PRIVACY POLICY

Effective Date: 1st May 2023

Thank you for your interest in our Website. The protection of your Personal Data (“Personal Data")  is of great concern to Us. We therefore process your Data exclusively on the basis of the legal requirements of the GDPR in conjunction with other relevant legal provisions.

Disclosure of information for the Website www.isnotso.com (the "Website") pursuant to Article 13 of the EU General Data Protection Regulations ("GDPR") concerning Data Processing (‚ÄúProcessing‚ÄĚ) operations in the context of access to and use of the Website.

All programs, products, and services are owned and provided by IsNotSo and Kim Sch√ľtzhofer KG a.k.a. Kim.E (‚ÄúCompany‚ÄĚ or ‚ÄúWe‚ÄĚ or ‚ÄúUs‚ÄĚ or ‚ÄúOur‚ÄĚ). The term ‚ÄúYou‚ÄĚ or ‚ÄúYour‚ÄĚ refers to any user or purchaser of said program(s), product(s) or service(s) (the ‚ÄúOffering‚ÄĚ).

This Privacy Policy is designed to explain how We collect, use, share, and protect the personal information You provide to Us when You access Our website, purchase Our goods or services, or engage with Us on social media, as well as Your own rights to the information We collect.

Please read this Privacy Policy carefully. We will alert You to any changes to this Policy by changing the ‚Äúlast updated‚ÄĚ date at the top of this Policy. Any changes become effective immediately upon publication on Our Website, and You waive specific notice of any changes to the Policy by continuing to use and access Our site(s). We encourage You to review this Privacy Policy periodically, when You use Our Website for any purpose or engage with Us on social media. You are deemed to have accepted any changes to any revised Privacy Policy by Your continued use of Our website after the revised Privacy Policy is posted.

With certain exceptions, Data Protection regulations focus on the Processing of Personal Data. For the purpose of this Privacy Policy, We will use the GDPR terminology. This means that the Processing of Personal Data basically includes any handling of such Data. As long as the Data processed by Us is human-related and makes You identifiable as a person, it is basically Personal Data, which means that You are to be regarded as the person affected by Data Processing as defined in Article 4(1) of the GDPR.

You are not obliged to provide Data. Data that is automatically processed as a result of accessing the Website is not Personal Data or is only stored for a very short period of time.

1. Data Processing Operations

1.1 DERIVATIVE DATA

Derivative data is information that Our servers automatically collect about You when You access Our website, such as Your IP address, browser type, the dates and times that You access Our website, and the specific pages You view. If You are using a mobile application, Our servers may collect information about Your device name and type, Your phone number, Your country of origin, and other interactions with Our application. Derivative data may also include data collected by third-party service providers, such as advertising and analytics providers, and may include cookies, log data, or web beacons. Cookies are discussed more fully below. Derivative data collected by third-party service providers generally does not identify a specific individual.

1.2 LOG FILES

You can visit Our Website without having to provide any personal information. When You visit Our Website, only general access Data is automatically stored in so-called server log files. Like many other websites, We make use of log files. These files merely log visitors to the site ‚Äď usually a standard procedure for hosting companies and a part of hosting services‚Äô analytics. The information inside the log files includes internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date/time stamp, referring/exit pages, and possibly the number of clicks. This information is used to analyse trends, administer the site, track user‚Äôs movement around the site, and gather demographic information. IP addresses and other such information are not linked to any information that is personally identifiable.¬†

(a) Type and Scope of Data Processing: 

In particular, the following Data is processed: (i) name of the website visited; (ii) browser type/browser version used; (iii) operating system used by the user; (iv) website previously visited (referrer URL); (v) time of the server visit; (vi) amount of Data transferred; (vii) host name of the accessing computer (IP address used in abbreviated form). This information does not itself allow Us to draw any conclusions about Your person; however, IP addresses are considered Personal Data within the framework of the GDPR.

(b) Legal Basis and Purpose: 

The purpose of this Data Processing is to establish and maintain the technical security of Our Website, to improve its quality and to generate statistical information. The Processing is carried out on the basis of Our legitimate interest (Art. 6 para. 1(f) of the GDPR), which is to achieve the aforementioned objectives.

(c) Storage Period: 

The server log files are always deleted automatically after fourteen (14) days, at the latest.

1.3 PERSONAL DATA

Personal Data is information that can be used to identify You specifically, including Your name, shipping address, email address, telephone number, or demographic information like Your age, gender, or hometown. You consent to giving Us this information by providing it to Us voluntarily on Our website or any mobile application. You provide some of this information when You register with or make purchases from Our Website. You may also provide this information by participating in various activities associated with Our site, including responding to blogs, contacting Us with questions, or participating in group training. Your decision to disclose this data is entirely voluntary. You are under no obligation to provide this information, but Your refusal may prevent You from accessing certain benefits from Our website or from making purchases.

(a) Type and Scope of Data Processing: 

When contacting Us via one of the contact options listed within this Privacy Policy or on Our Website, the information provided by You will be processed for the purpose of handling the contact request and for the Processing thereof. The Processing of Your Data is necessary to process and respond to Your enquiry, as We would be unable to contact You otherwise.

(b) Legal Basis and Purpose: 

The purpose of Data Processing is to enable Us to exchange information with users of the Website. We answer your enquiries on the basis of Our legitimate interest (Art. 6 para. 1(f) of the GDPR) by having a functioning contact system as a prerequisite for the provision of any services. In the case of recurring contact requests, Your Data may also be processed for other purposes about which You will be informed separately if necessary.

(c) Storage Period: 

We will delete Your enquiry/enquiries and Your contact details once Your enquiry has been conclusively answered. Unless You send Us any follow-up enquiries or We need to process the Data for other purposes, Your Data will generally be stored for six (6) months and deleted after this period.

