TATIN INSTITUTE
FOR STRATEGY ACTIVATION

PRIVACY POLICY

TATIN INSTITUTE FOR STRATEGY ACTIVATION
Munich | Basel | Innsbruck | Zurich
T  + 49  89 41 32 773 11 | Mail

Member of TATIN Associates

PRIVACY POLICY – June 2025

Who we are

 

The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is

 

TATIN Institute GmbH

Isarwinkel 6

81379 Munich

Germany

+49 (0) 89 41 32 773 11

info@strategyactivation.notexisting@nodomain.comcom

www.strategyactivation.com

 

Contacting the data protection officer

 

The data protection officer of the controller is

DataCo GmbH

Sandstrasse 33

80335 Munich

Germany

+49 89 7400 45840 

www.dataguard.de

 

On this page we inform you about the processing of your personal data on the website.

 

How we collect and use your personal data depends on how you interact with us or which services you use. We will only collect, use or share your personal data where we have a legitimate purpose and legal basis for doing so.

 

What do we mean by legal basis?

 

Consent (Art. 6 para. 1 sentence 1 lit. a GDPR)- You have given us your consent to process your personal data for the specific purpose we have explained to you. You have the right to withdraw your consent at any time. For more information on how you can withdraw your consent, please refer to the subsections "Exercising your rights" in the following sections of this Privacy Policy.

 

Contract (Art. 6 para. 1 sentence 1 lit. b GDPR) - We need to use your data to fulfill a contract you have with us. Alternatively, it is necessary to use your data because we have asked you to do so or you have taken certain steps yourself before entering into this contract.

 

Legal obligation (Art. 6 para. 1 sentence 1 lit. c GDPR) - We must use your data to comply with the law.

 

Vital interests (Art. 6 para. 1 sentence 1 lit. d GDPR) - The processing of your data is necessary to protect your vital interests or those of another person. For example, to protect you from serious physical harm.

 

Public task (Art. 6 para. 1 sentence 1 lit. e GDPR) - The processing of your data is necessary for the Necessary for the performance of a task carried out in the public interest or because it is covered by a statutory task, e.g. for a statutory function. 

 

Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR) - The processing of your data is necessary to support a legitimate interest that we or another party have, only if your own interests do not prevail.

 

Please note that if your data is processed to fulfill a contract or legal obligation and you do not provide the requested data, we may not be able to provide you with our website services.

 

Data sharing and international transfer

 

As explained in this Privacy Policy, we use various service providers to help us provide our services and keep your data secure. When we use these service providers, it is necessary for us to share your personal data with them.

 

We have concluded agreements with all service providers to whom we pass on your data, obliging them to protect your data.

 

If your personal data is transferred outside the EU, we will ensure that your personal data receives an equivalent level of protection, either because the country to which your data is transferred has an "adequate" standard of data protection according to the European Commission, or by using another safeguard, such as an enhanced contractual arrangement, i.e. the Standard Contractual Clauses (SCCs) adopted by the European Commission.

 

For example, when we use US service providers, we rely on either the SCC or the EU-US Data Privacy Framework, depending on the provider. You can request a copy of the SCCs we have entered into with our service providers by sending an email to the email address provided in this Privacy Policy.

 

Your rights

 

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

 

1. the right to information (Art. 15 GDPR)

You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the following information:

 

  • Processing purposes
  • Categories of personal data
  • Recipients or categories of recipients
  • Planned storage duration or the criteria for determining this duration the existence of the rights to rectification, erasure, restriction or objection
  • Right to lodge a complaint with the competent supervisory authority
  • If applicable, origin of the data (if collected from a third party)
  • If applicable, the existence of automated decision-making including profiling with meaningful information about
  • Information about the logic involved, the scope and the expected effects
  • Possible transfer of personal data to a third country or international organization

 

2. right to rectification (Art. 16 GDPR)

 

If your personal data is incorrect or incomplete, you have the right to request immediate correction or completion of the personal data.

 

3 . Right to restriction of processing (Art. 18 GDPR)

 

If one of the following conditions is met, you have the right to request that the processing of your personal data be restricted:

 

  • You contest the accuracy of your personal data for a period enabling us to verify the accuracy of the personal data.
  • In the event of unlawful processing, you object to the erasure of the personal data and instead request the restriction of the use of the personal data.
  • We no longer need your personal data for the purposes of processing, but you need your personal data to assert, exercise or defend your legal claims, or 
  • after you have lodged an objection to the processing, for the duration of the examination as to whether our legitimate reasons outweigh your reasons.

 

4. right to erasure ("right to be forgotten") (Art. 17 GDPR)

 

If one of the following reasons applies, you have the right to demand the immediate deletion of your personal data:

 

  • Your data are no longer necessary for the processing purposes for which they were originally collected.
  • you withdraw your consent and there is no other legal basis for the processing.
  • You object to the processing and there are no overriding legitimate grounds for the processing or you object pursuant to Art. 21 (2) GDPR.
  • Your personal data is being processed unlawfully.
  • The deletion is necessary to fulfill a legal obligation under Union law or the law of the Member State to which we are subject.
  • The personal data was collected in relation to information society services offered in accordance with Article 8 (1) GDPR.

