Privacy Notice

Version: 09.02.2026

Your data is safe with us

We want to earn your trust. For this reason, we strictly comply with legal data protection requirements and do everything we can to protect your privacy and business secrets.

On this website, you can provide us with personal data and information relevant to receiving information. We will not use your data for other purposes without your consent.

1. Website operator

The data you transmit is collected, processed, and used by Mindance GmbH. Our employees and involved service providers are obligated to handle personal data confidentially in accordance with the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG).

2. Collection and use of data

2.1 Why we collect data

We process the data we receive from you where a legal basis exists in order to

Provide you with the content of our website,
Optimize our website,
Send you information regularly (newsletter),
Process your request (contact).

2.2 What data we collect

To optimize and secure our websites, we use data that your browser transmits by default:

IP address (address from which you send your request)
Referrer (previously visited webpage)
Requested webpage or file
Browser type and browser version
Operating system used
Device type used
Time of access

We do not assign this data to a specific person. It is used exclusively for statistical purposes. Evaluations are only carried out in anonymized form.

We also collect data actively provided by you (via email or other means). This data helps us process your request and contact you if necessary. Only the data required for this purpose is stored and processed. Our employees only have access to your data when necessary.

2.3 On what legal basis do we process data?

Applicable data protection law (= EU General Data Protection Regulation) permits the processing of your data (= personal data) for:

Website optimization, where we have a legitimate interest and can assume that you have no overriding objections (legitimate interest, Art. 6(1)(f) GDPR).
Generating statistics on website usage (Art. 6(1)(a) GDPR).
Processing personal data in a newsletter with consent (Art. 6(1)(a) GDPR).
Recording and processing voluntarily transmitted personal data for handling your request (consent Art. 6(1)(a), contract Art. 6(1)(b) GDPR).

2.4 What statistics are generated from the data transmitted by my browser?

The following anonymized (= without personal reference) statistics are generated:

Visitor numbers: visitors, sessions, page views, and search engine robots.
Visitor behavior: duration per session, page views per session, and bounce rate.
Page analysis: entry pages, exit pages, error pages, most visited pages, pages with a high bounce rate, and search terms.
Origin pages: all source pages and referring pages.
Visitor locations.
Browsers & Systems: browsers, browser versions, operating systems, and operating system versions.

2.5 Who can receive my data?

As part of processing, your data may be transmitted to:

Persons within our company directly involved in data processing,
Service providers contractually bound and obligated to confidentiality who perform partial data processing tasks,
External parties where necessary, for example postal service providers for delivering letters.

Otherwise, we only disclose your personal data to third parties - apart from legal or official disclosure obligations - with your explicit consent.

As a rule, your data is not transferred to countries outside the European Union.

2.6 How long will you store my data?

We store your data for as long as we need it to achieve the purposes set out in 2.1. However, there are legal requirements (e.g. Tax Code § 147) that require us in certain cases to retain selected documents for six, eight, or ten years. After the retention period ends, we delete data that is no longer needed.

3. Web analytics and cookies

On this website, data is collected and stored for marketing and optimization purposes. Under a pseudonym, usage profiles can be created from this data. Cookies may be used for this purpose. A cookie is a small text file stored on a computer when visiting a website. Cookies allow us to adapt our website to users' interests and/or store user data so it does not need to be entered again each time.

As part of consent management (“cookie banner”), we offer you the option to decide, according to your preferences, about the use of cookies in our services. You can change that decision at any time and grant or revoke your consent retrospectively.

4. Security measures

We implement appropriate technical and organizational measures to protect your personal data from loss, manipulation, unauthorized access, and unauthorized disclosure.

Access to personal data is granted only to employees who absolutely need that data to perform their respective tasks (principle of access restriction). In addition, personal data is processed on servers operated in specially secured data centers that meet state-of-the-art security standards.

Our security measures are regularly reviewed and continuously adapted in line with technological developments.

5. External "Links"

Mindance GmbH is responsible for content provided by itself. Links to external websites of other providers are provided only as references to that content. We do not assume responsibility for the content of external pages.

When links are first added, we check external content for possible legal risks. However, we do not continuously monitor linked content. If unlawful content becomes known to us, or if we are notified of it, we will remove the corresponding link immediately.