1.4 NEWSLETTER

We offer the opportunity for You to volunteer certain information to Us that is used for email and marketing purposes. This information includes, but is not limited to, Your name and email. You will have an opportunity to unsubscribe from any future communications via email, but We reserve the right to maintain a database of past email subscribers. We reserve the right to use this information as reasonably necessary in Our business and as provided by law. Your information will be shared with reasonably necessary parties for the ordinary course of conducting Our business, such as through Facebook ads or Google Pay Per Click marketing campaigns.

(a) Type and Scope of Data Processing: 

You have the option of subscribing to Our newsletter on Our Website. All You need to do is enter Your name and email address. The newsletter informs You about news concerning Our company; it is sent exclusively to email addresses provided by interested parties themselves. 

In the event that You no longer wish to receive the newsletter, You can unsubscribe at any time (revoke Your consent) by sending a message to the contact address listed under point 1, or by clicking on the unsubscribe link at the end of each newsletter. For the purpose of evaluating success and reach, We also use the newsletter for statistical evaluations in connection with Your Personal Data and measure the performance of the newsletter by Processing the opening and click behaviour, as well as information about its technical deliverability.

(b) Newsletter Delivery:

For the delivery of the newsletter, we use the newsletter service ‚ÄúKajabi‚ÄĚ, which is operated by 17100 Laguna Canyon Road, Suite 100, Irvine, CA 92603, USA. For this purpose, Your voluntarily disclosed Personal Data is stored on the servers of Kajabi in order to send You the newsletter You subscribed to. Kajabi acts as our processor within this framework and is strictly bound by Our instructions.

(c) Legal Basis and Purpose: 

The above-mentioned Data is processed for the purpose of direct advertising in the form of a newsletter and is necessary to enable the newsletter to be sent. Under no circumstances will a newsletter, or other electronic advertising, be sent without Your prior consent which we obtain on our Website in accordance with Art. 6 para. 1(a) of the GDPR. Any evaluation of the performance of the newsletter is carried out on the legal basis of our overriding legitimate interest in compiling easily manageable and marketing-effective newsletter statistics in a cost-effective manner (Art. 6 para. 1(f) of the GDPR).

(d) Storage Period: 

The Data collected for the purpose of sending the newsletter will be deleted within seven (7) days of unsubscribing, provided that there are no statutory retention periods against this and the Data is not also permissibly processed for other purposes.

1.5 FINANCIAL DATA

Financial data is data that is related to Your payment method, such as credit card or bank transfer details. We collect financial data in order to allow You to purchase, order, return, or exchange products or services from Our Website and any related mobile apps. We store limited financial data. Most financial data is transferred to Our payment processor, PayPal or Stripe, and you should review these processors’ Privacy Policy to determine how they use, disclose, and protect your financial data. As a courtesy, PayPal’s Privacy Policy: PayPal Privacy Statement and Stripes Privacy Policy: Stripes Privacy Policy.

1.6 SOCIAL NETWORKING DATA

We may access personal information from social networking sites and apps, including Facebook, Instagram, LinkedIn, Twitter, or other social networking sites or apps not named specifically here, which may include Your name, Your social network username, location, email address, age, gender, profile picture, and any other public information. If You do not want Us to access this information, please go to the specific social networking site and change Your privacy settings.

1.7 MOBILE DEVICE DATA

If You use Our website via a mobile device or app, We may collect information about Your mobile device, including device ID, model and manufacturer, and location information.

1.8 OTHER DATA

On occasion, You may give Us additional data in order to enter into a contest or giveaway or to participate in a survey. You will be prompted for this information and it will be clear that You are offering this kind of information in exchange for an entry into such a contest or giveaway.

2. How we use your information

Your information allows Us to offer You certain products and services, including the use of Our website, to fulfil Our obligations to You, to customize Your interaction with Our company and Our website, and to allow Us to suggest other products and services We think might interest You. We generally store Your data and transmit it to a third party for processing. However, to the extent We process Your data, We do so to serve Our legitimate business interests (such as providing You with the opportunity to purchase Our goods or services and interact with Our website or mobile app).

Specifically, We may use the information and data described above to:

  1. Create and administer Your account;
  2. Deliver any products or services purchased by You to You;
  3. Correspond with You; 
  4. Process payments or refunds; 
  5. Contact You about new offerings that We think You will be interested in; 
  6. Interact with You via social media; 
  7. Send You a newsletter or other updates about Our company or website; 
  8. Deliver targeted advertising; 
  9. Request feedback from You; 
  10. Notify You of updates to Our product and service offerings; 
  11. Resolve disputes and troubleshoot any problems; 
  12. Administer contests or giveaways; 
  13. Generate a profile that is personalised to You, so that future interactions with Our website will be more personal; 
  14. Compile anonymous statistical data for Our own use or for a third party’s use; 
  15. Assist law enforcement as necessary; 
  16. Prevent fraudulent activity on Our website or mobile app; 
  17. Analyse trends to improve Our website and offerings. 

3. Grounds for using and processing your data

The information We collect and store is used primarily to allow Us to offer goods and services for sale. In addition, IsNotSo and Kim Sch√ľtzhofer KG a.k.a. Kim.E, may collect, use, and process Your information based on the following grounds:¬†

3.1 LEGITIMATE BUSINESS INTERESTS

We may use and process Your data for Our legitimate business interests, which include, amongst other things, communicating with You, improving Our goods or services, improving Our website, and providing You with the information or products that You have requested. 

3.2 PERFORMANCE OF CONTRACT

We may use and process Your information to enter into a contract with You and to perform Our contractual obligations to You. 

3.3 CONSENT

We may use Your data, or permit selected third parties to use Your data, based on Your consent to Our use and sharing of that data. You may withdraw Your consent at any time, but doing so may affect Your ability to use Our website or other offerings. 

3.4 AS REQUIRED BY LAW

We may also use or process Your data as required for Us to comply with legal obligations. 

4. Disclosure of your information

We may share Your information with third parties in certain situations. In particular, We may share Your data with third-party processors as needed to serve Our legitimate business interests, which include administration of Our website, administration of Your account, entering into contracts with You, communicating with You, taking orders for goods or services, delivering Our goods and services, identifying trends, protecting the security of Our company and website, and marketing additional goods and services to You. The legal basis for Our disclosure of Your data is both Your Consent to this Privacy Policy and Our own right to protect and promote Our legitimate business interests.

