Privacy Policy
Status of the Privacy Policy: 05/2025
Below, I would like to inform you about data protection on my website and about the type, scope, and purpose of the personal data I collect, use, and process. Data protection is very important to me.
Personal data is any data that could be used to identify you personally, such as your name, IP address, telephone number, etc. Some of this data is processed automatically when you visit the website (e.g., IP address, browser type, operating system, etc.), or when you give me your consent to process it, or when you voluntarily provide me with your data, e.g., by entering your data in a form on my website.
Furthermore, I would like to inform you about your rights under the GDPR.
You have the right to obtain information about the origin, recipient, and purpose of your personal data processed by me at any time and free of charge, as well as the right to correct or delete this data.
You also have the right to request the restriction of the processing of your personal data under certain circumstances. If you have given me your consent to process your data, you can revoke this consent at any time with future effect. You also have the right to lodge a complaint with the competent data protection supervisory authority (Datenschutz-Aufsichtsbehörde).
Tobias Forst
Eduard-Hamm-Str. 12
94036 Passau
Phone +49 176 81321273
info@achilles-lifecoaching.com
For my customers or business partners, or in the event that you are interested in my services, the type, scope, and purpose of the processing of your personal data are based on the contractual or pre-contractual relationships between us. In doing so, I process personal data that I request from you or that you provide to me in order to respond to your enquiry, prepare a quote for you or process your order. The data subjects in this context are interested parties, business partners and contractual partners. The purpose of processing is the performance of contractual services, communication, responding to contact enquiries and office and organisational procedures.
Unless otherwise stated in this Privacy Policy, the processing of your data and its transfer to third parties is limited to the data that is necessary and appropriate to respond to your inquiries and/or to fulfill the contract, to protect my rights, and to fulfill legal obligations. The data concerned is:
The legal basis for data processing is Art. 6 I 1 lit. b GDPR, the fulfillment of the contract or the fulfillment of pre-contractual requests.
Unless a specific storage period is specified in this Privacy Policy, I will store your personal data until the purpose for which it was collected no longer applies. I will delete your personal data when I no longer need it, i.e. after the contractual relationship between us has ended, or after my legitimate interest in further processing the data has ceased to exist, or if you request me to delete it. Mandatory legal provisions – in particular statutory retention periods – remain unaffected. It may also be necessary to process your personal data until the expiry of these periods in order to assert, exercise, or defend legal claims arising from contractual relationships or to protect the rights of another natural or legal person. I will then delete the personal data required for this purpose only after these periods have expired. Until these periods expire, however, I will restrict the processing of this data to these purposes.
When you access my website, you transmit data to the web server via your Internet browser (due to technical necessity). The following data is processed in the server log files during an active connection for communication between your Internet browser and the web server:
For technical reasons (access to the website), this data is stored temporarily. I am not able to deduce any individual persons from this data. The IP addresses are deleted or anonymized after 7 days at the latest.
The data is evaluated exclusively for internal purposes and does not allow me to draw any conclusions about your person. A comparison with other data sets does not take place. The data mentioned is processed for the following purposes:
The legal basis for data processing is Art. 6 I S. 1 lit. f GDPR. The legitimate interest follows from the purposes listed above for data collection. Under no circumstances will I use the collected data for the purpose of drawing conclusions about your person. You can visit the website without providing any personal information.
If you contact me by email or phone, your request, including all personal data arising from it (e.g., name, request), will be stored and processed by me for the purpose of processing your request. The data will not be passed on without your consent. There is no legal or contractual obligation to provide your data, but it is not possible to process your request without providing your data.
The processing of this data is based on Art. 6 I S 1 lit. b GDPR, provided that your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on your consent (Art. 6 I S 1 lit. a GDPR) and/or on my legitimate interest (Art. 6 I S 1 lit. f GDPR), as I have a legitimate interest in the effective processing of inquiries addressed to me.
The data sent via contact requests (e-mail) will be stored by me until you request its deletion, revoke your consent to its storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions - in particular statutory retention periods - remain unaffected.
If you send me a message via my contact form, you can use a pseudonym instead of your real name. Entering an email address is necessary to enable me to contact you by email. There is no legal or contractual obligation to provide your data, but it is not possible to process your request without providing your data.
