Psychologin (M.Sc.) Hannah Dubbels

Privacy Policy

1. Privacy at a Glance

General Information

The following overview provides a simple explanation of what happens to your personal data when you visit this website. Personal data is any information that can personally identify you. For detailed information, please refer to the full privacy policy provided below.

Data Collection on This Website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find their contact details in the “Responsible Entity” section of this privacy policy.

How do I collect your data?

Your data is collected in two ways. First, you may provide it voluntarily – for example, by completing a contact form. Other data is automatically collected by my IT systems when you visit the website (with your consent), such as technical data like your browser, operating system, or the time when the page was accessed. This collection occurs automatically once you visit the website.

What do I use your data for?

Part of the data is necessary to ensure the website functions properly. Other data may be used to analyse your user behaviour. If contracts are concluded or initiated via the website, the data you provide will also be used for contract offers, orders, or other requests.

What rights do you have in relation to your data?

You have the right to receive, free of charge, information about the origin, recipients, and purpose of your personal data at any time. You can also request correction or deletion of your data. If you have given consent for data processing, you may withdraw it at any time going forward. Additionally, you have the right to request the restriction of processing under certain circumstances. You also have the right to lodge a complaint with the competent supervisory authority. For further questions about data privacy, you can contact me at any time.

Analysis Tools and Third-Party Tools

When you visit this website, your browsing behaviour may be statistically analysed using analysis programmes. Detailed information about these tools can be found in the full privacy policy below.

2. Hosting

I host the content of my website with the following provider:

All‑Inkl

Registered as ALL‑INKL.COM – Neue Medien Münnich, Inh. René Münnich, Hauptstraße 68, 02742 Friedersdorf (“All‑Inkl”).

For further details, please refer to All‑Inkl’s privacy information.

Usage of All‑Inkl is based on Article 6(1)(f) GDPR. I have a legitimate interest in ensuring the reliable presentation of my website. Where consent is requested (e.g., for cookies or device access), processing is based solely on Article 6(1)(a) GDPR and Section 25(1) TDDDG. Consent may be withdrawn at any time.

Data Processing Agreement

I have concluded a data processing agreement (DPA) for the use of this service, ensuring personal data of website visitors is processed only according to my instructions and in compliance with GDPR.

3. General Information and Mandatory Disclosures

Data Protection

The operator of this site is deeply committed to protecting your personal data. I treat your data confidentially and in accordance with applicable data protection laws and this privacy policy. When you use this website, various personal data may be collected. This policy explains what data I collect, why, how, and for which purpose. Please note that data transmission over the internet (e.g., via e‑mail) may have security vulnerabilities – complete protection from third‑party access cannot be guaranteed.

Responsible Entity

The responsible entity for data processing on this website is:

Hannah Dubbels

An der Windmühle 5

28832 Achim

Phone: 04202 910 4094

Email: hallo@hannah-dubbels.de

The “responsible entity” refers to the person or organisation deciding alone or jointly with others on the purposes and means of processing personal data.

Storage Duration

Unless otherwise specified, personal data will be stored until the purpose for data processing ceases. If you request deletion or withdraw consent, your data will be erased unless other legal requirements (e.g., tax or commercial retention periods) necessitate continued storage; in such cases, data will be deleted when those requirements expire.

Legal Bases for Processing

With your consent: Article 6(1)(a) GDPR (and Article 9(2)(a) GDPR, if special categories of data apply). For transfers to third countries with explicit consent: Article 49(1)(a) GDPR. Cookie or device access with consent: Article 6(1)(a) GDPR and Section 25(1) TDDDG.

For contract performance or pre-contractual steps: Article 6(1)(b) GDPR.

For legal obligations: Article 6(1)(c) GDPR.

For legitimate interests: Article 6(1)(f) GDPR. Specific legal bases are clarified in the relevant sections below.

Recipients of Personal Data

I collaborate with external third parties when necessary for contractual performance, legal obligations, or legitimate interests (e.g., tax authorities). Data is only shared if lawful. When using processors, data is only disclosed under an established DPA. For joint processing, a separate agreement is in place.

Withdrawal of Consent

Many processing activities require your explicit consent. You may withdraw your consent at any time. Processing prior to withdrawal remains lawful.

Right to Object

If data processing is based on Article 6(1)(e) or (f) GDPR, you may object at any time for reasons related to your particular situation, including profiling. If you object, I will cease processing unless compelling legitimate grounds prevail or for legal claims. For direct marketing, you have a right to object any time – processing will stop for these purposes post‑objection.

Right to Lodge a Complaint

If you suspect GDPR violations, you have the right to lodge a complaint with the supervisory authority in your usual place of residence, employment, or the place of the alleged infringement.