The following are specific reasons why We may share Your information: 

4.1 THIRD PARTY PROCESSING

We may disclose Your information to third parties who assist Us with various tasks, including payment processing, hosting services, email delivery, communications, and customer service. We may not always disclose these third-party processors if not required by law. We do not authorise them to use or disclose Your personal information except in connection with providing Our company with their services.

4.2 BY LAW

We may share Your data as required by law or to respond to legal process, including a subpoena, or as necessary to protect the rights, property, and safety of others. This includes sharing information with other parties to prevent or address fraud and to avoid credit risks. 

4.3 TO PROTECT OUR COMPANY

We may use Your information to protect Our company, including to investigate and remedy any violations of Our rights or policies. We may also disclose Your information as reasonably necessary to acquire and maintain insurance coverage, manage risks, obtain financial or legal advice, or to exercise or defend against legal claims. 

4.4 BUSINESS TRANSFERS

In the unlikely event Our company engages in a merger, acquisition, bankruptcy proceedings, dissolution, reorganisation, or similar transaction or proceeding, We may transfer or share Your data as part of that proceeding. In such transitions, customer information is one of the business assets that is acquired by a third party. You acknowledge that such business transfers may occur and that Your personal information can continue to be stored, used, or processed as otherwise set forth in this privacy policy. 

4.5 THIRD-PARTY MARKETING

We may disclose Your information to certain third parties as listed on Our Website for the purpose of enabling them to contact You so that they can offer You relevant goods and services. 

4.6 ADVERTISERS

We may use third-party advertising companies to run and manage Our ads, such as Facebook, Instagram and Pinterest to produce ads that appear when You visit Our website or mobile app. These companies may use information about Your visit to Our Website and other websites that are contained in web Cookies (as described below) to offer You personalised advertisements about goods and services that might interest You. We cannot control the activities of such other advertisers or web sites. You should consult the respective Privacy Policies of these third-party advertisers for more detailed information on their practices as well as for instructions about how to opt-out of certain practices.

Please note that, at this time, We do not recognise automated browser signals regarding tracking systems, which may include ‚Äúdo not track‚ÄĚ instructions.¬†

4.7 OTHER THIRD PARTIES

We may share information with advertisers, Our investors, or other third parties for the purpose of conducting general business analysis. If We do so, We will make reasonable efforts to inform You if required by law. 

4.8 INTERACTION WITH OTHERS

If You interact with others on Our Website or mobile app, such as participating in a group chat or a group online course, other users may have access to some of Your data, including Your name, profile picture, and Your history of interaction with Our website, such as prior comments or posts.

4.9 ONLINE POSTINGS

When You post online, Your posts may be viewed by others, and We may distribute Your comments outside the website. 

4.10 EXTERNAL LINKS

Our website may include hyperlinks to other websites not controlled by Us. We suggest You exercise caution when clicking on a hyperlink. Although We use reasonable care in including a hyperlink on Our own web page, We do not regularly monitor the websites of these third parties, are not responsible for any damage or consequences You suffer by using these hyperlinks. We are not bound by the Privacy Policies of any third-party website that You access by a hyperlink, nor are they bound by Ours. We encourage You to read the Policies of those third-party websites before interacting with them or making purchases. They may collect different information and by different methods than We do.

4.11 OTHER PURPOSES

We may disclose Your personal data as necessary to comply with any legal obligation or to protect Your interests, or the vital interests of others or Our company. 

5. Storage and Tracking Technologies

5.1 COOKIES

Our Website uses so-called Cookies ‚ÄúCookies‚ÄĚ, provided that You give us Your consent within the context of Art. 6 Para.¬†1(a) of the GDPR (once You have given Your consent for the use of Cookies, You can revoke it at any time [see "Right of Revocation" under point 8]); if You refuse to give your consent, We limit the use of Cookies to technically necessary Cookies that We need to maintain the functionality of Our Website (see below), and that We use on the basis of Our legitimate interest (Art. 6 para. 1(f) of the GDPR), insofar as Personal Data is processed within this framework.

(a) What are cookies?

 Cookies are small data sets that are basically managed by Your browser on Your end device and are stored there. They are initially placed by a web server and are sent back to it as soon as a new connection is established in order to recognise the user and his or her settings. A specific identity consisting of numbers and letters is assigned to Your end device.

Cookies can serve various purposes, such as helping to maintain the functionality of a website in terms of features and user experience according to state-of-the-art technology. The actual content of a specific Cookie is always determined by the website that created it.

(b) What information do Cookies contain?

In any case, Cookies always contain the following information:

  • Name of the Cookie;
  • Name of the server from which the Cookie originates;
  • ID number of the Cookie;
  • An end date after which the Cookie is automatically deleted
5.2 WHAT OTHER TYPES OF COOKIES DO WE USE?

Cookies can be differentiated according to type and purpose. We may use any or all of the following types of cookies:

(a) Technically Necessary Cookies: 

Technically necessary (also: essential) Cookies help to make a website usable by enabling basic functions such as page navigation and access to secure areas of the Website. In many cases, a website cannot function properly without these Cookies. 

Technically necessary Cookies are always first-party Cookies. These Cookies can only be deactivated in the settings of Your browser by rejecting all Cookies without exception (see below) and are also used on Our Website in a legally permissible manner without obtaining consent.

These cookies help Us run Our website and improve Your experience with Our Website. These cookies may allow content to load more quickly or allow You to access ‚Äúmembers only‚ÄĚ or repeat-users sections of Our website.

(b) Functionality or Preference Cookies: 

Preference Cookies allow a website to remember information that affects the way a website behaves or looks, such as your preferred language or the region you are in.

These cookies allow Us to remember Your preferences from earlier visits to Our Website, including login information, so that You do not have to input the same information multiple times. 

