beyond profit

Legal

Privacy Policy

This website respects your privacy. It collects only the minimum data necessary to operate, and uses no cookies, tracking tools, or analytics services.

1. Data Controller

The data controller responsible for processing personal data on this website pursuant to the EU General Data Protection Regulation (GDPR) is:

Dr. Jenny Meyer
beyond profit
Vitalisstrasse 379a
50933 Köln
Germany
Email: jenny@beyond-profit.eu

2. What Data Is Collected and Why

2.1 Server Log Files

When you visit this website, the web server automatically collects and temporarily stores the following technical information in log files:

  • IP address of the requesting device
  • Date and time of access
  • Browser type and version
  • Operating system used
  • Pages visited on this website
  • Referrer URL (the page from which you accessed this site)

Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest).
Purpose: to deliver the website to your browser, ensure system security, and detect technical problems.
Storage duration: server logs are automatically deleted after 7 days.

2.2 Self-Hosted Fonts

This website uses self-hosted fonts (TT Norms) stored on the same server. When you visit, these fonts load directly from this server without third-party service connections such as Google Fonts.

Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest in consistent website presentation).
No data transfer: no data is transmitted to third parties when loading fonts.

2.3 Email Contact

When you click on email links on this website, your default email client opens with a pre-filled email address. No data is transmitted to this server when you click such links. Email communication happens directly between your email provider and mine.

Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest), or Art. 6 (1) lit. b GDPR (pre-contractual measures) when you contact me regarding potential services.
Storage duration: emails are stored as long as necessary to process your inquiry or as required by law (e.g., for tax or commercial record-keeping).

3. What Is Not Collected

This website does not use:

  • Cookies
  • Web analytics tools (e.g., Google Analytics, Matomo)
  • Social media plugins or tracking pixels
  • Advertising networks
  • Third-party content delivery networks
  • Contact forms that transmit data to the server

Therefore, no consent banner is required under GDPR or the German TTDSG (Telecommunications-Telemedia Data Protection Act).

4. Data Sharing

Your personal data is not sold, traded, or transferred to third parties. Personal data is only shared if:

  • Required by law (e.g., law enforcement requests with proper legal basis)
  • Necessary to protect legal rights

The web hosting provider has access to server data for technical purposes only and processes data on my behalf according to Art. 28 GDPR.

5. Your Rights Under GDPR

You have the following rights regarding your personal data:

5.1 Right to Information (Art. 15 GDPR)

You have the right to request confirmation about whether personal data concerning you is being processed, and if so, to receive information about this data and the processing purposes.

5.2 Right to Rectification (Art. 16 GDPR)

You have the right to request immediate correction of incorrect personal data and completion of incomplete personal data.

5.3 Right to Erasure (Art. 17 GDPR)

You have the right to request erasure of your personal data if one of the legal grounds applies (e.g., data no longer necessary for the original purpose).

5.4 Right to Restriction of Processing (Art. 18 GDPR)

You have the right to request restriction of processing under certain conditions (e.g., if you contest the accuracy of the data).

5.5 Right to Data Portability (Art. 20 GDPR)

You have the right to receive personal data you provided in a structured, commonly used, and machine-readable format.

5.6 Right to Object (Art. 21 GDPR)

You have the right to object to processing of your personal data based on legitimate interest (Art. 6 (1) lit. f GDPR) at any time, for reasons arising from your particular situation.

5.7 Right to Withdraw Consent (Art. 7 (3) GDPR)

If data processing is based on your consent, you have the right to withdraw this consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before withdrawal.

5.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your residence, workplace, or the place of alleged infringement.

The competent supervisory authority in Germany depends on the federal state. A list of supervisory authorities is available at: www.bfdi.bund.de

Exercising Your Rights

To exercise any of these rights, please contact: jenny@beyond-profit.eu

6. Data Security

Technical and organisational security measures protect your data against accidental or intentional manipulation, loss, destruction, or unauthorised access. These measures are continuously improved in line with technological developments.

This website is served over HTTPS (encrypted connection) to protect data transmission between your browser and the server.

7. Changes to This Privacy Policy

This privacy policy may be updated from time to time to reflect changes in practice or legal requirements. The current version is always available on this page. The "Last updated" date below indicates when the policy was last revised.

8. Contact for Privacy Concerns

For questions about this privacy policy or how personal data is handled, please contact:

Dr. Jenny Meyer
Email: jenny@beyond-profit.eu

Last updated: October 17, 2025

← Back to beyond-profit.eu