Dragonfly Retreats privacy policy

Version dated October 26, 2025

With this privacy policy, we inform you about the processing of personal data in connection with our activities and operations, including our website. We specifically detail the purposes, methods, and locations of the processing of personal data. Additionally, we provide information about the rights of individuals whose data we process.

For specific or additional activities and operations, separate privacy policies and other legal documents such as General Contract and Travel Terms (GCTT), Terms of Use, or Participation Conditions may apply. We adhere to Swiss data protection law and, where applicable, foreign data protection law, particularly that of the European Union (EU) with the General Data Protection Regulation (GDPR).

1. Contact information

Dragonfly Retreats is a product of Big Cats of India LLC. Responsible for the processing of personal data:

Big Cats of India LLC
Altwiesenstrasse 181, 8051 Zurich
info@bigcatsofindia.com
We will notify you if, in specific cases, other parties are responsible for the processing of personal data.

Data protection officer
We have the following Data Protection Officer or Data Protection Advisor to serve as a point of contact for individuals and authorities regarding privacy-related inquiries:

Luc Lippuner, Altwiesenstrasse 181, 8051 Zurich
luc@bigcatsofindia.com

When you use the site, you consent to the collection, storage, use, disclosure and other uses of your Personal Information as described in this Privacy policy. We encourage our Users to carefully read the Privacy policy and use it to make informed decisions.  

If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain consent from the data subject. The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to the Big Cats of India LLC. By means of this data protection declaration, our enterprise would like to inform the general public of the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed, by means of this data protection declaration, of the rights to which they are entitled.

As the controller, Big Cats of India LLC has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed. For this reason, every data subject is free to transfer personal data to us via alternative means, e.g. by telephone.

2. Terms and legal basis 

We process personal data in accordance with Swiss data protection laws, including the Federal Act on Data Protection (Datenschutzgesetz, DSG) and the Data Protection Ordinance (Datenschutzverordnung, DSV).

Where applicable, and to the extent that the General Data Protection Regulation (GDPR) is in force, we process personal data based on at least one of the following legal grounds:

Article 6(1)(b) GDPR for the necessary processing of personal data to fulfill a contract with the data subject and to carry out pre-contractual measures.

Article 6(1)(f) GDPR for the necessary processing of personal data to safeguard the legitimate interests of us or third parties, provided that the fundamental freedoms and rights and interests of the data subject do not prevail. Legitimate interests include, in particular, our interest in conducting our activities and operations on a permanent, user-friendly, secure, and reliable basis and communicating about them, ensuring information security, protection against misuse, enforcing our legal claims, and complying with Swiss law.

Article 6(1)(c) GDPR for the necessary processing of personal data to fulfill a legal obligation to which we are subject under the laws of member states in the European Economic Area (EEA), as applicable.

Article 6(1)(e) GDPR for the necessary processing of personal data to perform a task carried out in the public interest.

Article 6(1)(a) GDPR for the processing of personal data with the consent of the data subject.

Article 6(1)(d) GDPR for the necessary processing of personal data to protect the vital interests of the data subject or another natural person.
 

3. Type, scope and purpose

We process personal data that is necessary to carry out our activities and operations on a permanent, user-friendly, secure, and reliable basis. Such personal data may include categories such as inventory and contact data, browser and device data, content data, meta or marginal data, usage data, location data, sales data, and contract and payment data.

We process personal data for the duration necessary for the respective purpose(s) or as required by law. Personal data that is no longer required will be anonymized or deleted. Backups containing personal data are deleted or anonymized according to the same retention timelines once restoration is no longer necessary for security or operational reasons.

We may engage third parties to process personal data on our behalf. We may also process or transmit personal data in collaboration with third parties, particularly specialized service providers whose services we use. We ensure data protection when working with such third parties.

We generally process personal data only with the consent of the data subjects. Where and to the extent that processing is permissible for other legal reasons, we may forego obtaining consent. For instance, we may process personal data without consent to fulfill a contract, comply with legal obligations, or safeguard overriding interests.

In this context, we particularly process information voluntarily provided by data subjects when contacting us—such as through postal mail, email, instant messaging, contact forms, social media, or phone—or when registering for a user account. We may store such information in an address book or similar tools. When we receive data about other individuals, the transmitting parties are obligated to ensure data protection for these individuals and ensure the accuracy of their personal data. 

