Privacy Policy
Modification date: 12th June 2026
General Information & Mandatory Disclosures
We are pleased that you are interested in our services and organisation. The protection of your Personal Data is particularly important to the management of our company, Joanne Pompejus. As a rule, you can use our website without disclosing any Personal Data to us. However, if you wish to use more specific services via our website, social media pages, or member platforms, we may have to process your Personal Data. If we process your data and cannot rely on another legal basis, we will always ask for your Consent first (e.g., via a cookie consent banner).
We always comply with applicable data protection laws when handling your Personal Data (such as name, address, email, or telephone number). With this Privacy Policy, we inform you about which data we process and explain what rights you hold as a Data Subject.
We have taken various technical and organisational measures to protect your data on our website in the best possible way. Nevertheless, because data transmissions over the internet can inherently have security gaps, absolute protection cannot be guaranteed. For this reason, you are always welcome to transmit your Personal Data to us by alternative means, such as by telephone, if you prefer.
This Privacy Policy is designed to fulfil the obligations under the European General Data Protection Regulation (GDPR) and the national laws of the Member States of the European Union (EU) and the European Economic Area (EEA). Where applicable, this policy also addresses the data protection rights of users in the United Kingdom (UK GDPR) and Switzerland (Swiss Federal Act on Data Protection, FADP).
For reasons of readability, the simultaneous use of multiple gender-specific language forms is avoided in our communications and throughout this Privacy Policy. All formulations used apply equally to all genders and identities.
Definitions
The data protection declaration of the company Joanne Pompejus is based on the terms used by the European legislator in adopting the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable to the general public, our customers, and our business partners. To ensure this, we would like to first explain the terminology used.
In this data protection declaration, we use, inter alia, the following terms:
a) Personal data
Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) Data subject
Data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.
c) Processing
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.
e) Profiling
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person‘s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
f) Pseudonymisation
Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
g) Controller or controller responsible for the processing
Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
h) Processor
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
i) Recipient
Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
j) Third party
The third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
k) Consent
Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject‘s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Name and Address of the Controller
Controller for the purposes of the General Data Protection Regulation (GDPR), British data protection laws (UK-GDPR), Swiss data protection laws, and other international provisions related to data protection is:
Joanne Pompejus (Jo Mac)
Sacre Coeur Weg 24
48147 Muenster
Germany
Phone: +49 172 436 5573
Email: info@jo-mac.de
Website: www.jo-mac.com
Data Collection on this Website:
Cookies
Our website uses cookies and similar web technologies (such as local or session storage). Cookies are small data packets stored on your device by your internet browser and do not cause any damage. They are stored either temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Persistent cookies remain stored on your device until you delete them yourself or your browser deletes them automatically.
Cookies can originate from us (first-party cookies) or from third-party companies (third-party cookies). Third-party cookies enable certain services from third-party companies to be integrated within our website.
Cookies have different functions. Some cookies are technically necessary because certain website functions would not work without them. Other cookies are used to analyse user behaviour or for advertising purposes.
Legal Basis for Storage and Processing: The storage of technically necessary cookies—which are essential for the electronic communication process or to provide certain functions you have explicitly requested—is based on § 25 (2) No. 2 TDDDG. Any subsequent processing of personal data derived from these necessary cookies is carried out on the basis of Art. 6 (1) (f) GDPR, as we have a legitimate interest in the technically error-free and optimised provision of our services.
Where your consent has been requested for the storage of cookies and access to your device, storage is carried out on the basis of § 25 (1) TDDDG, and the subsequent processing of your personal data is based on Art. 6 (1) (a) GDPR. Consent can be withdrawn at any time with effect for the future.
Managing Your Preferences: You can set your browser to inform you about the placement of cookies, to allow cookies only in individual cases, to exclude cookies for certain cases or in general, and to activate automatic deletion of cookies when closing the browser. Please note that disabling cookies may limit the functionality of this website.
You can also manage and change your cookie preferences or withdraw your consent at any time via our built-in cookie consent banner.
