Privacy Policy.

Effective date: 24th of July 2025

The Inner Arc GmbH
Münsterberg 18
24598 Boostedt, Germany
Email: contact@theinnerarc.co

This Privacy Policy describes how The Inner Arc GmbH ("we," "us," or "our") collects, uses, and protects your personal data when you use our website, services, or communicate with us.

1. Data Controller

The Inner Arc GmbH is the data controller responsible for your personal data under the General Data Protection Regulation (GDPR).

2. What Personal Data We Collect

We may collect and process the following types of data:

  • Contact Data: Name, email address, phone number, postal address

  • Booking and Transaction Data: Service bookings, payment information (processed via third-party providers)

  • Usage Data: IP address, browser type, referring pages, interaction on our website

  • Communications: Emails, messages, or other forms of correspondence

  • Marketing Preferences: Your consent for newsletters or promotional emails

We do not knowingly collect data from children under the age of 16.

3. How We Use Your Data

We process your personal data for the following purposes:

  • To provide and manage our services, bookings, and events

  • To communicate with you about your inquiry, booking, or account

  • To comply with legal obligations (e.g., tax law)

  • To send occasional newsletters or updates (only with your consent)

  • To improve our website and user experience (legitimate interest)

4. Legal Bases for Processing

Under the GDPR, we rely on the following legal grounds:

  • Performance of a contract – when you book or engage our services

  • Legal obligations – such as accounting or compliance requirements

  • Consent – for email marketing or use of cookies

  • Legitimate interests – to improve services and ensure security

5. Data Sharing

We do not sell or rent your data. We only share it with:

  • Service providers (e.g., email platforms, booking systems, payment processors) under data processing agreements

  • Legal authorities, if required by law or in case of legal proceedings

  • Advisors, such as accountants or legal consultants, under confidentiality

6. Data Retention

We retain your data only as long as necessary for the purposes outlined or as required by law. After this period, data is securely deleted or anonymized.

7. Cookies & Tracking Technologies

We may use cookies and analytics tools (such as Squarespace and Google Analytics) to understand website usage. You can control or disable cookies via your browser settings.

8. International Transfers

If we use tools or service providers outside the EU/EEA (e.g., email tools based in the U.S.), data will be transferred based on adequate safeguards such as Standard Contractual Clauses (SCCs).

9. Your Rights Under the GDPR

You have the right to:

  • Access your data

  • Rectify incorrect data

  • Request erasure ("right to be forgotten")

  • Restrict or object to processing

  • Data portability

  • Withdraw consent at any time (e.g., unsubscribe from emails)

  • Lodge a complaint with a supervisory authority (e.g., Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit or the relevant authority in your federal state)

10. Data Security

We implement appropriate technical and organizational security measures to protect your personal data from unauthorized access, alteration, or disclosure.

11. Contact Us

For questions regarding this Privacy Policy or your data, contact us at: contact@theinnerarc.co

12. Updates to This Policy

We reserve the right to update this Privacy Policy. Any changes will be posted on this page with an updated date. Continued use of our services implies your acceptance of any updates.