(c) Statistical Cookies: 

Statistical Cookies help website operators understand how visitors interact with websites by collecting and analysing information anonymously. Such Cookies are therefore used to collect information about user behaviour. For example, the following information may be stored: sub-pages accessed (duration and frequency); order of pages visited; search terms used that led to a visit on our Website; movements of the mouse (scrolling and clicks); country and region of access. 

The Cookies enable Us to determine what the user is interested in and thus adapt the content and functionality of Our Website to the individual user needs.

(d) Tracking Cookies: 

Tracking Cookies are used to track visitors on websites. The intention is to serve ads that are relevant and engaging to the individual user and therefore more valuable to publishers and third-party advertisers. This is made possible by analysing Your usage behaviour, which allows for the appropriate personalisation of advertising based on the interests thereby identified.

(e) Social Media Cookies: 

These cookies allow Us to record when You have engaged with a social media tool while visiting Our website. For example, We may record that You have ‚Äúliked‚ÄĚ a certain aspect of Our website. The social media application may also share data with Us that You have allowed it to share. If You wish to change Your social media sharing settings, please visit the privacy settings of the social media network.

(f) Advertising Cookies: 

We may work with third-party advertising partners who collect information about Your browsing habits on Our website in order to later display a relevant ad about Our services when You are on a third-party site such as a social media platform. These cookies may also allow Us to access Your location.

(g) Email Confirmations: 

We may receive email confirmations when You open an email from Us. This allows Us to determine if users are responding favourably to Our email communications and to improve those communications.

(h) Other Technologies: 

Other data technologies may be used that collect comparable information for security, fraud detection, and similar purposes, to give Us information about Your use of Our website, and to greater improve Our website and service offerings to You.

(i) Session Cookies: 

These Cookies are deleted without your intervention as soon as you end your current browser session.

(j) Persistent Cookies: 

These Cookies, which are used, for e.g., to save your language settings, remain stored on your end device until a predefined expiry date or until you remove them manually.

(k) First-Party Cookies: 

Such Cookies are used by us and are set directly on our Website. They are generally not made accessible to browsers across domains, which is why the user can only be recognised by the site from which the Cookie originated.

(l) Third-Party Cookies: 

Such Cookies are not set by Us, but by third parties, especially for advertising purposes (for e.g. to track surfing behaviour) when You visit our Website. For example, this concerns information about different page views and the frequency of these.

6. Tracking Pixel

Another possibility, apart from Cookies, to collect certain user Data is through so-called tracking pixels (also: pixel tags or web beacons). These are transparent images that are practically invisible because they only consist of a single pixel. The tracking pixel is located on a server and is loaded as soon as a designated sub-page of Our Website is called up. 

They enable Us to track the fact that a web page is called up, as well as subsequent user activity in order to be able to carry out targeted marketing. With the help of the tracking pixel, the following information can generally be retrieved: (i) operating system used; (ii) browser software used; (iii) time of accessing a website; (iv) user behaviour on the visited website; (v) IP address and approximate location of the user.

Tracking pixels are used on Our Website on the basis of Our legitimate interest in accordance with Art. 6 para. 1(f) of the GDPR in a state-of-the-art analysis of hits. Since this is merely an image loaded from a server, the lifetime of a tracking pixel cannot extend beyond a single browser session. However, information generated by tracking pixels may subsequently be stored in Cookies.

7. Consent to Cookies

In addition, when You first encounter Our website, You will be asked to ‚Äúconsent to Cookies.‚ÄĚ If You wish to disable Cookies, You may do so through Your individual browser options. However, this may affect Your ability to use or make purchases from Our website. More detailed information about Cookie management with specific web browsers can be found at the browsers‚Äô respective websites. By continuing to use Our website and not disabling Cookies on Your browser, You are consenting to Our use of Cookies in accordance with the terms of this policy.

Most browsers automatically accept Cookies. However, you have the option to adjust your browser settings so that Cookies are either generally rejected or only certain types are permitted (for e.g., restriction of refusal of third-party cookies). However, if you change the Cookie settings on your browser, you may no longer be able to use our Website to its full extent. You also have the option of deleting all Cookies already stored on your end device via the browser settings. This also corresponds to the revocation of your consent.

7.1 LOCAL STORAGE; SESSION STORAGE

If You give us Your consent within the context of Art. 6 Para. 1(a) of the GDPR, We use the storage capacity of Your browser software, for e.g. to improve the usability of Our Website, its user-friendliness, as well as Our offer in general (for e.g., to secure Your language settings). For this purpose, We use the so-called local storage or session storage to store certain Data on Your end device, whereby Your browser creates the local storage or session storage separately for different domains. Apart from You, only We can access the Data that is processed within this framework. 

Insofar as this is technically absolutely necessary to maintain the functionality of Our Website, certain information may also be stored in the local storage or session storage of Your browser without Your consent. Uninvolved third parties are never able to access this information; however, it may be stored on Your terminal device by Our partners (third-party providers) on Our behalf for specific purposes. 

In contrast to Cookies, this method is faster and more secure, as Data is not automatically transferred to the respective server with every HTTP request, but is only stored by Your browser software; in addition, the local storage or session storage each offers up to 5 megabytes of storage volume, while a single Cookie can be a maximum of 4096 bytes.

Since the functionalities have similarities to Cookies, what was written above applies accordingly. Please note, that information in the local storage has no expiry date (it is comparable to persistent Cookies). Information in the session storage, on the other hand, is only stored for the duration of the respective browser session (they are comparable to session Cookies).

8. Data Removal

Manually removing Data from the local storage or session storage works within the settings of most browsers in exactly the same way as the manual removal of Cookies, because Cookies are usually grouped together with other website Data within this option (e.g. Cookies and other website Data). 

If the browser software You use combines Cookies and other website Data in this way, blocking Cookies also blocks access to the local storage or session storage (which can also lead to restrictions with the use of Our Website). If You deactivate JavaScript, the local storage or session memory can also no longer be used by Us, but this can generally lead to considerable restrictions in use.

