top of page

Privacy Policy for the Website loainstitut.de

We appreciate your interest in our website. The protection of your personal data is important to us. Below, we inform you about how we collect, process, and use your personal data when you visit our website, in accordance with the General Data Protection Regulation (GDPR).

1. Data Controller

Service Provider / Controller:
MaLernen GmbH in cooperation with LOA Lernfreunde e.V.
Represented by: Anne Peters
Address: Einsteinufer 59, 10587 Berlin, Germany
Email: hallo@loainstitut.de
Phone: +49 (0)160 9111 7911

If you have any questions regarding data protection, feel free to contact us using the contact details above.

2. Hosting and Server Log Files (IONOS)

Our website is hosted by IONOS (1&1 IONOS SE). When you access our website, IONOS automatically collects and stores information in server log files. This information includes your IP address, date and time of access, amount of data transferred, source of the request (referrer), and the type and version of browser and operating system used.

The purpose of this data processing is to ensure the technical stability and security of the website (e.g., to detect and prevent attacks). This processing is based on Art. 6(1)(f) GDPR – our legitimate interest in providing a secure and functioning website.

We have entered into a Data Processing Agreement (DPA) with IONOS in accordance with Art. 28 GDPR.

3. SSL/TLS Encryption

For security reasons and to protect the transmission of confidential content, this website uses SSL or TLS encryption. You can recognize an encrypted connection by the address bar of your browser changing from “http://” to “https://” and the lock symbol in the browser bar.

When SSL or TLS encryption is active, data you transmit to us cannot be read by third parties. This protection complies with our obligations under Art. 32 GDPR.

4. Contact Form and Communication

When you contact us via contact form, email, or phone, we collect the data you provide voluntarily – typically: name, address, email address, phone number, and your message.

We process these data to respond to your inquiry. If your message relates to a contractual relationship or a pre-contractual inquiry, the legal basis is Art. 6(1)(b) GDPR. For all other cases, the legal basis is our legitimate interest in responding to your request under Art. 6(1)(f) GDPR. If you explicitly consent during form submission, the basis is Art. 6(1)(a) GDPR. You can withdraw your consent at any time.

We retain your contact request only for as long as necessary to process your inquiry or as required by law.

5. Data Storage via Airtable (Cloud Provider)

We store and manage contact data submitted via our website using Airtable, a cloud database tool provided by Airtable Inc., based in the United States.

We have signed a Data Processing Agreement with Airtable as required by Art. 28 GDPR. Data transfers to the U.S. are safeguarded by Standard Contractual Clauses (SCCs) in accordance with Art. 46 GDPR, ensuring adequate data protection.

Legal bases for this processing include Art. 6(1)(b) (contract-related inquiries) and Art. 6(1)(f) (our legitimate interest in efficient communication and organization).

If you have any questions about the use of Airtable, feel free to contact us.

6. Cookies and Consent Management (Wix)

Our website uses cookies, which are small text files stored on your device to provide certain functionalities. We use essential cookies only – no tracking or analytics cookies.

We use a cookie consent tool provided by Wix.com Ltd. (Tel Aviv, Israel) to inform visitors and manage consent. This tool helps display the cookie banner and remember your choices.

As no tracking or optional third-party cookies are currently used, the banner mainly serves to document your choices and ensure compliance with data protection law. Wix’s data processing is limited to technical delivery of this functionality.

Wix is based in Israel, which has been recognized by the EU as providing an adequate level of data protection under Art. 45 GDPR.

Legal bases:

  • Essential cookies: Art. 6(1)(f) GDPR and §25(2) TTDSG

  • Consent management: Art. 6(1)(c) GDPR

You can withdraw your cookie consent at any time by revisiting the settings (if technically implemented) or clearing your browser’s cookies.

7. No Use of Analytics or Embedded Services

We do not use web analytics tools (e.g., Google Analytics, Facebook Pixel) or any kind of automated tracking or profiling.

We also do not embed external content or services (e.g., YouTube, Google Maps, social media plugins). Your data is not shared with third parties when browsing our website.

8. Data Sharing and Processors

We do not share your data with third parties unless:

  • you have given your explicit consent (Art. 6(1)(a) GDPR),

  • it is necessary to fulfill a contract (Art. 6(1)(b) GDPR),

  • we are legally obligated (Art. 6(1)(c) GDPR), or

  • we have a legitimate interest (Art. 6(1)(f) GDPR).

Our external service providers (IONOS, Airtable, Wix) act as data processors under Art. 28 GDPR, and process data only according to our instructions.

9. Your Rights Under the GDPR

You have the following rights under the General Data Protection Regulation:

  • Right of access (Art. 15 GDPR): Know what data we store about you.

  • Right to rectification (Art. 16 GDPR): Correct inaccurate or incomplete data.

  • Right to erasure (Art. 17 GDPR): Delete your data if legal grounds apply.

  • Right to restriction (Art. 18 GDPR): Temporarily restrict processing under certain conditions.

  • Right to data portability (Art. 20 GDPR): Receive your data in a structured format.

  • Right to object (Art. 21 GDPR): Object to processing for personal reasons or direct marketing.

  • Right to withdraw consent (Art. 7(3) GDPR): Withdraw any consent given at any time.

  • Right to lodge a complaint (Art. 77 GDPR): With your local data protection authority.

To exercise your rights, contact us using the contact details listed above. We will respond within one month of receiving your request.

10. Withdrawal of Consent

If we process your personal data based on your explicit consent, you may withdraw that consent at any time for future processing. This will not affect the lawfulness of processing based on consent before its withdrawal.

To withdraw consent, simply contact us at: hallo@loainstitut.de

11. Data Security

We take appropriate technical and organizational measures to protect your data, especially against unauthorized access, manipulation, or loss. These include secure SSL/TLS encryption of website traffic.

Our service providers are also contractually bound to uphold data confidentiality and security standards in line with the GDPR.

Please note that internet data transmission (e.g., via email) may have security risks. For sensitive matters, we recommend using secure communication channels.

12. Changes to This Privacy Policy

This Privacy Policy is effective as of April 2025. We may update it to reflect legal or technical changes. The current version is always available at: loainstitut.de/privacy

bottom of page