Data Handling & Privacy Policy

Soul Impact Berlin


Last updated: 6 October 2025

We value your privacy and are committed to protecting your personal data. This policy explains what information we collect, how we use it, and your rights under the General Data Protection Regulation (GDPR).

1. Data Controller

Hekate operating as Soul Impact Berlin
Email: hekate@soulimpactberlin.de
Tel: +49 1525 9466172

For all matters concerning your personal data, you may contact the above email or phone number.

2. General Principles

We collect and process only the personal data that is necessary for the purpose for which it was provided. Your information is handled with care, kept confidential, and never sold or shared for marketing purposes.

All processing is carried out in accordance with the principles of lawfulness, fairness, transparency, purpose limitation, and data minimization as required by GDPR.

3. Data Collected Through the Website

Our website is hosted on Squarespace, which securely stores form submissions and sends them by email to hekate@soulimpactberlin.de (a Google Workspace address). Squarespace and Google act as data processors under GDPR-compliant terms.

Below you will find detailed information on what data is collected for each purpose.

a) Newsletter Subscription

When you subscribe to the newsletter, we collect:

  • Name or nickname (optional)

  • Email address

Purpose: To send you updates about workshops, events, and relevant news.
Legal basis: Consent (Art. 6(1)(a) GDPR)
Storage duration: Until you unsubscribe.
You can withdraw consent anytime by clicking “unsubscribe” in the email or by contacting us directly.

b) Contact Form

When you use the contact form, we collect:

  • Name

  • Email address

  • Message text

  • Optional: phone number and/or Telegram contact

Purpose: To respond to your inquiry and maintain communication.
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) in providing information and responding to messages.
Storage duration: Until the inquiry has been resolved, unless further communication requires retention.

c) Private Session Requests

When you apply for a private session, we collect:

  • Name

  • Pronouns

  • Email address

  • Phone number

  • Optional: Telegram or WhatsApp contact

  • Session goals, preferences, and other optional preparatory questions

Purpose: To organize and deliver personalized private sessions safely and effectively.
Legal basis: Contract performance and preparation (Art. 6(1)(b) GDPR).
Storage duration: Data is retained only as long as legally necessary (for example, for accounting or liability reasons).

d) Workshop & Event Registration

When registering for workshops or events, we collect:

  • Name

  • Email address

  • Phone number

  • Payment information (processed securely by Stripe)

  • Experience level

  • Optional: answers to specific preparatory questions

Purpose: To process registration, communicate event details, and manage attendance.
Legal basis: Contract performance (Art. 6(1)(b) GDPR) and legitimate interest (Art. 6(1)(f) GDPR).
Storage duration: For the duration of the event plus the legally required record-keeping period.

4. Payments

Payments for workshops and events are processed via Stripe, a secure third-party payment processor. Soul Impact Berlin does not store or have access to your full payment details. Stripe complies with GDPR and PCI-DSS security standards. For more details, see Stripe’s Privacy Policy.

5. Data Storage & Security

Your personal data is stored securely on Squarespace and processed through Google Workspace (Google Ireland Limited). Both companies participate in the EU–US Data Privacy Framework, ensuring adequate data protection standards.

We take appropriate technical and organizational measures to prevent unauthorized access, disclosure, alteration, or destruction of your data.

6. Data Sharing

We do not sell or share your personal data with third parties for marketing purposes.

  • Co-facilitators involved in workshops or events may receive participant nicknames only, never full personal details.

  • Data may be disclosed only if required by law or to protect legal rights.

7. Your Rights

Under GDPR, you have the right to:

  • Access your personal data (Art. 15 GDPR)

  • Request correction or deletion (Art. 16–17 GDPR)

  • Restrict or object to processing (Art. 18–21 GDPR)

  • Withdraw consent at any time (Art. 7(3) GDPR)

  • Receive your data in a portable format (Art. 20 GDPR)

To exercise your rights, please contact us at hekate@soulimpactberlin.de.
We will respond to all legitimate requests within the timeframe required by GDPR.

8. Complaints

If you believe your data is being processed unlawfully, you have the right to lodge a complaint with your local Data Protection Authority (Datenschutzbehörde).
In Germany, this is usually the authority of your federal state (Bundesland).
A list of competent authorities can be found here:
https://www.bfdi.bund.de/SharedDocs/Adressen/EN/LfD/LfD_Liste.html

9. Updates to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. The latest version will always be available on our website, with the date of the last update indicated at the top.