Privacy policy

Status: September 12, 2025

1. responsible body

GAIA Insights GmbH
St. Johanns-Ring 54
CH-4056 Basel, Switzerland
E-Mail: info@gaia-insights.com

2. definitions

The definitions of Art. 4 GDPR apply. "Personal data" is all information,
relating to an identified or identifiable natural person; "processing"
is any process carried out with or without the aid of automated procedures in connection with
personal data.

3. principles of data processing

We process personal data only to the extent necessary to provide this website,
is necessary to answer inquiries and to carry out (pre-)contractual measures.
The legal bases are Art. 6 para. 1 lit. a (consent), lit. b (contract/initiation),
lit. c (legal obligation) and lit. f GDPR (legitimate interests).

4. hosting & server log files (Host Europe)

This website is hosted by Host Europe GmbH, Hansestraße 111, 51149 Cologne, Germany,
hosted. When the pages are accessed, technical logs (server log files) are stored on the server.
processed, including in particular:

• IP address (in abbreviated/aliasized form), date and time of access
• URL/file retrieved, amount of data transferred, status code
• Referrer URL, browser type/version, operating system

They are not merged with other data; the logs are used for technical purposes.
provision, stability and IT security and are deleted after a short period of time.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in secure, stable operation).

5. cookies & consent management (CookieYes)

We use cookies to provide basic functions and to manage your consents.
You can use the CookieYes consent banner to control optional categories (if used).

• Necessary cookies: Technically necessary for the operation of the website; no personal profiles are created.
• Consent cookie: cookieyes-consent - saves your cookie preferences,
  Storage period: 1 year; no personal content about visitors is stored.
• Language preference cookie: To save your selected language setting (TranslatePress);
  typically with a term of up to 1 year.

Legal basis: Art. 6 para. 1 lit. c GDPR (documentation of consent) and Art. 6 para. 1 lit. f GDPR (technical implementation of consent management); for optional cookies, Art. 6 para. 1 lit. a GDPR (consent).

6. CMS & page design (WordPress, Elementor Pro, Jeg Elementor Kit)

The website is based on WordPress and uses Elementor Pro and Jeg Elementor Kit for design.
Content, scripts and styles are delivered locally from our web server. An independent
These components do not analyze personal data for marketing purposes.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in a modern, functional website).

7. multilingualism & translation service (TranslatePress & DeepL API)

To provide multilingual content, we use TranslatePress in conjunction with the
DeepL API (Provider: DeepL SE, Germany/EU). When calling up multilingual pages
transmission of the text segments to be translated to DeepL. The processing takes place exclusively
for the purpose of machine translation; we do not use any training functions with your content.

According to the provider, API content is only processed for the duration of the translation
and not stored permanently. Processing takes place within the EU.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in user-friendly,
multilingual provision) or Art. 6 para. 1 lit. a GDPR (consent), provided that the setting of a
language cookies or the use of additional convenience functions requires your consent.

8. contact (contact form & e-mail)

When you contact us via the form or by e-mail, we process the data you provide
to process your request. The mandatory fields of the form are Name, e-mail and
Message. Further information is voluntary.

It will not be passed on to third parties unless this is necessary for processing (e.g. hosting/e-mail)
or a legal obligation exists.

Legal basis: Art. 6 para. 1 lit. b GDPR (contract/initiation) for inquiry-related communication;
Art. 6 para. 1 lit. f GDPR (legitimate interest in efficient communication).

9. storage period

We delete personal data as soon as the purpose of processing no longer applies. Beyond this, we only store data,
insofar as statutory retention obligations exist (regularly 6 or 10 years according to HGB/AO) or a legitimate interest exists.
interest (Art. 6 para. 1 lit. f GDPR) prevails.

10. recipients & order processing

We use carefully selected service providers (in particular hosting, e-mail, translation service if necessary) within the scope of
order processing in accordance with Art. 28 GDPR. These are contractually bound to confidentiality and compliance with
suitable technical and organizational measures.

A transfer to third countries outside the EU/EEA does not take place unless this is expressly permitted by law.
is indicated.

11 Legal bases at a glance

• Art. 6 para. 1 lit. a GDPR - Consent
• Art. 6 para. 1 lit. b GDPR - contract fulfillment / pre-contractual measures
• Art. 6 para. 1 lit. c GDPR - legal obligations
• Art. 6 para. 1 lit. f GDPR - legitimate interests (operation, security, functionality)

12. your rights

You have the following rights vis-à-vis the controller:

• Information (Art. 15 GDPR)
• Rectification (Art. 16 GDPR)
• Erasure (Art. 17 GDPR)
• Restriction of processing (Art. 18 GDPR)
• Data portability (Art. 20 GDPR)
• Objection to processing (Art. 21 GDPR)
• Revocation of consent given with effect for the future (Art. 7 para. 3 GDPR)

You also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR),
in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.

Competent authority in Schleswig-Holstein (for Heligoland):
Independent State Center for Data Protection Schleswig-Holstein (ULD), Holstenstraße 98, 24103 Kiel,
Web: www.datenschutzzentrum.de

13. data security

We take appropriate technical and organizational measures (Art. 32 GDPR) to ensure that personal data
against loss, destruction, manipulation and unauthorized access and regularly adapt them to the
State of the art.

14. changes to this privacy policy

We reserve the right to adapt this declaration in the future, in particular in the event of technical changes to the website
or new legal requirements. The current version is available on this page.