Privacy Policy / Datenschutzerklärung

Effective date: 14 April, 2026

Last updated: 14 April, 2026

1. Overview

This Privacy Policy explains how Derek Lauber Coaching (“we”, “us”, “our”) processes personal data when you visit this website, submit an inquiry, schedule a conversation, communicate with us, or otherwise interact with our business.

We are committed to processing personal data in accordance with applicable data protection law, including the EU General Data Protection Regulation (“GDPR”).

2. Controller

Controller for the processing of personal data on this website:

Derek Lauber Coaching

Wendelsweg 62

60599, Frankfurt

Germany

Email: info@dereklauber.co

If you have questions about this Privacy Policy or wish to exercise your rights, you can contact us using the details above.

3. Categories of personal data we process

Depending on how you use this website or interact with us, we may process the following categories of personal data:

·      Identification and contact data, such as name, email address, organization, phone number, and similar information you provide

·      Inquiry and communication data, such as the contents of messages, service interests, context submitted through forms, and email correspondence

·      Scheduling data, such as booking details, time zone, and meeting-related information if you use a scheduling tool

·      Client and service-related information, where relevant to preparing for or delivering coaching, facilitation, speaking, or related services

·      Technical usage data, such as IP address, browser type, operating system, device information, pages viewed, referring website, and access time

·      Analytics, cookie, and preference data, where analytics or similar technologies are enabled

·      Any other information you choose to provide to us

Please do not submit special categories of personal data (for example detailed health data or other sensitive personal information) through website forms unless strictly necessary and appropriate in the context of an existing engagement.

4. Purposes and legal bases of processing

We process personal data for the following purposes and on the following legal bases:

a) Responding to inquiries

Purpose: to review, manage, and respond to messages submitted through our website or by email.

Legal basis: Article 6(1)(b) GDPR where processing is necessary to take steps at your request prior to entering into a contract; otherwise Article 6(1)(f) GDPR based on our legitimate interest in handling business inquiries and communications.

b) Delivering services and managing professional relationships

Purpose: to communicate about, prepare for, deliver, administer, and follow up on executive coaching, leadership facilitation, small-group experiences, speaking, or related services.

Legal basis: Article 6(1)(b) GDPR and, where relevant, Article 6(1)(f) GDPR.

c) Operating, securing, and improving the website

Purpose: to ensure the stability, security, proper functioning, and improvement of the website, including diagnostics, troubleshooting, and protection against misuse.

Legal basis: Article 6(1)(f) GDPR based on our legitimate interest in secure and reliable website operation.

d) Analytics and performance improvement

Purpose: to understand how the website is used and improve content, usability, and performance.

Legal basis: where required, Article 6(1)(a) GDPR based on consent; otherwise, where lawfully permissible, Article 6(1)(f) GDPR.

e) Scheduling conversations

Purpose: to allow visitors to book meetings or calls with us through a scheduling provider and to manage those appointments.

Legal basis: Article 6(1)(b) GDPR and/or Article 6(1)(f) GDPR.

f) Legal compliance and recordkeeping

Purpose: to comply with legal obligations, maintain appropriate business records, resolve disputes, and enforce agreements.

Legal basis: Article 6(1)(c) GDPR where a legal obligation applies, and/or Article 6(1)(f) GDPR.

5. Contact and inquiry forms

When you submit a contact or inquiry form, we process the information you provide in order to review your message, respond to you, and determine the appropriate next step. Form fields may include your name, email address, organization, service interest, inquiry category, brief context, and similar information you choose to submit.

Fields marked as required are necessary for us to assess and respond to your inquiry. Other fields are optional and help us respond more effectively.

6. Use of AI-supported tools

We may use AI-supported tools to assist with limited internal business tasks such as drafting, summarization, note organization, preparation of materials, communication support, administrative support, and similar workflow functions.

Where such tools are used in connection with personal data, that processing is carried out only for the purposes described in this Privacy Policy and subject to the same legal bases, confidentiality expectations, and applicable safeguards.

We use AI-supported tools to support human judgment, not replace it. We do not use AI for solely automated decision-making, including profiling, that produces legal or similarly significant effects on individuals.