Collection of General Data and Information
Our websites collect a range of general data and information each time the websites are accessed by a Data Subject or an automated system. This general data and information are stored in the log files of the respective server. Among other things, the (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our websites (so-called referrer), (4) the sub-websites which are accessed via an accessing system on our websites, (5) the date and time of access to the website, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing system and (8) other similar data and information used for security purposes in the event of attacks on our information technology systems can be recorded.
When using this general data and information, we generally do not draw any conclusions about the Data Subject. Rather, this information is required to (1) correctly deliver the content of our websites, (2) optimise the content of our websites and the advertising for them, (3) ensure the long-term functionality of our information technology systems and the technology of our websites, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber-attack. This anonymously collected data and information is therefore evaluated by us both statistically and with the aim of increasing data protection and data security in our organisation to ultimately ensure an optimal level of protection for the Personal Data processed by us.
The data of the server log files are stored separately from all Personal Data provided by a Data Subject and are automatically deleted after 7 days via automatic log rotation.
The purpose of processing is to avert danger and ensure IT security, as well as the aforementioned purposes. The legal basis is Art. 6 (1) (f) GDPR. Our legitimate interest is the protection of our information technology systems.
External Web Hosting
We use the web hosting services of Dogado GmbH to operate this website. The provision of these services is technically required to maintain the infrastructure, security, stability, and reliable availability of our online services.
As part of providing these hosting services, personal data generated automatically through your use of this website or provided directly by you may be stored and processed on the server. This may include IP addresses, server log files, contact requests, metadata, communication data, and other information generated through the use of this website.
The service provider and recipient of personal data is:
Dogado GmbH
Antonio-Segni-Straße 11
44263 Dortmund
Germany
Telephone: +49 (0) 231 28 66 20 0
Email: info@dogado.de
All data is stored exclusively on servers located in Germany (Düsseldorf and Leipzig).
Purpose of Processing:
The processing of personal data is carried out for the purpose of hosting our online presence and ensuring the secure, stable, and efficient operation of our website infrastructure.
Legal Basis:
The processing of data is carried out based on Art. 6 (1) (f) GDPR, rooted in our legitimate interest in the technically secure, reliable, and professional provision of our website. Where processing is necessary for the performance of a contract or the implementation of pre-contractual measures, the legal basis is Art. 6 (1) (b) GDPR.
We have concluded a Data Processing Agreement (DPA) with dogado GmbH in accordance with Art. 28 GDPR. This agreement ensures that personal data is processed in accordance with our instructions and applicable data protection laws.
Further information regarding data processing by Dogado can be found in their Privacy Policy:
https://www.dogado.de/datenschutz
Transport Encryption (SSL/TLS)
For security reasons and to protect the transmission of confidential content, our website uses SSL/TLS encryption. This applies, for example, to enquiries submitted via contact forms or other data transmitted to us through the website.
An encrypted connection can be recognised by the change in the browser address line from “http://” to “https://” and by the padlock symbol in your browser.
When SSL/TLS encryption is activated, the data you transmit to us is protected against unauthorised access by third parties during transmission.
Website Security & Firewall (Wordfence)
Our website uses the security plugin “Wordfence.” The provider is Defiant Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter “Wordfence”). This tool is used exclusively to protect our website from unauthorised access, cyberattacks (such as brute-force and DDoS attacks), and malware. For this purpose, Wordfence processes technical data from website visitors, including your IP address, browser type, requested URL, and the date and time of access. To identify attackers and distinguish between malicious and safe traffic, Wordfence sets up to three first-party cookies on your device. Safe IP addresses are placed on a whitelist, while suspicious IP addresses are placed on a blacklist. The collected data is transmitted to Defiant Inc. servers in the USA and evaluated there.
The processing of your data is carried out for the sole purpose of ensuring the security, integrity, and continuous availability of our website. The primary legal basis for processing this technical data and using these security cookies is your explicit consent pursuant to Art. 6 (1) (a) GDPR. You grant this consent via our website’s cookie consent banner. To the extent that data processing is strictly mandatory to avert immediate threats and maintain IT security, the processing is additionally based on our legitimate interest pursuant to Art. 6 (1) (f) GDPR.
