Provider
Information according to § 5 DDG (German Digital Services Act).
Person Responsible for Content (§ 18 (2) MStV)
Johann Heidelbach
Gneisenaustr. 94
10961 Berlin
Germany
Online Dispute Resolution
The European Commission provides a platform for online dispute resolution (ODR): ec.europa.eu/consumers/odr
You can find our email address at the top of this Imprint.
We are neither obliged nor willing to participate in dispute resolution proceedings before a consumer arbitration board.
Liability for Content
As a service provider, we are responsible for our own content on these pages according to § 7 (1) DDG and the general laws. According to §§ 8 to 10 DDG, however, we as a service provider are not obliged to monitor transmitted or stored third-party information or to investigate circumstances that indicate unlawful activity.
Obligations to remove or block the use of information under general laws remain unaffected. However, liability in this regard is only possible from the point in time at which a specific legal violation becomes known. Upon becoming aware of any such legal violations, we will remove the content immediately.
Liability for Links
Our website contains links to external third-party websites whose content we have no influence over. Therefore, we cannot assume any liability for this third-party content. The respective provider or operator of the linked pages is always responsible for their content. The linked pages were checked for possible legal violations at the time of linking; no illegal content was identifiable at that time.
However, permanent monitoring of the content of the linked pages is not reasonable without concrete evidence of a legal violation. Upon becoming aware of legal violations, we will remove such links immediately.
Copyright
The content and works on these pages created by the site operator are subject to German copyright law. The reproduction, editing, distribution, and any kind of exploitation outside the limits of copyright require the prior written consent of the respective author or creator. Downloads and copies of this site are only permitted for private, non-commercial use.
Insofar as content on this site was not created by the operator, the copyrights of third parties are respected. In particular, third-party content is identified as such, to the extent and as long as usage rights are granted. Should you nevertheless become aware of a copyright infringement or incorrect labeling, please notify us. Upon becoming aware of legal violations, we will remove such content immediately or adjust the labeling.
Data Protection
For information on the processing of personal data when visiting our website, please see the Privacy Policy section.
Objection to Promotional Emails
We hereby expressly object to the use of contact data published in this Imprint by third parties for the purpose of sending unsolicited advertising and information materials. We expressly reserve the right to take legal action in the event of unsolicited transmissions, such as spam emails.
Financial Disclaimer
The content provided on this website is intended exclusively for educational and informational purposes related to personal finance. It does not constitute investment advice within the meaning of the German Securities Trading Act (Wertpapierhandelsgesetz) and is not a recommendation to buy or sell financial instruments.
Decisions regarding investments and financial products should be made independently and based on your individual financial situation, goals, and risk tolerance. We expressly recommend seeking independent professional advice (e.g., from tax advisors or licensed investment advisors) when needed.
We assume no liability whatsoever for losses or damages of any kind arising in connection with decisions made on the basis of information provided on our website, in our newsletter, or through other content provided by us.
Quick summary: We collect only what we need, never sell your data, and you can request deletion anytime by emailing [email protected].
1. Controller
The controller responsible for the processing of personal data on this website within the meaning of the General Data Protection Regulation (GDPR) is:
Personal data means any information that can be used to identify you personally.
2. Hosting and Provision of the Website
The content of this website is delivered via the services of Weblium (Weblium, Inc.). Domain management and email infrastructure are provided through ALL-INKL.COM – Neue Medien Münnich.
As part of hosting, all data necessary for the operation and delivery of the website is processed (e.g., server log files, IP address, time of access, pages accessed, technical browser information). The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in a secure and functional website).
Data Processing Agreements (Art. 28 GDPR) exist with the respective service providers where required.
3. Course Platform & Customer Portal (Mastermind)
For our online courses, customer portal, course delivery, and email communication with course participants, we use Mastermind (operated by HighLevel Inc.), an online learning and CRM platform.
When you purchase a product or sign up for our free content, the following data is processed via Mastermind:
- Name and email address
- Billing information (where applicable)
- Course progress and engagement data
- Email engagement (opens, clicks)
- Purchase history
Legal basis: Art. 6 (1) (b) GDPR (contract performance) for purchase data; Art. 6 (1) (a) GDPR (consent) for email marketing. A Data Processing Agreement exists with HighLevel Inc. Data may be processed on servers in the United States; appropriate safeguards (Standard Contractual Clauses) apply.
More information: gohighlevel.com/privacy-policy
4. Payment Processing (Stripe)
Payments are processed via Stripe (Stripe Payments Europe, Limited, 1 Grand Canal Street Lower, Dublin, Ireland). When you make a purchase, the following data is transmitted to Stripe:
- Name, email, billing address
- Payment details (credit card, SEPA, PayPal, etc.) — processed and stored solely by Stripe; we never see or store your full card number
- Transaction amount and currency
Legal basis: Art. 6 (1) (b) GDPR (contract performance). Stripe acts as an independent controller for fraud prevention purposes.
