Book an info call

Privacy Policy

Protecting your personal data is my highest priority. I treat your personal data confidentially and in accordance with the General Data Protection Regulation (GDPR) and this Privacy Policy.

1. Data Controller

The party responsible for data processing on this website is:

Stefanie Torki Constanze-Hallgarten-Str. 22 81379 Munich, Germany datenschutz@torkilegal.com

+49 1577 / 88 67 520

Please do not hesitate to contact me if you have any questions about how your personal data is processed.

2. Hosting

This website is hosted by All-Inkl (ALL-INKL.COM – Neue Medien Münnich, Hauptstraße 68, D-02742 Friedersdorf, Germany). When you visit the website, All-Inkl collects log files including, for example, your IP address. This data processing is based on Art. 6(1)(f) GDPR, reflecting the legitimate interest in the secure and reliable operation of my website.

For further details, please refer to All-Inkl’s privacy policy.

3. Collection and Storage of Personal Data and the Nature and Purpose of Its Use

a) When visiting the website

When you access the website, your browser automatically sends information to the website’s server. This information is temporarily stored in a log file. The data collected includes:

  • IP address of the requesting device,
  • date and time of access,
  • name and URL of the file accessed,
  • the website from which access was made (referrer URL),
  • the browser used and, where applicable, the operating system of your device.

This data processing is based on Art. 6(1)(f) GDPR.

b) Use of cookies

This website uses cookies to facilitate your use of the website, to carry out analysis, and to ensure the website is displayed correctly on your device.

Cookies are small text files stored on your device. They contain information relating to the specific device being used. Cookies do not give me direct knowledge of your identity, nor do they cause any damage to your device.

The following types of cookies are used:

  • Session cookies, which are automatically deleted when you close your browser, and
  • persistent cookies, which remain stored on your device until you delete them or they expire.

Cookies are stored on the basis of Art. 6(1)(a) or (f) GDPR.

Please note: Most browsers are set to accept cookies automatically. However, you can disable cookie storage or configure your browser to notify you before cookies are stored. Disabling cookies may limit the functionality of this website.

c) Borlabs Cookie Plugin

My website uses the consent technology provided by Borlabs Cookie to obtain and document your consent to the storage of certain cookies in your browser in a data-protection-compliant manner. When you enter the website, a Borlabs cookie is stored in your browser, recording the consents you have given or any withdrawal of those consents. This data is not shared with the provider of Borlabs Cookie.

The legal basis for this data processing is Art. 6(1) (c) GDPR.

d) Integration of LinkedIn

This website uses features of the LinkedIn network, operated by LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA. Each time a page containing LinkedIn features is accessed, a connection to LinkedIn’s servers is established. LinkedIn is informed that you have visited my website using your IP address. If you click LinkedIn’s “Recommend” button while logged into your LinkedIn account, LinkedIn may associate your visit to my website with your user account.

These plugins are used on the basis of Art. 6(1)(f) GDPR, reflecting my legitimate interest in comprehensive networking and the public visibility of my firm.

LinkedIn also processes data in the USA. EU Commission Standard Contractual Clauses are used to ensure compliance with European data protection standards. Further information is available at: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

For detailed information on data protection at LinkedIn, please visit https://de.linkedin.com/legal/privacy-policy

LinkedIn holds a certification under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is required to uphold these standards. Further information is available from the provider at: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

e) Google Fonts

This website uses fonts that are hosted locally on my server. No user data is transmitted to external providers such as Google. By hosting the fonts locally, I ensure that none of your data is shared with third parties when you visit my website.

f) Communication services

I use email, Microsoft Teams, and Zoom to communicate with my clients.

  • Email communication is handled via the email server hosted by All-Inkl.
  • If you submit personal data via the contact form, this data will be stored locally until you request its deletion, withdraw your consent to its storage, or the purpose for storing the data no longer applies (e.g. after completion of the engagement or project), unless mandatory legal provisions — in particular statutory retention periods — require otherwise.
  • Online meetings and video conferences are conducted using Microsoft Teams, a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA. Information on data processing by Microsoft can be found in Microsoft’s privacy statement: https://privacy.microsoft.com/de-de/privacystatement
  • Zoom is also used for video conferences and online meetings. This is a service provided by Zoom Video Communications, Inc., 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA. Further information on data processing by Zoom is available at https://explore.zoom.us/de/privacy/

The legal basis for the use of these services is Art. 6(1)(b) GDPR, where this is necessary for the performance of a contract or for pre-contractual measures, as well as my legitimate interest pursuant to Art. 6(1)(f) GDPR in smooth and effective communication with my clients.

g) Booking tool

I offer the Microsoft Bookings service on my website for scheduling appointments. Microsoft Bookings is a tool provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”), which allows you to book appointments with me online.

When you schedule an appointment via Microsoft Bookings, the following personal data is collected and transmitted to me: your name, email address, and the date and time of the booked appointment. This data is used solely for processing and managing your appointment and will not be shared with third parties unless I am legally obliged to do so. Your telephone number and address are optional. If you choose to provide them, they will be processed as described above.

The processing of your personal data in connection with Microsoft Bookings is based on Art. 6(1)(b) GDPR (performance of a contract) and Art. 6(1)(f) GDPR (legitimate interest). My legitimate interest lies in simple and efficient appointment management.

h) Web analytics (Jetpack Stats)

I use Jetpack Stats, a web analytics service provided by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA. This service collects anonymised usage data such as pages visited, time spent on the site, and visitor origin. Data processing only takes place after you have given your consent, on the basis of Art. 6(1)(a) GDPR. Automattic also processes data in the USA and is certified under the EU-US Data Privacy Framework. Further information is available at https://automattic.com/privacy/

4. Data processing agreements

I have entered into data processing agreements pursuant to Art. 28 GDPR with all service providers that process personal data on my behalf. This applies in particular to my hosting provider All-Inkl, Microsoft Corporation (for Microsoft Teams and Microsoft Bookings), and Zoom Video Communications, Inc.

5. Your rights as a data subject

You have the right at any time, free of charge and within the scope of applicable law, to request access to your personal data (Art. 15 GDPR), rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR), and data portability (Art. 20 GDPR).

You also have the right to withdraw your consent to data processing at any time (Art. 7 GDPR) or to lodge a complaint with the competent supervisory authority (Art. 77 GDPR).

You have the right to object at any time to the future processing of your personal data where such processing is based on legitimate interests (Art. 21 GDPR).

The competent supervisory authority is the Bavarian State Office for Data Protection Supervision (BayLDA), Promenade 18, 91522 Ansbach, Germany, poststelle@lda.bayern.de, www.lda.bayern.de.

6. Secure data transmission via SSL/TLS encryption

My website uses SSL/TLS encryption to ensure the secure transmission of your data. This encryption prevents third parties from reading data that you send to or via this website. Encryption is active when “https://” and a padlock icon are displayed in your browser’s address bar. If these are not displayed, you can check whether a secure connection exists by clicking the icon on the left side of the address bar.

7. Currency and amendments to this Privacy Policy

This privacy policy is regularly reviewed and updated as needed. The current version can be found here.