The data you enter in the contact form will be used by me exclusively to respond to the contact within the scope of your request to me via the contact form. I will not pass on the data you enter in the contact form to third parties or use this data for any purpose other than to respond to your inquiry. Data processing is carried out either for the purpose of fulfilling a contract to which the data subject is a party, or for the implementation of pre-contractual measures (Art. 6 I S 1 lit b GDPR), or in accordance with Art. 6 I S. 1 lit a GDPR on the basis of your voluntary consent and/or on my legitimate interest (Art. 6 I S 1 lit f GDPR), as I have a legitimate interest in the effective processing of the inquiries addressed to me.
Your data will be deleted after your request has been processed, unless there are legal obligations to retain it.
If I have received your email address in connection with the sale of a service and you have not objected, I reserve the right, on the basis of § 7 III UWG, to send you regular offers for similar services to those already provided by email. The legal basis for this is my legitimate interest in advertising to my customers, and the processing of the data is permissible under Art. 6 I S1 lit f GDPR within the scope of a balancing of interests.
You can object to the use of your email address at any time by sending me a message or via the corresponding link in the advertising email. Once the legal basis for data processing for advertising emails no longer applies, your email address will be deleted, unless statutory retention obligations (e.g., under tax or commercial law) prevent this.
I would also like to point out that you can object to the future processing of your personal data at any time in accordance with the legal requirements of Art. 21 GDPR. The objection can be made in particular against processing for direct marketing purposes.
I reserve the right to use your first and last name and the postal address you provided to me when placing orders for my own advertising purposes, e.g., to send you interesting offers and information about my services by post. This serves to protect my legitimate interests in advertising to my customers, which outweigh your interests in a balancing of interests pursuant to Art. 6 I S. 1 lit. f GDPR.
You can object to the storage and use of your data for these purposes at any time by sending me a message. The objection can be made in particular against processing for direct marketing purposes. Once the legal basis for data processing for postal advertising has ceased to exist, your address data will be deleted, unless there are legal obligations to retain it.
I maintain online presences on social networks for advertising purposes. I would like to point out that you use the social services and their functions at your own risk. This applies in particular to the use of interactive functions (e.g., sharing, rating).
When you visit my online presence on social media, personal data is collected and processed by the respective provider for advertising and market research purposes. As a rule, usage profiles are also created. This is particularly the case if you are a member of the respective platform and are logged in to it. The usage profiles can be used by the providers to display interest-based advertising to you. To prevent social media operators from collecting information about you during your visit to my website, you should log out of the respective social media site before visiting my website and delete any social media cookies from your browser.
No social plugins from Facebook or other social networks are integrated into these websites. Therefore, no program code from a social network is active on my pages. The icons for Facebook etc. on the website are only linked images.
Facebook Ireland (Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland – hereinafter referred to as Facebook) and the page administrator (me) are jointly responsible for the processing of personal data for the purposes specified in the Terms of Use for Covered Products on the page administrator's Facebook account, which is collected in connection with a visit to or interaction with a page (including its content).
Covered Products are all Facebook products, Facebook Pages, and Page Insights. Facebook products include Facebook itself (including the Facebook mobile app and the browser within the app), Messenger, Instagram (including apps such as Direct and Boomerang), Portal devices, Bonfire, Facebook Mentions, Facebook Shops, Spark AR Studio, Audience Network, NPE Team apps, and all other features, apps, technologies, software products, products, or services offered by Facebook, Inc. or Facebook Ireland Limited. In addition, Facebook Business Tools are also considered Facebook products.
The scope of joint processing and the addendum for controllers covers the collection of personal data specified in the Terms of Use for Covered Products and its transfer to Facebook. The subsequent processing of data by Facebook is not part of joint processing. Likewise, joint processing does not include the processing of personal data exclusively by me – in this case, I am the sole controller of the data processing.
The information required under Article 13 I lit. a and b GDPR can be found in Facebook's data policy at https://www.facebook.com/about/privacy. Further information on joint processing can be found in the respective terms of use for the products.
For the use of certain Facebook products (so-called “Facebook Business Tools”) and the associated data processing, the additional agreement between me and Facebook as joint controllers pursuant to Art. 26 GDPR applies, which you can view at https://www.facebook.com/legal/controller_addendum
Facebook and I have entered into this addendum for controllers to define the respective responsibilities for fulfilling the obligations under the GDPR with regard to joint processing (as set out in the terms of use for covered products).