The data collected by Wordfence will be stored only as long as necessary to fulfill these security purposes (typically until the security logs are cleared) or until you withdraw your consent.
The provider, Defiant Inc., is based in the United States. Defiant Inc. is currently not certified under the EU-U.S. Data Privacy Framework (DPF). To guarantee a level of data protection equivalent to European Union standards, data transfers to the USA are carried out on the basis of the Standard Contractual Clauses (SCCs) approved by the European Commission under Implementing Decision (EU) 2021/914. These clauses are an integral part of our Data Processing Agreement with Wordfence. We have evaluated and documented the risks of this data transfer within a Transfer Impact Assessment (TIA).
We have entered into a legally binding Data Processing Agreement (DPA) with Defiant Inc. pursuant to Art. 28 GDPR, which governs the data protection-compliant handling of your data. This agreement is automatically incorporated and becomes legally effective through the installation and use of the plugin.
You can withdraw your consent to data processing by Wordfence at any time with future effect by adjusting your preferences in our cookie consent tool. To the extent that data processing is based on legitimate interests, you have the right to object to this processing at any time for reasons arising from your particular situation.
Detailed information on data usage and retention periods can be found in the official Wordfence Privacy Policy and the Wordfence Data Processing Addendum.
Data Protection Provisions Regarding Newsletter Subscription and Distribution
Use of GetResponse for Landing Pages and Newsletters
1. Scope and Technical Description of Data Processing
For our marketing campaigns, email lead generation, and newsletter distributions, we utilise the external services of GetResponse S.A., Al. Grunwaldzka 413, 80-309 Gdańsk, Poland. We have concluded a formal Data Processing Agreement (DPA) with GetResponse in accordance with Art. 28 GDPR to ensure your data is handled strictly according to EU privacy standards.
- External Landing Pages: Our website contains links to external landing pages hosted on the servers of GetResponse S.A. (Poland). If you visit one of these pages, GetResponse’s own privacy terms apply. Some of these landing pages may utilise the Meta Pixel, which transmits data regarding your page visit to Meta Platforms Ireland Limited. For further information, please refer to Meta’s Privacy Policy.
- Newsletter Subscription: If you sign up for our newsletter on our site or on a landing page, your name and email address are transmitted directly to GetResponse. To ensure maximum security, we strictly use the Double Opt-In procedure. After registering, you will receive a confirmation email. You must click the confirmation link inside that email to activate your subscription. During this process, your IP address and the registration timestamp are stored to protect against potential misuse of your email address.
2. Purpose and Legal Basis
We use GetResponse to manage customer acquisitions, distribute company offers, and communicate effectively with our audience. The legal basis for processing your data via landing page forms and newsletter registrations is your explicit Consent pursuant to Art. 6 (1) (a) GDPR. The technical logging of your registration data is based on our legitimate interest under Art. 6(1)(f) GDPR to maintain a legally verifiable audit trail for your subscription.
Our emails sent via GetResponse contain miniature graphic tracking pixels and unique hyperlinks. This allows us to statistically evaluate our marketing success by seeing if an email was opened, when it was opened, and which links were clicked. The legal basis for this analytics processing is your explicit Consent pursuant to Art. 6 (1) (a) GDPR.
You can cancel your newsletter subscription and revoke your data storage consent at any time with future effect. A dedicated cancellation link is integrated at the bottom of every email we send. Alternatively, you can opt out by emailing info@jo-mac.de. Unsubscribing from the newsletter automatically constitutes a complete revocation of tracking consent. Please note that deleting historical tracking data stored by GetResponse is subject to GetResponse’s data retention terms; we recommend reviewing its privacy policy for details. For more detailed information, please review the official GetResponse Privacy Policy.
