top of page

Privacy Policy (Datenschutzerklärung)

Last updated: Nov 10, 2025

1. Introduction and Data Controller

This privacy policy explains how we collect, use, and protect your personal data when you visit our website.

Data Controller (Responsible Party):

Alexis Fernandez
Lychener Str. 52
10437 Berlin, Germany
Email: alexis@alem.company

2. General Information About Data Processing
 

2.1 Scope of Data Processing

We process personal data only to the extent necessary to provide a functional website and our services. Personal data is only collected, used, and passed on with your consent or if permitted by law.

2.2 Legal Basis

We process your data based on the following legal grounds under the EU General Data Protection Regulation (GDPR):

  • Art. 6(1)(a) GDPR: Consent for specific processing purposes

  • Art. 6(1)(b) GDPR: Processing necessary to fulfill a contract or take pre-contractual steps

  • Art. 6(1)(f) GDPR: Processing based on our legitimate interests (e.g., website security, analytics)

3. Data Collection on Our Website

3.1 Server Log Files

3.2 Cookies

Our website uses cookies – small text files stored on your device to improve functionality and analyze website usage.

Types of Cookies:

  • Essential Cookies: Required for basic website functionality (e.g., session management). These cannot be disabled.

  • Analytics Cookies: Help us understand how visitors use our website (if we implement analytics)

  • Marketing Cookies: Used for personalized advertising (only if implemented)

Cookie Consent: Before setting non-essential cookies, we will ask for your explicit consent. You can manage your cookie preferences through our cookie consent banner.

Legal Basis: Art. 6(1)(a) GDPR (consent for non-essential cookies); Art. 6(1)(f) GDPR (legitimate interest for essential cookies)

3.3 Contact Forms and Email Communication

When you contact us via email or through a contact form on our website, we collect the information you provide, including:

  • Your name

  • Email address

  • Message content

  • Any other information you voluntarily provide

Purpose: To respond to your inquiry and communicate with you about our services.

Legal Basis: Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in responding to inquiries)

Storage Duration: We store this data until your inquiry is resolved, and then for up to 3 years to document our communication for legal or business purposes.

3.4  Lead Magnet and Newsletter Subscription

When you sign up for our lead magnet or newsletter, we collect:

  • Your email address

  • Your name (if provided)

  • Date and time of signup

  • IP address (for verification purposes)

Purpose: To send you the requested resources and, if you've consented, marketing communications about our services.

Legal Basis: Art. 6(1)(a) GDPR (consent)

Double Opt-In: You will receive a confirmation email to verify your email address. Your subscription is only activated after you confirm.

Withdrawal of Consent: You can unsubscribe at any time by clicking the unsubscribe link in any email or contacting us directly. Your data will be deleted after unsubscribing unless we are legally required to retain it.

Email Service Provider: ConvertKit processes your data on our behalf. Data may be transferred outside the EU with appropriate safeguards in place.

3.4  Lead Magnet and Newsletter Subscription

When you sign up for our lead magnet or newsletter, we collect:

  • Your email address

  • Your name (if provided)

  • Date and time of signup

  • IP address (for verification purposes)

Purpose: To send you the requested resources and, if you've consented, marketing communications about our services.

Legal Basis: Art. 6(1)(a) GDPR (consent)

Double Opt-In: You will receive a confirmation email to verify your email address. Your subscription is only activated after you confirm.

Withdrawal of Consent: You can unsubscribe at any time by clicking the unsubscribe link in any email or contacting us directly. Your data will be deleted after unsubscribing unless we are legally required to retain it.

Email Service Provider: ConvertKit processes your data on our behalf. Data may be transferred outside the EU with appropriate safeguards in place.

4. Third-Party Services and Integrations

4.1 Appointment Scheduling (TidyCal)

Our website includes an embedded booking system from TidyCal to schedule appointments.

What Data is Collected: When you book an appointment, TidyCal collects:

  • Your name

  • Email address

  • Any information you provide in the booking form

  • Appointment date and time preferences

Purpose: To facilitate appointment scheduling and send you booking confirmations.

Legal Basis: Art. 6(1)(b) GDPR (contract fulfillment) or Art. 6(1)(a) GDPR (consent)

Data Recipient: TidyCal (part of Sumo Group Inc.). Please review TidyCal's privacy policy for information on how they process your data: https://tidycal.com/privacy-policy

Data Transfer: TidyCal may transfer data to servers outside the European Union. These transfers are protected by appropriate safeguards.

4.2 Analytics Tools

Currently, we do not use analytics tools. If we implement analytics services (such as Google Analytics or privacy-friendly alternatives), we will update this policy and obtain your consent where required.

5. Data Security

We use appropriate technical and organizational security measures to protect your data against unauthorized access, loss, or manipulation. These measures include:

  • SSL/TLS encryption for data transmitted between your browser and our server

  • Regular security updates and monitoring

  • Access restrictions for personnel who handle personal data

  • Secure data storage with our hosting provider

However, please note that no method of transmission over the internet is 100% secure.

6. Your Rights Under GDPR

You have the following rights regarding your personal data:
 

6.1 Right of Access (Art. 15 GDPR)
You have the right to request confirmation of whether we process your personal data and, if so, to receive a copy of that data.
 

6.2 Right to Rectification (Art. 16 GDPR)
You have the right to request correction of inaccurate personal data.
 

6.3 Right to Erasure (Art. 17 GDPR)
You have the right to request deletion of your personal data under certain circumstances (e.g., when data is no longer necessary or consent is withdrawn).
 

6.4 Right to Restriction of Processing (Art. 18 GDPR)
You have the right to request that we restrict processing of your data under certain conditions.
 

6.5 Right to Data Portability (Art. 20 GDPR)
You have the right to receive your personal data in a structured, commonly used format and to transmit it to another controller.
 

6.6 Right to Object (Art. 21 GDPR)
You have the right to object to processing based on legitimate interests (Art. 6(1)(f) GDPR) or for direct marketing purposes.
 

6.7 Right to Withdraw Consent
If processing is based on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.
 

6.8 Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated.
 

German Supervisory Authority:
 Die Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
 Graurheindorfer Str. 153
 53117 Bonn
 Germany
 Website: https://www.bfdi.bund.de
 

Berlin Data Protection Authority:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59-61
10555 Berlin
Germany
Website: https://www.datenschutz-berlin.de

7. Data Retention

We retain your personal data only as long as necessary for the purposes for which it was collected or as required by law. Specific retention periods:

  • Server logs: 90 days

  • Contact inquiries: Up to 3 years after resolution

  • Marketing consent/newsletter: Until consent is withdrawn

  • Contractual data: As required by German tax and commercial law (typically 6-10 years)

8. International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). When we transfer data to countries without an adequacy decision from the EU Commission, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the EU Commission

  • Adequacy decisions (e.g., EU-US Data Privacy Framework)

  • Binding Corporate Rules

9. Children's Privacy

Our services are not directed at children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately.

10. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will post the updated policy on this page and update the "Last Updated" date. Significant changes will be communicated through a notice on our website or by email if you've provided your contact information.

11. Contact Us

If you have questions about this privacy policy or wish to exercise your data protection rights, please contact us:

Alexis Fernandez
Email: alexis@alem.company
Address: Lychener Str. 52, 10437 Berlin

bottom of page