Furthermore, we have agreed that between the parties, Facebook is responsible for enabling the rights of data subjects under Articles 15-20 of the GDPR with regard to personal data stored by Facebook after joint processing.
Any transfer of personal data to the US is based on the adequacy decision of the EU Commission (EU-U.S. Data Privacy Framework). Based on adequacy decisions, personal data can flow freely and securely from the European Economic Area to the third country in question without any further conditions or approvals being required. This means that data can be transferred to the third country in the same way as within the EU.
I expressly point out that the use of certain Facebook products may involve the transfer of personal information to Facebook. Depending on the circumstances, Facebook Ireland Limited may also transfer EU data to Facebook Inc. in the US for storage and further processing. By using Facebook products, the user agrees to Facebook's data processing conditions. These can be found at https://www.facebook.com/legal/terms/dataprocessing/update.
The Facebook EU data transfer supplement can be found at https://www.facebook.com/legal/EU_data_transfer_addendum
Facebook's data policy can be found at https://www.facebook.com/about/privacy/ - Instagram's data policy can be found at https://privacycenter.instagram.com/policy/
Information about cookies and other storage technologies on Facebook can be found at https://www.facebook.com/policies/cookies/
Facebook's data security conditions can be viewed at https://www.facebook.com/legal/terms/data_security_terms.
Facebook's terms of use for commercial use can be found at https://www.facebook.com/legal/commercial_terms/update
You can contact Facebook's data protection officer at https://www.facebook.com/help/contact/540977946302970.
Facebook continues to provide me with so-called Page Insights for the Facebook page. Insights data is aggregated data that provides me with information about how users interact with my social media page. The legal basis for data processing is Art. 6 I S 1 lit. f GDPR, the protection of my legitimate interests in an optimized presentation of the website and effective communication with users.
Data processing is carried out on the basis of an agreement between the joint controllers in accordance with Art. 26 GDPR, which you can view at https://www.facebook.com/legal/terms/page_controller_addendum.
Further information on page insights data on Facebook can be found at https://www.facebook.com/legal/terms/information_about_page_insights_data and at https://de-de.facebook.com/help/instagram/155833707900388
We process personal data when you contact me, e.g. via the contact form or via Messenger. This data is stored and used exclusively for the purpose of responding to your request or for establishing contact and the associated technical administration. The legal basis for the processing of the data is my legitimate interest in responding to your request in accordance with Art. 6 I S. 1 lit. f GDPR. Your data will be deleted after your request has been processed, unless there are legal obligations to retain it.
Facebook and I have agreed that Facebook is primarily responsible for providing you with information about joint processing and for enabling you to exercise your rights under the GDPR. Under the GDPR, you have the right to access, correct, transfer, and delete your data, as well as to object to the processing of your data and to restrict processing. You can find out more about these rights in your Facebook settings. For more information about your rights, see also "Data Subject Rights" in this Privacy Policy.
Facebook and I have agreed that the Irish Data Protection Commission is the lead supervisory authority for joint processing. You have the right to lodge a complaint with the Irish Data Protection Commission (see www.dataprotection.ie) or with your local supervisory authority.
You can object to the processing of your data for advertising purposes on Facebook at any time by changing your ad settings in your Facebook user account at https://www.facebook.com/settings?tab=ads.
I operate Facebook / Instagram for advertising purposes for my services. The processing of personal data is based on Art. 6 I S 1 lit f GDPR.
In order to fulfill the contract, I may pass on your data to the company responsible for payment, insofar as this is necessary for the payment of services ordered. Depending on which payment service provider you select during the ordering process, I will pass on the payment data collected for this purpose to the credit institution responsible for payment and, if applicable, to the payment service providers commissioned by me or to the selected payment service provider for the purpose of processing payments. In some cases, the selected payment service providers also collect this data themselves if you create an account there. In this case, you must log in to the payment service provider with your access data during the ordering process. In this respect, the privacy policy of the respective payment service provider applies.
The legal basis for data processing is Art. 6 I S 1 lit. a, b GDPR.
Payment via PayPal is one of the payment methods offered on my website. This payment service is provided by PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal”).
If you select payment via PayPal, the payment details you enter will be transmitted to PayPal.
The transfer of your data to PayPal is based on Art. 6 I S 1 lit. a GDPR (consent) and Art. 6 I 1 lit. b GDPR (processing for the performance of a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the validity of data processing operations that took place in the past.
