top of page

Privacy Policy

1.

Name and contact details of the data controller

This data privacy information applies to data processing by (controller pursuant to Art. 4 (7) GDPR):

 

Nadia Patricia Stefan

Dreischeibenhaus 1

40211 Düsseldorf

Germany

 

Telefon: +49 151 51425262

Email: info@Nadia-Patricia-Stefan.com

Website: https://nadia-patricia-stefan.com

 

Further legal information on

NADIA PATRICIA STEFAN

CYBER SECURITY AND EXECUTIVE COACH 

can be found in the Imprint.

2.

​​Collection and storage of personal data and the nature and purpose of their use when visiting the website

a) When visiting the website

When you visit my website https://nadia-patricia-stefan.com, the browser used on your device automatically sends information to the server of my website. The following visitor data is stored in server logs by my web hosting provider:

  • IP address of the requesting computer

  • Date and time of access

  • Name and URL of the accessed file

  • The website from which access was made (referrer URL)

  • Browser used and, if applicable, the operating system of your computer and the name of your access provider

 

The visitor's IP address is transmitted when a page request is sent, anonymised directly after transmission (shortened by the last digit) and processed without personal reference. The anonymised data is stored in so-called server log files for 60 days.

The aforementioned data is processed by my web hosting provider for the following purposes:

  • Ensuring a smooth connection to the website

  • Ensuring a convenient use of my website (quality)

  • Ensuring system security and stability

 

The legal basis for this data processing is Art. 6 (1) sentence 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above.

 

Under no circumstances, we do not use the data collected for the purpose of drawing conclusions about your person.

In addition, we use cookies when you visit my website. You can find more detailed explanations on this in section 4 of this privacy policy.

b) When using my contact form

For questions of any kind, I offer you the opportunity to contact me via a form provided on my website. It is necessary to provide a valid e-mail address so that I know who sent the request and can answer it. Further information can be provided voluntarily.

Data processing for the purpose of contacting me is carried out in accordance with Art. 6 (1) sentence 1 lit. a GDPR on the basis of your voluntarily given consent.

The personal data collected by me for the use of the contact form will be automatically deleted after your request has been processed.

3.

Transfer of data

Your personal data will not be transferred to third parties for purposes other than those listed below.

We only pass on your personal data to third parties if:

  • You have given your express consent to this in accordance with Art. 6 (1) sentence 1 lit. a GDPR,

  • The disclosure pursuant to Art. 6 (1) sentence 1 lit. f GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,

  • In the event that there is a legal obligation for the disclosure pursuant to Art. 6 (1) sentence 1 lit. c GDPR,

  • This is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 (1) sentence 1 lit. b GDPR, and

  • Third parties process data on our behalf, i.e. third parties process data for us in accordance with our instructions, for example for the technical hosting of our website or other purposes (in accordance with an existing order processing contract pursuant to Art. 28 GDPR).

4.

Cookies

We use cookies on this website. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your end device and do not contain any viruses, Trojans or other malware.

The cookies used on this website store information that assigns online activities to a single browser session. They are deleted after leaving the website or when the browser is closed. They do not store any information that serves to identify the user, but only a session identifier (session ID).

 

This serves our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR solely for the purpose of assigning several requests from a user on a page to their session. This gives the user the advantage, for example, that no important information is lost, even if several windows of the same website are opened.

However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot use all the functions of my website.

5.

Rights of the data subject

You have the right:

  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;

  • in accordance with Art. 16 GDPR, to demand the immediate correction of incorrect or incomplete personal data stored by us;

  • in accordance with Art. 17 GDPR, to demand the erasure of your personal data stored by us, unless the processing is necessary to exercising the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;

  • in accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it for the assertion, exercise or defence of legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR;

  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller;

  • in accordance with Art. 7 (3) GDPR, to withdraw your consent once given to us at any time. As a result, we may no longer continue the data processing that was based on this consent in the future and

  • to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at the registered office of our law firm.

To assert your rights as a data subject in relation to the processed data, please contact me as the controller (see section 1).

You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us. In our case, the competent authority is the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia (LDI-NRW).

6.

Right to object

If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 (1) sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which will be implemented by me without specifying a particular situation.

If you would like to exercise your right of revocation or objection, simply send an e-mail to info@Nadia-Patricia-Stefan.com

7.

Data security

Information Security and the protection of user and site visitor data is my highest priority. My web hosting provider uses an Information Security Program based on international best practices, and it is constantly evolving to address emerging threats. We encrypt the data in transit using HTTPS, TLS 1.2+ and SSL, while the data at rest uses AES-256 encryption - the strongest encryption standard commercially available.

All pages of this website have an SSL certificate.

 

This website is developed with a security by design approach, which means security and privacy is kept top of mind throughout all design phases.

​​

We always use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

8.

Up-to-dateness and amendment of this privacy policy

This privacy policy is currently valid and was last updated in September 2025.

It may become necessary to amend this privacy policy as a result of the further development of our website and services or due to changes in legal or official requirements.

 

You can access and print out the current privacy policy at any time on this website at Privacy Policy. 

bottom of page