More information: stripe.com/privacy
5. Server Log Files
When you access our website, the server (or providers acting on our behalf) automatically collects and stores information in so-called server log files, which your browser transmits automatically. These include in particular:
- visited page / URL
- date and time of access
- amount of data transferred
- referrer URL (source/reference from which you arrived)
- browser used and version
- operating system used
- IP address (where applicable, shortened/anonymized)
Processing is based on Art. 6 (1) (f) GDPR. Our legitimate interest lies in the technical provision of the website, IT security, error analysis, and defending against attacks. Logs are stored only as long as necessary.
6. SSL/TLS Encryption
This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content (e.g., contact requests). You can recognize an encrypted connection by "https://" and the lock icon in your browser's address bar.
7. Cookies and Consent Management
Our website uses cookies and similar technologies. Cookies are small text files that may be stored on your device. We distinguish between:
- Technically necessary cookies — required for the operation of the website
- Optional cookies — e.g., for statistics, marketing, tracking
When you first visit the website, a cookie consent banner is displayed. Through this tool you can:
- consent to the use of optional cookies,
- allow only certain categories, or
- reject optional cookies.
Your decision is stored in a cookie on your device. Legal bases:
- Art. 6 (1) (f) GDPR for technically necessary cookies (legitimate interest in a functional web presence),
- Art. 6 (1) (a) GDPR in conjunction with § 25 TTDSG for all cookies and tracking technologies that require consent.
You can also delete or block cookies in your browser settings at any time.
8. Contact
If you contact us by email or via a contact form, the data you submit (e.g., name, email address, content of the message, and any further voluntary information) is processed in order to handle your request and to clarify any follow-up questions.
Processing is based — depending on the nature of the request — on:
- Art. 6 (1) (b) GDPR (contract initiation or performance) when specific services/offers are involved, or
- Art. 6 (1) (f) GDPR (legitimate interest) for general inquiries.
The data is deleted as soon as your request has been conclusively answered and no statutory retention obligations remain.
For email storage and processing of contact data, we use services from ALL-INKL, Google (e.g., Google Workspace), and Microsoft (e.g., Microsoft 365). Data Processing Agreements per Art. 28 GDPR are in place where required.
9. Email Marketing & Newsletter (via Mastermind)
You can subscribe to our email list and newsletter through our website. Email delivery is technically processed via the integrated email system in Mastermind.
Data processed includes in particular:
- email address
- name and other voluntary information (where provided)
- IP address at the time of subscription
- date and time of subscription (double opt-in)
- information on newsletter usage (e.g., open and click rates), if tracking is enabled
Subscription is via double opt-in. Only after confirmation via a link in the confirmation email will you receive emails from us.
Legal bases:
- Email/newsletter delivery: Art. 6 (1) (a) GDPR (consent)
- Logging the subscription process: Art. 6 (1) (f) GDPR (legitimate interest in proof of consent)
You can withdraw your consent at any time via the unsubscribe link in every email or by emailing [email protected].
10. Money Type Quiz (Google Forms)
Our Money Type Quiz is hosted on Google Forms, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
When you complete the quiz, the following data is processed:
- Email address (to send your result)
- Your responses to the 10 quiz questions
- Submission timestamp
Your responses are stored in our Google account. Legal basis: Art. 6 (1) (a) GDPR (consent given by submitting the form).
More information: policies.google.com/privacy
11. Web Analytics and Tracking
11.1 Google Analytics / Google Tag Manager
Where you have given consent in the cookie consent tool, we use Google Analytics and Google Tag Manager, services provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics uses cookies to analyze the use of the website. The following data, among others, may be collected:
- IP address (typically in shortened form)
- pages visited
- duration of use and interactions
- browser and device information
- referrer URL
The information is generally transferred to Google servers and stored there. Transmission to the United States cannot be ruled out.
Legal basis: your consent under Art. 6 (1) (a) GDPR in conjunction with § 25 TTDSG.
More information: policies.google.com/privacy
11.2 Meta/Facebook Pixel (where applicable)
Where you have given consent in the cookie consent tool, we may use the Meta Pixel from Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, in connection with our Instagram presence.
This allows us to define visitors of our website as target groups for Meta/Instagram advertising and to track conversions.
Legal basis: your consent under Art. 6 (1) (a) GDPR in conjunction with § 25 TTDSG.
