Marketleader Consulting

Data Protection

1. Controller

Jonas Schwermann

Brenschede 4a

59846 Sundern

Germany

Email: jonas@mail.marketleader-consulting.com

(hereinafter “Controller”, “we”, “us”).

2. General Information

We process personal data exclusively in accordance with:

The General Data Protection Regulation (GDPR)
The German Federal Data Protection Act (BDSG)

This Privacy Policy informs you about the type, scope, and purpose of the processing of personal data in connection with:

Our website
Our consulting and mentorship programs
Our CRM systems
Our communication channels
Our checkout and payment processes

Our services are primarily directed at entrepreneurs (B2B).

3. Categories of Personal Data Processed

Depending on your interaction with us, we may process the following data:

a) Website Access Data

When visiting our website:

IP address
Browser type and version
Device information
Date and time of access
Referrer URL
Technical log data

b) Contact & CRM Data

When booking calls or submitting forms:

Name
Email address
Phone number
Company name
Appointment details
Communication history

c) Consulting & Mentorship Data

During participation in programs:

Business information voluntarily shared
Strategic notes
Call summaries
Submitted documents
Implementation updates

d) Checkout & Contract Documentation

When purchasing a program:

IP address at purchase
Timestamp
Acceptance of Terms & Conditions
Confirmation of entrepreneur status
Payment confirmation

e) Payment Data

Processed primarily by Stripe:

Name
Email address
Billing address
Payment method details

f) Email Marketing Data

Email address
IP address
Registration timestamp
Email interaction data (opens, clicks)

4. Legal Basis for Processing

Data processing is based on:

Art. 6(1)(a) GDPR – Consent (email marketing, non-essential cookies)
Art. 6(1)(b) GDPR – Contract performance (consulting services)
Art. 6(1)(c) GDPR – Legal obligations (tax retention)
Art. 6(1)(f) GDPR – Legitimate interests, including:
- Fraud prevention
- Chargeback defense
- Legal claim defense
- Business optimization
- IT security

5. Hosting (Framer)

Our website is hosted by:

Framer B.V. / Framer Inc.

Rozengracht 207B

1016 LZ Amsterdam

Netherlands

Framer may process:

IP addresses
Technical access data
Device and browser information

Processing is based on:

Art. 6(1)(f) GDPR (legitimate interest in secure website operation)
A Data Processing Agreement pursuant to Art. 28 GDPR

Where data is transferred outside the EU/EEA, appropriate safeguards such as Standard Contractual Clauses (Art. 46 GDPR) apply.

6. CRM & Automation (GoHighLevel / LeadConnector)

We use:

HighLevel LLC (GoHighLevel)

USA

for:

CRM management
Funnel infrastructure
Email automation
Appointment scheduling

Processing is based on:

Art. 6(1)(b) GDPR (contract performance)
Art. 6(1)(f) GDPR (legitimate business interest)

Transfers to the USA are safeguarded via Standard Contractual Clauses.

7. Video Conferencing (Zoom)

We use:

Zoom Video Communications, Inc.

USA

During video calls, Zoom may process:

Name
Email address
IP address
Audio and video data
Voluntarily shared business information

Data transfers to the United States are based on appropriate safeguards such as Standard Contractual Clauses and/or participation in the EU-US Data Privacy Framework where applicable.

More information: https://zoom.us/privacy

8. Payment Processing (Stripe)

Payments are processed via:

Stripe Payments Europe Ltd.

1 Grand Canal Street Lower

Dublin, Ireland

Stripe acts as an independent controller.

We may retain transaction records for:

Legal compliance
Fraud prevention
Dispute defense

More information: https://stripe.com/privacy

9. Email Marketing

If you subscribe to our newsletter or download resources:

We process:

Email address
IP address
Subscription timestamp
Email interaction data

Subscription occurs via double opt-in.

You may withdraw consent at any time.

Legal basis: Art. 6(1)(a) GDPR.

10. Cookies

Our website may use:

Essential Cookies

Necessary for:

Website functionality
Security
Session management

Legal basis: Art. 6(1)(f) GDPR.

Non-Essential Cookies (if activated)

Used only after consent.

Legal basis: Art. 6(1)(a) GDPR.

You may withdraw consent at any time.#

11. Data Retention

We store personal data only as long as necessary:

Payment & tax data: 10 years (§147 AO)
Contract documentation: up to 10 years
CRM data: until contract termination or objection
Email marketing data: until unsubscribe
Dispute-related documentation: as long as legally required

After expiration, data is deleted or anonymized.

12. Third-Country Transfers

Where personal data is transferred outside the EU/EEA (e.g., USA), such transfers occur only where appropriate safeguards are in place, including:

Standard Contractual Clauses (SCCs)
Adequacy decisions
Data Privacy Framework participation (where applicable)

13. Your Rights Under GDPR

You have the right to:

Access (Art. 15 GDPR)
Rectification (Art. 16 GDPR)
Erasure (Art. 17 GDPR)
Restriction (Art. 18 GDPR)
Data portability (Art. 20 GDPR)
Object (Art. 21 GDPR)
Lodge a complaint (Art. 77 GDPR)

Supervisory Authority:

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia

Kavalleriestr. 2-4

40213 Düsseldorf