9. Data Retention

We retain personal data as long as it is needed to to conduct Our legitimate business purposes or to comply with Our legal obligations, or until You ask Us to delete Your data. For example, We will retain certain personal information indefinitely for the purposes of maintaining Your account, unless and until You delete Your account. Data that We gather for a specific and particular purpose, such as assisting law enforcement or analysing trends, will be kept for no longer than is necessary for that particular purpose. Data that is no longer needed by Us for any of the purposes listed above will be permanently deleted.

We will honour Your request to delete Your data, as described more fully below, unless We are required by law to retain access to the data. However, note that We cannot control the retention policies of third parties. If You wish to have any third parties, including those to whom We’ve transmitted Your data, delete that data, You will need to contact those third parties directly. You may request from Us a list of all third parties to whom We have transmitted Your data.

We may retain usage data (that is, data that is gathered by Our company or third-party analytics companies for the purpose of analysing the use of Our Website) as needed for internal analysis purposes. This type of data is usually retained for a shorter period of time than personal data, unless the data is necessary to improve the security or functionality of Our Website or offerings, or We are legally obligated to retain the data for a longer period of time.

 10. Google Analytics

We use a web analysis and online marketing tool from Google Ireland Limited ("Google Ireland"), Gordon House, 4 Barrow Street, Dublin, Ireland on our Website, namely Google Analytics ‚ÄúGoogle¬†Analytics‚ÄĚ, which enables Us to analyse the use of the Website. The tool records, for example, the time users have spent on sub-pages of Our Website or which links have been clicked on by users. The tracking is done using JavaScript libraries provided by Google Ireland. Google Analytics works with Cookies (or comparable storage technologies), which can be stored on Your end device after your consent. With regard to Google Analytics, Google Ireland acts as our processor within the framework of Art. 28 of the GDPR.

When Google Analytics is used, Your IP address and other client Data, namely information about the use of Our Website, such as browser type/version, operating system used, the previously visited page or the time of the server request, are transmitted to Google servers and stored there. Google Ireland will use the information collected on Our behalf for the purpose of evaluating your use of the Website, compiling reports on Website activity and providing other services relating to website activity and internet usage. The Data on the use of Our Website will be automatically deleted at the end of the retention period of fourteen (14) months set by us for Google Analytics.

The IP address transmitted by Your browser is not merged with other Data from Google Ireland. To best protect You, we use IP anonymisation by adding "anonymizeIP" to Our Website's code. This guarantees the masking of Your IP address so that all Data is collected anonymously. Only in exceptional cases will the full IP address be transferred to a Google server and be shortened there. 

As far as possible, Google Ireland tries to process the Data of users from the EEA region in European data centres; however, Your Data may be transferred to companies affiliated with Google Ireland, in particular to the parent company based in the USA, Google LLC "Google", 1600 Amphitheatre Parkway, Mountain View, California 94043, USA; any transfer of Your Data by Google Ireland to such sub-processors in third countries is based on standard Data Protection clauses of the EU Commission within the framework of Art. 46 Para. 2(c) of the GDPR. An overview of all Google data centre locations can be found here: Google Data Centre Locations.

You can prevent the collection of Data generated by means of Cookies (or comparable storage technologies) and related to Your use of the Website (incl. your IP address) by Google Ireland, as well as the Processing of this Data, by downloading and installing an appropriate browser add-on ("Browser add-on to disable Google Analytics‚ÄĚ - available for Microsoft Internet Explorer 11, Google Chrome, Mozilla Firefox, Apple Safari and Opera).

For further information on the use of Data by Google Ireland and affiliated companies, as well as on settings and objection options, please refer to the Google Privacy Policy at Google Policies.

11. Facebook Pixel

As part of Our offer, we use Facebook Pixel ‚ÄúFacebook Pixel‚ÄĚ. This is a Facebook business tool for which Facebook Ireland Ltd. ("Facebook Ireland"), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, is responsible for Data Protection in the EEA. Facebook Pixel is integrated into Our Website as a JavaScript code snippet and enables Us to track the activities of website users. Certain actions that a user takes are defined as so-called events and are analysed with the help of the Pixel (in particular, calling up a specific sub-page of Our Website, so-called button click data); this allows us to measure, for example, the effectiveness of the structure of our Website and the effectiveness of our advertisements (conversion tracking). Facebook Pixel is therefore used for statistical and market research purposes in order to optimise our offer. Facebook Ireland acts as our processor within the framework of Art. 28 of the GDPR.

Your Data may also be transferred to companies affiliated with Facebook Ireland, in particular Meta Platforms Inc. ‚ÄúMeta‚ÄĚ, 1601 Willow Road, Menlo Park, California 94025, USA; any transfer of your Data by Facebook Ireland to such affiliated companies is based on the General Data Protection Regulations of the EU Commission within the framework of Art. 46 Para. 2(c) of the GDPR.

In addition to the defined event Data, Facebook Pixel collects all information from HTTP headers (IP address, browser information, page location, document, referrer, website visit) as well as a Pixel ID and Cookie information. This Data is exchanged with Facebook Ireland. The Processing of Your IP address is necessary so that the desired content can actually be sent to Your browser. By activating the Advanced Matching ‚ÄúAdvanced Matching‚ÄĚ function, Our use of the Facebook Pixel and therefore, the exchange of data with Facebook Ireland, is not limited exclusively to event Data; rather, this Data is enriched with Data that is read, in particular, from entries in text fields during a visit to our Website and is transmitted to Facebook Ireland in a hashed (pseudonymised) form together with the associated event Data. Tracking is carried out by means of tracking pixels and Cookies, which can be first-party Cookies as well as third-party Cookies.

