Privacy Policy

Privacy Policy – stromeintritt.org

Last updated: January 2026

This privacy policy explains how personal data is processed on this website. We treat your data confidentially and in accordance with applicable data protection laws, in particular the EU General Data Protection Regulation (GDPR) and the German Digital Services Act (DDG).

1. Controller

Stephanie Mitkowsky
c/o IP-Management #6601
Ludwig-Erhard-Straße 18
20459 Hamburg
Germany

Email: post@stromeintritt.org
Phone: +49 421 40895900

2. General information on data processing

We process personal data only to the extent necessary to provide a functional website, to deliver our services, and to communicate with you. We share data with third parties only if this is necessary for these purposes or if you have given explicit consent.

3. Hosting & server log files

When you access this website, the following data is processed automatically:

  • IP address
  • Date and time of access
  • Requested page/file
  • Referrer URL
  • Browser type and version
  • Operating system
  • HTTP status code

This data is used for technical delivery, security, and stability of the website.

Legal basis: Art. 6(1)(f) GDPR
Storage period: short-term, according to hosting configuration

4. Cookies & consent management

This website uses cookies. With the consent manager Complianz you can decide which categories you allow.

  • Strictly necessary cookies: Art. 6(1)(f) GDPR
  • Optional cookies (e.g., comfort or statistics features): Art. 6(1)(a) GDPR

You can withdraw or change your consent at any time via the cookie banner.

5. Contact

If you contact us by email, phone, or via a form, we process the data you provide (e.g., name, email address, message) in order to handle your request.

Legal basis:
Art. 6(1)(b) GDPR (pre-contractual steps / contract)
and where applicable Art. 6(1)(f) GDPR (legitimate interest in communication)

6. Booking system (Amelia)

We use Amelia (WordPress plugin) for booking appointments and sessions. Depending on the booking, the following data may be processed:

  • Name
  • Email address
  • Phone number (if provided)
  • Booked service, date/time, payment status
  • Optional additional information

Payments:
For paid bookings, payment is handled via Stripe, PayPal (in individual cases), or bank transfer. If Stripe or PayPal is used, payment data is transmitted directly to the respective provider. We do not store complete payment details.

Legal basis: Art. 6(1)(b) GDPR

7. Membership area & payments (Paid Memberships Pro)

We use Paid Memberships Pro (PMPro) for memberships and restricted content. In particular, we process:

  • Name / username
  • Email address
  • Membership status
  • Billing information
  • Payment status

Payment processing is carried out, depending on your selection, via:

  • Stripe
  • PayPal (on request only)
  • Bank transfer

If Stripe or PayPal is used, the necessary payment data is transmitted directly to the payment provider. We only receive confirmations and status information and do not store complete payment details.

Legal basis: Art. 6(1)(b) GDPR
Storage period: according to statutory retention obligations (tax and commercial law)

8. Payment provider Stripe

For card payments we use Stripe Payments Europe Ltd.
1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland.

Stripe processes personal data such as name, email address, payment amount, and payment method solely for payment processing.

Legal basis: Art. 6(1)(b) GDPR

9. Newsletter

When you subscribe to the newsletter, we process your email address and any optional information you provide. Subscription uses the double opt-in procedure. You can unsubscribe at any time.

Legal basis: Art. 6(1)(a) GDPR

10. Comments, forum & spam protection

For comments and forum posts (bbPress, bbP Private Groups), profile data, post content, date/time, and IP addresses are processed.

For spam protection we use Antispam Bee and Akismet. With Akismet, data may be transmitted to servers in the USA.

Legal basis: Art. 6(1)(f) GDPR

11. Privacy-friendly analytics (no cookies)

We use Plausible Analytics. No cookies are set and no personal usage profiles are created. Analytics are aggregated and anonymised.

Legal basis: Art. 6(1)(f) GDPR

12. VG Wort

For reach measurement, we integrate VG Wort tracking pixels via Prosodia VGW OS. The measurement is anonymous.

Legal basis: Art. 6(1)(f) GDPR

13. Social sharing & federation

We use Shariff Wrapper for privacy-friendly sharing buttons. A connection to social networks is only established when you actively click a button. Via ActivityPub, publicly visible content may appear in federated networks and be replicated on third-party servers.

14. Communication via Matrix

For community communication we use Matrix, a decentralised end-to-end encrypted messaging protocol. Processed data may include display name, avatar (optional), message content, and technical metadata. Storage takes place on the participating Matrix servers.

15. Security & backups

To protect the website we use Wordfence Security. Backups are created via UpdraftPlus and may be stored externally in encrypted form.

16. SEO, performance & layout

For technical and design optimisation we use, among others, Rank Math SEO, Elementor, GeneratePress and Autoptimize.

17. Your rights

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)

You also have the right to lodge a complaint with a data protection supervisory authority.