Sendinblue) for automating marketing and communication tasks (including newsletter distribution, lead management, customer communication).
Service provider: Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany.
Privacy Policy: https://www.brevo.com/de/legal/privacypolicy/

Legal Basis

In accordance with Art. 13 GDPR, we inform you of the legal bases for our data processing. Unless otherwise stated, the following applies:

  • Art. 6(1)(a) GDPR – Consent

  • Art. 6(1)(b) GDPR – Contract fulfillment and pre-contractual measures

  • Art. 6(1)(c) GDPR – Legal obligations

  • Art. 6(1)(d) GDPR – Protection of vital interests

  • Art. 6(1)(e) GDPR – Performance of a task carried out in the public interest

  • Art. 6(1)(f) GDPR – Legitimate interests

Special categories of personal data (Art. 9(1) GDPR) are processed only with explicit consent (Art. 9(2)(a) GDPR).

Security Measures

We implement appropriate technical and organizational measures per Art. 32 GDPR to ensure a level of protection appropriate to the risk. These include:

  • Access controls (e.g., authentication, role rights)

  • Encryption (e.g., SSL/TLS for the website)

  • Backups and logging

IP masking: Where possible, IP addresses are pseudonymized.
SSL encryption: Our website uses HTTPS to transmit your data securely.

Collaboration with Processors and Third Parties

Data is only transferred to third parties if necessary for contract fulfillment (e.g., payment providers, web hosting), legal obligation, or with your consent.

We have data processing agreements in place with external service providers under Art. 28 GDPR.

Examples:

  • Brevo (email communication, newsletters)

  • Netcup (web hosting)

  • Google (Analytics, Tag Manager, Ads)

  • LinkedIn (social networks)

Data Transfer to Third Countries

Data transfer outside the EU/EEA only occurs when there is an adequate level of data protection (e.g., EU Standard Contractual Clauses or Binding Corporate Rules).

Note: Use of U.S. services (e.g., Google, Meta) may pose some risk regarding access by U.S. authorities.

Your Rights as a Data Subject

You have the right to:

  • Access (Art. 15 GDPR)

  • Rectification (Art. 16 GDPR)

  • Erasure (Art. 17 GDPR)

  • Restriction of processing (Art. 18 GDPR)

  • Data portability (Art. 20 GDPR)

  • Objection (Art. 21 GDPR)

  • Withdraw consent (Art. 7(3) GDPR)

  • Lodge a complaint with a supervisory authority (Art. 77 GDPR)

Cookies and Tracking Technologies

Our website uses cookies and similar technologies (small text files stored on the user's device), serving various purposes:

  • Essential cookies: Necessary for website functionality (e.g., login, form protection)

  • Statistics cookies: For reach measurement, error analysis, improvement

  • Marketing cookies: For interest-based advertising, retargeting, conversion tracking

Cookie Consent

Unless technically necessary, cookies are only set with your explicit consent per Art. 6(1)(a) GDPR. Consent is obtained via a consent banner and can be revoked at any time.

You may also disable cookies via your browser settings, which may limit website functionality.

Web Analytics and Online Marketing

Google Analytics
Used for website analysis. Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Based on your consent (Art. 6(1)(a) GDPR). IP addresses are anonymized (IP masking).
Info: https://policies.google.com/privacy
Opt-out: http://tools.google.com/dlpage/gaoptout

Google Ads & Remarketing
Used for advertising and conversion tracking. Processes data like IP address, visited pages, clicks, browser info.
Legal basis: Art. 6(1)(a) GDPR

LinkedIn Insights Tag
For conversion tracking and audience targeting on LinkedIn.
Provider: LinkedIn Ireland Unlimited Company.
Legal basis: Art. 6(1)(a) GDPR
Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

Use of Brevo

We use Brevo, a tool by Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany for:

  • CRM system (contact management, lead management)

  • Email communication and newsletter distribution

  • Automated marketing processes (e.g., follow-up emails)

Newsletter

If you subscribe to our newsletter, we use your data solely for that purpose via Brevo. Subscription is via a double opt-in process. You can revoke your consent at any time.

  • Collected data: Email address, optionally name

  • Tracking for performance measurement (e.g., open and click rates)

  • Legal basis: Art. 6(1)(a) GDPR

Embedded Content and Plugins

We integrate third-party content and services to enhance presentation and functionality. This may involve the processing of your IP address by external servers.

Used Services:

Use of such content is based on our legitimate interest (Art. 6(1)(f) GDPR) in offering an attractive, technically sound, and optimized online service.

Your Rights as a Data Subject

Under the GDPR, you have the following rights:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure ("right to be forgotten", Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to object to processing based on Art. 6(1)(e) or (f) GDPR (Art. 21 GDPR)

  • Right to withdraw consent (Art. 7(3) GDPR)

  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

Changes and Updates to This Privacy Policy

We reserve the right to amend this privacy policy to reflect legal changes or changes in services and data processing. Users are encouraged to review the content regularly.

If your participation (e.g., consent) is required, we will actively inform you.


Last updated: July 1, 2025