Privacy Policy

Last updated: 27.11.2025

This Privacy Policy explains how we (“we”, “us”, “our”) collect, use, and protect your personal data when you visit our websites, use our services, or interact with us.
We comply with the EU General Data Protection Regulation (GDPR) and applicable data protection laws.

1. Controller Responsible for Data Processing

Christian Lutz
Berner Straße 9b
12205 Berlin
​Germany

​Email: info@gisterrain.com

​This is the entity responsible for processing personal data on this website.

2. Data We Collect

We only collect personal data when it is necessary to provide our services or when you voluntarily provide it.

We may collect:

2.1 Contact Information

- Name
- Email address
- Phone number
- Address (if provided)

2.2 Payment Information

Processed securely by Stripe or PayPal.
We do not store full credit card details.

2.3 Technical Data

- IP address
- Browser type
- Date and time of access
- Basic server logs

This is collected automatically by our hosting provider (GoDaddy) for security and technical operation.

2.4 Information You Submit Through Forms

From ClickFunnels and GoHighLevel forms:

- Contact details
- Application form details
- Program interest 
- Survey answers

2.5 Community Interaction Data

When using Skool:

- Name, profile image
- Posts, comments, messages
- Course progress
(Processed according to Skool’s own policy)

2.6 Zoom Registration Data

If you register for a live session on Zoom, we collect:

- Name
- Email
- Registration details
(Processed by Zoom Video Communications Inc.)

3. Purpose and Legal Basis of Processing

We process your data for the following purposes:

3.1 To Provide Our Services

- Course access
- Community access
- Coaching programs
- Live sessions

Legal basis: Art. 6(1)(b) GDPR — performance of a contract

3.2 To Communicate With You

- Email updates
- Customer support
- Service notifications

Legal basis: Art. 6(1)(f) GDPR — legitimate interest

3.3 For Payment Processing

Handled by Stripe and PayPal.

Legal basis: Art. 6(1)(b) GDPR

3.4 For Marketing Emails

Through GoHighLevel and Skool.

Legal basis:

- Art. 6(1)(a) GDPR — consent
- Art. 6(1)(f) GDPR — legitimate interest (existing customers)

You can unsubscribe at any time.

3.5 For Security & Website Functionality

Server logs and security features.

Legal basis: Art. 6(1)(f) GDPR

4. Cookies & Tracking Technologies

We currently do not use analytics, tracking cookies, or advertising cookies.

However, our platforms (ClickFunnels, GoHighLevel, Skool) may place essential cookies required for:

- Login
- Session functionality
- Security features

These are necessary for the website to function.

If non-essential cookies are added in the future, we will update this policy and display a cookie consent banner.

5. Sharing of Personal Data

We only share data with trusted service providers when necessary.

5.1 Service Providers (Processors)

- GoHighLevel (CRM, forms, email, automation)
- ClickFunnels (landing pages, forms)
- Skool (community + course platform)
- Stripe (payment processing)
- PayPal (payment processing)
- Zoom (webinars and registrations)
- GoDaddy (hosting + server logs)

Each provider processes data based on GDPR-compliant agreements.

We do not sell or trade personal data.

6. International Data Transfers

Some service providers (e.g., Zoom, Stripe, Skool, GoHighLevel) are based outside the EU.

We ensure compliance through:

- Standard Contractual Clauses (SCCs)
- Adequacy decisions
- GDPR-compliant data processing agreements

7. Data Storage & Retention

We store personal data only as long as necessary:

- Contractual data: until the end of service + statutory retention
- Contact form data: up to 6 months
- Payment data: according to financial law (6–10 years)
- Email and CRM data: until you unsubscribe or request deletion

8. Your Rights Under GDPR

You have the right to:

- Access your data (Art. 15 GDPR)
- Rectify inaccurate data (Art. 16 GDPR)
- Erase your data (“right to be forgotten”) (Art. 17 GDPR)
- Restrict processing (Art. 18 GDPR)
- Object to processing (Art. 21 GDPR)
- Data portability (Art. 20 GDPR)
- Withdraw consent at any time (Art. 7 GDPR)

To exercise your rights, contact us at:

Email: info@gisterrain.com

9. Security Measures

We use industry-standard security measures, including:

- SSL encryption
- Secure payment processing
- Access controls on all platforms
- Secure hosting via GoDaddy

10. Changes to This Privacy Policy

We may update this policy to reflect changes to our services or legal requirements.
The latest version will always be published on this page.

11. Contact

For questions about data protection, please contact:

Christian Lutz
Berner Straße 9b
12205 Berlin
Germany
Email: info@gisterrain.com