Additionally, we process personal data obtained from third parties, gathered from publicly accessible sources, or collected during the exercise of our activities and operations, where such processing is legally permissible.​

Data retention: We retain personal data only as long as necessary to fulfill the purposes for which it was collected, to comply with legal obligations, or for legitimate business purposes. For marketing or retargeting purposes, customer contact information is stored for a maximum of 5 years from the last interaction. After this period, data is securely deleted or anonymized. Backups and archived versions containing personal data are automatically overwritten or anonymized once restoration is no longer necessary for security, legal, or operational reasons.

4. Transfer of data to third parties

4.1 Purpose of data sharing
We only share personal data with third parties where it is necessary to provide our services, to comply with legal obligations, or when there is a legitimate interest in such transfer.

4.2 Categories of recipients
These may include service providers in the areas of web hosting, analytics, payment processing, marketing, or customer relationship management. Any transfer of data is done in compliance with applicable data protection regulations. 

Other recipients may include providers of marketing funnels and scheduling tools, such as Onepage.io and Calendly, when personal data is transmitted for the purpose of managing communications, appointments, or marketing campaigns.

 4.3 Third-country transfers
If personal data is transferred to countries outside the European Union (EU) or European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as EU Standard Contractual Clauses or an adequacy decision by the European Commission.

4.4. Use of Google Tag Manager
We use Google Tag Manager, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. 
Google Tag Manager allows us to manage and deploy website tags (such as tracking codes or analytics scripts) through a single interface. 
The Tag Manager itself does not process personal data of users directly. However, it triggers other tags that may collect data. Where consent is required for the use of these tags, we ensure that they are only activated once you have granted consent through our cookie banner or consent management tool.

Data processing by Google may involve transmission to servers in the United States. 
Such transfers are based on the EU–U.S. Data Privacy Framework or, where applicable, on the European Commission’s Standard Contractual Clauses.
For more information, please refer to Google’s privacy policy: https://policies.google.com/privacy

4.5 Use of Google Ads and conversion tracking
We use Google Ads, an online advertising service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, to display advertisements and measure their performance. When you interact with one of our ads on Google or partner websites, Google Ads sets a conversion tracking cookie on your device. This enables us to track the effectiveness of our advertising campaigns and to optimize our marketing strategy.

The data collected through Google Ads may include information such as your IP address, browser type, visited pages, and interactions with ads. These cookies do not serve to personally identify users. Any data transmitted to Google may be processed on servers in the United States. Such transfers are based on the EU–U.S. Data Privacy Framework or, where applicable, on the European Commission’s Standard Contractual Clauses.

The legal basis for data processing is your consent under Article 6(1)(a) GDPR, which you may grant via our cookie banner. You can withdraw your consent at any time through our cookie settings or by adjusting your ad preferences in your Google account: https://adssettings.google.com/

For further information on data processing by Google, please refer to Google’s privacy policy: https://policies.google.com/privacy

4.7 Use of Meta Pixel, Conversion API, and Custom Audiences
4.7.1 Purpose of data processing
We use the “Meta Pixel,” the “Meta Conversion API,” and the “Custom Audiences” feature provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, IrelandThese tools allow us to measure the effectiveness of our advertising campaigns on Facebook and Instagram and to deliver ads that are more relevant to users who have shown interest in our services. For this purpose, certain information (such as IP address, browser type, actions on our website, or hashed identifiers like email addresses) may be transmitted to Meta.

Data types transferred to Meta: For the purposes described above, the types of data that may be transmitted to Meta include: hashed identifiers (e.g. email addresses, phone numbers), IP address, browser and device information, pages visited and actions taken on our site (e.g. page views, form submissions), and event/conversion data. We do not upload sensitive categories of personal data (e.g. health, racial or political data).

4.7.2 Legal basis
Data processing is based on your consent under Article 6 (1)(a) GDPR, which you may grant via our cookie banner.
If you are an existing or past customer, processing may also rely on our legitimate interest under Article 6 (1)(f) GDPR in promoting our services and improving campaign performance. 

Clarification of legal basis: For visitors who have not actively consented via our Cookie Settings, we only rely on consent (Art. 6(1)(a) GDPR) for the use of Pixel/CAPI for marketing purposes. For processing based on legitimate interest (Art. 6(1)(f)) — e.g. retargeting of existing or former customers — we perform a balancing test to ensure our interests do not override the data subject’s rights and freedoms. Records of that balancing test are maintained.
Where we rely on consent, users can withdraw consent at any time via our cookie banner without affecting the lawfulness of processing prior to withdrawal.

