Privacy Policy
This website, https://www.viktorialeonhard.de, (“Website“) is operated by Dr. Viktoria Leonhard, Mauerkirchertstraße 66, 81925 Munich (“we” and / or “responsible party“).
1 General information
As the provider of these internet pages and the provider of services regarding team coaching, trainings, seminars and as a keynote speaker (our “Services“), we are legally obliged to inform you about the purpose, scope and nature of the collection and use of your personal data. To give you a good sense of the ways in which we process data, we would like to provide an overview of data processing.
If you have any further questions about the handling of your personal data, please do not hesitate to contact us (see section 2).
We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.
2 Controller
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).
The controller for data processing on this website and for the provision of the above-mentioned services is within the meaning of the DSGVO:
Dr Viktoria Leonhard
Mauerkircherstrasse 66
81925 Munich
Tel.: +49 (0) 176-82059334
We are not obliged to appoint a data protection officer.
3 Encryption
This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. enquiries to the controller). You can recognise an encrypted connection by the string “https://” and the lock symbol in your browser line.
4 Links
If you use external links that are offered within the framework of our website, this privacy policy does not extend to the linked pages. In the event that you follow a link to one of these websites, we would like to point out that the use of these websites is subject to the respective provider’s own data protection conditions. We recommend that you check the data protection information on the linked websites. In this way, you can determine whether and to what extent personal data is collected, processed, used or made accessible to third parties.
5 Definitions
Our privacy policy is intended to be simple and understandable for everyone. As a rule, the privacy policy uses the official terms of the General Data Protection Regulation (DSGVO). The official definitions are explained in Art. 4 DSGVO.
“Personal data” is any information that relates to the personal or factual circumstances of a person and that makes it possible to identify that person. This includes, for example, your name, your email address, but also, for example, the content of a message that you send to us.
“Controller‘ means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.
“Processing” means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
“Data subject” means any natural person whose personal data are processed and who can determine them.
6 Collection and use of non-personal data when using the website
The use of our website is generally possible without providing personal data. However, each time the website is visited, the web server automatically saves information in so-called server log files, which your end device automatically transmits to us. We have no direct influence on the collection of this data, but for reasons of transparency we want to inform you about this. The data collected by the web server includes:
· Our visited website
· Date and time at the time of access
· Amount of data sent in bytes
· The referrer URL, i.e. the URL from which you originally came here.
· The host name of the accessing end device
· Browser used (type / version)
· Operating system used
· IP address used
Purpose of processing: There is no merging of data with other data sources. As personal data is concerned, we process it for the purpose of ensuring a functioning and secure website.
Legal basis: We process the data in accordance with Art. 6 para. 1 p. 1 lit. f DSGVO on the basis of our legitimate interest. Our legitimate interest is to enable you to use the website without disruption and to ensure IT security.
Duration of storage: The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
In the case of storage of data in log files, this is the case after 30 days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated so that an assignment of the calling client is no longer possible.
Objection: The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on your part.
7 Cookies and similar technologies
7.1 When you visit our website, we may place information in the form of cookies or similar technologies (“cookies“) on your terminal device.
7.2 General information about cookies
Cookies are small text files that are stored on your terminal device. Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the language setting). Other cookies are used to evaluate user behaviour or to display advertising.
Technically necessary cookies are set without your consent on the basis of § 25 para. 2 no. 2 TTDSG. The data collected with these cookies is processed according to Art. 6 para. 1 lit. f DSGVO (legitimate interest).
Other cookies are only set with your consent on the basis of Section 25 (1) TTDSG. The data collected with these cookies is processed with your consent in accordance with Art. 6 para. 1 lit. a DSGVO. The consent can be revoked at any time for the future. The legal basis may also arise from Art. 6 (1) lit. b DSGVO if the processing is necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures which are carried out at the request of the data subject.
7.3 Cookies we use
We use technically necessary cookies to make our website functional. The user data collected through technically necessary cookies is not used to create user profiles.
Provider | Cookie | Purpose of processing | Data processed and storage period | Legal basis | Processing site |
Polylang | Pll_language | Saving the language setting | Language code of the last page viewed | Art. 6 para. 1 p. 1 lit. f DSGVO, § 25 para. 2 no. 2 TTDSG (Our interest: Provision of our website in the desired language | EU |
Below you will find information on how to set cookies on the website:
You can make settings regarding cookies in your browser settings or via www.youronlinechoices.com. If you refuse cookies, certain pages on our website or provided functionalities may not be available. However, if you refuse cookies, this may result in part of our website being unavailable.