6. Third-party providers

a) Google Analytics

This website uses Google Analytics (GA4), a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics processes, among other things, shortened IP addresses, usage data, and technical information in order to statistically evaluate and improve website usage. IP anonymization is enabled.

The legal basis for processing is your consent pursuant to Art. 6(1)(a) GDPR, which is obtained via our cookie banner and can be revoked at any time. Data may be transferred to the USA. Google relies on EU Standard Contractual Clauses and - where applicable - the EU-US Data Privacy Framework. Data is stored for 14 months.

Further information: https://policies.google.com/privacy

b) TIMIFY (appointment booking form)

This application uses TIMIFY, a service of TerminApp GmbH, Sperberstraße 23, 81827 Munich, Germany. TIMIFY operates an online appointment booking solution that allows registered businesses (“service providers”) to make available appointments for their services online so users can view and book them.

Visitors to the online appointment booking solution can view appointments marked as available by service providers and book them non-bindingly as registered users (“appointment bookers”). The online appointment booking solution is available via the TIMIFY website and apps. It can also be integrated into service providers’ websites (“TIMIFY Button”) and into service providers’ presences on certain third-party platforms (“TIMIFY Widget”).

TIMIFY collects, processes, and uses personal data exclusively to the extent described, for the purposes described, and in compliance with applicable data protection laws.

Further information: https://www.timify.com/de/legal#privacy

c) Stripe (payment service provider)

We offer the option of processing payments via the payment service provider Stripe. The provider is Stripe, Inc., c/o Legal Process, 510 Townsend St., San Francisco, CA 94103, USA.

As part of payment processing, personal data such as name, email address, order and payment information, credit card data, and transaction details are transmitted to Stripe. The transfer of this data is necessary to process the payment and fulfill the contract.

Processing is based on Art. 6(1)(b) GDPR (contract performance) and our legitimate interest in secure and efficient payment processing pursuant to Art. 6(1)(f) GDPR. Without transferring the data, payment via Stripe is not possible.

Stripe processes the received data both as a processor and as an independent controller. Processing is carried out for contract performance, compliance with legal obligations, and fraud prevention. International data transfers are based on EU Standard Contractual Clauses.

Further information: https://stripe.com/privacy-center/legal

d) Sentry (error monitoring and performance analysis)

We use the analytics and monitoring service Sentry from Functional Software, Inc. dba Sentry, 45 Fremont Street, San Francisco, California 94105, USA, to detect errors in our systems, improve technical functionality, and monitor our app’s performance.

For this purpose, Sentry collects and processes anonymized metadata, such as information about the operating system used, browser, programming language, and possible causes of errors. This data is used exclusively for error analysis, troubleshooting, and technical optimization of our services.

Data is transferred to Sentry servers in the USA. Sentry processes data both as a processor and as an independent controller. Transfers take place in consideration of the EU-US Data Privacy Framework.

Processing is based on our legitimate interest pursuant to Art. 6(1)(f) GDPR.

Further information: https://sentry.io/privacy/

e) Amplitude (usage analytics)

We use the analytics service Amplitude provided by Amplitude, Inc., 201 3rd Street, Suite 200, San Francisco, CA 94103, USA, to evaluate user behavior within our app and continuously improve our services.

Amplitude processes information about application usage, such as pages viewed, interactions, device and browser information, and technical identifiers such as cookies or similar technologies. The data collected is used to create usage statistics and optimize our offerings according to demand.

Processing is carried out exclusively on the basis of your prior consent pursuant to Art. 6(1)(a) GDPR. You can revoke your consent at any time via the settings of our cookie consent tool.

Data may be transferred to Amplitude servers in the USA. Amplitude is certified under the EU-US Data Privacy Framework.

Further information: https://amplitude.com/privacy

f) Internal documentation and issue management with Atlassian

We use services of Atlassian Pty Ltd., Level 6, 341 George Street, Sydney NSW 2000, Australia, in particular Jira, for internal documentation, project organization, and issue/ticket management.

Jira is used to process support and error requests. Depending on ticket content, personal data such as name, email address, or technical error descriptions may be processed where necessary to analyze and resolve the respective issue.

Transfer of personal data to third countries, especially Australia, cannot be ruled out. There is no adequacy decision of the European Commission for Australia. Therefore, transfers are based on appropriate safeguards pursuant to Art. 46 GDPR, in particular through the conclusion of EU Standard Contractual Clauses (SCCs) and additional technical and organizational safeguards.