The Data is stored and processed by Facebook Ireland on Our behalf; Facebook's own use of Data, in particular to personalise features and content (including ads and recommendations), only occurs after the Data has been aggregated with Data from other advertisers or other Facebook products. The enrichment of event Data with Data from Advanced Matching enables Us to improve the conversion measurement performed using Facebook Pixel and to better match it to Facebook users in order to make advertising more interesting for users and, at the same time, to improve the effectiveness of Our advertising campaigns. The hashed (pseudonymised) Data from the Advanced Matching is immediately deleted in its personal form by Facebook Ireland after it has been appropriately linked. Overall, non-personal clusters are formed which are stored for longer periods of time. If You have created a Facebook account and are logged in, You can manage Your settings for personalisation of advertising on Facebook here: Facebook Settings

12. Social Media Presence

We use links to third-party sites on Our Website. These are, in particular, links to Our social network sites (e.g. Facebook). If you click on one of these links, you will be forwarded directly to the respective page. For the website operators, it is only obvious that You have accessed our Website. Accordingly, We generally refer to the separate Data Protection declarations of these websites.

For the purpose of promoting Our business activities and advertising Our offers, we maintain a presence on social networks and various platforms. The Processing of Your Data within this context is based on Our legitimate interests pursuant to Art. 6 Para. 1(f) of the GDPR, which consist of increasing Our reach, as well as providing users of the social networks and platforms with additional information and communication channels. In order to best achieve these purposes, outreach measurement (access statistics, recognition of returning users, etc.) may be carried out as part of the offer of the respective service provider.

Within the framework of accessing one of the online networks illustrated below, We process general information, that is evident from Your profile, with the respective provider, as well as, if applicable, further inventory Data, contact Data or content Data, insofar as You make these available to Us by interacting with Our respective online network and its content. We do not store this Data separately outside of the respective social network.

Since we jointly determine the purpose and means of the Data Processing that takes place within the scope of Our respective online networks with the respective provider (or the entity otherwise designated as responsible), joint responsibility within the framework of Art. 26 of the GDPR applies in each case. Within this framework, the provider of the respective social network or platform is the central contact for all general and technical questions in connection with Our online presence; this also applies to the fulfilment of Data subject rights within the context of point 8. However, if enquiries concern the actual operation of Our online presence, Your interactions with it and the information published/collected about it, We are the primary contact; point 8 and the other statements in this Data Protection Declaration apply accordingly.

12.1 Facebook

From a Data Protection perspective, the social network, Facebook “Facebook" is under the responsibility of Facebook Ireland Ltd. ("Facebook Ireland"), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, in the EEA region. With regards to the operation of Our Facebook fan page IsNotSo We are jointly responsible with Facebook Ireland for the Processing of your Personal Data carried out within this context and within the framework of Art. 26 of the GDPR.

Your Data may also be transferred to companies affiliated with Facebook Ireland, in particular Meta Platforms Inc. "Meta", 1601 Willow Road, Menlo Park, California 94025, USA; any transfer of Your Data by Facebook Ireland to such affiliated companies is based on the General Data Protection Regulations of the EU Commission within the context of Art. 46 Para. 2(c) of the GDPR.

Please note that We have no influence over the programming and design of the social network, but can only personalise and manage Our Facebook fan page to the extent provided by Facebook. Therefore, please take into account the conditions that the service provider places on the use of the social network (Facebook Terms), the separately provided Data Protection information (Facebook Privacy Policy) and the existing setting options in Your Facebook account. We are, of course, fully responsible for the information we make available through the mechanisms provided by Facebook (posts, shares, etc.).

12.2 Instagram

The social network, Instagram, is operated by Instagram Inc “Instagram" 1601 Willow Road, Menlo Park, California 94025, USA, which is part of the Facebook group. The Data Protection controller for the EEA region is Facebook Ireland (see point 6.1). With regards to the operation of Our Instagram accounts IsNotSo, We are jointly responsible with Facebook Ireland for the Processing of Your Personal Data carried out in this context within the framework of Art. 26 of the GDPR.

Your Data may also be transferred to companies affiliated with Facebook Ireland, in particular Instagram Inc or Meta Platforms Inc, 1601 Willow Road, Menlo Park, California 94025, USA; any transfer of Your Data by Facebook Ireland to such affiliated companies is based on the General Data Protection Regulations of the EU Commission within the framework of Art. 46 Para. 2(c) of the GDPR. 

Please note that We have no influence over the programming and design of the social network, but can only personalise and manage Our Instagram accounts to the extent provided by Instagram. Please therefore take into account the conditions that the service provider places on the use of the social network (Instagram Terms of Service), the separately provided Data Protection information (Instagram Privacy Policy) and the existing settings options in Your Instagram account. We are, of course, fully responsible for the information We provide through the mechanisms provided by Instagram (posts, stories, etc.).

12.3 Twitter

From a Data Protection perspective, the social network, Twitter ‚ÄúTwitter‚ÄĚ is the responsibility of Twitter International Company (‚ÄúTwitter International‚ÄĚ), One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland in the EEA region. With regards to the operation of Our Twitter accounts IsNotSo, we are jointly responsible with Twitter International for the Processing of Your Personal Data within the framework of Article 26 of the GDPR.

Your Data may also be transferred to companies affiliated with Twitter International, in particular Twitter Inc., 1355 Market Street Suite, 900 San Francisco, California 94103, USA; any transfer of Your Data by Twitter International to such affiliated companies is based on the General Data Protection Regulations of the EU Commission within the context of Art. 46 Para.2(c) of the GDPR.

Please note that We have no influence over the programming and design of the social network, but can only personalise and manage Our Twitter accounts to the extent provided by Twitter. Please therefore take into account the conditions that the service provider places on the use of the social network (Terms of Service), the separately provided Data Protection information (Twitter Privacy Policy) and the existing settings options in Your Twitter account. We are, of course, fully responsible for the information provided by Us via the mechanisms provided by Twitter (Tweets, etc.).

12.4 Pinterest

The social media platform, Pinterest, is operated by Pinterest Inc. ‚ÄúPinterest‚ÄĚ, Pinterest Inc. 505 Brannan St. San Francisco, CA 94107, USA. The Data Protection legal representative in the EEA region in accordance with Art. 27 of the GDPR is Pinterest. With regard to the operation of Our Pinterest account IsNotSo, We are jointly responsible with Pinterest Europe Ltd for the Processing of Your Personal Data carried out in this context within the framework of Art. 26 of the GDPR.

