Privacy Policy.
1. Philosophy and Principles: No Compromises with Your Data
We live in a digital world where data is often viewed, traded, and analyzed as currency. As an IT expert who understands and repairs systems down to the code level, I know the true value of information. My approach to data protection is therefore identical to my approach in business sparring: radical transparency, focus on the essentials, and an absolute renunciation of unnecessary bullshit.
This privacy policy seamlessly, in detail, and in understandable language informs you about what happens to your personal data when you visit this website, contact me, or submit arequest for a Sparring Day. Personal data includes all information that can personally identify you—such as your name, email address, phone number, but also your IP address, which is technically transmitted when you visit this site.
I pursue the principle of absolute data minimization and data avoidance on this website. There are no hidden tracking pixels, no third-party analytics tools tracking your behavior across the web, and no advertising cookies playing retargeting ads to you later on other platforms. What happens here, stays here. You are the system—and your data belongs exclusively to you.
2. Data Controller
The responsible party (data controller) for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws is:
Matthias Eger
Pfarräckerstraße 14
92637 Weiden i.d.OPf.
Germany
Phone: 0175 – 58 57 305
Email: mail@matthiaseger.de
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g., names, email addresses, etc.).
3. Security and Encryption (SSL/TLS)
To protect the security of your data during transmission, we use state-of-the-art encryption methods. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to me (for example, when making an appointment request via the contact form) cannot be read by third parties. However, I must point out that internet-based data transmission (e.g., communication by email outside the form) can fundamentally have security gaps. An absolutely seamless protection of data against access by third parties can never be technologically guaranteed 100%, which is why we always apply the highest security standards available to us.
4. Hosting and Server Location: Strato GmbH (Germany)
In order to provide this website securely, quickly, and reliably on the internet, I use the services of a professional hosting provider. This website is hosted by STRATO AG, Otto-Ostrowski-Straße 7, 10249 Berlin, Deutschland (hereinafter referred to as "Strato").
When you visit this website, Strato as the host provider collects various connection data and stores them in so-called server log files. This data includes, among other things, your IP address, the date and time of the request, the time zone difference to Greenwich Mean Time (GMT), the content of the request (i.e., the specific page you are visiting), the access status/HTTP status code, the amount of data transferred in each case, the website from which the request comes (referrer URL), your browser type, the language and version of your browser software, as well as your operating system and its interface.
The collection of this data is technically imperative to display the website to you without errors and to ensure the stability and security of the IT systems (e.g., to defend against DDoS attacks). The legal basis for this processing is Art. 6 (1) (f) GDPR. My legitimate interest lies in the error-free and secure provision of my web offering. Strato operates its servers exclusively in highly secure data centers in Germany. There is no transfer of your hosting data to insecure third countries.
To ensure data protection-compliant processing, I have concluded a Data Processing Agreement (DPA) with Strato GmbH in accordance with Art. 28 GDPR. This contract ensures that Strato processes the personal data of my website visitors only according to my strict instructions and in compliance with European data protection guidelines.
5. Cookies: Restriction to the Absolute Minimum (PHPSESSID)
Most modern websites are overloaded with dozens of cookies that analyze your user behavior, create profiles of you, and forward this information to advertising networks. I consciously decided against this practice when designing and programming this platform. There is no annoying cookie banner here where you have to deactivate hundreds of switches, because this site simply does not use any tracking, analytics, or marketing cookies.
The only cookie set on this website is the so-called "PHPSESSID" cookie. This is a purely technically necessary session cookie. This cookie does not contain any personal data. It merely generates a random, temporary identification number for your browser to maintain the status of your session. This is specifically necessary on this website to ensure that your chosen language setting (German or English) is retained while you navigate between the various subpages (such as "The Essence", "The Investment", or "The Resonance").
As soon as you close your browser, this session cookie is automatically and completely deleted from your device. The use of this technically imperative cookie is based on § 25 (2) No. 2 TTDSG (or TDDDG) in conjunction with Art. 6 (1) (f) GDPR. The legitimate interest lies in the functioning, user-friendly provision of the multilingual website features.
6. Contact via the Booking Form
The core of this website is the offering of the Sparring Day. If you decide to make an appointment request via the integrated contact form, I need certain information from you to process your request professionally and to contact you. In the form, I collect your name, your email address, your phone number (for the strictly necessary personal callback for preliminary clarification), your preferred date, as well as a brief description of your concern ("Where does the shoe pinch?").
The data you enter into the form is processed encrypted on my server and stored exclusively for its intended purpose. I use this data solely to review your request, contact you by phone, and clarify the organizational framework for our potential day together. This data is not passed on to uninvolved third parties. Your details will not be misappropriated for sending newsletters or promotional offers.
