Privacy Policy

1. General Information

The protection of your personal data is very important to me. I process your data exclusively on the basis of the applicable legal provisions, in particular the General Data Protection Regulation (GDPR) and the Austrian Telecommunications Act (TKG 2003). This Privacy Policy informs you about the most important aspects of data processing in connection with my website, my online services, and my social media presences.

This Privacy Policy applies to:

  • my website (created using Jimdo)
  • all related online services
  • my social media presences (Facebook, Instagram, TikTok, YouTube, Spotify)
  • the use of Zoom for coaching sessions
  • appointment scheduling via Meetergo
  • communication by email (in particular Gmail)

In the context of coaching sessions, sensitive personal information may be shared. Such data:

  • is treated confidentially
  • is not disclosed to third parties
  • is stored only for as long as necessary for the respective purpose


2. Data Controller

The data controller within the meaning of the General Data Protection Regulation (GDPR) is:

Name / Business name: Olivia H., Authentic Attachment
Address: c/o PostCloud 000062
Otto-Kraus-Straße 10
90411 Nürnberg
Deutschland
Email: [email protected]


3. Nature of My Services

I am an online coach for relationship coaching, personal development, and life coaching. My work is not therapeutic, medical, psychological, or curative in nature. No diagnosis, treatment, or therapy is carried out within the meaning of the Psychotherapists Act or the Alternative Practitioners Act.


4. Automatic Data Collection (Website)

When you visit this website, information is automatically collected and stored in so‑called server log files by the web server (Jimdo). This includes in particular:

  • accessed URL
  • browser type and version
  • operating system used
  • referrer URL
  • IP address
  • date and time of access

This data is processed to ensure the technical security and stability of the website. The data is not merged with other data sources.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in ensuring a secure and functional website).

Jimdo Privacy Policy:
https://www.jimdo.com/de/info/datenschutzerklaerung/


5. Contact via Website or Email

If you contact me via a form, appointment booking, or email, the personal data you provide (e.g. name, email address, request) will be processed and stored for the purpose of handling your inquiry.

Email coaching sessions and other written communication from Authentic Attachment take place via Proton. The Proton Data Processing Agreement ensures that data is processed in accordance with GDPR guidelines.


Proton Privacy Policy: https://proton.me/legal/privacy 


Please note that email communication is generally not a fully secure means of communication. I therefore recommend that no highly sensitive information be transmitted unencrypted by email.

Legal bases:

  • Art. 6(1)(a) GDPR (consent)
  • Art. 6(1)(b) GDPR (pre‑contractual measures / performance of a contract)
  • Art. 6(1)(f) GDPR (legitimate interest in communication)


6. Appointment Scheduling via Meetergo

For online appointment scheduling, I use the service Meetergo. When booking an appointment, personal data (e.g. name, email address, appointment details) is transmitted to Meetergo and processed there.

Processing is carried out exclusively for the purpose of appointment organization and performance of the booked service.

Legal basis: Art. 6(1)(b) GDPR.

Meetergo Privacy Policy:
https://meetergo.com/datenschutz


7. Online Coaching via Zoom

Coaching sessions, individual sessions, and group formats are conducted via Zoom Video Communications Inc.

The following data may be processed:

  • name (freely selectable)
  • audio and video data
  • chat content
  • email address (if applicable)

Zoom may process data partly outside the European Union. Appropriate safeguards, such as Standard Contractual Clauses, are in place.

Legal basis: Art. 6(1)(b) GDPR and Art. 6(1)(a) GDPR.

Zoom Privacy Policy:
https://explore.zoom.us/de/privacy


8. Payment Processing

For paid services, payment data is processed exclusively via certified payment service providers (e.g. PayPal, Stripe, bank transfer). The respective privacy policies of these providers apply.

Legal bases:

  • Art. 6(1)(b) GDPR (performance of a contract)
  • Art. 6(1)(c) GDPR (statutory retention obligations under tax and commercial law)

Stripe Privacy Policy:
https://stripe.com/de/privacy

PayPal Privacy Policy:
https://www.paypal.com/de/legalhub/paypal/privacy-full


9. Recordings of Group and Individual Sessions

Individual Sessions

Individual sessions are recorded only at the explicit request of the client. The recording is made available exclusively to the respective client.

