Data security & PRIVACY STATEMENT

Protecting your personal data is a core priority for us. We are committed to ensuring that your information is treated securely, in a transparent manner and in full compliance with applicable laws in Germany and the European Union, including the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

1. Responsible Party

The entity responsible for data processing on this website is:

Viane Mandel
Address: Wiesenstr. 19, 39576 Stendal, Germany
Email: info@vianemandel.com
Phone: +49 177 330 48 36

If you have any questions regarding data protection or wish to exercise your rights, please contact us.

2. Collection and Use of Personal Data

We process your personal data only:

• where necessary for contractual performance (e.g., bookings, coaching services)

• to fulfil legal obligations

• based on your clear consent

Examples of data we collect:

• Name, address, email, telephone number

• Health information only when necessary and voluntarily provided

• Data submitted through forms, chats, e-mail inquiries, or program applications

We never collect more data than necessary.

3. Legal Basis for Processing

We only process personal data when there is a lawful basis, such as:

• Contract performance (Art. 6(1)(b) GDPR)
  e.g. to deliver coaching, mentoring, or wellness services

• Legal obligations (Art. 6(1)(c) GDPR)
  e.g. bookkeeping, tax obligations

• Consent (Art. 6(1)(a) GDPR)
  e.g. newsletters, mailing lists

• Legitimate interests (Art. 6(1)(f) GDPR)
  e.g. website functionality, security

4. Special Categories of Personal Data

Some services may involve collecting sensitive health-related or emotional support information. This data is only processed:

• with explicit consent (Art. 9(2)(a) GDPR)

• when absolutely necessary for service delivery

• with the highest confidentiality standards

We do not process sensitive health data without your active approval.

5. Use of Cookies and Tracking

We use cookies and similar technologies to improve our website experience. You will be informed and asked for consent where required.

Cookies may include:

• essential cookies (necessary for website operation)

• performance and analytics cookies

• marketing cookies (only with consent)

You may change cookie preferences at any time.

6. Data Sharing and Disclosure

We may share personal data only with:

• Service providers under contract (e.g. payment processors, hosting providers)

• Authorities when required by law

• Professionals involved in service delivery (only with consent)

We never sell, rent or trade your personal data.

7. Data Security Measures

We implement appropriate technical and organizational measures to protect your data, including:

• Secure servers with encryption

• Access controls

• Ongoing monitoring and security reviews

• Encrypted communication where appropriate

Despite all precautions, no internet transmission is 100% secure. You understand and accept this residual risk.

8. Your Rights

Under GDPR, you have the right to:

• Access your personal data

• Correct inaccuracies

• Delete data (“right to erasure”)

• Limit processing

• Object to processing

• Data portability

• Withdraw consent at any time

To exercise your rights, contact us at the email address above.

9. Data Retention

We retain personal data only as long as necessary:

• To fulfill contractual obligations

• To meet legal retention periods (e.g., tax law)

• Until you request deletion

After that, data is securely erased unless further retention is legally permitted or required.

10. Changes to This Policy

We may update this security and privacy statement to reflect legal changes or improvements in our services. The latest version will always be available on this website.