Privacy Notice

Last updated: October 5, 2025

We, Olga Weidenkeller and Lea Imschweiler, are responsible for the website and social media accounts of Legal Living Hub (hereinafter referred to as “LLH”). We take the protection of your personal data very seriously. We treat your data confidentially and in accordance with the applicable data protection laws and this Privacy Notice.

Below you will find an overview of how we process your personal data when you visit our website or social media pages, or when you contact us via contact form or email.

1. Who is responsible for data processing on this website?

The controller for data processing is:
Legal Living Hub UG (i.G.)
Olga Weidenkeller / Lea Imschweiler
c/o Zum Scheider Feld 12
51467 Bergisch Gladbach, Germany

If you have any questions regarding the processing of your personal data by LLH, please contact us at [email protected]

Personal data means any information relating to an identified or identifiable natural person. This includes, in particular, details that allow conclusions to be drawn about your identity, e.g., your name, telephone number, address, or email address. Certain identifiers such as your IP address or the device ID of your end device are also personal data.

2. Collection and Processing of Personal Data

2.1 Provision of the Website and Creation of Log Files

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing device. The following data are temporarily stored:

Information about the browser type and version used
Operating system and internet service provider
IP address
Date and time of access
Referrer URL and pages visited on our website

Processing these connection data is necessary to technically enable your visit to our website, to ensure the permanent functionality and security of our systems, and to administer the website. For this purpose, the connection data is stored in internal log files for a limited time and reduced to what is necessary. This serves, in particular, to trace the cause of repeated or abusive accesses that could impair the stability or security of our website and to take appropriate countermeasures.

The legal basis is Art. 6(1)(b) GDPR where the page visit occurs in connection with initiating or performing a contract, and otherwise Art. 6(1)(f) GDPR based on our legitimate interest in enabling website access and ensuring the permanent functionality and security of our systems. The automatic transmission of connection data and the resulting log files do not constitute access to information stored on the end device within the meaning of the EU Member States’ ePrivacy implementation laws (in Germany, Sec. 25 TDDDG). In any case, such access would be strictly necessary. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure website operation). Data in log files are stored for up to 7 days and then deleted, unless further statutory retention obligations apply.

2.2 Contacting Us

If you contact us by email or via our website, we process the personal data you provide (e.g., name, email address, company name, content of your message). Processing takes place solely to handle your inquiry and communicate with you.

If you schedule an appointment for a consultation, an invitation to a virtual meeting will automatically be sent to you. For this purpose, we use the services of Google Workspace, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
You can find Google’s privacy notice here: https://support.google.com/meet/answer/10382037?hl=en.

The legal basis for this data processing is Article 6(1)(b) and (f) GDPR (pre-contractual measures, performance of a contract, or legitimate interest based on LLH’s need to respond to inquiries from clients and other individuals).

2.3 Use of Cookies and Similar Technologies

We use cookies and similar technologies on our website to recognize visitors’ preferences and optimally tailor the website. This facilitates navigation and enhances user-friendliness. Cookies and other technologies also help us identify particularly popular areas of our online offering.

Cookies are small text files stored on your device’s hard drive. They enable us to store information over a certain period and recognize your device. For improved user guidance and individualized performance, we use persistent cookies. We also use so-called session cookies, which are deleted automatically when you close your browser. You can set your browser to inform you when cookies are set, making the use of cookies transparent. Important: If you completely block cookies, some website functions may not be available.

Two types of cookies are used on our website:

Essential Cookies:

These cookies are necessary for the functioning of the website and cannot be disabled in our systems. They are usually set only in response to actions you take that constitute a request for services, such as setting your privacy preferences, logging in, or filling out forms. You can set your browser to block or alert you about these cookies, but some parts of the website may then not function properly. These cookies do not store any personally identifiable information.