8 Data processing when contacting us via the contact form or by e-mail, post, telephone
Our website contains a contact form that can be used to contact us electronically. If you use this option, the data entered in the input mask will be transmitted to us and stored.
Data processed: First and last name, email address, message/comment,
The following data is also stored at the time the message is sent:
Your IP address, date and time of registration
Alternatively, it is possible to contact us via the e-mail address provided. In this case, your personal data transmitted with the e-mail will be stored.
In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation.
8.1 Purpose of data processing: This data is stored and used exclusively for the purpose of responding to your request or for contacting and communicating you as well as for the associated technical administration. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
8.2 Legal basis for data processing: The legal basis for processing this data is our legitimate interest in responding to your request pursuant to Art. 6 (1) lit. f DSGVO. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO.
8.3 Deletion / objection: The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with you has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
8.4 We ensure that the data is kept secure from unauthorised third-party access. However, please note that unencrypted e-mails sent via the Internet are not sufficiently protected against unauthorised access by third parties. Alternatively, you can send us a message via our secure contact form (SSL standard).
9 Contract initiation and implementation (team coaching, seminars, booking as keynote speaker)
Insofar as you wish to make use of services presented by us on our website, it is necessary that you provide the data required for this as part of the registration / booking and implementation.
9.1 Data processed: We process your name, email address, fee, booking details, contract period, and method of payment to enable you to book and use our services.
9.2 Purpose of data processing: The collection or use of your data is for the purpose of providing the service you requested, such as sending you the offer you requested or organising your participation in our services.
9.3 Legal basis for data processing: We collect, process and use personal data only insofar as they are necessary for the establishment, content or amendment of the legal relationship (inventory data). The basis for data processing is Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
9.4 Deletion / objection: The collected customer data will be deleted after termination of the contractual relationship or the business relationship, but not before expiry of the statutory retention periods (usually 10 years).
9.5 Transfer to third parties: We only transmit personal data to third parties if this is necessary within the framework of the contract processing; for example, to a credit institution commissioned with the payment processing. Further transmission of data does not take place or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.
10 Data processing for newsletter ordering and sending, newsletter data and personalisation; email marketing
On our website you have the possibility to subscribe to a free newsletter (“Newsletter“). In the newsletter we inform you about our services by e-mail. We can personalise the newsletter for you based on the data mentioned below.
10.1 Data processed: When you subscribe to the newsletter, we process inventory data (e.g. names, addresses); contact data (e.g. e-mail, telephone numbers); meta/communication data (e.g. device information, IP addresses); usage data (e.g. websites visited, interest in content, access times). Your name is used to address you personally in the newsletter.
10.2 Double opt-in procedure: Registration for our newsletter is always carried out in a so-called double opt-in process. This means that after registration you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that no one can register with other people’s e-mail addresses. The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address.
10.3 Existing customers receive information from us about our similar products and services by e-mail without having to consent to this (hereinafter “existing customer communication”). The following data is processed in connection with the existing customer communication:
Data that you provide to us as part of a purchase: First and last name, e-mail address.
10.4 Purpose of data processing: We process your data to send you the newsletter. We also process the data to learn about your interests and to provide you with content on our website or in the newsletter. The processing of the existing customer’s email address for marketing purposes is used to send you news about similar services.
10.5 Legal basis for data processing: Consent (Art. 6 para. 1 p. 1 lit. a. DSGVO), we then check the email address provided when registering for the newsletter as part of a so-called double opt-in procedure, in which we send a confirmation email to the email address provided. Legitimate interests (Art. 6 para. 1 p. 1 lit. f. DSGVO): The newsletter is sent on, if consent is not required, the basis of our legitimate interests in direct marketing, if and insofar as this is permitted by law, e.g. in the case of existing customer advertising. Our legitimate interest is to stay in contact with the customer and to suggest services that might be of interest to them. Insofar as we commission a service provider to send e-mails, this is done on the basis of our legitimate interests in efficient and secure dispatch.
