Privacy Policy.

(GDPR)

1.⁠ ⁠Controller

The responsible party (“Controller”) within the meaning of the EU General Data Protection Regulation (GDPR) is:

Lara Sophie Bothur
Eppendorfer Landstraße 107
20251 Hamburg, Germany
Email: contact@larasophiebothur.com

2.⁠ ⁠Data Collection and Processing

We process personal data only when necessary to provide a functional website and our content and services.
Types of data processed may include:

Log data (IP address, browser type, time of access, pages visited)
Contact data (if you contact us via email or form)
Usage data (cookies, analytics if used)

3.⁠ ⁠Legal Basis

Processing of personal data is carried out on the following legal bases (Art. 6 GDPR):
Consent (Art. 6(1)(a) GDPR)
Performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR)
Compliance with a legal obligation (Art. 6(1)(c) GDPR)
Legitimate interests (Art. 6(1)(f) GDPR, e.g. website optimization, security)

4.⁠ ⁠Cookies and Tracking

This website may use cookies to ensure proper functionality and improve user experience.
Essential cookies: required for technical operation
Analytics/Marketing cookies: only with your consent (via cookie banner, if implemented)
You can control cookie settings via your browser or refuse non-essential cookies in the banner.

5.⁠ ⁠Third-Party Services

If third-party tools are used (e.g. Google Analytics, LinkedIn Insight Tag, Newsletter providers, Event platforms), personal data may be transmitted to these providers under strict GDPR compliance.
Any such services will be explicitly listed here before implementation.

6.⁠ ⁠Data Storage and Security

Personal data is stored only as long as necessary for the stated purposes or as legally required.
We apply technical and organizational measures (TOMs) to protect your data against loss, misuse, and unauthorized access.

7.⁠ ⁠Your Rights (Data Subject Rights)

You have the following rights under GDPR:
Right of access (Art. 15 GDPR)
Right to rectification (Art. 16 GDPR)
Right to erasure (“right to be forgotten”, Art. 17 GDPR)
Right to restriction of processing (Art. 18 GDPR)
Right to data portability (Art. 20 GDPR)
Right to object (Art. 21 GDPR)
Right to withdraw consent (Art. 7(3) GDPR)
To exercise your rights, contact: [insert email address].

8.⁠ ⁠Data Transfers Outside the EU

If personal data is transferred outside the EU/EEA (e.g. to the US), this will only occur under GDPR safeguards such as Standard Contractual Clauses (SCCs).

9.⁠ ⁠Changes to this Privacy Policy

We reserve the right to update this Privacy Policy in line with legal requirements or functional changes to this website.

10.⁠ ⁠Supervisory Authority

In case of complaints, you may contact your local data protection authority.
For Hamburg, the competent authority is:

Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
Ludwig-Erhard-Str 22, 20459 Hamburg, Germany