Privacy Policy
Last updated:This Privacy Policy describes how Shineherb (“we”, “our”, “us”) collects, uses and protects personal information when you visit our website, fill in our forms, or take part in any of the online programs we deliver from our studio located at Friedrichstraße 68, 10117 Berlin, Germany. We aim to keep this document plain, short and easy to follow.
1. Who we are
Shineherb is a small Berlin-based studio that designs and runs online programs for office teams. You can reach our team through the contact details listed on our Contacts page, including our postal address, telephone line and e-mail handle.
2. What information we collect
We only collect the information we genuinely need to reply to you, deliver our programs and run a small website. Depending on how you interact with us, this may include:
- Information you choose to share through our contact form, such as your name, e-mail address and the contents of your message.
- Information you give us when you become a client, including invoicing details, the team you represent and the program package you have chosen.
- Limited technical information automatically collected by our hosting environment, such as your approximate region, browser type and timestamps of visits, used to keep the site secure and stable.
- Optional information you provide during live sessions, such as a display name, questions you ask or notes you choose to share with facilitators.
We do not knowingly collect information from people under the age of 16. If you believe a minor has shared personal information with us, please contact our team and we will remove it promptly.
3. How we use your information
We use the information described above only for the following purposes:
- To respond to questions and requests you send to us through the contact form or other channels.
- To deliver the online programs you or your organisation have signed up for, including scheduling, sharing materials and collecting feedback.
- To prepare invoices, keep accounting records and comply with applicable tax and commercial obligations.
- To improve our programs and website, in particular by reviewing aggregated, non-identifying usage information.
- To send service-related notifications, for example to inform you about session schedule changes or program updates that affect you directly.
4. Legal grounds for processing
Depending on the activity, we rely on one or more of the following legal grounds: your consent, the performance of a contract you have with us, our legitimate interest in running a small studio, or a legal obligation we must meet. Where consent is the legal ground, you may withdraw it at any time, without affecting any processing carried out before withdrawal.
5. Sharing of information
We do not sell personal information. We share information only with carefully chosen service providers that help us operate, such as our website host, e-mail provider, accounting software and live-session platform. These providers act on our instructions, under appropriate written agreements, and only for the purposes set out in this Policy. We may also disclose information when required by law or to defend our legal rights.
6. International transfers
Some of our service providers may store or process data outside the European Economic Area. When that happens, we ensure an adequate level of protection through recognised legal mechanisms, such as standard contractual clauses or adequacy decisions issued by competent authorities.
7. How long we keep data
We keep personal information only for as long as needed to fulfil the purposes described above and to meet legal, accounting and reporting requirements. Contact form messages are typically reviewed and deleted within 12 months unless a working relationship begins. Client records are kept for the period required by applicable bookkeeping rules.
8. Your rights
Subject to applicable laws, you have the right to access the personal information we hold about you, to request its correction or deletion, to object to certain types of processing, to ask for a copy of your data in a structured format, and to lodge a complaint with the supervisory authority in your country. To exercise any of these rights, please reach out through our Contacts page.
9. Security of your information
We apply reasonable technical and organisational measures to protect personal information against accidental loss, unauthorised access, alteration or disclosure. These measures include access controls, encrypted connections for data in transit, regular software updates and limited internal access on a need-to-know basis.
10. Cookies and similar technologies
Our website uses a small number of essential cookies and storage entries to keep the site running smoothly. For full details, please see our separate Cookies Policy.
11. Changes to this Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services or the law. The most recent version will always be available on this page, with a refreshed “Last updated” date at the top.
12. How to contact us
If you have any questions about this Privacy Policy or about how we handle personal information, please contact our team using the details available on the Contacts page. We will do our best to reply within one working day.