Last updated: December 2025

1. Data Controller
The person responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:

Richard Tissen
c/o Impressumservice Dein-Impressum
Stettiner Straße 41
35410 Hungen
Germany
Email: richard.tysn@icloud.com

2. General Information on Data Processing
We take the protection of your personal data seriously. We process your data solely in accordance with the applicable legal provisions: the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
Data will only be shared with third parties where necessary to fulfill contractual obligations or based on your explicit consent.

3. Collection and Storage of Personal Data
a) When Visiting This Website
When you access our website, technical data is automatically transmitted to our hosting provider, Framer B.V. (Amsterdam, Netherlands), and temporarily stored in a server log file. The following data may be collected:

• IP address (anonymized)

• Date and time of access

• Requested file and URL

• Referrer (source of access)

• Browser and operating system

These data are used for technical performance and security.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest).

4. Use of Framer Services
This website is hosted via Framer B.V., which may use cookies and internal analytics to optimize performance.
More information: https://www.framer.com/privacy

5. Contact Form and Email Contact
If you contact us via email or through our contact form, we will store the personal data you provide (e.g. name, email address, message) for the purpose of processing your inquiry.
Legal basis: Art. 6(1)(b) GDPR (contract/pre-contractual steps).

6. Newsletter (Manually Managed)
We currently manage newsletter subscriptions internally (e.g., spreadsheets) without using any third-party service provider. No external marketing tools are involved.
You can revoke your consent at any time by contacting us via email.
Legal basis: Art. 6(1)(a) GDPR (consent).

7. Digital Sales via CopeCart
Our digital products (e.g., nutrition plans, workout guides, fasting guides) are sold via CopeCart GmbH, which acts as Merchant of Record and handles order processing, billing, and payments independently.
CopeCart may process customer and transaction data under its own privacy policy:
https://copecart.com/en/datenschutz
We may access limited customer data for order fulfillment purposes.
Legal basis:

• Art. 6(1)(b) GDPR (contract fulfillment)

• Art. 6(1)(f) GDPR (legitimate interest in secure and efficient processing)

8. International Data Transfers
Services such as Google Analytics, YouTube, and Apple/iCloud (email) may transfer data to the United States. These transfers are protected through:

• Standard Contractual Clauses (SCCs) approved by the EU Commission (Art. 46 GDPR), and/or

• Participation in the EU-U.S. Data Privacy Framework (DPF), where applicable

We ensure appropriate safeguards are in place for all such transfers.

9. Cookie Consent and Tracking Technologies
We use a cookie banner that allows you to consent to or reject the use of cookies and external services. Non-essential services (like analytics and embedded content) will only be loaded after your explicit consent.
You can change or withdraw your consent at any time.
Legal basis: Art. 6(1)(a) GDPR (consent via cookie banner).

10. Analytics Tools
a) Google Analytics
We use Google Analytics (Google Ireland Ltd.) with IP anonymization enabled. Google may transfer data to U.S. servers.
Cookies are only placed after your consent via the cookie banner.
Legal basis: Art. 6(1)(a) GDPR (consent).
More info: https://policies.google.com/privacy

b) Framer Analytics
We may optionally use Framer's built-in tools for aggregated website statistics. No personal identification occurs.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in improving our services).

11. Embedded Content
We embed third-party content (e.g., videos, posts) from:

• YouTube (Google LLC)

• Instagram (Meta Platforms Ireland Ltd.)

• TikTok (TikTok Technology Ltd.)

These services may collect usage data and set cookies.
Content is only activated after you give consent via the cookie banner.
Legal basis: Art. 6(1)(a) GDPR (consent).
Policies:

• YouTube: https://policies.google.com/privacy

• Instagram: https://privacycenter.instagram.com

• TikTok: https://www.tiktok.com/legal/page/eea/privacy-policy/en

12. Use of Google Fonts
We use Google Fonts for consistent design. Fonts are either hosted locally or loaded from Google servers. When loaded remotely, your browser connects to Google, which may process your IP address.
If remote fonts are used, they are loaded only after your consent via the cookie banner.
Legal basis: Art. 6(1)(a) GDPR (consent), or Art. 6(1)(f) GDPR (if local use only).

13. Domain Hosting via Squarespace
Our domain is hosted by Squarespace Inc. (New York, USA). Server logs may be processed for security and availability.
More info: https://www.squarespace.com/privacy
Legal basis: Art. 6(1)(f) GDPR (legitimate interest).

14. Affiliate Programs
This site includes affiliate links (e.g., Amazon PartnerNet, Orgainic). If you click on an affiliate link, cookies may be set to track referrals.
We do not process personal data for this purpose ourselves.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in affiliate monetization).

15. Social Media Profiles
We maintain public profiles on platforms such as:

• Instagram

• TikTok

• YouTube

These providers independently process user data when you visit or interact with our profiles.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in public relations and communication).

16. Data Retention
We retain your personal data only for as long as necessary to fulfill its purpose or as required by law. After that, the data will be deleted or anonymized.

17. Your Rights under GDPR
You have the right to:

• Access your personal data (Art. 15 GDPR)

• Correct inaccurate data (Art. 16 GDPR)

• Request deletion (Art. 17 GDPR)

• Restrict processing (Art. 18 GDPR)

• Object to processing (Art. 21 GDPR)

• Data portability (Art. 20 GDPR)

• Withdraw consent (Art. 7(3) GDPR)

Contact us at richard.tysn@icloud.com to exercise your rights.

18. Right to Lodge a Complaint
If you believe that your personal data is being processed unlawfully, you have the right to lodge a complaint with a supervisory authority under Art. 77 GDPR. This may be the authority in your place of residence, place of work, or the location of the alleged violation.
You may also contact the competent data protection authority responsible for us in Germany:
State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Website: https://www.baden-wuerttemberg.datenschutz.de

19. Updates to This Privacy Policy
This Privacy Policy is valid as of December 2025. We may update this notice to reflect changes in legal requirements or technical developments. The latest version will always be published on this website.