Privacy Policy

Introduction

Amaltheia Consulting Ltd. (“we”, “us”, or “our”) is committed to protecting the privacy and security of your personal information. This privacy policy explains how we collect, use, and share information about you when you access our online courses, participate in our events (both online and offline), and use our website located at https://rising-rooted.com.

  1. Information We Collect (Art. 13 and 14 GDPR)

We collect personal information from you when you register for our courses, participate in our events, and interact with our services. This includes:

  • Names: To identify and communicate with you.
  • Email Addresses: To send course-related information, updates, and marketing communications.
  • Payment Information: To process payments for course registrations and event participation.
  • Interaction Data with Course Material: To understand how you engage with our courses and to improve our services.
  • Attendance Data at Events: To manage event participation and for record-keeping.
  1. Use of Your Information (Art. 13(1)(c) GDPR)

We use your personal information for the following purposes:

  • Course Registration: To enroll you in our courses and provide access to content.
  • Service Provision and Improvement: To deliver and enhance our services, including online courses and events.
  • Communication: To communicate with you about your account, course progress, and respond to inquiries.
  • Marketing: To inform you about new courses, events, and offers that may interest you. We will only send marketing communications with your consent.
  1. Legal Basis for Processing (Art. 6 GDPR)

Your personal data is primarily processed based on your consent. Additionally, we may process your data on the basis of our legitimate interests, which include improving our services, protecting against fraud, and ensuring network and information security.

  1. Data Sharing and International Transfers (Art. 44 – 50 GDPR)

We do not share your personal data with third parties, except as required for the technical functioning of our services, including the use of Facebook Pixel and Google Analytics. We ensure that any data transfer complies with legal requirements and that your data is protected.

  1. Data Security (Art. 32 GDPR)

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, considering the state of the art, the costs of implementation, and the nature, scope, context, and purposes of processing.

Cookies and Tracking Technologies (Art. 5(3) ePrivacy Directive, interpreted in conjunction with the GDPR)

To manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and related consents, we use the consent tool “Real Cookie Banner”. Details on how “Real Cookie Banner” works can be found at Real Cookie Banner data processing.

The legal basis for the processing of personal data in this context are Art. 6 (1) lit. c GDPR and Art. 6 (1) lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.

The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consents.

Google Analytics 4

If you have given your consent, this website uses Google Analytics 4, a web analytics service provided by Google LLC. The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

 

Nature and purpose of the processing

Google Analytics 4 uses cookies that enable an analysis of your use of our websites. The information collected by means of the cookies about your use of this website is generally transferred to a Google server in the USA and stored there.

 

We use the User ID function. User ID allows us to assign a unique, persistent ID to one or more sessions (and the activities within those sessions) and to analyse user behaviour across devices.

 

We use Google Signals. This allows Google Analytics to collect additional information about users who have personalised ads enabled (interests and demographics) and ads can be delivered to these users in cross-device remarketing campaigns.

 

Google Analytics 4 has IP anonymisation enabled by default. Due to IP anonymisation, your IP address will be shortened by Google within Member States of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. According to Google, the IP address transferred by your browser as part of Google Analytics will not be merged with other Google data.

During your website visit, your user behaviour is recorded in the form of “events”. Events can be:

 

Page views

First visit to the website

Start of session

Web pages visited

Your “click path”, interaction with the website

Scrolls (whenever a user scrolls to the bottom of the page (90%))

Clicks on external links

Internal search queries

Interaction with videos

File downloads

Seen Ads / clicked Ads

Also recorded:

 

Your approximate location (region)

Date and time of your visit

Your IP address (in shortened form)

Technical information about your browser and the end devices you use (e.g. language setting, screen resolution)

your internet service provider

the referrer URL (via which website/advertising medium you came to this website)

Purposes of the data processing

On behalf of the operator Google will use this information to evaluate your [pseudonymous [NOT USING USER ID]] use of the website and to compile reports on website activity. The reports provided by Google Analytics 4 serve to analyse the performance of our website and the success of our marketing campaigns.

 

Recipients

Recipients of the data are/may be

 

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor under Art. 28 DSGVO).

Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

Alphabet Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

Third country transfer

For the USA, the European Commission adopted a news adequacy decision on 10 July 2023. Google LLC is certified under the EU-US Privacy Framework. Since Google servers are distributed worldwide and a transfer to third countries (for example to Singapore) cannot be completely ruled out, we have also concluded the EU standard contractual clauses with the provider to establish an appropriate level of data protection in those countries.

