Data Handling & Privacy Policy for

Contact

Last updated: 15 September 2025.

We value your privacy and are committed to protecting your personal data. This document explains what information we collect, why we collect it, and how we handle it, in compliance with the General Data Protection Regulation (GDPR).

1. Data We Collect

When contacting us, we ask you to provide:

  • Name (which can be your nickname, so we can address you properly)

  • Email address (for communication about your question or message)

  • Your phone number (optional, for backup communication purposes)

  • Telegram (also optional, as backup)

  • Your message

2. Purpose of Data Collection

We collect this information solely for:

  • Communicating with you about your question or message

  • If you explicitly opt in, using your email address to send our newsletter.

We do not use your data for marketing without your explicit consent.

3. Legal Basis

Your personal data is processed on the following legal bases under GDPR:

  • Contract performance (Art. 6(1)(b) GDPR): to respond to your inquiry and provide the information or services you request.

  • Consent (Art. 6(1)(a) GDPR): for optional details you choose to share (e.g. phone number, Telegram), and for subscribing to the newsletter.

  • Legal obligation (Art. 6(1)(c) GDPR): for processing financial data where invoicing or payment records are involved.

4. Data Storage & Retention

  • Data are stored securely on Squarespace servers. Squarespace is certified under the EU–US Data Privacy Framework, ensuring adequate protection of personal data in line with GDPR.

  • Financial records (such as invoices and payment confirmations) are retained for 10 years, in compliance with German tax and commercial law.

  • Other personal data (such as session goals, preferences, and notes) are retained for up to 12 months after your last session, unless you request earlier deletion. This allows us to tailor any future sessions to your needs.

5. Data Sharing

  • We do not sell or share your personal data with third parties.
    We will only disclose your data if required to comply with legal obligations (e.g. at the request of a competent authority).

6. Your Rights

Under GDPR, you have the right to:

  • Access your personal data

  • Request correction or deletion of your data

  • Restrict or object to processing

  • Withdraw consent at any time (without affecting the lawfulness of prior processing)

  • Receive your data in a portable format

To exercise these rights, please contact us at: hekateberlin@proton.me

7. Security

We take appropriate technical and organizational measures to keep your data safe and prevent unauthorized access, disclosure, alteration, or destruction.

8. Contact

If you have questions or concerns about how your data is handled, please contact:
Hekate at Soul Impact Berlin
Email: hekateberlin@proton.me
Tel: +49 1525 9466172

If you are not satisfied with our response, you have the right to lodge a complaint with your local Data Protection Authority (Datenschutzbehörde). In Germany, this is usually the authority of your federal state (Bundesland). A list of the competent authorities can be found here: https://www.bfdi.bund.de/SharedDocs/Adressen/EN/LfD/LfD_Liste.html