 

Please note that the above reasons do not apply if the processing is necessary:

 

  • To exercise the right to freedom of expression and information;
  • For compliance with a legal obligation or for the performance of a task carried out in the public interest to which we are subject.
  • For reasons of public interest in the area of public health.
  • For archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes.
  • for the assertion, exercise or defense of legal claims.

 

5. right to data portability (Art. 20 GDPR)

 

You have the right to receive your personal data in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller.

 

6. right to object to certain data processing (Art. 21 GDPR)

 

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR. This also applies to profiling based on these provisions.

 

If your personal data is processed for the purpose of direct marketing, you have the right to object to such processing.

 

You have the right to object at any time to the processing of personal data concerning you.

 

data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising. 

 

7. right to lodge a complaint with a supervisory authority

 

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data relating to you infringes the GDPR.

 

The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

 

A list of the local supervisory authorities responsible in Germany can be found on the website of the Federal Commissioner for Data Protection at the following link: https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

 

Use of cookies

 

1. description and scope of data processing

 

When you visit our website, we use technical aids for various functions, in particular cookies, which can be stored on your end device. When you access our website and at any time thereafter, you have the choice of whether you generally allow cookies to be set or which individual additional functions you would like to select. You can make changes in your browser settings or via our Consent Manager.

 

Cookies are text files or information in a database that are stored on your hard disk and assigned to the browser you are using so that certain information can flow to the place that sets the cookie. Below we describe the type of cookies we use:

 

We use technically necessary cookies that are required for the technical structure of the website. Without these cookies, our website cannot be displayed (completely correctly) or the support functions are not possible.

 

2. purpose of data processing

 

The purpose of using technically necessary cookies is to ensure the functionality of our website. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary for the browser to be recognized even after a page change.

 

We require the technically necessary cookies for the following applications:

 

  • Functionality of the website
  • Vimeo Videos, Adobe Audience Manager, Adobe Fonts

 

3. legal basis for data processing

 

The provisions of the Telecommunications Digital Services Data Protection Act (TDDDG) apply to the storage of information in the end user's terminal equipment and/or access to information already stored in the end user's terminal equipment. If the setting and reading of cookies is technically necessary, this is done to ensure the functionality of our website. In this case, cookies are stored and accessed on your terminal equipment on the basis of Section 25 (2) No. 2 TDDDG. This storage and access to the information in your end device serves to make it easier for you to use our website and to be able to offer you our services as you have requested. Some functions of our website do not work without the use of these cookies and could therefore not be offered. The cookies are generally deleted at the end of the session (e.g. logging out or closing the browser) or after a specified period of time. Information on different storage periods for cookies can be found in the following sections of this privacy policy.

 

Insofar as cookies are used that are not technically necessary, this is done on the basis of your express consent, which you can give via the cookie banner. In this case, the basis for storing and accessing information is Section 25 (1) TDDDG in conjunction with Art. 6 para. 1 lit. a), Art. 7 GDPR. You can revoke your consent at any time with effect for the future or subsequently grant it again by configuring your cookie settings accordingly. Alternatively, you can prevent the storage of cookies by making the appropriate settings in your browser software. Please note that the browser settings you make only apply to the browser you are using. If personal data is processed following the storage of and access to the information on your end device, the provisions of the GDPR apply. You can find information on this in the following sections of this privacy policy.

 

E-mail contact

 

1. description and scope of data processing

 

It is possible to contact us via the email address provided on our website. In this case, the user's personal data transmitted with the e-mail will be stored.

 

The data is used exclusively for processing the conversation.

 

2. purpose of data processing

 

In the case of contact by e-mail, this also constitutes the necessary legitimate interest in the processing of the data.

 

3. legal basis for data processing

 

The legal basis for processing the data transmitted in the course of sending an email is Art. 6 para. 1 lit. f GDPR. Our legitimate interest is to respond to your request sent by email in the best possible way.

 

If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

 

4. duration of storage

 

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

 

The additional personal data collected during the sending process will be deleted after a period of 14 days at the latest.

 

5. exercise your rights

 

If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued. 

 

All personal data stored in the course of contacting us will be deleted in this case.

 

Application by e-mail

 

You can send us your application by e-mail. We will record your e-mail address and the data you provide in the e-mail.

 

After sending your application, you will receive confirmation of receipt of your application documents by e-mail from us.

 

2. purpose of data processing

We process the personal data from your application e-mail solely for the purpose of processing your application.

 

3. legal basis for data processing

 

The legal basis for the processing of your data is the initiation of a contract at the request of the data subject, Art. 6 para. 1 sentence 1 lit. b Alt. 1 GDPR and § 26 para. 1 sentence 1 BDSG. 

 

4. duration of storage

 

After completion of the application process, the data will be stored for up to 6 months. Your data will be deleted after 6 months at the latest. In the event of a legal obligation, the data will be stored in accordance with the applicable provisions.