Legal bases: Art. 6(1)(a), (b), and (f) GDPR.

Group Formats & Live Coachings

Group formats may be recorded to enable participants to review the content.

  • recordings are not public
  • access is restricted to participants of the respective program
  • redistribution, duplication, or publication is prohibited
  • use is permitted exclusively for personal purposes

Participation is also possible using an anonymized name and with camera and microphone disabled.


10. Storage of Sensitive Client Data

Sensitive client data is stored separately from online systems on an encrypted external storage device (USB drive). No cloud storage is used for sensitive coaching content.


11. Cookies

This website uses cookies to ensure basic functionality and improve user experience.

Cookies may:

  • be technically necessary
  • store functional settings

When you first visit the website, you will be informed about the use of cookies via a cookie banner and, where required, asked for your consent.

Legal basis: Art. 6(1)(a) GDPR (consent) and/or Art. 6(1)(f) GDPR.


12. Social Media Presences

I maintain social media profiles on:

  • Facebook
  • Instagram
  • TikTok
  • YouTube
  • Spotify

When visiting my profiles, the privacy policies of the respective platform operators apply. In some cases, I am jointly responsible with the platform providers.

Facebook & Instagram

Operator: Meta Platforms Ireland Ltd., Dublin, Ireland
Joint controllership pursuant to Art. 26 GDPR
Legal basis: Art. 6(1)(f) GDPR

Facebook Privacy Policy:
https://www.facebook.com/privacy/policy

Instagram Privacy Policy:
https://privacycenter.instagram.com/policy

TikTok

Operator: TikTok Technology Limited, Ireland

TikTok Privacy Policy:
https://www.tiktok.com/legal/page/eea/privacy-policy/de

YouTube & Spotify

Operators: Google Ireland Limited and Spotify AB

It cannot be ruled out that data is processed outside the European Union.

YouTube (Google) Privacy Policy:
https://policies.google.com/privacy?hl=de

Spotify Privacy Policy:
https://www.spotify.com/de/legal/privacy-policy/


13. Purposes of Data Processing

Personal data is processed for the following purposes:

  • provision and optimization of the website
  • communication with users
  • appointment scheduling and performance of coaching sessions
  • billing and payment processing
  • compliance with legal obligations
  • security and prevention of misuse

Depending on usage, the following categories of personal data may be processed:

  • master data (first and last name)
  • contact data (email address, phone number)
  • content data (messages, coaching inquiries, appointment details)
  • payment data (for paid services)
  • usage data (IP address, access times, browser information)
  • meta and communication data

Special categories of personal data (e.g. health‑related data) are processed only if voluntarily provided by the client, for example in the context of a coaching session.

Additional legal basis: Art. 9(2)(a) GDPR (explicit consent).


14. Legal Bases

Processing is carried out pursuant to Art. 6 GDPR on the basis of:

  • consent (Art. 6(1)(a) GDPR)
  • performance of a contract (Art. 6(1)(b) GDPR)
  • compliance with legal obligations (Art. 6(1)(c) GDPR)
  • legitimate interests (Art. 6(1)(f) GDPR)


15. Your Rights

Under the GDPR, you have the following rights:

  • right of access (Art. 15 GDPR)
  • right to rectification (Art. 16 GDPR)
  • right to erasure (Art. 17 GDPR)
  • right to restriction of processing (Art. 18 GDPR)
  • right to data portability (Art. 20 GDPR)
  • right to object (Art. 21 GDPR)
  • right to withdraw consent at any time

You also have the right to lodge a complaint with the competent data protection supervisory authority.


16. Changes to This Privacy Policy

This Privacy Policy may be amended to reflect legal requirements or changes to my services.

Last updated: March 2026

Dispute Resolution  The European Commission provides a platform for online dispute resolution (ODR): https://ec.europa.eu/consumers/odr  I am neither obliged nor willing to participate in dispute resolution proceedings before a consumer arbitration board.