Statistical Cookies:

These cookies allow us to count visits and traffic sources so that we can measure and improve the performance of our website. They help us understand which pages are the most and least popular and how visitors navigate through the site. All information collected by these cookies is aggregated and therefore anonymous.

Statistical cookies are set with the help of Google Analytics, a third-party service operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. For more information on how Google Analytics handles user data, please see Google’s Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=en

IP Anonymization: We have activated the IP anonymization feature on this website. This means that your IP address is shortened by Google within the European Union or other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.

You can prevent the storage of these cookies by adjusting your browser settings accordingly. However, please note that this may limit the full functionality of our website.

The legal basis for the described data processing is Article 6(1)(a) GDPR (consent to data processing).

You can manage and change your cookie preferences for statistical cookies when starting a new session on our website or via the settings link in the footer.

2.4. Social Media

We operate fan pages on the social networks Facebook and Instagram, operated by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland, as well as a LinkedIn company page (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland). We publish content on our fan pages and engage with users.

When our fan pages are used, Meta also processes visitors’ personal data (e.g., through cookies and similar technologies) for its own purposes. We have no influence over this data processing; the privacy notices of Facebook and Instagram apply.

We receive “Page Insights” from Meta—statistical, anonymized evaluations of user behavior (e.g., demographic data, interests, interactions). These help us optimize our content and offerings. For this processing, we and Meta are joint controllers pursuant to Art. 26 GDPR. The corresponding agreement is available here: https://www.facebook.com/legal/terms/page_controller_addendum.

If you contact us directly on one of our fan pages or share content with us, we process your data as an independent controller to handle your inquiry (Art. 6(1)(b), (f) GDPR).

Further information about the respective data processing and your rights can be found in the providers’ privacy policies:

Facebook (Fan Page): Privacy Policy: https://www.facebook.com/privacy/policy, Page Insights Addendum: https://www.facebook.com/legal/terms/page_controller_addendum
Instagram (Fan Page): Privacy Policy: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect, Page Insights Addendum: https://www.facebook.com/legal/terms/page_controller_addendum
LinkedIn (Company Page): Privacy Policy: https://www.linkedin.com/legal/privacy-policy, Page Insights Joint Controller Addendum: https://legal.linkedin.com/pages-joint-controller-addendum

2.5 Organization of Events

2.5.1 Event Registration

From time to time, we offer the opportunity to register for an event. The following categories of personal data are generally processed in this context: name, email address (private or business), and telephone number.

The data is processed for the following purposes:

Sending registration confirmations as well as participation approvals or rejections,
Preparing name badges for in-person events,
Managing and supporting participants before, during, and after the event,
Creating a participant list.

The legal basis for this processing is Article 6(1)(f) GDPR (legitimate interests), based on our interest in preparing and organizing the event as effectively as possible.

2.5.2 Participation via Online Meeting Software

If you participate in an event online, this will generally take place using Microsoft Teams or, alternatively, Zoom. Both services are provided by companies based in the United States: Microsoft Teams by Microsoft Corporation, and Zoom by Zoom Video Communications Inc.

We use these services as data processors, meaning they process your data solely on our behalf and in accordance with our instructions.

During online participation, the following categories of data may be processed:

Your details: first name, last name, telephone number, email address
Meeting information: topic and description of the meeting, participants’ IP addresses, device and hardware information
Recordings: if the meeting is recorded, video and audio recordings (MP4/M4A) as well as chat messages may be stored
Phone dial-in: if you join via telephone, your phone number, country code, start and end time, and possibly the device’s IP address may be stored
Interactions during the meeting: if you use chat, question, or polling functions, your inputs will be processed in order to display or log them during the meeting

Providing your data is generally voluntary. However, certain information is required for participation (mandatory fields). Without this data, participation is not possible. Other information is optional and enables additional features or services. If you do not provide it, these functions may not be available.

To enable video and audio transmission during the event, data from your device’s microphone and camera will be processed. You can mute or deactivate your microphone and camera at any time within the software.