 

Hosting

 

The website is hosted on servers of a service provider commissioned by us.

 

Our service provider is:

 

IONOS SE of the provider IONOS SE Elgendorfer Str. 57 56410 Montabaur. Further information can be found in the provider's privacy policy: https://www.ionos.de/terms-gtc/datenschutzerklaerung/ 

 

The servers automatically collect and store information in so-called server log files, which your browser automatically transmits when you visit the website. The information stored is 

 

  • Information about the browser type and version used
  • The user's operating system
  • The user's internet service provider
  • Date and time of access

 

This data is not merged with other data sources. This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. Our legitimate interest in processing this data is to display our website without errors and to optimize its functions.

 

The website server is geographically located in Germany.

 

Use of Vimeo

 

  1. Scope of the processing of personal data
    We use Vimeo, a video platform for embedding and playing videos on our website. The service is provided by Vimeo.com, Inc, 555 West 18th Street, New York, New York 10011, USA.
    Personal data such as IP address, device information, browser information and possibly interaction data (e.g. start, pause of playback) are processed on Vimeo's servers as soon as you access a page with an embedded Vimeo video.
  2. Purpose of the data processing
    The integration of Vimeo is done for the user-friendly and appealing presentation of video content on our website and to improve the user experience.
  3. Legal basis for the processing of personal data
    The processing of personal data by Vimeo is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. We obtain this consent via the cookie consent banner when you visit our website for the first time.
    The consent also includes the transfer of personal data to a third country (USA). Vimeo is subject to the EU-U.S. Data Privacy Framework.
  4. Duration of storage
    The personal data collected by Vimeo will be stored for as long as is necessary for the provision of the video content and as long as you have not withdrawn your consent. After revocation or discontinuation of the purpose, the data will be deleted or anonymized, provided that there are no legal storage obligations.
  5. Exercising your rights
    You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

 

You can also prevent the collection and processing of your personal data by Vimeo by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript or Ghostery in your browser.

 

For more information on how Vimeo processes personal data, please refer to Vimeo's privacy policy: https://vimeo.com/privacy 

 

Use of Adobe Audience Manager

 

1. scope of the processing of personal data
We use Adobe Audience Manager, a data management platform (DMP) for the segmentation and targeted display of personalized content and advertising.
The service is provided by Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA.
When using Adobe Audience Manager, personal data such as IP address, device and browser information, interaction data (e.g. click behavior), location data and pseudonymized user profiles are processed. Cookies and similar tracking technologies are used for this purpose.

 

2 Purpose of the data processing
Adobe Audience Manager is used for the targeted personalization of content and advertising on our website and on third-party platforms and to optimize our marketing measures based on user interests.

 

3 Legal basis for the processing of personal data
The processing of personal data by Adobe Audience Manager is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR, which we obtain when you visit our website via the cookie consent banner.
The consent also includes the transfer of personal data to a third country (USA). Adobe is a participant in the EU-U.S. Data Privacy Framework.

 

4. duration of storage
The personal data collected by Adobe Audience Manager will only be stored for as long as is necessary for the above-mentioned purposes and as long as you have not withdrawn your consent. After revocation or discontinuation of the purpose, the data will be deleted or anonymized, unless there are legal storage obligations.

 

5 Exercising your rights
You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

 

You can also prevent the collection and processing of your personal data by Adobe Audience Manager by preventing the storage of third-party cookies on your computer, using the "Do Not Track" function of a supporting browser, deactivating the execution of script code in your browser or installing a script blocker such as NoScript (https://noscript.net/) or Ghostery (https://www.ghostery.com) in your browser.

 

For more information on how Adobe processes personal data, please refer to Adobe's privacy policy: https://www.adobe.com/de/privacy/policy.html

 

Use of Adobe Fonts (locally integrated)

 

1. scope of the processing of personal data
We use fonts from the Adobe Fonts service on our website. The service is provided by Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA.
The fonts are hosted and integrated locally on our own servers. There is therefore no connection to Adobe servers when you visit our website. No personal data is transferred to Adobe through the use of the fonts.

 

2 Purpose of data processing
Adobe Fonts are used for the uniform and appealing presentation of fonts on our website.

 

3. legal basis for the processing of personal data
Since no personal data is transferred to Adobe when Adobe Fonts are integrated locally, no personal data is processed by third parties in this respect.

 

4. duration of storage
The fonts used for the display are stored permanently on our own servers. Personal data is not transmitted to Adobe in the course of using the website.

 

5 Exercising your rights
You can prevent the processing of your personal data in connection with the use of the locally integrated Adobe fonts on our website by preventing the use of the website. Any further data processing by Adobe in connection with the use of the fonts will not take place.

 

Further information about Adobe and the handling of personal data can be found in Adobe's privacy policy: https://www.adobe.com/de/privacy/policy.html

 

Changes to this privacy policy 

 

We reserve the right to amend this privacy policy at any time in order to adapt it to changed legal requirements or adjustments to our services. The current version can be accessed at any time on our website.

 

This privacy policy was created with the support of DataGuard.