4.7.3 Data recipients
Meta Platforms Ireland Limited acts as the main recipient. Meta may process the data for its own advertising purposes as described in Meta’s Privacy Policy. Please consult Meta’s Privacy Policy for details on how Meta uses personal data and your options to manage ad preferences: https://www.facebook.com/about/privacy.

Data processing agreement and subprocessors: We process data with Meta under contractual safeguards. Meta acts as an independent controller for certain advertising purposes and as a processor for others; further subprocessors may be engaged by Meta. You can find Meta’s commitments and list of subprocessors in Meta’s legal documents and Data Processing Addendum.

4.7.4 Transfer to third countries
Meta may transfer data to the United States. Such transfers are based on the EU–U.S. Data Privacy Framework or the European Commission’s Standard Contractual Clauses.

Legal safeguards for international transfers: Where Meta or other recipients transfer personal data outside the EEA (e.g. to the United States), we use appropriate safeguards such as the EU-U.S. Data Privacy Framework (where applicable) or Standard Contractual Clauses approved by the European Commission. You may request a copy of these safeguards by contacting our Data Protection Officer.

4.7.5 Retention of uploaded audiences
When we upload customer contact lists to Meta for creating Custom Audiences, we retain those lists only for as long as they are necessary for the specific campaign purpose or for a maximum of  3 years from the date of last interaction, after which they are deleted or anonymized. If you request deletion, we will remove your data from our lists and instruct Meta to remove corresponding audience matches subject to Meta’s processing timelines.
Your rights regarding uploaded audience data: If you believe your contact data has been uploaded and you wish to have it removed, please contact us at info@dragonflyretreats.org. We will verify your request and initiate deletion from our lists and request Meta to remove the audience matches. Please note that removal from Meta’s systems is subject to Meta’s processing times and policies.

4.7.6 Automated decisions and profiling
We and Meta may use automated processing for advertising purposes, such as lookalike modelling and interest-based profiling to optimize ad delivery. These processes do not produce legal effects for the data subject. You have the right to object to profiling and automated processing for direct marketing at any time.

4.7.7 Security measures
We apply technical and organizational measures to protect data during transfer and storage, including access controls, encryption of stored data, secure transmission methods (HTTPS), and regular reviews of our data processing activities.

4.7.8 Withdrawal of consent / Opt-out
You can withdraw your consent at any time through our cookie settings or directly in your Meta account under “Ad Preferences.”
More information on managing advertising preferences is available here: https://www.facebook.com/help/568137493302217

5. Rights of data subjects

5.1 Data protection claims

We grant data subjects all rights in accordance with applicable data protection law. Data subjects have, in particular, the following rights:

Access: Data subjects may request information about whether we process personal data about them and, if so, which personal data it concerns. Data subjects also receive the information necessary to assert their data protection claims and to ensure transparency. This includes the processed personal data itself, but also information about the processing purpose, the duration of storage, any disclosure or export of data to other countries, and the origin of the personal data.

Correction and restriction: Data subjects may have incorrect personal data corrected, incomplete data completed, and the processing of their data restricted.

Deletion and objection: Data subjects may request the deletion of personal data ("right to be forgotten") and object to the processing of their data for the future.

Data disclosure and data portability: Data subjects may request the disclosure of personal data or the transfer of their data to another data controller.

We may, within the legally permissible framework, postpone, restrict, or deny the exercise of data subjects' rights. We may also inform data subjects of any prerequisites that may need to be met for the exercise of their data protection claims. For instance, we may refuse to provide information based on business secrets or the protection of other individuals, in whole or in part.​

For example, we may also refuse to delete personal data based on statutory retention obligations, in whole or in part. We may exceptionally charge fees for the exercise of rights. We will inform data subjects in advance of any potential costs. We are obligated to reasonably verify the identity of data subjects who request information or exercise other rights. Data subjects are obliged to cooperate.

Where processing is based on your consent, you have the right to withdraw that consent at any time with future effect, without affecting the lawfulness of processing carried out before withdrawal.

5.2 Right to lodge a complaint

Data subjects have the right to enforce their data protection claims through legal means or to file a complaint with a competent data protection supervisory authority.

The data protection supervisory authority for private controllers and federal entities in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC).

Data subjects have the right to lodge a complaint with a competent European data protection supervisory authority where the GDPR is applicable.​ Data subjects may also contact us directly before filing a complaint, so that we can attempt to resolve the issue amicably.

