Data Handling & Privacy Policy
Soul Impact Berlin
Last updated: 9 January 2026
We value your privacy and are committed to protecting your personal data. This policy explains what information we collect, how we use it, and your rights under the General Data Protection Regulation (GDPR).
1. Data Controller
Hekate operating as Soul Impact Berlin
Email: hekate@soulimpactberlin.de
Tel: +49 1525 9466172
For all matters concerning your personal data, you may contact the above email or phone number.
2. General Principles
We collect and process only the personal data that is necessary for the purpose for which it was provided. Your information is handled with care, kept confidential, and never sold or shared for marketing purposes.
All processing is carried out in accordance with the principles of lawfulness, fairness, transparency, purpose limitation, and data minimization as required by GDPR.
3. Data Collected Through the Website
Our website is hosted on Squarespace, which securely stores form submissions and sends them by email to hekate@soulimpactberlin.de (a Google Workspace address). Squarespace and Google act as data processors under GDPR-compliant terms.
Below you will find detailed information on what data is collected for each purpose.
a) Newsletter Subscription
When you subscribe to the newsletter, we collect:
Name or nickname (optional)
Email address
Purpose: To send you updates about workshops, events, and relevant news.
Legal basis: Consent (Art. 6(1)(a) GDPR)
Storage duration: Until you unsubscribe.
You can withdraw consent anytime by clicking “unsubscribe” in the email or by contacting us directly.
b) Contact Form
When you use the contact form, we collect:
Name
Email address
Message text
Optional: phone number and/or Telegram contact
Purpose: To respond to your inquiry and maintain communication.
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) in providing information and responding to messages.
Storage duration: Until the inquiry has been resolved, unless further communication requires retention.
c) Private Session Requests
When you apply for a private session, we collect:
Name
Pronouns
Email address
Phone number
Optional: Telegram or WhatsApp contact
Session goals, preferences, and other optional preparatory questions
Purpose: To organize and deliver personalized private sessions safely and effectively.
Legal basis: Contract performance and preparation (Art. 6(1)(b) GDPR).
Storage duration:
Personal data related to private session requests is retained only for as long as necessary to fulfill the session and to meet legal obligations, such as accounting or liability requirements.
Session-related communication and preparatory information is deleted once it is no longer required
d) Workshop & Event Registration
When registering for workshops or events, we collect:
Name
Email address
Phone number
Payment information (processed securely by Stripe)
Experience level
Optional: answers to specific preparatory questions
Purpose: To process registration, communicate event details, and manage attendance.
Legal basis: Contract performance (Art. 6(1)(b) GDPR) and legitimate interest (Art. 6(1)(f) GDPR).
Storage duration:
Personal data collected for workshop and event registration is retained only for as long as necessary and for no longer than 15 months.
Deletion takes place once per year during an annual data review and deletion process in the first half of January.
Depending on the date of the event, data may be retained for between approximately 2 and 15 months, after which it is permanently deleted, unless a longer retention period is required by law (e.g. accounting records).
4. Payments
Payments for workshops and events are processed via Stripe, a secure third-party payment processor. Soul Impact Berlin does not store or have access to your full payment details. Stripe complies with GDPR and PCI-DSS security standards. For more details, see Stripe’s Privacy Policy.
5. Data Storage & Security
Your personal data is stored securely on Squarespace and processed through Google Workspace (Google Ireland Limited). Both companies participate in the EU–US Data Privacy Framework, ensuring adequate data protection standards.
We take appropriate technical and organizational measures to prevent unauthorized access, disclosure, alteration, or destruction of your data.
6. Data Sharing
We do not sell or share your personal data with third parties for marketing purposes.
Co-facilitators involved in workshops or events may receive participant nicknames only, never full personal details.
Data may be disclosed only if required by law or to protect legal rights.
7. Cookies
We use essential cookies to ensure the proper functioning, security, and accessibility of this website. These cookies do not collect personal data and cannot be disabled in our systems.
We do not use analytics, marketing, or third-party tracking cookies.
You can adjust your cookie preferences or withdraw consent at any time via the cookie settings banner.
8. Your Rights
Under GDPR, you have the right to:
Access your personal data (Art. 15 GDPR)
Request correction or deletion (Art. 16–17 GDPR)
Restrict or object to processing (Art. 18–21 GDPR)
Withdraw consent at any time (Art. 7(3) GDPR)
Receive your data in a portable format (Art. 20 GDPR)
To exercise your rights, please contact us at hekate@soulimpactberlin.de.
We will respond to all legitimate requests within the timeframe required by GDPR.
9. Complaints
If you believe your data is being processed unlawfully, you have the right to lodge a complaint with your local Data Protection Authority (Datenschutzbehörde).
In Germany, this is usually the authority of your federal state (Bundesland).
A list of competent authorities can be found here:
https://www.bfdi.bund.de/SharedDocs/Adressen/EN/LfD/LfD_Liste.html
10. Updates to This Policy
We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. The latest version will always be available on our website, with the date of the last update indicated at the top.