The processing of the data entered into the contact form is based on Art. 6 (1) (b) GDPR, as your request serves the initiation of a contract (the execution of the Sparring Day). The data you transmit to me in this process remains in my protected system until you request its deletion, the purpose for data storage no longer applies (e.g., after your request has been processed and the appointment has taken place), or statutory retention periods (especially tax or commercial documentation obligations, if an invoice is issued) mandatorily require longer storage.
7. Renunciation of Analytics Tools and Third-Party Integrations
To protect your privacy, I refrain from integrating analysis tools such as Google Analytics, Matomo, or Facebook Pixel. Your surfing behavior on my site is not recorded, measured, or evaluated. Likewise, I do not integrate external fonts (like Google Fonts) directly from third-party servers that could transmit your IP address to third parties in the USA. All resources and fonts needed for the design ("Inter", "Playfair Display") are loaded locally from my own server at Strato in Germany. This is my proactive contribution to data minimization and the protection of your digital identity.
8. Your Comprehensive Rights as a Data Subject (GDPR)
The General Data Protection Regulation grants you as a user of this website and as a potential client extensive rights when it comes to the handling of your personal data. Transparency is not a one-way street. If you wish to exercise any of the following rights, an informal email to the contact address provided in the legal notice is sufficient. You have the following rights at any time:
8.1. Right of Access (Art. 15 GDPR)
You have the right to request confirmation at any time as to whether I am processing personal data concerning you. If this is the case, you have a right to free information about this personal data as well as detailed information about the purposes of processing, the categories of data processed, the recipients to whom the data has been disclosed, and the planned storage period. You also have the right to receive a copy of the data undergoing processing.
8.2. Right to Rectification (Art. 16 GDPR)
No one is flawless, and systems change. If the data I have stored about you is incorrect, outdated, or incomplete, you have the right to request the immediate correction or completion of this data.
8.3. Right to Erasure / "Right to be Forgotten" (Art. 17 GDPR)
You have the right to request the immediate deletion of your personal data. I am obliged to delete this data immediately if one of the legal grounds applies—for example, if the data is no longer necessary for the purposes for which it was collected, or if you withdraw your consent. However, please note that the right to erasure is not absolute. It does not exist, among other things, if the processing is necessary to fulfill a legal obligation (e.g., because I must archive your invoice data for 10 years due to tax regulations of the Commercial Code).
8.4. Right to Restriction of Processing (Art. 18 GDPR)
Under certain conditions, you have the right to demand the restriction of the processing of your data. This is the case, for example, if you dispute the accuracy of your data, for a period enabling me to verify its accuracy. If processing has been restricted, this data may—with the exception of storage—only be processed with your explicit consent or for the establishment, exercise, or defense of legal claims.
8.5. Right to Data Portability (Art. 20 GDPR)
You have the right to have data that you have provided to me and that I process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done to the extent technically feasible.
8.6. Right to Object to Processing (Art. 21 GDPR)
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) (f) GDPR, you have the right to object to the processing at any time for reasons arising from your particular situation. Following such an objection, I will no longer process your personal data unless I can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms.
8.7. Right to Withdraw Consent (Art. 7 (3) GDPR)
Many data processing operations are only possible with your express consent. You have the right to withdraw your consent to data processing at any time and without giving reasons with effect for the future. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
8.8. Right to Lodge a Complaint with the Competent Supervisory Authority (Art. 77 GDPR)
If you believe that the processing of your personal data by me violates the GDPR or other data protection regulations, you have the right to lodge a complaint with a data protection supervisory authority, without prejudice to any other administrative or judicial remedy. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work, or the Bavarian State Office for Data Protection Supervision, which is responsible for my company headquarters.
9. Duration of Storage of Personal Data
The criterion for the duration of the storage of personal data is the respective statutory retention period. After this period has expired, the corresponding data will be routinely and permanently deleted, provided it is no longer required for the fulfillment or initiation of a contract. Inquiries that do not lead to a contractual cooperation will be promptly and completely removed from my systems after the purpose of the communication has ceased to exist, as I do not build up redundant data graveyards.
10. Amendment and Currency of this Privacy Policy
Due to the continuous further development of my website, the implementation of new technological security standards, or due to changed legal or official requirements, it may become necessary to adapt this privacy policy. The current privacy policy can be accessed and viewed by you at any time on this subpage. I recommend re-reading this statement at regular intervals to always stay informed about how I guarantee the protection of your valuable data in practice.