Privacy Policy for the Datentreiber Community Platform
Effective Date: June 2025
Applies to: https://community.datentreiber.com
1. Introduction and Scope
This privacy policy outlines how personal data is collected, processed, and stored on the Datentreiber Community Platform. The platform serves multiple purposes that are technically and legally separated:
- Community Membership (free, voluntary participation with consent)
- Training Participation (paid contractual services with separate legal basis)
- Newsletter Subscription (explicit, separate consent required)
Each purpose involves specific forms of processing, based on distinct legal grounds. Users are only subject to data processing relevant to the purpose they have explicitly chosen.
In particular:
- The community is a free membership environment, accessible to registered users.
- Trainings are paid services offered within or outside the community platform, and explicitly marked as such.
- Newsletter subscriptions require explicit opt-in and are not automatically linked to community or training participation.
2. Community Membership (Free, Consent-Based)
When you register on https://community.datentreiber.com, you become a member of the Datentreiber Community. This membership is free of charge and enables access to a range of digital services and interaction formats. It is based on your voluntary consent under data protection law (GDPR Art. 6(1)(a)).
Upon registration:
- You are visible to other members by default
- You can manually restrict the visibility of your profile and participation settings
- You are not automatically enrolled in any trainings or newsletters
The Community provides the following functions:
- Access to curated groups, forums, and event invitations
- Participation in expert-led discussions and learning activities
- Viewing and editing shared boards (e.g. Miro, access may require separate login)
- Messaging, notifications, file uploads, and profile management
Processed Data Categories:
- Name, username, email address
- Login data, device/IP information
- Group memberships, posts, interactions
- Visibility and messaging preferences
Key clarifications:
- Community participation does not constitute a contract for paid services.
- It is possible to be a community member without participating in a training.
- Visibility defaults can be changed manually at any time.
3. Training Participation (Paid, Contract-Based)
You can book trainings from Datentreiber GmbH either on our main website (https://www.datentreiber.de) or directly within the Community Platform (https://community.datentreiber.com).
In both cases:
- You enter into a separate contractual agreement with Datentreiber GmbH
- The booking interface is clearly marked as “payment required”
- This includes a formal invoice and payment processing
Processed Data Categories:
- Name, email, billing address, company (if applicable)
- Selected training(s), times, booking details
- Access credentials to course materials (LearnDash, BuddyBoss)
- Participation status and progress
Legal Basis: Art. 6(1)(b) GDPR – processing necessary for the performance of a contract
Technical integration:
- Your user account will be created or enriched in the community platform
- You will be enrolled in a dedicated, restricted training group within the platform
- You will not be visible to other users outside your specific training group unless and until you consent to the community terms
If your booking originates from outside the platform:
- You are technically registered as a user in the platform
- You will see the platform’s content and structure
- You will not be able to participate in groups or messaging without explicit additional consent to the community privacy policy
4. Newsletter Subscription (Separate, Voluntary Consent)
You may opt in to receive our curated newsletter, which provides:
- Updates on new blog articles and templates
- Information on events and free formats
- Invitations to beta tests or community formats
Newsletter subscription:
- Is based on separate and explicit consent
- Requires a double opt-in confirmation
- Can be revoked at any time using the unsubscribe link in each message
System used: Brevo (Sendinblue SAS, France, GDPR-compliant)
Important:
- No user is automatically subscribed
- Participation in community or training services does not imply consent to the newsletter
5. Data Processing Overview and Legal Grounds
Depending on your usage, we process the following data:
| Purpose | Examples of Data | Legal Basis |
|---|---|---|
| Community Membership | Username, posts, group participation, Miro use | Art. 6(1)(a) GDPR |
| Training Participation | Name, email, billing, course access, progress | Art. 6(1)(b) GDPR |
| Newsletter | Email, click/open behavior, subscription date | Art. 6(1)(a) GDPR |
| Technical Log Data | IP address, login time, browser info | Art. 6(1)(f) GDPR |
Third-party tools and systems used:
| Provider | Purpose | Hosting Location |
| ALL-INKL.COM | Platform hosting | Germany |
| LearnDash | Course management | Hosted via community site |
| BuddyBoss | Group management, profiles | Hosted via community site |
| Brevo (Sendinblue) | Newsletter mailings | France (GDPR compliant) |
| Moco | Invoicing & contract processing | Switzerland (adequacy status) |
| Miro | Embedded whiteboards | EU/US, login or guest required |
6. Communication Without Newsletter Opt-In
Even if you have not subscribed to the newsletter, you may receive emails that are necessary for:
| Type | Examples | Legal Basis |
| Contractual | Booking confirmation, course access | Art. 6(1)(b) GDPR |
| Community Operations | Consent requests, visibility banners | Art. 6(1)(a) GDPR |
| Legitimate Interest | Follow-up offers on your purchased training | Art. 6(1)(f), §7(3) UWG |
We do not send unrelated promotional emails without specific consent.
7. Your Rights Under GDPR
You may contact us at any time to:
- Access your personal data (Art. 15 GDPR)
- Correct or complete your data (Art. 16 GDPR)
- Request deletion (Art. 17 GDPR)
- Restrict or object to processing (Art. 18, Art. 21 GDPR)
- Withdraw your consent (Art. 7(3) GDPR)
- Lodge a complaint with a data protection authority (Art. 77 GDPR)
For all inquiries, email: info@datentreiber.de
8. Retention and Deletion Periods
| Data Category | Retention Period |
| Training Participation | 3 years after last activity |
| Invoice Data | 10 years (legal retention requirement) |
| Community Content | Until consent withdrawal or account deletion |
| Newsletter Data | Until revoked or unsubscribed |
9. Security and Technical Safeguards
We employ state-of-the-art technical and organizational measures to protect your data, including:
- SSL encryption for all connections
- Role-based visibility settings for users and groups
- Secure APIs and limited access to external systems
- No automatic group joining or external mailing without consent
- Data hosting on GDPR-compliant servers in Germany
10. Updates to This Policy
This policy may be updated to reflect changes in the platform, technology, or applicable laws. The most recent version is always available at: Privacy Policy – Data & AI Business Community
Last updated: June 2025