Further information: https://www.atlassian.com/legal/privacy-policy

g) AI-supported support with Langdock

We use the Langdock service to provide an AI-supported assistance and support system. Langdock is used to answer requests, provide content, and support internal and user-related processes.

As part of use, content entered by users, such as text entries, requests, or conversation content, as well as technical information such as timestamps, device and browser information, may be processed.

Personal data is processed on the basis of your consent pursuant to Art. 6(1)(a) GDPR or - where applicable - on the basis of our legitimate interest pursuant to Art. 6(1)(f) GDPR. Where use takes place within a contractual relationship, Art. 6(1)(b) GDPR also applies.

The service is provided by Langdock GmbH, Greifswalder Straße 212, 10405 Berlin, Germany, and personal data is generally processed within the European Union. Where data is transferred to third countries, this takes place only on the basis of appropriate safeguards pursuant to Art. 46 GDPR.

Further information: https://langdock.com/privacy-policy

h) AWS Amplify (hosting and backend services)

We use AWS Amplify, a cloud service from Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109, USA, for provisioning, operation, and maintenance of our app, as well as for backend functions such as APIs, data processing, and authentication.

Technically required data is processed, in particular IP addresses, access times, device and browser information, and log data, to ensure the stability, security, and functionality of our services.

Processing is based on Art. 6(1)(b) GDPR for contract performance and on our legitimate interest pursuant to Art. 6(1)(f) GDPR.

Transfer of personal data to the USA cannot be ruled out. Amazon Web Services is certified under the EU-US Data Privacy Framework.

Further information: https://aws.amazon.com/privacy/

i) Ultahost (web hosting)

Our app is hosted by Ultrahost. The hosting provider processes personal data of visitors, in particular IP addresses and technical access data (e.g. date and time of access), to the extent required for operating, securing, and stabilizing the app.

Processing is based on our legitimate interest pursuant to Art. 6(1)(f) GDPR.

A data processing agreement pursuant to Art. 28 GDPR has been concluded with the hosting provider. Since Ultrahost is based in the USA, transfer of personal data to a third country may occur. In this case, transfer is based on appropriate safeguards pursuant to Art. 46 GDPR, in particular by concluding EU Standard Contractual Clauses.

j) Eye-Able (accessibility)

We use the Eye-Able tool from Eye-Able Technologies GmbH, Gartenstraße 12c, 97276 Margetshöchheim, Germany, to improve the accessibility of our app.

Eye-Able enables users to customize the display of the app, for example by changing contrasts, font sizes, or using read-aloud functions.

To provide these functions, Eye-Able processes technically necessary data, in particular IP address and browser/device information.

Processing is carried out to ensure accessibility and technical functionality of the app, based on our legitimate interest pursuant to Art. 6(1)(f) GDPR.

Further information: https://eye-able.com/datenschutz/

k) Usercentrics consent management

On our website, we use the consent management platform Usercentrics from Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich.

Usercentrics is used to obtain, manage, and document users’ consent for the use of cookies and similar technologies in compliance with GDPR. In particular, consent status, consent timestamp, a consent ID, and technical information such as browser/device information and a shortened IP address are processed.

Processing is carried out to fulfill legal obligations pursuant to Art. 6(1)(c) GDPR and on the basis of our legitimate interest pursuant to Art. 6(1)(f) GDPR in legally compliant consent management. Consent data is stored for a period of twelve months.

Users can revoke or adjust their consent at any time via the cookie settings on the website.

l) Firebase Cloud Messaging (push notifications)

We use Firebase Cloud Messaging from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, to send push notifications to users.

A device-specific push ID is processed to deliver messages to the respective device. Personal content is not stored.

Processing takes place exclusively on the basis of your consent pursuant to Art. 6(1)(a) GDPR, which you can revoke at any time in device settings or within the application.

It cannot be ruled out that data is transferred to servers of Google LLC in the USA. Transfer is based on appropriate safeguards pursuant to Art. 44 et seq. GDPR, in particular EU Standard Contractual Clauses.

m) Microsoft Bookings

We use Microsoft Bookings, a service from Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland, for online appointment booking.