6. Data security

We implement appropriate technical and organizational measures to ensure data security commensurate with the respective risks. However, we cannot guarantee absolute data security. Our security measures include access controls, encryption, pseudonymisation, regular reviews of our IT systems, and staff training to maintain a high standard of data protection.

Access to our website is secured using transport encryption (SSL/TLS, particularly with Hypertext Transfer Protocol Secure, abbreviated as HTTPS). Most browsers indicate transport encryption with a padlock icon in the address bar.

Our digital communication, like all digital communication, is subject to mass surveillance without cause or suspicion, as well as other monitoring by security authorities in Switzerland, Europe, the United States of America (USA), and other countries. We have no direct control over the processing of personal data by intelligence agencies, law enforcement agencies, and other security authorities.

In the event of a personal data breach likely to result in a risk to individuals’ rights and freedoms, we will notify the competent authority and affected individuals in accordance with applicable data protection laws.

7. Website usage

7.1 Cookies
We may use cookies and other tracking technologies to enhance your browsing experience, analyze website traffic, and deliver personalized advertising. Cookies are stored in your browser and can include both first-party cookies (from our website) and third-party cookies (from services we use). They are not limited to traditional text-based cookies.

Cookies can be either:
  • Session cookies – automatically deleted when the browser is closed
  • Persistent cookies – stored for a specific period
Cookies allow us to recognize your browser on your next visit, measure website reach, and, in the case of persistent cookies, enable personalized advertising.

Cookies are categorized as:
  • Essential cookies– necessary for the basic functionality of our website.
  • Analytics cookies – used to measure website performance and usage, for example via Google Analytics.
  • Marketing cookies – used for personalized advertising and retargeting, including Meta Pixel, Conversion API, Custom Audiences, Google Ads Conversion Tracking (see Sections 4.4-4.7 for clarity), and marketing funnel or scheduling tools such as Onepage.io and Calendly. These cookies help us measure campaign effectiveness and deliver ads or follow-ups that better match user interests.
You can manage or withdraw your consent for cookies at any time via our Cookie Settings banner or directly in your browser settings. When disabling marketing cookies, tracking technologies such as Meta Pixel, Google Ads Conversion Tracking, and Google Tag Manager-based tools will no longer be active. Some third-party services used for analytics or advertising also provide additional opt-out options, such as:
  • AdChoices (Digital Advertising Alliance of Canada)
  • Network Advertising Initiative (NAI)
  • YourAd-Choices (Digital Advertising Alliance)
  • Your Online Choices (European Interactive Digital Advertising Alliance, EDAA)
Please note that disabling cookies may affect the functionality of our website. Our website uses a consent management tool that allows you to selectively enable or disable non-essential cookies and tracking technologies at any time. The settings can be accessed through the ‘Cookie Settings’ link available on each page.

7.2 Server log files
For each access to our website, we may collect the following information, provided it is transmitted from your browser to our server infrastructure or can be determined by our web server: Date and time, including time zone, Internet Protocol (IP) address, access status (HTTP status code), operating system, including user interface and version, browser, including language and version, specific subpage of our website accessed, including the amount of data transmitted, and the last webpage visited in the same browser window (referrer).

We store such information, which may also constitute personal data, in server log files. This information is necessary to provide our website on a permanent, user-friendly, and reliable basis, as well as to ensure data security and, in particular, the protection of personal data, even by third parties or with the assistance of third parties.

7.3 Tracking pixels
We may use tracking pixels on our website, also known as web beacons. Tracking pixels, including those from third parties whose services we use, are small, usually invisible images that are automatically retrieved when visiting our website. Tracking pixels can collect the same information as server log files.

7.4 Comments
We allow you to post comments on our website. In this context, we process information provided by the commenting person, including the Internet Protocol (IP) address, date, and time. This information is necessary to enable the publication of comments and to ensure protection against misuse, which is in our predominant legitimate interest.

8. Notifications and communications

We send notifications and communications via e-mail and other communication channels such as instant messaging or SMS.

8.1 Success and reach measurement
Notifications and communications may contain web links or tracking pixels that capture whether an individual message was opened and which web links were clicked. Such web links and tracking pixels may also capture personal usage data. We require this statistical usage data for success and reach measurement to effectively and user-friendly send notifications and communications based on the needs and reading habits of recipients while ensuring their long-term, secure, and reliable delivery.