Your Data may also be transferred to companies affiliated with Pinterest. A transfer of Your Data by Pinterest Inc. to such companies is based on the General Data Protection Regulations of the EU Commission within the framework of Art. 46 Para. 2(c) of the GDPR.

Please note that We have no influence over the programming and design of the service, but can only personalise and manage our Pinterest account to the extent provided by Pinterest Inc. Please therefore take into account the conditions that the service provider places on the use of the social network (Pinterest Terms of Service), the separately provided Data Protection information (Pinterest Privacy Policy) and the existing settings options in Your Pinterest account. We are, of course, fully responsible for the information provided by Us via the mechanisms provided by Pinterest (posts, videos, etc.). 

12.5 YouTube

The video platform, YouTube, is operated by Google LLC, ‚ÄúYouTube‚ÄĚ, Mountain View, CA 94043, USA. The Data Protection legal representative in the EEA region in accordance with Art. 27 of the GDPR is Google Ireland Limited ("Google Ireland"), Gordon House, 4 Barrow Street, Dublin, Ireland. With regard to the operation of Our YouTube account IsNotSo, We are jointly responsible with Google Ireland Ltd for the Processing of Your Personal Data carried out in this context within the framework of Art. 26 of the GDPR.

Your Data may also be transferred to companies affiliated with YouTube. Any transfer of Your Data by YouTube to such affiliated companies is based on the General Data Protection Regulations of the EU Commission within the framework of Art. 46 para. 2(c) of the GDPR.

Please note that We have no influence over the programming and design of the video network, but can only personalise and manage Our YouTube account to the extent provided by Youtube. Please therefore take into account the conditions that the service provider places on the use of the video network (YouTube Terms of Use), the separately provided Data Protection information (YouTube Privacy Policy) and the existing settings options in Your YouTube account. We are, of course, fully responsible for the information provided by Us via the mechanisms provided by YouTube (posts, articles, etc.).

12.6 TikTok

The video network, TikTok, is managed from a Data Protection perspective in the EEA region by TikTok Technology Limited ‚ÄúTikTok‚ÄĚ, 10 Earlsfort Terrace, Dublin, D02 T380 Ireland. With regards to the operation of our TikTok account IsNotSo, we are jointly responsible with TikTok for the Processing of Your Personal Data carried out in this context within the framework of Article 26 of the GDPR.¬†

Your Data may also be transferred to companies affiliated with TikTok. Any transfer of Your Data by TikTok to such affiliated companies is based on the General Data Protection Regulations of the EU Commission within the framework of Art. 46 Para.2(c) of the GDPR.

Please note that We have no influence over the programming and design of the video portal, but can only personalise and manage our TikTok account to the extent provided by TikTok. Therefore, please take into account the conditions imposed by the service provider on the use of the video platform (TikTok Terms of Use), the Data Protection information provided separately (TikTok Privacy Policy) and the existing settings options in Your TikTok account. We are, of course, fully responsible for the information We make available through the mechanisms provided by TikTok (videos, etc.).

13. Transfer of your Data; Recipients

In order to carry out the Processing activities set out in this Privacy Policy, your Personal Data will be transferred or disclosed to the following recipients:

(a) Within Our Organisation:

Within Our organisation, only those employees who absolutely need to have access to Your data in order to fulfil Your or Our respective duties, will have access to Your Data.

(b)  Commissioned Contractors

Furthermore, (external) contractors commissioned by Us will receive your Data if this Data is required for the provision of their respective services (whereby access to Personal Data is already sufficient). All contractors are contractually obliged to process Your Data with strict compliance of the requirements of the GDPR and exclusively in accordance with Our instructions.

Within the scope of Our Website, the following contractors used by Us may have access to Your Data:

  • Our hosting provider, Kajabi; 17100 Laguna Canyon Road, Suite 100, Irvine, CA 92603, USA.
  • Our newsletter service provider, Kajabi;
  • Website analyst and advertising service provider, Kajabi.

All of the contractors We use process Your Data with strict compliance of the requirements of the GDPR and only in accordance with Our instructions. Please note, that some of the recipients are located outside the EEA area or could process Your (Personal) Data there. Insofar as there is no EU Commission adequacy decision for the third countries in question, We rely on the General Data Protection Regulations of the EU Commission within the framework of Art. 46 Para. 2(c) of the GDPR for the transfer, which We have agreed upon with individual providers.

(c) Independent Data Controllers

In addition, We transfer Your Data to independent Data controllers if this is absolutely necessary and We are legally obliged to do so. This may be, for example, courts or authorities within the scope of their legal competence.

(d) Social Media

Furthermore, We are jointly responsible with the respective operator within the framework of Art. 26 of the GDPR, with regards to Our presence on the social networks and platforms as mentioned in point 6.

14. Rights of the Person Affected

You have certain rights with respect to Your personal data, as outlined below. Note that We may charge You a reasonable fee for actions that You ask Us to take with respect to Your data. In addition, We reserve the right to request that You provide Us with evidence of Your identity before We take any action with respect to the exercise of Your data rights. Furthermore, Your rights may be restricted or nullified to the extent they conflict with Our compelling business interests, the public interest, or the law.

14.1 UPDATE ACCOUNT INFORMATION 

You have the right to update or change any information You have provided to Us. To update or delete Your information, please contact Us at [email protected].¬†

14.2 CONFIRM PERSONAL DATA AND ITS USE 

You have the right to request that We confirm what data We hold about You, and for what purposes. You also have the right to confirmation of whether We process Your data or deliver Your data to third-party processors, and for what purposes. We will supply You with copies of Your personal data unless doing so would affect the rights and freedoms of others. 