Duration of storage: The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. Accordingly, we process your data as long as you have not revoked your consent. If you have revoked your consent, we will no longer send you newsletters and will delete your data in accordance with the requirements of the DSGVO and the BDSG. The e-mail address of the existing customer will be stored for the purpose of existing customer communication until we receive an objection to this. Beyond that, we only store this data for the fulfilment of any statutory retention obligations or for the assertion of or defence against legal claims.
10.6 Possibility of objection (opt-out): You can cancel the receipt of our newsletter at any time, i.e. revoke your consent or object to further receipt. You will find a link to cancel the newsletter either at the end of each newsletter or you can use one of the contact options given above, preferably e-mail, for this purpose.
You can opt out of receiving existing customer communications at any time and separately from the newsletter by clicking on the unsubscribe link at the bottom of an email to existing customers. If you subsequently shop with us again, you will receive existing customer communications again unless you opt out at or after the time of purchase.
11 Podigee
11.1 We use the podcast hosting service Podigee from the provider Podigee GmbH, Schlesische Straße 20, 10997 Berlin, Germany. The podcasts are loaded by Podigee or transmitted via Podigee.
11.2 The use is based on our legitimate interests, i.e. interest in a secure and efficient provision, analysis and optimisation of our podcast offer pursuant to Art. 6 Para. 1 lit. f. DSGVO.
11.3 Podigee processes IP addresses and device information in order to enable podcast downloads/playbacks and to determine statistical data, such as call-up figures. This data is anonymised or pseudonymised before being stored in Podigee’s database unless it is necessary for the provision of the podcasts.
11.4 Further information and objection options can be found in Podigee’s privacy policy: https://www.podigee.com/de/about/privacy/.
12 Customer review
You can voluntarily comment, rate or otherwise send us a recommendation for us to publish on our website.
12.1 Processed data: Data voluntarily submitted by you (e.g. first and last name, company, position, age, content of the comment/ rating/ recommendation)
12.2 Purposes of processing: publication on the website for the information of the website visitors.
12.3 Legal basis: The legal basis for this data processing(s) is Article 6 (1) p. 1 lit. a.
12.4 Duration of storage: We process your personal data for these purposes as long as you indicate an interest in the publication of your rating or comment or the publication is of interest to us or until you revoke your consent. Beyond that, we only store personal data for the assertion of or defence against legal claims or as long as legal obligations to store exist.
13 Social media
13.1 This privacy policy also applies to our social media presences. You can find out more details about data processing on the respective social media presence via this respective presence. This data protection declaration also applies there.
13.2 Please note that in addition to us, the respective social media platform also processes your personal data when you use it. If you have any questions about this processing, please refer to the respective social media platform’s data protection information.
13.3 We only process your personal data as long as we actively maintain the respective content on the social media platform or until you object to our data processing. Otherwise, we only process your personal data in order to comply with the legally prescribed retention obligations or to defend ourselves against legal claims or to assert such claims.
13.4 Legal basis for processing: We process this data based on our legitimate interest (Article 6 (1) p. 1 lit. f DSGVO) in providing you with a well-functioning and informative social media presence.
14 Data sharing
14.1 Insofar as we pass on your personal data specifically within the scope of data processing described above, we have described this accordingly at the relevant point in this privacy policy. In addition, we pass on your personal data in general as follows:
14.2 Processor
All personal data that we process within the scope of this website is processed by us or our service providers. We may transfer your personal data to external service providers, such as IT service providers for website optimisation, advertising agencies, analysis providers or podcast hosting companies (e.g. with Podigee GmbH), in order to be able to offer you our services. We have carefully selected these service providers and concluded order processing contracts with them.
14.3 Third parties (so-called transferees)
Contractual partner
We pass on your personal data to other responsible parties who process the personal data for their own purposes, insofar as this is necessary to process the contract or provide the service, e.g. in the context of the order to the shipping company or the parcel delivery company. Our contractual partners may use the data thus transmitted exclusively for the purpose for which we transmitted it.
The transfer of your personal data for these purposes takes place for the fulfilment of the contract, Art. 6 para. 1 lit. b DSGVO or due to our legitimate interest (Art. 6 para. 1 lit. f DSGVO) in making our operation efficient.