Disclosure of Data to Third Parties and Processors:
We do not sell, rent, or lease your personal data to third parties without authorisation. However, to operate our website, marketing funnels, and communication infrastructure efficiently, we share necessary data with specialised categories of service providers who act on our behalf. These include:
-
- Web Hosting Providers (to securely store our website databases and server logs).
- Email Marketing & Landing Page Providers (to securely manage our newsletter delivery, double opt-in validation, and marketing lists).
To ensure the absolute protection of your privacy, all third-party service providers who process data on our behalf are strictly bound by formal Data Processing Agreements (DPAs) pursuant to Art. 28 GDPR. These legal contracts guarantee that our processors treat your information with strict confidentiality, apply state-of-the-art technical security measures, and are legally prohibited from utilising your personal data for their own independent purposes or passing it on to unauthorised entities.
Contact Possibility Via the Website
Contact by Email
Our website provides the option to contact us via email. If you contact us by email, the personal data you provide will be processed exclusively for the purpose of handling and responding to your enquiry.
The user may object to the processing and storage of their personal data at any time. In such cases, the ongoing conversation cannot be continued. You can send your objection to data storage in writing via email to info@jo-mac.de.
External Links
Third Party Links to Social Media Platforms (Instagram, Facebook & YouTube)
1. Scope and Description of Data Processing Our website contains simple hyperlinks to our official corporate profiles on Facebook, Instagram, and YouTube. We do not embed active social media plug-ins, tracking scripts, or live feeds that process your data while you browse our website.
Transmission of your data to these platforms occurs only if you explicitly click the respective Facebook, Instagram, or YouTube icons or links. Once clicked, your web browser will redirect you to the external platforms, where their own technical infrastructure takes over data processing. We have no control or influence over the data collection and tracking practices on external platforms. We accept no responsibility or liability for the data protection practices of these external platforms.
2. Operating Corporate Entities Facebook and Instagram are operated by Meta Platforms, Inc. (1 Meta Way, Menlo Park, CA 94025, USA). For users located within the EU/EEA, the primary data controller is Meta Platforms Ireland Ltd. (Merrion Road, Dublin 4, D04 X2K5, Ireland).
YouTube is operated by YouTube, LLC (901 Cherry Ave., San Bruno, CA 94066, USA), a subsidiary of Google LLC. For users located within the EU/EEA, the primary data controller is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland).
3. Purpose and Legal Basis The integration of these social profile links is intended to let you easily discover and interact with our social media content. The legal basis for providing these external links is our legitimate interest, pursuant to Art. 6(1)(f) GDPR, in maintaining an active public relations presence.
For comprehensive details on how your data is handled, retention periods, and your privacy settings once you visit these platforms, please review the official Meta Privacy Policy, the Google Privacy Policy, and the YouTube Privacy Notice
YouTube Channel
-
- Data Processing by Google: When you visit our YouTube channel, personal data may be processed by Google. We have no influence over the nature, scope, or purposes of this data processing carried out by Google. Further information can be found in Google’s Privacy Policy.
- Data Transfer: Google may transfer personal data to the United States. Google participates in the EU-U.S. Data Privacy Framework.
- Legal Basis: We operate this channel based on our legitimate interest in presenting our company to the public and communicating with interested users (Art. 6 para. 1 lit. f GDPR).
- Your Interactions: If you interact with our channel (e.g., by commenting, subscribing, or sending us a message), we may process the data you provide to respond or engage with you.
- Your Settings: You can restrict how YouTube processes your data by adjusting your settings in your Google Activity Controls.
Links to Other External Websites (Skool, Amazon, and Third-Party Resources)
- Scope and Technical Description of Data Processing
Our website contains simple hyperlinks to external third-party websites and platforms that are not operated or controlled by us. This includes direct links to our online communities and member platform on Skool (Skool.com. Inc., 111 Main Street, Los Angeles, CA 90245, USA) and our book listings on Amazon (Amazon EU S.à r.l., 38 avenue John F. Kennedy, L-1855 Luxembourg). We do not utilise tracking scripts or active background plug-ins from these companies that monitor your behaviour while you browse our primary website pages. A transmission of your browsing or connection data to these third-party platforms occurs only if you explicitly click on the respective text link or graphic button. Once clicked, you leave our website environment, and the respective platform’s own data infrastructure and privacy provisions take over. We have no influence or control over the data collection, cookies, or processing practices utilised by these external companies. We accept no responsibility or liability for the data protection practices of these external platforms.
