Issued: January 2026

1. Data Controller
Responsible for data processing:

Julia Dencker
Julia Dencker – The Peaceful Path
Steinweg 46, 06484 Quedlinburg E-mail: contact@the-peaceful-path.com

2. Scope
This privacy policy governs the processing of company, organizational, and personal data within the services provided by Julia Dencker – The Peaceful Path. Data processing is carried out exclusively to fulfill contractual obligations and is based on the following legal grounds:

• Art. 6 (1) lit. b GDPR (Contractual necessity): Data processing is required to provide the agreed services.

• Art. 6 (1) lit. c GDPR (Legal obligations): Processing ensures compliance with statutory retention and documentation requirements.

• Art. 6 (1) lit. f GDPR (Legitimate interest): Documentation serves project execution, quality assurance, and accountability.

3. Types of Data Processing

3.1 Analog Documentation
Data is recorded manually in the form of meeting notes, hand-written protocols, and draft concepts. Physical storage is in secured company folders.

3.2 Digital Processing
Storage location: Microsoft 365 Business Suite (OneDrive/SharePoint) with password-protected folders and two-factor authentication. Microsoft ensures GDPR compliance via EU server locations (Microsoft Germany GmbH).

Processed Data Includes:

• Meeting protocols, interim and final reports

• Company information

• Workshop, seminar, and training concepts

• Organizational analyses and conflict resolution strategies

Security Measures:

• Password-protected folders

• Device encryption (BitLocker)

• Regular backups on external encrypted drives

• No third-party access

• Regular updates and checks according to current technology standards

4. External Service Providers
If external providers (e.g., printing, shipping, interpreters) are involved, data is shared only to the extent necessary and in a contractually compliant manner.

5. Disclosure to Authorities
Data will only be shared if legally required (e.g., tax audits or official requests).

6. Confidentiality and Data Protection
All data collected during collaboration is strictly confidential, including:

• All communication from initial contact to project completion

• Internal company data, personnel data, and conflict information
  No disclosure occurs without written consent from the client.
  Note: A confidentiality obligation is contractually agreed.

7. Retention Periods and Data Storage

• Retention: Data is stored for 10 years after contract end, in compliance with tax and commercial law requirements.

• Recovery: In case of hardware failure (e.g., laptop), data is restored via device insurance and the OneDrive cloud.

8. Data Subject Rights
Employees of client organizations have the following rights:

• Access to stored data (Art. 15 GDPR)

• Rectification or deletion, unless legal retention obligations exist (Art. 16, 17 GDPR)

• Restriction of processing (Art. 18 GDPR)

• Objection to processing based on legitimate interest (Art. 21 GDPR), unless overriding reasons exist

Requests should be sent to: contact@the-peaceful-path.com

9. Contact and Supervisory Authority
Questions or complaints:
Julia Dencker
Email: contact@the-peaceful-path.com

Responsible supervisory authority:
Landesbeauftragter für den Datenschutz Sachsen-Anhalt
Leiterstraße 9, 39104 Magdeburg
Email: poststelle@lfd.sachsen-anhalt.de

10. Final Confirmation
By accepting the offer, the client confirms that all involved persons have been informed about this privacy policy and consent to processing as described.

Privacy Policy