More information: facebook.com/privacy/policy
11.3 TikTok Pixel (where applicable)
Where you have given consent in the cookie consent tool, we may use the TikTok Pixel from TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, Ireland.
The pixel allows us to receive statistical analyses of website visitors and to deliver targeted advertising on TikTok (conversion tracking, retargeting).
Legal basis: your consent under Art. 6 (1) (a) GDPR in conjunction with § 25 TTDSG.
More information: tiktok.com/legal/page/eea/privacy-policy/en
12. Embedding of Third-Party Content
12.1 YouTube
Videos from the YouTube platform may be embedded on our website (provider: Google Ireland Limited).
When you visit a page with an embedded YouTube video, a connection to YouTube/Google servers is established — at the latest when you start playback. This may transmit your IP address, the URL accessed, device information, and (if you are logged in) login information. Cookies may also be set.
Legal basis: your consent under Art. 6 (1) (a) GDPR in conjunction with § 25 TTDSG.
12.2 Instagram Posts
Content from the Instagram service (e.g., posts, reels) may be embedded on our website. Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
Only when this content is loaded and displayed is a connection established to Instagram/Meta servers. Among other data, your IP address, browser information, the URL accessed, and any existing login data with Instagram/Facebook may be transmitted.
Legal basis: your consent under Art. 6 (1) (a) GDPR in conjunction with § 25 TTDSG, as well as our legitimate interest in an attractive presentation of our online offering (Art. 6 (1) (f) GDPR).
12.3 TikTok Embeds
Content from TikTok may be embedded on our website. Provider: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, Ireland. When such content is loaded, a connection is established to TikTok servers and your IP address and other technical information may be transmitted.
Legal basis: your consent under Art. 6 (1) (a) GDPR in conjunction with § 25 TTDSG.
13. Google Fonts
For consistent display of fonts, this website uses Google Fonts, a service provided by Google Ireland Limited. When you load the page, the required fonts are typically loaded from Google servers. This may transmit your IP address and the information that you have visited our website to Google.
Legal basis: our legitimate interest under Art. 6 (1) (f) GDPR in a uniform and attractive presentation of our website. Where consent is requested via the consent tool, the additional legal basis is Art. 6 (1) (a) GDPR.
14. Online Meetings and Consulting (Google Meet)
For online consultations and meetings we may use Google Meet (a service provided by Google Ireland Limited).
Depending on your participation, the following data is processed in particular: name, email address, communication contents (audio/video/chat), technical data about the connection (IP address, timestamps, duration).
Legal bases: Art. 6 (1) (b) GDPR when meetings serve to initiate or perform a contract, or Art. 6 (1) (f) GDPR (legitimate interest in efficient communication).
We do not record online meetings as a rule, unless explicitly agreed and consented to in advance.
15. Storage of Consulting and Customer Data
Notes and documents from consultations or inquiries may be processed and stored using services from Google and Microsoft (e.g., Google Drive, Google Docs, Microsoft 365/OneDrive/Outlook).
Legal bases: Art. 6 (1) (b) GDPR (contract / contract initiation) or Art. 6 (1) (f) GDPR (legitimate interest in efficient handling of customer requests).
16. Minors
Our offering is in principle also addressed to younger people, particularly in the context of education. However, persons under 16 should only transmit personal data to us with the consent of their parents or legal guardians. We do not knowingly process personal data of minors without appropriate consent.
17. Disclosure of Data
Your personal data is only disclosed to third parties if:
- you have given your express consent under Art. 6 (1) (a) GDPR,
- this is necessary for the performance of a contract under Art. 6 (1) (b) GDPR,
- there is a legal obligation under Art. 6 (1) (c) GDPR, or
- this is necessary on the basis of Art. 6 (1) (f) GDPR to safeguard legitimate interests.
We use service providers as data processors per Art. 28 GDPR who process personal data only in accordance with our instructions.
18. Your Rights
Under the GDPR, you have in particular the following rights:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure ("right to be forgotten", Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object (Art. 21 GDPR)
- Right to withdraw consent (Art. 7 (3) GDPR)
- Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
To exercise your rights, contact us at any time using the contact details above.
The competent supervisory authority for our seat in Berlin is:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstraße 219
10969 Berlin
19. Storage Period
The storage period for personal data depends on the purpose of the respective processing, the applicable legal bases, and any statutory retention obligations (e.g., commercial and tax law).
Data processed on the basis of consent is deleted as soon as you withdraw your consent. Server log files are retained only as long as required for security and operational reasons. Newsletter data is stored until you unsubscribe or as long as required to document consent.
20. Updates to This Privacy Policy
We reserve the right to amend this Privacy Policy if our website, the services we use, or the legal situation change. The current version available on this page applies in each case.