Legal Notice (Imprint) & Privacy Policy (English)

1) Legal Notice / Imprint

Information pursuant to § 5 Digitale-Dienste-Gesetz (DDG)

Service provider:
Zsanett Obot
Silberbergstraße 39/2
69256, Mauer
Germany

Contact:
Telephone: +49 15237376336
Email: contact@obotservices.de
Website: https://intervention.obotservices.de

VAT ID: DE446991304

Disclaimer (content and links)

We prepare the content of this website with care. However, we cannot guarantee accuracy, completeness, or currentness of all information.
This website may contain links to external websites. We are not responsible for the content of external websites and do not adopt their content as our own.

Consumer dispute resolution

Notice pursuant to § 36 VSBG: We are not willing or obliged to participate in dispute resolution proceedings before a consumer arbitration board.

2) Privacy Policy (GDPR)

This Privacy Policy explains how we process personal data for Obot Intervention Services group sessions (online, in-person, and invitation-based) and for the use of this website. Transparency obligations follow Articles 13 and 14 GDPR. 

2.1 Controller
Zsanett Obot
Silberbergstraße 39/2
69256, Mauer
Germany

Contact:
Telephone: +49 15237376336
Email: contact@obotservices.de

2.2 What we do (boundaries)

We provide intervention services (not therapy, not medical services, and not an emergency service). We do not provide diagnosis, treatment, or cure claims.

2.3 Principles (our standard)

• Data minimisation: we collect only what we need for delivery, scheduling, and billing.

• Discretion: communication is purposeful and limited.

2.5 Data we may process

Depending on how you contact us or register, we may process:

• Identification and contact data: name, email, phone (optional), country/city.

• Registration/session data: chosen session type, availability, participation status.

• Communication data: messages you send to us (email, form submissions).

• Technical data: IP address, timestamps, device/browser data in server logs.

• Billing data: invoice address, payment status, transaction reference (where applicable).

We do not require personal history for participation. Please do not submit sensitive personal details in open text fields unless necessary.

2.6 Purposes and legal bases

We process personal data for these purposes, relying on these legal bases:

• Providing and organising sessions (registration, scheduling, delivery): Art. 6(1)(b) GDPR (contract / pre-contract steps) 

• Responding to enquiries: Art. 6(1)(b) and/or Art. 6(1)(f) GDPR (legitimate interest in communication and service delivery) 

• Legal obligations (e.g., accounting/tax retention): Art. 6(1)(c) GDPR 

• Optional features (e.g., non-essential cookies/analytics/newsletter): Art. 6(1)(a) GDPR (consent) 

2.7 Website hosting and server logs

When you visit our website, our hosting provider automatically processes server log data (e.g., IP address, date/time, requested page, user agent) to ensure security, stability, and proper delivery of the website.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure operation).

2.8 Cookies and similar technologies

We use strictly necessary technologies only as needed for the website to function. Any non-essential cookies or access to information on your device requires your prior consent, except where an exemption applies (e.g., strictly necessary for transmission or providing a service you requested). This follows § 25 TTDSG.

2.9 Contact forms and enquiries

If you contact us via form or email, we process the data you provide to respond and, if relevant, to prepare or deliver services.
Legal basis: Art. 6(1)(b) and/or Art. 6(1)(f) GDPR. 

2.10 Registration and participation in group sessions

For group sessions, we process the minimum data required to:

• confirm eligibility and format (online / in-person / invitation)

• send joining instructions and session rules

• manage attendance and, where applicable, billing

We do not require sensitive categories of data. If you voluntarily share sensitive information, please keep it minimal.

2.11 Session delivery via online meeting tools

For online sessions, we may use video-conferencing providers. In this case, the provider may process technical and usage data (e.g., IP address, metadata, display name, audio/video) to deliver the session.
We select providers carefully and, where required, put processor agreements in place.

Recordings:
We do not record sessions by default. If recording is ever required for a specific format, we will inform participants in advance and obtain any required consent.

2.12 Payments, invoicing, and accounting

If sessions are paid, we process billing and payment-related data to issue invoices, reconcile payments, and meet legal retention obligations.
Legal basis: Art. 6(1)(b) and Art. 6(1)(c) GDPR. 

2.13 Recipients / service providers

Recipients may include hosting providers, email providers, video-conferencing providers (for online sessions), and accounting/invoicing providers. Where providers act as processors, we conclude data processing agreements in accordance with Art. 28 GDPR where required.

2.14 International transfers

We aim to use providers in the EU/EEA. If a provider is located outside the EU/EEA, we rely on appropriate safeguards (e.g., EU Commission adequacy decision or Standard Contractual Clauses) where required.

2.15 Retention

We keep personal data only as long as necessary for:

• delivering the service and follow-through, and

• meeting legal obligations (e.g., invoices/records)

Default operational retention:

• Session coordination data (scheduling, attendance, logistics): retained for 36 months after last contact, then deleted/anonymised, unless a longer retention is required by law.

• Business correspondence relevant for retention duties: retained for 6 years (typically from the end of the calendar year).

• Invoices and invoice-related records: retained for 8 years (where applicable, typically from the end of the calendar year). 

2.16 Your rights (GDPR)

You have rights under GDPR, including:

• access, rectification, erasure, restriction, data portability, objection, and withdrawal of consent (where processing is based on consent). 

• You also have the right to lodge a complaint with a supervisory authority in the EU/EEA. 

• You may complain to your local supervisory authority.

2.17 Security

We use organisational and technical measures to protect data (access control, minimisation, and purpose limitation). No system is perfectly secure, but we work to reduce risk.

2.18 Changes to this policy

We may update this page when processes or legal requirements change. 

The “Last updated” date will be updated accordingly.

Last updated: 8 January 2026