Privacy Policy

Last updated: 3rd October 2025

Martina Etemadieh (“we,” “our,” or “us”) values your trust and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our website, services, and online programs.

1. Who We Are

Martina Etemadieh
Slow Travel Soul Travel
Wolferskamp 22
22559 Hamburg, Germany

Email: info@slowtravelsoultravel.com
Phone: +49-1782994833

Contact form: https://slowtravelsoultravel.com/contact/
Website: https://slowtravelsoultravel.com/

2. What Data We Collect

Information you provide:

  • Order and account data (WooCommerce): name, billing address, email address, phone number, and account credentials.
  • Payment data: processed securely by external providers (e.g., Stripe, PayPal). We do not store full payment details.
  • Communication: messages sent via contact forms or email.
  • Coaching & consulting: information you voluntarily share (never recorded without explicit consent).
  • Newsletter data: name, email address, IP address, and consent confirmation.

Information collected automatically:

  • IP address, browser type, device information, and website usage data.
  • Technical data stored via cookies and similar technologies.

3. How We Use Your Data

  • To process orders and provide services.
  • To manage customer accounts.
  • To communicate regarding purchases, inquiries, or support.
  • To send newsletters (only with consent).
  • To improve website functionality and security.
  • To comply with legal obligations.

4. Legal Basis for Processing

  • Art. 6(1)(b) GDPR: contract performance.
  • Art. 6(1)(a) GDPR: consent (newsletter, cookies).
  • Art. 6(1)(c) GDPR: legal obligations.
  • Art. 6(1)(f) GDPR: legitimate interests (security, optimization).

5. Newsletter & Email Marketing (MailerLite)

We use MailerLite as our email marketing service provider.

  • Subscription occurs via a double opt-in procedure.
  • We store your email address, IP address, and timestamp to verify consent.
  • You can unsubscribe at any time via the link included in every email.

MailerLite may process the following data:

  • Email address and name
  • IP address and device information
  • Email interaction data (open rates, clicks)

This tracking helps us improve content and communication. Processing is based on your consent (Art. 6(1)(a) GDPR).

MailerLite acts as a data processor under a Data Processing Agreement (DPA) in accordance with GDPR.

6. WooCommerce and Payments

We use WooCommerce to manage purchases and services.

  • Personal data is processed to fulfill contracts and manage orders.
  • Payment providers (e.g., Stripe, PayPal) process payment data independently.
  • We only receive confirmation and limited transaction data.

7. Data Sharing

  • Payment providers
  • MailerLite (email marketing)
  • Hosting and technical providers
  • Authorities when legally required

8. Data Retention

  • Order data: 7–10 years (legal requirement)
  • Newsletter data: until withdrawal of consent
  • Communication data: as needed
  • Log files: limited retention

9. Your Rights

  • Access, correction, deletion
  • Restriction of processing
  • Data portability
  • Withdrawal of consent
  • Complaint to supervisory authority

10. Cookies and Consent Management

This website uses cookies and similar technologies. Cookies are small text files stored on your device.

We distinguish between:

  • Essential cookies: required for website functionality (e.g., WooCommerce cart, login sessions).
  • Non-essential cookies: used for analytics or marketing purposes.

Non-essential cookies are only set after your explicit consent via a cookie banner (Art. 6(1)(a) GDPR).

You can:

  • Accept or reject cookies via the consent banner
  • Withdraw consent at any time
  • Configure your browser to block or delete cookies

Disabling cookies may limit website functionality.

11. Data Security

We implement appropriate technical and organizational measures (Art. 32 GDPR) to protect your data, including:

  • SSL/TLS encryption for data transmission
  • Secure hosting environment
  • Access control and authentication mechanisms
  • Regular software updates and security monitoring

Despite these measures, no system can guarantee absolute security.

12. International Data Transfers

Some service providers may process personal data outside the European Union (EU) or European Economic Area (EEA).

In such cases, we ensure an adequate level of protection through:

  • EU Standard Contractual Clauses (SCCs)
  • Data Processing Agreements (DPAs)
  • Additional safeguards where required

By using our services and consenting where required, you acknowledge such transfers.

13. Children’s Privacy

Our services are not intended for individuals under 18.

14. Updates

This Privacy Policy may be updated at any time.

15. Nature of This Website

This website is a personal, creative and editorial space. No automated decision-making or profiling takes place.