Privacy Policy

1. Controller

Grow To Be True
Caroline Niermann
Ostenallee 102a
59071 Hamm
Germany
E-mail: caroline@growtobetrue.com

2. General Information on Data Processing

We process personal data only to the extent necessary to provide a functional website as well as our content, services, and offerings.
Processing is carried out in accordance with the GDPR and applicable legal regulations.

3. Data We Process

Depending on how you use our website, we process the following categories of personal data:

3.1. Contact Data

  • Name

  • E-mail address

  • Information you provide via the contact form, when booking a session, or when downloading a product

3.2. Contract & Billing Data

  • Purchased products

  • Billing details

  • Payment information (processed directly by Stripe/PayPal and not stored by us)

3.3. Usage and Technical Data

  • IP address

  • Browser type and version

  • Date and time of access

  • Visited pages

  • Cookies (technically necessary)

These data are automatically collected by our hosting provider.

4. Purposes of Processing

We process your data for the following purposes:

  • To provide our website

  • To perform coaching contracts, sessions, and digital products

  • To process payments

  • To schedule appointments

  • To send newsletters (only with your consent)

  • To provide requested content (freebies, downloads, guides)

  • For customer administration and communication

  • To ensure technical security

5. Legal Bases (Art. 6 GDPR)

5.1. Consent – Art. 6(1)(a) GDPR

  • Newsletter

  • Contact forms (if you voluntarily provide data)

  • Downloads and freebies (lead magnets)

5.2. Contract Performance – Art. 6(1)(b) GDPR

  • Purchase of digital products

  • Booking of coaching sessions

  • Payment processing

  • Appointment scheduling

5.3. Legitimate Interest – Art. 6(1)(f) GDPR

  • Technical functionality of the website

  • Optimization and security of the system

  • Server logs

5.4. Legal Obligations – Art. 6(1)(c) GDPR

  • Tax-related retention requirements

  • Billing documentation

6. Disclosure of Data to Third Parties

We only transfer data when necessary for the fulfillment of our services.

6.1. Hosting (Squarespace)

Service provider: Squarespace Inc., USA
Data is transferred to the USA:
→ based on the EU–US Data Privacy Framework or Standard Contractual Clauses (SCCs).

6.2. Newsletter & E-Mail Marketing (Systeme.io)

Data used for newsletters, freebies, or product purchases.

Service provider: Systeme.io, USA
Transfer to third countries based on SCCs.

6.3. Appointment Scheduling (Calendly)

The following data are processed when booking an appointment:

  • Name

  • E-mail address

  • Date / time

  • Zoom link if applicable

Service provider: Calendly LLC, USA (SCCs)

6.4. Video Conferencing (Zoom)

Used to conduct 1:1 coaching sessions or calls.
Service provider: Zoom Video Communications Inc., USA

6.5. Payment Processing

Stripe

For credit card payments.
Service provider: Stripe Payments Europe Ltd., Ireland / USA

PayPal

Service provider: PayPal Europe S.à r.l. et Cie, Luxembourg

Systeme.io Payments

Payment data is processed directly via Systeme.io.

Note: We do not store full payment information ourselves.

7. Storage Period

We store personal data only as long as necessary for the respective purposes.

  • Newsletter data: until consent is withdrawn

  • Contract data: 6–10 years (legal retention obligations)

  • Appointment data: until the appointment has been completed

  • Server logs: max. 30 days

  • Customer communication: max. 12 months or until deletion request

8. Cookies

Our website uses technically necessary cookies only.
As we do not use analytics tools, tracking cookies, or marketing cookies, no cookie banner is required.

If you later integrate Google Analytics or any tracking tool, a consent tool must be added.

9. Data for Digital Products (Systeme.io & Steady)

When downloading or purchasing digital products, the following data are processed:

  • Name

  • E-mail address

  • Purchase details

  • Billing information

  • Download history

Processing occurs through:

  • Systeme.io (digital products, funnels)

  • SteadyHQ (memberships)

Both providers store data according to their own privacy policies and based on SCCs.

10. Rights of Data Subjects

Under the GDPR, you have the following rights:

  • Right of access

  • Right to rectification

  • Right to erasure (“right to be forgotten”)

  • Right to restrict processing

  • Right to data portability

  • Right to withdraw consent

  • Right to object

  • Right to lodge a complaint with a supervisory authority

Competent authority in Germany:
State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia

11. Withdrawal of Consent

You may withdraw your consent for newsletters or marketing e-mails at any time:

  • via the “unsubscribe” link in any e-mail

  • or by contacting: caroline@growtobetrue.com

12. Data Security

We use technical and organizational measures to protect your data against loss, misuse, or unauthorized access.
However, data transmission over the internet (e.g., via e-mail) may involve security risks.

13. Updates to This Privacy Policy

This privacy policy may be updated due to legal changes or the integration of new tools.
The current version is always available on this website.

Date: November 2025