Further information on data protection can be found in PayPal's privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
CDN server (content delivery network) technologies may be used on my websites. CDN shortens the loading times of JavaScript libraries and fonts, as these files are transferred from fast or less busy servers. The proxy servers store the files locally, thereby improving the access speed during download. This allows content such as web videos or other large media files to be delivered quickly and securely.
I use the services of Cloudflare (Clouflare Inc., 101 Townsend St, San Francisco, CA 94107, USA) and Amazon CloudFront (service provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855 Luxembourg - AWS).
The use of CDN requires the processing of your IP address so that the content of the website can be sent to your browser.
Data processing is carried out on the basis of my legitimate interests in the optimization and economic operation of the website (Art. 6 I S. 1 f GDPR). Cloudflare and AWS are recipients acting as processors on my behalf. This corresponds to my legitimate interest within the meaning of Art. 6 I S 1 lit. f GDPR in not operating a content delivery network myself.
The transfer of your IP address to the USA is based on the adequacy decision of the EU Commission (EU-U.S. Data Privacy Framework). Based on adequacy decisions by the EU, personal data can flow freely and securely from the European Economic Area to the third country in question without any further conditions or approvals being required. This means that data can be transferred to the third country in the same way as within the EU. Cloudflare Inc. and Amazon.com Inc. are Data Privacy Framework certified.
The Amazon AWS Privacy Policy can be found at https://aws.amazon.com/de/compliance/gdpr-center/.
The Cloudflare Privacy Policy can be found at https://www.cloudflare.com/privacypolicy/.
JavaScript is used to integrate the content. You can object to data processing by deactivating JavaScript in your browser or installing a JavaScript blocker. Please note that this may result in functional restrictions on the website.
I also use the Fastly Content Delivery Network (CDN) to deliver content. The Fastly CDN is operated by Fastly Inc., General Counsel 475 Brannan St, Suite 300 San Francisco, CA 94107. The Fastly CDN makes content from my website available on various servers distributed worldwide. This reduces the loading time of the website, ensures greater reliability, and provides increased protection against data loss.
Fastly Web Services and the Fastly CDN are used in the interests of greater reliability, increased protection against data loss, and improved website loading speed. This constitutes a legitimate interest within the meaning of Art. 6 I S 1 lit f GDPR. The current privacy policy of Fastly can be found at https://www.fastly.com/de/privacy/ and https://www.fastly.com/de/data-processing
Any transfer of your IP address is based on the adequacy decision of the EU Commission (EU-U.S. Data Privacy Framework). Based on adequacy decisions by the EU, personal data can flow freely and securely from the European Economic Area to the third country in question without any further conditions or approvals being required. This means that data can be transferred to the third country in the same way as within the EU. Fastly Inc. is Data Privacy Framework certified.
I use the SSL (Secure Socket Layer) procedure on my website to encrypt and protect the transmission of confidential content. When SSL encryption is activated, the data you transmit to me cannot be read by third parties. You can recognize whether a single page of the website is transmitted in encrypted form by the closed representation of the key or lock symbol in the status bar of your browser—the address line of your browser displays "https://" when SSL encryption is used.
Your personal data will not be transferred to third parties for purposes other than those listed above or below.
I will only pass on your personal data to third parties if:
You have the right:
If I process your personal data in accordance with Art. 6 I S 1 lit. f GDPR in order to protect my legitimate interests, which outweigh your interests, you have the right to object to the processing of your personal data with effect for the future in accordance with Art. 21 GDPR. If the processing is for direct marketing purposes, you can exercise this right at any time. This also applies to profiling insofar as it is related to such direct marketing. If the processing is carried out for other purposes, you only have the right to object if there are reasons arising from your particular situation.
If you wish to exercise your right to object, simply send me an email.
After you exercise your right to object, I will no longer process your personal data unless I can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves to assert, exercise, or defend legal claims.
If you object to the processing of your personal data for direct marketing purposes, your personal data will no longer be processed for these purposes.
No automatic decision-making or profiling takes place on my websites.
Due to the further development of my website and offers or due to changes in legal or regulatory requirements, it may be necessary to change this Privacy Policy in accordance with applicable data protection regulations. The current Privacy Policy can be accessed and printed at any time on my website under Privacy.
05/2021
