Privacy Policy (Datenschutzerklärung)

VATAX German Business Institute

Last Updated: June 24, 2025

1. General Information and Responsible Body

1.1. Responsible Body (Verantwortlicher)

The responsible body for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:

VATAX German Business Institute Represented by: Waqar Ahmed [Your Full Street Address] [Your Postal Code and City] Germany

Email: [Your Email Address] Phone: [Your Phone Number]

1.2. General Principles

We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations (GDPR, BDSG) and this privacy policy.

This privacy policy explains what information we collect, how we collect it, and for what purpose it is used.

2. Your Rights as a Data Subject

You have the following rights regarding your personal data:

• Right of access (Art. 15 GDPR): You have the right to request information about your personal data processed by us.

• Right to rectification (Art. 16 GDPR): You have the right to demand the immediate correction of incorrect or completion of your personal data stored by us.

• Right to erasure (Art. 17 GDPR): You have the right to demand the erasure of your personal data stored by us, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims.

• Right to restriction of processing (Art. 18 GDPR): You have the right to demand the restriction of the processing of your personal data.

• Right to data portability (Art. 20 GDPR): You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format or to request its transmission to another controller.

• Right to object (Art. 21 GDPR): You have the right to object to the processing of your personal data.

• Right to withdraw consent (Art. 7(3) GDPR): You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

• Right to lodge a complaint with a supervisory authority (Art. 77 GDPR): You have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.

3. Data Collection on Our Website

3.1. Server Log Files

When you visit our website, the provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

• Browser type and browser version

• Operating system used

• Referrer URL

• Host name of the accessing computer

• Time of the server request

• IP address (anonymized, if applicable)

This data is not merged with other data sources. The basis for data processing is Art. 6(1)(f) GDPR, which permits the processing of data to fulfill a contract or for measures preliminary to a contract.

3.2. Contact and Booking Forms

If you send us inquiries or make a booking via a form, your details from the form, including the contact details you provided there, will be stored by us for the purpose of processing the request and in the event of follow-up questions. We do not pass on this data without your consent.

The processing of this data is based on Art. 6(1)(b) GDPR, if your request is related to the conclusion of a contract or is necessary for the performance of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6(1)(f) GDPR).

4. Data Processing for Contract Fulfillment

We process personal data (e.g., name, address, email, payment information) for the purpose of fulfilling our contractual obligations from the course booking (Art. 6(1)(b) GDPR). This includes processing payments and providing access to our courses and member areas.

For payment processing, we use external payment service providers (e.g., Stripe). We transmit your payment data to these service providers for the purpose of payment processing. The data protection provisions of the respective payment service providers apply.

5. Use of External Services

5.1. Google Meet

Our live online courses are conducted using Google Meet. When you participate in a webinar, data such as your name (if provided), IP address, and audio/video data will be processed by Google. We have concluded a data processing agreement (DPA) with Google. For more information, please see the privacy policy of Google.

5.2. Cookies

Our website may use so-called "cookies". Cookies are small text files that do not harm your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device.

We use technically necessary cookies to ensure the basic functionality of our website. The use of technically necessary cookies is based on our legitimate interest in a technically flawless presentation of our online offer (Art. 6(1)(f) GDPR).

6. Data Security

We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or against unauthorized access by third parties. Our website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content.

7. Changes to this Privacy Policy

We reserve the right to adapt this privacy policy so that it always complies with the current legal requirements or in order to implement changes to our services in the privacy policy, e.g., when introducing new services. The new privacy policy will then apply for your next visit.

Beispielinhalte:

Datenerhebung, -nutzung und Weitergabe

Erklärung über die Eigentümerschaft der auf der Website gesammelten Informationen, die Art der Datensammlung, die Weitergabe an Dritte usw.