Both providers may transfer data to the United States. Microsoft and Zoom are certified under the EU–US Data Privacy Framework (DPF).

For further information on data processing by Microsoft Teams or Zoom, please refer to their respective privacy policies:

Microsoft Teams: https://learn.microsoft.com/en-us/microsoftteams/teams-overview
Zoom: https://www.zoom.com/privacy/privacy-statement

The legal basis for the described data processing is Article 6(1)(f) GDPR (legitimate interests), based on our interest in conducting online meetings and ensuring their efficient organization and execution.

2.5.3 Information on Planned Photo and Video Recordings at Events

At some events, we take photos and/or videos for marketing purposes. If this is the case, we will inform you no later than at the start of the event. Typically, recordings are made of individuals with a special role (e.g., speakers, moderators) or of groups of participants to capture the atmosphere of the event.

We use these photos and videos:

on our website,
on our social media pages such as LinkedIn and Instagram,

for the creation of a photo recap or highlight video of the event.

If you do not wish to appear in the recordings, please inform the photographer on site.

The processing is based on Article 6(1)(f) GDPR. Our legitimate interest lies in documenting the event for public relations purposes and using the images for informational and representative purposes. You have the right to object to the processing of your data.

3. Disclosure to Third Parties and Processors

Your personal data will only be disclosed to third parties if this is necessary to fulfill our contractual or legal obligations, a legal permission exists, or you have given consent. We conclude processing agreements under Art. 28 GDPR with all service providers we use.

Recipients of personal data:

Within the company: Access is granted only to those persons who need it to perform their tasks.
Processors: Certain processing may be carried out by our service providers. In addition to the providers mentioned in this Privacy Policy, this may include, in particular, data centers that host our website and databases, software providers, IT service providers who maintain our systems, agencies, market research companies, group companies, and consulting firms. Where we transfer data to our service providers, they may use the data solely to fulfill their tasks. The service providers are carefully selected and commissioned, contractually bound to our instructions, have appropriate technical and organizational measures to protect data subjects’ rights, and are regularly monitored by us.
Public authorities: Authorities and courts where we are legally obliged or to protect legitimate interests.
Private entities: Business partners, cooperation partners, or non-instructed service providers where necessary for contract performance.

4. Is Data Processed Outside the European Union?

For certain processing operations, we use service providers based in so-called third countries outside the European Union. In these cases, we ensure an adequate level of data protection. To this end, we conclude the Standard Contractual Clauses provided by the European Commission for processing personal data in third countries with the respective service providers.

5. How Long Is Data Stored?

We store personal data only for as long as necessary for the respective processing purposes. For example, your contact details are generally retained only for the duration of our active communication. If you have consented to the use of statistical cookies, these remain stored until you withdraw your consent.

6. Your Rights

Right to lodge a complaint with a supervisory authority: You may also lodge a complaint with the competent supervisory authority if you believe that the processing of your data violates applicable law. You may contact the authority at your place of residence or country, or the authority competent for us: Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen

Right of access: You have the right to obtain information about the personal data we store about you.

Right to rectification and erasure: You can request the correction of inaccurate data and—where the legal requirements are met—the deletion of your data.

Restriction of processing: You can request that we restrict the processing of your data where the legal requirements are met.

Data portability: If we process your data based on a contract or consent, you may—where the legal requirements are met—request to receive the data you have provided in a structured, commonly used, and machine-readable format, or that we transmit it to another controller.

Objection: You have the right to object at any time, on grounds relating to your particular situation, to processing of your data based on our legitimate interests. If you exercise your right to object, we will stop processing unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms.

Objection to direct marketing: Where we process your personal data for direct marketing purposes, you have the right to object at any time to such processing. If you exercise this right, we will stop processing your data for this purpose.

Withdrawal of consent: If you have given us consent to process your personal data, you may withdraw it at any time with effect for the future. The lawfulness of processing based on consent before its withdrawal remains unaffected.