Where feasible and appropriate for the nature of the work, we aim to use providers, configurations, and workflows that are suitable for GDPR-regulated business activity, including prioritizing EEA/EU processing options or equivalent contractual safeguards where available. If personal data is processed outside the EEA, we seek to ensure that appropriate transfer safeguards are in place, as described below.

7. Scheduling tools

If you use a scheduling link or booking tool on this website, your personal data may be processed by our scheduling provider, SavvyCal, in order to display availability, schedule meetings, send confirmations, and manage appointments.

In that context, personal data such as your name, email address, selected time, time zone, and any additional information you choose to provide may be processed for the purpose of arranging and administering the meeting.

Please also review SavvyCal’s privacy information where applicable.

8. Hosting and website platform

This website is hosted and provided through Squarespace. In the course of providing the website, Squarespace may process technical, usage, and form-submission data on our behalf or in accordance with its own role under applicable law.

Where providers process personal data on our behalf, we seek to have appropriate contractual terms in place.

Where providers process personal data on our behalf, we seek to have appropriate contractual terms in place.

9. Cookies and similar technologies

This website may use cookies and similar technologies for essential website functions and, where enabled, for analytics, preferences, embedded content, scheduling integrations, or similar purposes.

Where consent is legally required, non-essential cookies and similar technologies will only be used after you have provided consent. You may be able to manage your preferences through the cookie banner or settings tool made available on the website.

10. Recipients of personal data

We may share personal data with the following categories of recipients where necessary:

  • Website hosting and platform providers, including Squarespace

  • Scheduling and calendar providers, including SavvyCal

  • Form, email, and communication providers

  • Analytics, security, and support providers

  • AI-supported workflow or productivity providers, where used in accordance with this Privacy Policy

  • Legal, tax, accounting, or professional advisers

  • Competent authorities, courts, or regulators where required by law

We do not sell personal data.

11. International data transfers

Some of our service providers may process personal data outside the European Economic Area (EEA). Where personal data is transferred outside the EEA, we rely on an adequacy decision where available or otherwise on appropriate safeguards, such as the European Commission’s Standard Contractual Clauses, together with any additional measures required by applicable law.

12. Retention

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy, including to respond to inquiries, manage engagements, comply with legal obligations, resolve disputes, and enforce agreements.

As a general approach:

·      Inquiry data is retained for as long as reasonably necessary to handle the inquiry and related follow-up

·      Client and engagement-related information is retained for the duration of the engagement and any applicable statutory retention period

·      Technical logs, analytics data, and cookie-related data are retained according to operational necessity, provider settings, and applicable law

Where specific retention periods vary by tool, service, or legal requirement, we retain data for the period necessary for the stated purpose or the relevant statutory retention period.

13. Security

We take appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, disclosure, or alteration. However, no method of internet transmission or electronic storage is completely secure, and we cannot guarantee absolute security.

14. Your rights

Under the GDPR, you may have the following rights, subject to the conditions and limitations set by law:

·      Right to be informed

·      Right of access

·      Right to rectification

·      Right to erasure

·      Right to restriction of processing

·      Right to data portability

·      Right to object

·      Right to withdraw consent at any time, where processing is based on consent

·      Right not to be subject to a decision based solely on automated processing, including profiling, where such decision produces legal or similarly significant effects

To exercise your rights, please contact us using the details listed above.

15. Right to lodge a complaint

You have the right to lodge a complaint with a competent supervisory authority, in particular in the EU Member State of your habitual residence, place of work, or place of the alleged infringement.

If relevant to your operations in Germany, you may also contact the competent German data protection authority.

16. Obligation to provide data

You are not generally required to provide personal data when visiting this website. However, certain data may be necessary if you wish to submit an inquiry, schedule a conversation, or engage our services.

17. Automated decision-making

We do not use personal data for solely automated decision-making, including profiling, that produces legal or similarly significant effects on individuals.

18. Third-party links and services

This website may contain links to external websites or services. We are not responsible for the privacy practices of third-party sites, and we encourage you to review their privacy notices.

19. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes. The current version will always be published on this website with the effective date shown above.