- Purpose and Legal Basis
The integration of these external links is intended to allow you to easily access our community platforms, membership programs, books, and business resources. The legal basis for providing these external references is our legitimate interest pursuant to Art. 6 (1) (f) GDPR in maintaining an effective digital marketing presence, providing valuable resources, and communicating smoothly with our target audience. - For comprehensive details on how your data is handled after you leave our website, please consult the respective providers’ privacy policies on their websites (such as the Skool Privacy Policy and the Amazon Privacy Policy).
- Membership subscriptions are processed and managed through the Skool platform. If you choose to join one of our membership programmes, the subscription contract is concluded through Skool. Subscription management, including membership cancellation, can be completed directly in your Skool account in accordance with Skool’s terms and procedures.
- If you choose to join one of our Skool communities, certain information associated with your membership may be visible to us in our role as community owner and administrator. This may include information such as your name, email address, membership status, profile information, and activity within the community. We use this information solely for the administration, operation, support, and communication purposes of the community through the Skool platform. We do not export member data from Skool into our own customer relationship management or email marketing systems unless you separately provide your information through one of our own forms or services.
Use of Wonderlink
We use the service Wonderlink, operated by Seyffert mit Himmelspach GmbH, Boppstraße 10, 10967 Berlin, Germany, on our social media profiles (such as Instagram) to provide a single “link in bio” landing page that bundles links to our various online channels.
This service is not embedded on our website but is used externally on our social media platforms. According to the provider, Wonderlink does not use tracking cookies or user analytics in its Basic version; data processing is limited to the technically necessary minimum, such as standard server log data (e.g., IP address, browser type, and access timestamp) required to load and secure the page. The provider’s servers are located exclusively in Germany.
The use of this service is based on our legitimate interest in a clear and legally compliant presentation of our online presence in accordance with Art. 6 (1) (f) GDPR. Further information can be found in the Wonderlink Privacy Policy.
Data Protection Provisions Regarding Complianz Cookie Consent
1. Scope and Technical Description of Data Processing
Our website uses the cookie consent management tool Complianz to obtain, manage, and document your consent regarding the use of cookies and similar technologies. The provider of this software is:
Complianz BV
Kalmarweg 14-5
9723 JG Groningen
Netherlands
When you interact with our cookie banner, Complianz stores technically necessary cookies in your browser to record your selected privacy preferences. These cookies may include information about whether you have consented to or declined specific categories of cookies and tracking technologies, together with a consent identifier and the date and time of your decision.
The consent information is processed and stored locally on our own web server and within your browser. No consent data is transmitted to Complianz BV unless optional services provided by the vendor have been explicitly activated.
2. Purpose and Legal Basis
The purpose of this processing is to manage, document, and provide verifiable proof of your consent choices regarding the use of cookies and similar technologies on this website.
The legal basis for this processing is Art. 6 (1) (c) GDPR, as we are legally required to obtain and document valid consent before certain non-essential cookies and tracking technologies are activated.
3. Storage Duration
The consent cookie remains stored on your device for a period determined by the plugin configuration, currently up to 365 days, unless you delete the cookie earlier through your browser settings.
Consent records are stored for as long as necessary to fulfil our legal obligation to demonstrate valid consent and are subsequently deleted in accordance with applicable statutory retention periods.
Data Protection Provisions Regarding Google Analytics 4
1. Scope and Technical Description of Data Processing
Our website utilises Google Analytics 4 (GA4), a digital web analysis service operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA).