 

Retention period

The data sent by us and linked to cookies are automatically deleted after 14 months. The maximum lifespan of Google Analytics cookies is 2 years. The deletion of data whose retention period has been reached occurs automatically once a month.

 

Legal basis

The legal basis for this data processing is your consent pursuant to Art.6 para.1 p.1 lit.a GDPR and § 25 para. 1 p.1 TTDSG.

 

Withdrawal

You can withdraw your consent at any time with effect for the future by accessing the cookie settings <a href=”#” onclick=”window.realCookieBanner.preferences()”>Edit cookie settings</a> and changing your selection there. The lawfulness of the processing carried out on the basis of the consent until revocation remains unaffected.

 

You can also prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to reject all cookies, this may result in a restriction of functionalities on this and other websites. You can also prevent the collection of data generated by the cookie and relating to your use of the website (including your IP address) by Google, and the processing of this data by Google, by

 

  1. not giving your consent to the setting of the cookie or
  2. downloading and installing the browser add-on to deactivate Google Analytics HERE.

For more information on Google Analytics’ terms of use and Google’s privacy policy, please visit https://marketingplatform.google.com/about/analytics/terms/us/ and at https://policies.google.com/?hl=en.

 

  1. Your Rights (Art. 12 – 22 GDPR)

Under the General Data Protection Regulation (GDPR), you have several rights regarding your personal data. These rights include:

  • The right to access (Art. 15 GDPR): You can ask for confirmation as to whether or not personal data concerning you is being processed and for access to this data.
  • The right to rectification (Art. 16 GDPR): If you believe that personal data we hold about you is incorrect or incomplete, you have the right to have it corrected.
  • The right to erasure (Art. 17 GDPR): You can request the deletion of your personal data where there is no compelling reason for its continued processing.
  • The right to restrict processing (Art. 18 GDPR): You have the right to request the restriction of processing your personal data under certain circumstances.
  • The right to object to processing (Art. 21 GDPR): You have the right to object to the processing of your personal data under certain conditions, including processing for direct marketing purposes.
  • The right to data portability (Art. 20 GDPR): You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, and have the right to transmit those data to another controller without hindrance from us.

Withdrawal of Consent (Art. 7(3) GDPR)

You can withdraw your consent at any time with effect for the future by accessing the cookie settings and changing your selection there. The lawfulness of the processing carried out on the basis of the consent until revocation remains unaffected.

How to Exercise Your Rights

If you wish to exercise any of the rights set out above, please contact us at info@rising-rooted.com.

Complaints to a Data Protection Authority (Art. 77 GDPR)

You also have the right to lodge a complaint with a data protection authority about our collection and use of your personal data. For more information, please contact your local data protection authority.

Please note that these rights are not absolute and are subject to certain exceptions. To understand these rights fully and any limitations, it is important to read the relevant articles of the GDPR.

  1. Newsletter Subscription (Art. 6(1)(a) GDPR)

Subscription to Our Newsletter

On our website, you can subscribe to our newsletter. We use the Mailster plugin for WordPress to manage newsletter subscriptions and send emails. When you subscribe to our newsletter, we collect personal data such as your email address and, optionally, your name for personalization purposes.

Purpose of Data Collection

The data collected is used exclusively for sending the newsletter and will not be passed on to third parties except as necessary to send the newsletter through Mailster.

Double Opt-In Procedure

We use a double opt-in procedure for subscriptions to our newsletter. This means that after you subscribe, we will send an email to the provided email address asking for confirmation that you wish to receive the newsletter. This confirmation is necessary so that nobody can register with email addresses that do not belong to them.

Withdrawal and Unsubscription

You can withdraw your consent to receive our newsletter at any time. Each newsletter contains a link to unsubscribe. You can also directly manage your subscription preferences on our website or by contacting us at info@rising-rooted.com.

Performance Measurement

To improve the content and interest of our newsletter, we may track how subscribers interact with the newsletter, such as open rates and click-through rates. This data is processed on the basis of our legitimate interests in optimizing our newsletter and is not shared with third parties.

Retention Period

The data will be retained for as long as you are subscribed to the newsletter. After unsubscription, we may keep your data for a limited period as necessary to comply with our legal obligations and to resolve disputes.

Your Rights

You have the right to access the information we hold about you and to ask for it to be corrected or deleted. Further details on your rights are included in section 6 of this privacy policy.

 

  1. Contact Us (Art. 13(1)(a) GDPR)

If you have any questions about this privacy policy or our data protection practices, please contact us at info@rising-rooted.com.

Changes to This Privacy Policy (Art. 13(2)(b) GDPR)

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes.

This Privacy Policy was last updated on 31.01.2024.