Data Portability

You have the right to receive your data in a machine-readable format or request direct transmission to another controller, when technically feasible.

Access, Correction & Deletion

You have the right to free access to your stored data, its origin, recipients, and purpose, as well as correction or deletion of your data at any time. Contact me for any concerns.

Right to Restrict Processing

You may request restriction of processing in specific cases (e.g., data accuracy is disputed, unlawful processing, needs for legal claims, pending objection evaluation). Restricted data may only be processed with your consent or for legal claims or protection of another’s rights or public interest.

SSL/TLS Encryption

For security, this site uses SSL/TLS encryption (visible via “https://” and a lock icon in your browser). When enabled, your data cannot be intercepted by third parties.

4. Data Collection on This Website

Cookies

This site uses “cookies” – small data files that do no harm. They may be session-only (deleted after your visit) or persistent (until you delete them). Cookies may originate from this site (first‑party) or third parties. They serve functions like shopping carts or video display, while others may be used for analytics or advertising.

Necessary cookies (required for site functionality and performance) are based on Article 6(1)(f) GDPR unless another legal basis applies. If cookie consent is obtained, processing is based on Article 6(1)(a) GDPR and Section 25(1) TDDDG; consent can be withdrawn at any time. You can manage cookies via your browser settings – but disabling them may affect site functionality. Details on cookie types and services are provided in the full privacy policy.

Cookie Consent via Real Cookie Banner

This site uses the “Real Cookie Banner” technology by devowl.io GmbH to collect informed consent and securely log it. Personal data transmitted to Real Cookie Banner includes:

Your consent status or withdrawal

  • IP address
  • Browser information
  • Device information
  • Visit timestamp

A cookie stores your consent choice. Data is retained until you request deletion or the purpose lapses. Usage of Real Cookie Banner is based on Article 6(1)(c) GDPR.

Contact Form

When you use the contact form, your submitted data (including contact details) is stored to handle your request and possible follow-up queries. I do not pass it on without your consent. Processing is based on Article 6(1)(b) GDPR (contract or pre-contract), or Article 6(1)(f) GDPR (legitimate interest), or with explicit consent (Article 6(1)(a) GDPR). Consent may be withdrawn anytime. Data is stored until you request deletion or its purpose ends; statutory retention requirements still apply.

Email or Telephone Enquiries

If you contact me via email or phone, your enquiry (including name and message) is stored and processed to handle your request. I do not share it without consent. Processing follows Article 6(1)(b), (f), or (a) GDPR as applicable. Consent can be withdrawn anytime. Data is stored until you request deletion or if retention is legally required.

5. Social Media – Instagram

This site uses Instagram features provided by Meta Platforms Ireland Limited. When active, your device connects directly to Instagram, and Instagram may link your visit to your account if you’re logged in. I do not receive any data from Instagram about usage. This service is based on your consent (Article 6(1)(a) GDPR and Section 25(1) TDDDG), which you may withdraw. For shared responsibilities in data handling with Instagram / Facebook, a joint controller agreement is in place as per Article 26 GDPR. Instagram / Facebook remains responsible for their processing. Complaints related to data processed by them should be directed to them. Data transfer to the US uses standard contractual clauses. More information is available via Instagram’s privacy policy and relevant legal links. Instagram is certified under the EU‑US Data Privacy Framework.

6. Analytics Tools & Advertising

WP Statistics

I use WP Statistics (Veronalabs, Estonia) to analyse website usage. The tool logs data like IP address, referrer, browser type, user origin, search engine, clicks, and page views. All data is stored exclusively on my own server. Processing is based on my legitimate interest (Article 6(1)(f) GDPR). With consent, processing is based on Article 6(1)(a) and Section 25(1) TDDDG. Consent may be withdrawn.

IP Anonymisation

WP Statistics runs with IP anonymisation – your IP address is shortened to prevent personal identification.

7. Newsletter

If you subscribe to the newsletter, I require your email and verification that you agree to receive it. No further data is required unless you choose to provide it. Your data is used only to send the newsletter and not shared with third parties. Processing is based on your consent (Article 6(1)(a) GDPR), which you may withdraw anytime (e.g., via the “Unsubscribe” link). Legal processing before withdrawal remains valid. Your data is stored until you unsubscribe, or the purpose ends, while mandatory legal retention rules still apply. I reserve the right to delete or block email addresses from the mailing list under my legitimate interest (Article 6(1)(f) GDPR). Other data remains unaffected. After unsubscribing, your email may be added to a blacklist to prevent future mailings. The blacklist data is used only for that purpose, aligning with both your and my legal interests. Blacklist storage is indefinite, but you can object if you believe your interests outweigh mine.