Privacy Policy

Name: Lösen & Befreien - Lisa Stout
Address: Kapuzinergasse 4, Innsbruck, 6020, AT
Telephone: +43 660 2376908

When using this website, personal data may be processed.

Data protection law requires website operators to inform users accordingly.

Data Controller
Lösen und Befreien - Lisa Stout

Kapuzinergasse 10a

6020 Innsbruck

+43 660 2376908

loesenundbefreien@gmail.com

Types of Data Processed
The personal data processed depends on how our website and services are used. This includes, on the one hand, personal information that you provide, such as your name, phone number or email address when using a contact form, or payment information when placing orders. On the other hand, information is automatically collected when accessing the website or through the use of cookies or similar technologies, such as device and usage data (e.g. IP address, browser information, previously visited URL). As a rule, this information cannot be directly linked to a specific individual.

Purpose of Processing
Among other things, we process data for the following purposes:

Provision and optimization of the online offer, its content and functions
Provision of contractual services and customer support
Responding to contact requests and communication with users
Marketing and advertising
Security measures
Compliance with legal obligations, such as retention requirements under commercial and tax law

Legal Bases
In accordance with Article 13 GDPR, we inform you of the legal bases for our data processing:

If we obtain consent for the processing of personal data, Article 6(1)(a) GDPR serves as the legal basis.

Article 6(1)(b) GDPR serves as the legal basis for processing personal data necessary for the performance of a contract. This also applies to processing operations required for pre-contractual measures.
If processing is necessary to comply with a legal obligation, Article 6(1)(c) GDPR serves as the legal basis.
If processing is necessary to protect vital interests of you or another natural person, Article 6(1)(d) GDPR serves as the legal basis.
If processing is necessary for the purposes of legitimate interests pursued by our company or a third party, and such interests are not overridden by your interests or fundamental rights and freedoms, Article 6(1)(f) GDPR serves as the legal basis.

Data Transfer
If we disclose or transfer personal data to other persons or companies (e.g. processors such as technical service providers for operating our website, affiliated companies or other third parties), or grant them access to the data, this will only take place if it is legally permitted (e.g. transfer to payment service providers for contract fulfillment), if you have consented, if we are legally obliged to do so (e.g. authorities), or based on our legitimate interests (e.g. use of service providers). If we commission third parties to process data on the basis of a so-called “data processing agreement”, this is done in accordance with Article 28 GDPR.

The data is stored within the EU. Some recipients may be located outside your country or process your personal data there. The level of data protection in other countries may differ from that of your country. However, we only transfer your personal data to countries or companies (e.g. in the USA) for which the EU Commission has determined an adequate level of data protection (e.g. companies certified under the EU-US Privacy Framework), or we take measures to ensure an adequate level of protection. For example, we conclude standard contractual clauses (SCC 2021) in accordance with Regulation (EU) 2016/679 or ensure that our service providers do so.

Description of Individual Processing Activities
6.1 Provision of the Website, Logging of Access

Purpose: To ensure secure, fast and stable operation of the website. Hosting is provided via cloud-based servers within the EU.

Legal basis: legitimate interest (Art. 6(1)(f) GDPR), technical necessity

Types of data: usage data (e.g. visited pages, access times, entries), communication data (e.g. IP address, browser type, operating system)

Recipients: web hosting/CDN provider (mono solutions ApS., Denmark, Amagerfælledvej 106 2300 Copenhagen), SSL certificate provider

Transfer to third countries: Not planned.

Storage period: max. 30 days

6.2 Processing of Inquiries

Purpose: Users can submit inquiries or book appointments via forms.

Legal basis: legitimate interest in responding (Art. 6(1)(f) GDPR)

Types of data: contact data (e.g. name, email, phone), content of messages

Recipients: cloud and email providers, contact form providers, booking tool providers

Transfer to third countries: Not planned.

6.3 Contact Management

Purpose: Contact data and interactions should be centrally manageable and traceable. Consent for marketing purposes must be documented.

Legal basis: legitimate interest (Art. 6(1)(f) GDPR), legal obligation to store consent

Types of data: contact data, message content, consent status

Transfer to third countries: Not planned.

6.4 Map Content

Purpose: To allow users to easily find our locations. Upon consent, map elements are loaded and data is transmitted to the map provider.

Legal basis: consent (Art. 6(1)(a) GDPR)

Types of data: usage data and communication data such as IP address, browser type and operating system

Recipients: map service providers

6.5 Social Media Presence

We maintain online presences on social networks to communicate with users and inform them about our services. The terms and privacy policies of the respective platforms apply. We process data when users interact with us on these platforms. Requests for information and rights should be directed to the platform providers, as they have direct access to user data.

6.6 Cookies and Tracking Technologies

We use cookies and similar technologies to understand how our services are used. These technologies support security, prevent errors and improve functionality.

With user consent, third-party providers may also use tracking technologies for analytics and advertising purposes.

Details on usage and opt-out options are available in our cookie policy.

We use a consent management tool from mono solutions ApS., Denmark. Legal basis is Art. 6(1)(c) GDPR or alternatively Art. 6(1)(f) GDPR. Consent is stored for 180 days with anonymized data.

Data-minimized integration of Google services via server-side tracking ensures that IP addresses are anonymized and not directly transferred.

Google Analytics 4 is used with consent to analyze website usage. Data may be transferred to Google servers in the USA. IP anonymization is active. User behavior is tracked via events such as page views, clicks and interactions.

Google Ads is used for advertising purposes. Cookies may be set to track campaign success. Only anonymized statistical data is received.

More information:

https://marketingplatform.google.com/about/analytics/terms/de/

https://policies.google.com/?hl=de

Data Retention
We retain personal data only as long as necessary for the stated purposes or as required by law. If no longer needed, data will be deleted or anonymized.

Data Subject Rights
You have the following rights:

Right of access (Art. 15 GDPR)
Right to rectification (Art. 16 GDPR)
Right to erasure (Art. 17 GDPR)
Right to restriction (Art. 18 GDPR)
Right to data portability (Art. 20 GDPR)
Right to object (Art. 21 GDPR)
Right not to be subject to automated decisions (Art. 22 GDPR)
Right to lodge a complaint with a supervisory authority
List of EU authorities:

https://www.edpb.europa.eu/about-edpb/about-edpb/members_de

Last updated on 02.03.2026