The data entered by users, in particular name, email address, and appointment details, is processed to manage and carry out appointments. Processing is carried out for pre-contractual measures and contract performance pursuant to Art. 6(1)(b) GDPR.

Transfer of personal data to servers of Microsoft Corporation in the USA cannot be ruled out. This transfer is based on appropriate safeguards pursuant to Art. 44 et seq. GDPR, in particular EU Standard Contractual Clauses.

n) Cookies on website

We use cookies to ensure the functionality of our website, store user settings, and enable analytics and marketing functions. Classification is based on purpose and legal basis pursuant to Art. 6(1) GDPR.

Website

Cookie	Purpose	Category	Legal basis
language	Saves language settings	Technically required	Art. 6(1)(b) GDPR
uc_settings / ucString	Stores cookie settings	Technically required	Art. 6(1)(b) GDPR
ucData (optional)	Stores additional user settings	Technically required	Art. 6(1)(b) GDPR
__utmb	Google Analytics session cookie	Marketing	Art. 6(1)(a) GDPR
_ga	Google Analytics identifier	Marketing	Art. 6(1)(a) GDPR
_gid	Google Analytics identifier	Marketing	Art. 6(1)(a) GDPR
IDE	Google Ads conversion cookie	Marketing	Art. 6(1)(a) GDPR
CONSENT	Google consent status	Marketing	Art. 6(1)(a) GDPR
_gat	Google Analytics request throttling	Marketing	Art. 6(1)(a) GDPR
FPID	Facebook pixel	Marketing	Art. 6(1)(a) GDPR
FPLC	Facebook pixel	Marketing	Art. 6(1)(a) GDPR

Web app

Cookie	Purpose	Category	Legal basis
AMP_TEST	Marketing & analytics	Marketing	Art. 6(1)(a) GDPR
accessToken	Authentication and access to protected content	Technically required	Art. 6(1)(b) GDPR
refreshToken	Automatically renews login	Technically required	Art. 6(1)(b) GDPR
AMP_92d2e905c9	Marketing & analytics	Marketing	Art. 6(1)(a) GDPR
AMP_MKTG_92d2e905c9	Marketing & analytics	Marketing	Art. 6(1)(a) GDPR
AMP_TLDTEST	Marketing & analytics	Marketing	Art. 6(1)(a) GDPR

Note: Technically required cookies are necessary for operating our website/web app and cannot be disabled. You can block or delete marketing cookies via the cookie settings on our website or directly in your browser.

7. Changes to this privacy notice

We reserve the right to adapt our security and data protection measures if this becomes necessary due to technical developments or legal requirements. In such cases, we will also adjust this privacy notice accordingly. Please therefore always refer to the most current version of this privacy notice on this website.

8. Personal responsibility

We must point out that confidential information transmitted via web pages and/or the email addresses contained therein is not encrypted. As the sender, you are responsible for transmitting this information. Please note that this privacy notice is an integral part of our website and our communication. By transmitting information via this website or email, you consent to the procedures described in this privacy policy.

9. Rights of data subjects

In accordance with Art. 15 GDPR, you have the right to obtain information about personal data stored about you, including any recipients and the planned storage period. If inaccurate personal data is being processed, you have a right to rectification under Art. 16 GDPR. Where legal requirements are met, you may request deletion or restriction of processing (Art. 17 and 18 GDPR), object to processing (Art. 21 GDPR), and have the right to data portability (Art. 20 GDPR). If processing is based on consent (Art. 6(1)(a) or Art. 9(2)(a) GDPR), you can revoke this consent at any time with effect for the future. If you believe that processing of your personal data violates data protection law, you have the right under Art. 77(1) GDPR to lodge a complaint with a supervisory authority of your choice.

You can reach us at Mindance GmbH, Flottwellstr. 4-5, 10785 Berlin.

10. Questions about data protection

If you have questions regarding this privacy notice, our internal data protection coordinator will be happy to assist you.

pme Familienservice GmbH
Flottwellstr. 4-5, 10785 Berlin
Data Protection Coordinator: Lars Richter
E-Mail: datenschutz@familienservice.de

The data protection officer of our company is Karl-Uwe Lüllemann. The data protection officer can be contacted as follows:

SK-Consulting Group GmbH
Osterweg 2; 32549 Bad Oeynhausen
E-Mail: datenschutz@familienservice.de