8.2 Consent and objection
You generally need to provide explicit consent for the use of your email address and other contact information, unless the use is permissible for other legal reasons. For any consent, we use the "Double Opt-in" procedure whenever possible. This means you will receive an email with a confirmation link that you must click to prevent misuse by unauthorized third parties. We may log such consents, including the Internet Protocol (IP) address, date, and time, for evidence and security reasons.

You can generally object to receiving notifications and communications, such as newsletters, at any time. By objecting, you can also opt out of the statistical usage data collection for success and reach measurement. Required notifications and communications related to our activities and operations remain exempt.

If you wish to withdraw your consent or object to communications, please contact us at info@dragonflyretreats.org or use the unsubscribe link provided in our messages.

9. Social media

We maintain a presence on social media platforms and other online platforms to communicate with interested individuals and provide information about our activities and operations. In connection with such platforms, personal data may be processed outside of Switzerland and the European Economic Area (EEA). Data processed by social media platforms may be transferred to and stored in countries outside the EEA, such as the United States. We ensure appropriate safeguards for such transfers, as described in Section 4.3.

The terms and conditions (T&Cs) and usage terms, as well as privacy policies and other provisions of the individual operators of such platforms, apply. These provisions provide information, in particular, about the rights of data subjects directly vis-à-vis the respective platform, including the right to access.

For our social media presence on Facebook, including the so-called Page Insights, we are jointly responsible – if and to the extent the General Data Protection Regulation (GDPR) applies – with Meta Platforms Ireland Limited (Ireland). Meta Platforms Ireland Limited is part of the Meta companies (including those in the USA). The Page Insights provide information about how visitors interact with our Facebook presence. We use Page Insights to effectively and user-friendly provide our social media presence on Facebook.

Additional information about the type, scope, and purpose of data processing, information on data subjects' rights, as well as contact details for Facebook and Facebook's data protection officer can be found in Facebook's Privacy Policy. We have entered into an "Controller Addendum" with Facebook, agreeing, among other things, that Facebook is responsible for ensuring data subjects' rights. For the so-called page insights, the corresponding information can be found on the page "Information about Page Insights" including "Information on page insights data".

10. Third-party services

We use services provided by specialized third parties to carry out our activities and operations in a sustainable, user-friendly, secure, and reliable manner. With the help of such services, we can embed features and content into our website. When embedding such content, the used services may, for technical reasons, temporarily collect users' Internet Protocol (IP) addresses.

For necessary security, statistical, and technical purposes, third parties whose services we use may process data related to our activities and operations in an aggregated, anonymized, or pseudonymised form. This may include performance or usage data needed to provide the respective service.

We use, in particular:
Google services: Google services: Provider: Google LLC (USA) / Google Ireland Limited (Ireland) for users in the European Economic Area (EEA) and Switzerland; General information on data protection: "Privacy and security principles", Privacy policy, "We are committed to complying with applicable data protection laws ", "Google product privacy guide", "How Google uses information from sites or apps that use our services" (information provided by Google), "Google uses cookies", "Personalised advertising" (activation / deactivation / settings)
 
10.1 Digital infrastructure
We use services provided by specialized third parties to access the digital infrastructure required for our activities and operations. This includes, for example, hosting and storage services from selected providers.

We use, in particular:
Hostpoint: Hosting; Provider: Hostpoint AG (Switzerland); information about data protection: Privacy policy

Looka: Website builder and other infrastructure such as logo and marketing material creation; Providers: Looka Inc. (Canada); Privacy information: Privacy Policy, "Privacy" including Cookie Policy.

10.2 Social media features and social media content
We use third-party services and plugins to embed features and content from social media platforms and enable content sharing on social media platforms and other channels.

We use, in particular:
Facebook (Social Plugins): Embedding Facebook features and content, such as "Like" or "Share"; Providers: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including those in the USA); information about data protection: Privacy Policy.

Instagram Platform: Embedding Instagram content; Providers: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including those in the USA); information about data protection: Privacy Policy (Instagram), Privacy Policy (Facebook).

10.3 Maps
We use third-party services to embed maps into our website.

We use, in particular:
Google Maps, including Google Maps Platform: Map service; Provider: Google; Google Maps-specific information: "How Google Uses Location Information."

10.4 Audio and video
We use third-party services to enable the direct playback of digital audio and video content, such as music or podcasts.

We use, in particular:
YouTube: Video platform; Provider: Google; YouTube-specific information: "Privacy and Safety Center," "Your Data in YouTube".