Legal obligation or enforcement of legal claims
We otherwise only transfer your personal data to third parties if and to the extent that this is required or permitted by law or in order to enforce legal claims or to investigate or prevent suspected or actual illegal activities. In these cases, we will inform you separately about the respective transfer if and insofar as this is legally required.
14.4 Transfer to third countries
If we transfer your personal data to countries outside the European Economic Area (EEA) or commission processors in such countries (for example in the USA), we implement the legally required standards and security mechanisms. We achieve this, for example, by agreeing to the so-called EU standard contracts. Please contact us as described in section 2 to find out more about the specific security mechanisms we use in the case of transfers to third countries.
15 Rights of the data subject
15.1 The applicable data protection law grants you the following data subject rights (rights of information and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the stated legal basis for the respective prerequisites for exercising these rights:
15.2 Right of access Art. 15 DSGVO
As a data subject, you have the right to request confirmation as to whether we are processing personal data relating to you. If this is the case, you have the right to information about this personal data as well as further information, e.g. the purposes of processing, the recipients and the planned duration of storage or the criteria for determining the duration.
15.3 Right to rectification and completion pursuant to Art. 16 DSGVO
As a data subject, you have the right to request the rectification of incorrect personal data without undue delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data.
15.4 Right to erasure pursuant to Art. 17 DSGVO (“right to be forgotten”)
As a data subject, you may have the right to have your personal data deleted. This is the case, for example, if your personal data is no longer necessary for the original purposes, you have revoked your declaration of consent under data protection law or the personal data was processed unlawfully.
15.5 Right to restriction of processing pursuant to Art. 18 DSGVO
As a data subject, you have a right to restrict processing in the cases prescribed by law.
15.6 Right to information pursuant to Art. 19 of the GDPR
As a data subject, you have the right, in the cases prescribed by law, to receive the personal data concerning you in a structured, common and machine-readable format.
15.7 Right of objection pursuant to Art. 20 DSGVO
As a data subject, you have the right to object at any time, on grounds relating to your particular situation, to the processing of certain personal data concerning you.
IF WE PROCESS YOUR PERSONAL DATA WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE AT ANY TIME ON GROUNDS ARISING FROM YOUR PARTICULAR SITUATION.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.
IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH MARKETING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.
15.8 Right to revoke consent granted pursuant to Art. 7 (3) DSGVO
You can revoke your consent to the processing of your personal data at any time with effect for the future. However, the lawfulness of the processing carried out until the revocation is not affected by this.
15.9 Right to complain to a data protection authority pursuant to Art. 77 GDPR
You have the right to complain to a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.
The competent supervisory authority is the Bayerische Landesaufsicht für Datenschutz (https://www.lda.bayern.de/de/kontakt.html).
16 Duration of the storage of personal data
16.1 The duration of the storage of personal data is determined on the basis of the respective legal basis, the purpose of processing and – if relevant – additionally on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).
16.2 When processing personal data on the basis of explicit consent pursuant to Art. 6 (1) sentence 1 lit. a DSGVO, this data is stored until the purpose is fulfilled or the data subject revokes his/her consent.
16.3 If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 (1) sentence 1 lit. b DSGVO, this data will be routinely deleted after expiry of the retention periods, provided that it is no longer required for the fulfilment of the contract or the initiation of the contract and/or we do not have a justified interest in continuing to store it.
16.4 When processing personal data on the basis of Art. 6 (1) p. 1 lit. f DSGVO, this data is stored until the purpose is fulfilled or the data subject exercises his/her right to object pursuant to Art. 21 (1) DSGVO, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
16.5 When processing personal data for the purpose of direct marketing on the basis of Art. 6 (1) sentence 1 lit. f DSGVO, this data is stored until the purpose is fulfilled or the data subject exercises his or her right to object pursuant to Art. 21 (2) DSGVO.
16.6 Unless otherwise indicated in the other information in this statement on specific processing situations, stored personal data are otherwise deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.
17 Changes
Our privacy policy may change from time to time. This includes further developments due to changes in our business as well as adjustments due to a changed legal situation and/or due to the implementation of new technologies or services on the website. We will post any updates to the privacy policy on this page. In the event of significant changes, we will indicate this accordingly. If you have any further questions that are not answered by our data protection notice, please send an e-mail to the following address: mail@viktorialeonhard.de.
Status: May 2023