Google Analytics 4 uses tracking scripts and cookies to collect and evaluate information about your behaviour on our site (such as referrer URLs, pages visited, device models, browser types, and duration of stay). IP addresses are automatically anonymised by default before any permanent storage or logging.
2. Purpose and Legal Basis
We use Google Analytics 4 purely to analyse website traffic, evaluate user engagement, and optimise our site’s commercial performance. The legal basis for initialising these analytical cookies and processing your personal data is your explicit consent pursuant to Art. 6 (1) (a) GDPR. Google Analytics 4 will only be activated after you have given your consent via our cookie consent banner.
3. International Data Transfers and Storage Duration
The data generated by the tracking cookies about your use of this website may be transmitted to a Google server in the United States and stored there. Google LLC is a certified participant in the EU-U.S. Data Privacy Framework, which ensures a level of data protection recognised as adequate by the European Commission. Google Analytics 4 stores event data for a maximum of 14 months, after which it is automatically deleted. Cookie identifiers are retained for the same period. You can withdraw or adjust your consent choices at any time with future effect via our website’s Cookie Settings.
4. Further Information
For detailed information regarding how Google manages user data under the GDPR, please consult the official Google Privacy Policy and the Google Analytics Terms of Service.
General Legal Framework and Information
-
- Art. 6(1) lit. a GDPR serves as the legal basis for processing operations for which we obtain explicit consent for a specific purpose (such as Google Analytics).
- Art. 6(1) lit. b GDPR applies if the processing of personal data is necessary for the performance of a contract to which the data subject is party or for carrying out pre-contractual measures.
- Art. 6(1) lit. c GDPR applies if our company is subject to a legal obligation by which processing of personal data is required, such as for the fulfilment of tax or bookkeeping obligations.
- Art. 6(1) lit. d GDPR covers rare cases where the processing of personal data is necessary to protect the vital interests of the data subject or of another natural person.
- Art. 6(1) lit. f GDPR serves as the legal basis for processing operations necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by your fundamental rights and freedoms.
Data Protection Provisions Regarding Google Fonts
Our website uses Google Fonts for the uniform display of typefaces. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
When you access a page on our site, your browser loads the required fonts directly from Google’s servers. This allows Google to determine that your IP address was used to access our website.
The legal basis for this processing is our legitimate interest in the consistent presentation of our website pursuant to Art. 6 (1) (f) GDPR. Where consent has been requested via our cookie consent banner, processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR and § 25 (1) TDDDG. Consent can be withdrawn at any time with future effect.
Google holds an active certification under the EU-U.S. Data Privacy Framework, ensuring an adequate level of data protection for transfers to the United States. Further information can be found in Google’s Privacy Policy at https://policies.google.com/privacy.
Additional information regarding Google Fonts can be found at:
https://developers.google.com/fonts/faq
Routine Deletion and Restriction of Personal Data
1. We process and store your personal data only for the period necessary to achieve the specific purpose of storage, or as far as this is mandated by the European legislator or other applicable statutory legal requirements.
Data Protection Complaints Procedure
If you have concerns about how we collect, use, store, or process your personal data, please contact us first so that we can investigate and attempt to resolve the matter directly.
Complaints relating to data protection may be submitted by email to:
Joanne Pompejus
Email: info@jo-mac.de
We will acknowledge receipt of your complaint within 30 days of receipt.
We will investigate your complaint and provide a response without undue delay.
If you are not satisfied with our response, you have the right to lodge a complaint with the competent data protection supervisory authority in your country of residence, place of work, or place of the alleged infringement.
UK residents may also contact the Information Commissioner’s Office (ICO) at https://ico.org.uk.
Right to Object to Direct Marketing Emails
Where your personal data is processed for direct marketing purposes, including the sending of promotional emails, you have the right to object at any time and without giving any reason. Upon receipt of your objection, we will immediately cease processing your data for this purpose.
You may exercise this right at any time by:
- Clicking the unsubscribe link in any email we send, or contacting us directly at info@jo-mac.de
Automated Decision-Making
As a responsible company, we do not utilise automated decision-making or profiling on this website.