10.5 Fonts
We use third-party services to embed selected fonts, as well as icons, logos, and symbols, into our website.

We use, in particular:
Google Fonts: Fonts; Provider: Google; Google Fonts-specific information: "Your Privacy and Google Fonts," "Privacy and Data Collection."

10.6 Advertising
We use the opportunity to display targeted advertising for our activities and operations on third-party platforms, such as social media platforms and search engines.

With such advertising, we aim to reach individuals who are already interested in or could be interested in our activities and operations (remarketing and targeting). To achieve this, we may transmit relevant – possibly personal – information to third parties enabling such advertising.

We may also determine the success of our advertising, especially whether it leads to visits to our website (conversion tracking).
Third parties on which we advertise and where you are logged in may potentially associate the usage of our website with your respective profile.

We use, in particular:
Facebook and Instagram advertising (Meta ads): Social media advertising; Providers: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including those in the USA); data protection information: remarketing and targeting, in particular with the Facebook Pixel and Custom Audiences including Lookalike Audiences, Privacy Policy, "advertising preferences" (user registration required). For detailed information on data processing, legal basis, and your rights regarding Meta Pixel, Conversion API, and Custom Audiences, see Section 4.7. 

Google ads: search engine advertising; provider: Google; Google Ads-specific information: Advertising based on search queries, among other things, using different domain names - in particular doubleclick.net, googleadservices.com and googlesyndication.com - for Google ads, "Advertising" (Google), "Why do I see a certain ad?". For more information, see Section 4.5.

Instagram ads: social media advertising; provider: Meta Platforms Ireland Limited (Ireland) and other Meta companies (including in the USA); data protection information: remarketing and targeting in particular with Facebook Pixel as well as Custom Audiences including Lookalike Audiences, Privacy Policy (Instagram), Privacy Policy (Facebook), "Advertising preferences" (Instagram) (user registration required), "Advertising preferences" (Facebook) (user registration required). For details, see Section 4.7.

10.7 Onepage.io
We use OnePage.io, a service provided by OnePage LLC (USA), to create landing pages and marketing funnels, including forms for free discovery call requests. Personal data entered in forms (such as name, email, and phone number) is transmitted to OnePage.io to allow us to manage leads and schedule calls. Transfers to the USA are covered by the EU–U.S. Data Privacy Framework or Standard Contractual Clauses.

10.8 Calendly
We use Calendly, a scheduling service provided by Calendly LLC (USA), to organize appointments for free discovery calls. Personal data you submit through Calendly forms (e.g., name, email, phone, selected time slots) is processed by Calendly to facilitate scheduling. Transfers to the USA are covered by the EU–U.S. Data Privacy Framework or Standard Contractual Clauses.

11. Success and outreach measurement

We try to determine how our online offer is used. In this context, we can, for example, measure the success and reach of our activities and operations as well as the effect of third-party links to our website. But we can also, for example, try out and compare how different parts or versions of our online offer are used ("A/B test" method). Based on the results of the success and reach measurement, we can in particular correct errors, strengthen popular content or make improvements to our online offer.

In most cases, the Internet Protocol (IP) addresses of individual users are stored for the purpose of measuring success and reach. In this case, IP addresses are always shortened ("IP masking") in order to comply with the principle of data economy through the corresponding pseudonymisation. Cookies may be used to measure success and reach and user profiles may be created. Any user profiles created include, for example, the individual pages visited or content viewed on our website, information on the size of the screen or browser window and the - at least approximate - location. As a matter of principle, any user profiles are created exclusively on a pseudonymous basis and are not used to identify individual users. Individual services of third parties with which users are registered may be able to assign the use of our online services to the user account or user profile of the respective service.

We use in particular: We use Google Analytics to measure website performance and reach. The service is provided by Google LLC. Google Analytics may collect data across different browsers and devices (cross-device tracking) and uses pseudonymised IP addresses, which are only transmitted in full to Google in the USA in exceptional cases. For more information, see "Safeguarding your data", "Google Analytics opt-out browser add-on".

12. Final provisions

We have created this data protection declaration with the data protection generator of Datenschutzpartner. We can adapt and supplement this data protection declaration at any time. We will inform about such adjustments and additions in an appropriate form, in particular by publishing the respective current data protection statement on our website. 

This Privacy policy was last updated on October 26, 2025. We encourage users to regularly review this page for any updates.