14.3 PERSONAL DATA

You have the following rights with regards to Your Personal Data that is processed by Us which can be exercised, by notifying one of the contact options listed under point 1, and will be answered as soon as possible, but in any case, within one (1) month (restrictions are possible in certain exceptional cases, for example, in the event of threatened impairment of the rights of third parties):

(a) Request a Copy Of Data:

Access to and further information about specifically processed Personal Data (Right of Access, Art. 15 of the GDPR); You have the right to request a digital copy of the data that We hold about You. Your first request for a copy of Your personal data will be provided free of charge; subsequent requests will incur a reasonable fee. 

(b) Data Correction:

Rectification of incomplete or inaccurate Data recorded or which has become inaccurate (Right of Rectification, Art. 16 of the GDPR);

(c) Delete All Data

Erasure of Data that (i) is not necessary for the purposes listed, (ii) is processed unlawfully, (iii) must be erased due to a legal obligation or an objection (Right to Erasure, Art. 17 of the GDPR);

(d) Data Restriction

You may, in some circumstances, restrict the processing of Your data, such as when You contest the accuracy of Your data or when You have objected to processing, pending the verification of that objection. When processing has been restricted, We will continue to store Your data but will not pass it on to third-party processors without Your consent, or as necessary to comply with legal obligations or protect Your rights or those of others or Our company.

Temporary restriction of Processing under certain conditions (Right to Restriction, Art. 18 of the GDPR); You have the right to change Your consent to Our use of Your information.

(e) Revoke Consent:

You have the right to change Your consent to Our use of Your information. In such cases, We may require You to delete Your account with Us, as described above, and You may not have full access to Our website. 

Revocation of consent to process your Data at any time; please note, however, that revocation does not retroactively render past processing activities inadmissible on the basis of the consent in question - it only has an effect on the future (Conditions for Consent, Art. 7(3) of the GDPR);

(f) Marketing Communications

You may opt out of receiving any third-party marketing communications or having Your personal information used for marketing purposes. Object to the Processing of Your Data on the basis of our legitimate interest (Art. 6 Para. 1(f) of the GDPR) for reasons arising from Your particular situation, as well as object, at any time, to the Processing of Your Data for direct marketing purposes (Right to Object, Art. 21 Para. 1-2 of the GDPR);

(g) Transfer Your Data:

You have the right to request that We gather and transfer Your data to another controller, in a commonly used and machine readable format, unless doing so would cause Us an undue burden. Transfer of your Personal Data, which we process for the fulfilment of a contract with You, to take pre-contractual measures upon Your request or on the basis of Your consent, in a commonly used machine-readable format to You or directly to another controller (Right to Data Portability, Art. 20 of the GDPR);

(h) Lodge a Complaint

If You are an EU resident, You have the right to complain to a supervising authority if You believe We are misusing Your data or have violated any of Your rights under this Privacy Policy or applicable law. You may do so in the EU member state in which You reside or have Your place of business or in which the alleged infringement took place. If You are located outside the EU, You may have rights under privacy laws in the jurisdiction where You live. 

Right to lodge a complaint about our processing of Your personal data with a national supervisory authority; a complaint in Austria must follow the requirements of ¬ß 24 of the Data Protection Act and should be addressed to the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, (email) [email protected], (Telephone) +43 1 52 152-0 (to simplify procedures, the Austrian Data Protection Authority provides forms: https://www.dsb.gv.at/dokumente) - Only in German!

15. International Data

Our Website is hosted by servers located in the U.S therefore, if You reside outside the U.S, some of Your data will be transferred internationally to and stored on those servers. In addition, We may use third-party processors (including payment processors) and subcontractors located in the U.S. We use all reasonable methods to protect the safety of Your data during transfer, including hosting Our website on reputable servers and engaging reputable third-party processors. By using this site and providing Us with information, You consent to this transfer, processing, and storage of Your information in the U.S. Note that the privacy laws in the U.S may not be as strict as those in other countries. 

Please be aware that:
‚óŹ We may transfer data that We collect to locations outside of Our headquarters for processing or storing, and the data may be processed by Our staff or by third-party processors. For example, We may engage third parties to fulfil orders. By submitting Your personal data, You agree to this transfer, storing, and processing. We take all reasonable steps to make sure Your data is treated securely and in conformity with this Privacy Policy.
‚óŹ Data that is provided to Us is stored on secure servers. Payment information and other sensitive data will be encrypted to ensure its safety.
‚óŹ The transmission of data via the internet is never completely secure, and We cannot guarantee the security of data that is sent to Us electronically. Your transmission of data to Us is at Your own risk.
‚óŹ Where data that You have transmitted to Us is password protected, You are responsible for keeping the password confidential. You are exclusively responsible for any breaches of Your data that results from Your own disclosure of or failure to protect Your password.¬†

16. Security of your Information

We take all reasonable steps to protect Your personal data and keep Your information secure. We use recognised online secure payment systems and implement generally accepted standards of security to protect against personal data loss or misuse. However, no security measure is foolproof, and no method of data transmission can be guaranteed against interception or misuse. We cannot guarantee complete security of any information You transmit to Us.

By consent to this Privacy Policy, You acknowledge that Your personal data may be available, via the internet, around the world. We cannot prevent the use or misuse of Your data by other parties.

We will notify You promptly of any known breach of Our security systems or Your data which might expose You to serious risk.

17. Children

This website or mobile app is not designed for use by children under age the applicable age of consent in Your country, and We do not knowingly solicit personal data from anyone under the applicable age of consent in Your country . If You are under the applicable age of consent in Your country, do not access or use Our Website or related products or services. If You become aware that We have collected data of anyone under the applicable age of consent in Your country, please contact Us so that We may delete that data. 

18. Sensitive Data

We request that You do not submit any sensitive data to Us, via public postings, email correspondence with Us, or any other method, including social security number, health data, genetic data, or information related to Your ethnic origin, religious beliefs, or criminal history. If You do send Us this information, then by doing so You are consenting to Our use, storage, and processing of this information in accordance with this privacy policy.

Contact Us

If you have any questions, concerns or complaints about this Privacy Policy, please contact us: