The controller responsible for data processing on this website is:
Tom Brucker
Imba Performance & Health Coaching
c/o Flip
Brunnenstraße 196
10119 Berlin
Germany
Email: info@imba-performance.com
Contact form: available via the contact form on this website
This Privacy Policy explains which personal data is processed when you visit this website and when you contact me.
Personal data means any information that can identify or make a natural person identifiable, such as name, email address, IP address or usage data.
Personal data is processed on the basis of the General Data Protection Regulation (GDPR) and the German Telecommunications Digital Services Data Protection Act (TDDDG).
This website is powered by and hosted with Webflow.
Provider:
Webflow, Inc.
398 11th Street, 2nd Floor
San Francisco, CA 94103
USA
When visiting this website, Webflow processes technically necessary data, including IP address, date and time of access, pages accessed, referrer URL, browser type, operating system, and technical information about the device used.
Processing is carried out for the technical provision, security, and stability of the website.
The legal basis is Art. 6(1)(f) GDPR. The legitimate interest lies in the secure and functional operation of this website.
Personal data may be transferred to the USA. Webflow bases such transfers on appropriate safeguards, in particular the EU-US Data Privacy Framework or the EU Commission’s Standard Contractual Clauses.
When you visit this website, technical access data is processed automatically. This may include in particular:
IP address
date and time of access
pages and files accessed
referrer URL
browser type and browser version
operating system used
hostname of the accessing computer
This processing is carried out for the technical provision, security and error analysis of the website.
The legal basis is Art. 6(1)(f) GDPR.
The provider does not merge this data with other data sources.
This website uses SSL/TLS encryption. You can recognize an encrypted connection by the browser's address bar starting with "https://" and a lock or security symbol being displayed.
This website uses cookies and comparable technologies.
Technically necessary cookies are used to make the website functional, secure and usable. The legal basis is Section 25(2) TDDDG and Art. 6(1)(f) GDPR.
Non-essential cookies, in particular for analytics and statistics, are only used after prior consent. The legal basis is Art. 6(1)(a) GDPR and Section 25(1) TDDDG.
Consent can be withdrawn or changed at any time with effect for the future via the cookie settings.
This website uses the FlowAppz Cookie Consent App within Webflow to obtain and manage consent for cookies and tracking technologies.
Technically necessary information may be processed, in particular selected cookie settings, the time of consent or rejection, browser information and a technical identifier to recognize the decision.
This processing is carried out to manage and document cookie consent.
The legal basis is Art. 6(1)(c) GDPR and Art. 6(1)(f) GDPR.
This website uses Google Tag Manager.
Provider is:
Google Ireland Limited
Gordon House, Barrow Street
Dublin 4
Ireland
Google Tag Manager is used to manage and trigger website tags, in particular for Google Analytics.
Google Tag Manager itself does not create user profiles and does not independently analyze user behavior. However, when it is used, technical data may be transferred to Google, in particular IP address, browser information and information on the triggering of certain tags.
Google Tag Manager is configured so that analytics tags requiring consent are only triggered after the corresponding consent has been given.
The legal basis is Art. 6(1)(f) GDPR. Where services requiring consent are triggered via Google Tag Manager, this is done on the basis of Art. 6(1)(a) GDPR and Section 25(1) TDDDG.
This website uses Google Analytics.
Provider:
Google Ireland Limited
Gordon House, Barrow Street
Dublin 4
Ireland
Google Analytics enables the analysis of this website's usage. In particular, the following data may be processed:
pages accessed
time spent on the website
click and scroll behavior
referrer URL
approximate geographic origin
browser and device information
operating system
IP address
time of access
technical identifiers and online identifiers
This processing is carried out to analyze the use of the website and to improve content, user guidance and the effectiveness of the website.
Google Analytics is only used after prior consent via the cookie banner.
The legal basis is Art. 6(1)(a) GDPR and Section 25(1) TDDDG.
Consent can be withdrawn or changed at any time with effect for the future via the cookie settings.
When using Google Analytics, personal data may be transferred to Google LLC in the USA. Google bases such transfers on appropriate safeguards, in particular the EU-US Data Privacy Framework or the EU Commission’s Standard Contractual Clauses.
When contact is made via the contact form, the information entered there is processed. The contact form only collects name, email address and message.
This processing is carried out to handle the request, for communication and, where applicable, to initiate or perform a contract.
The legal basis is Art. 6(1)(b) GDPR where the request is related to a contract or pre-contractual measures. In all other cases, processing is carried out on the basis of Art. 6(1)(f) GDPR.
The message field is a free-text field. Visitors are asked not to enter any medical diagnoses, findings, laboratory values, medication information, detailed medical histories or other particularly sensitive health information there.
Data submitted via the contact form will be deleted once the request has been finally processed and no statutory retention obligations or legitimate interests in further storage apply.
The provider’s services relate to Health & Performance Coaching. However, the provider does not provide medical, psychotherapeutic or curative services, does not make diagnoses, does not treat illnesses and does not make any healing promises.
If visitors nevertheless voluntarily submit health-related information in the message field or by email, this information will be processed exclusively to handle the request, to assess whether a coaching service may generally be suitable, or to communicate about the request. No medical assessment, diagnosis, treatment or therapy is provided.
Health-related information may constitute special categories of personal data within the meaning of Art. 9 GDPR. Such information will be treated confidentially and will not be passed on to third parties without a legal basis.
Health-related information from requests will be deleted as soon as it is no longer required to process the request and no statutory retention obligations or legitimate interests in further storage apply.
When contact is made by email, the personal data transmitted is processed. This includes in particular email address, name, content of the message and any other information voluntarily provided.
This processing is carried out to handle the request, for communication and, where applicable, to initiate or perform a contract.
The legal basis is Art. 6(1)(b) GDPR or Art. 6(1)(f) GDPR.
Personal data may be passed on to service providers where this is necessary for the operation of the website, the management of consent, the analysis of the website or the handling of requests.
This may include in particular:
Webflow
FlowAppz Cookie Consent
Google
email and communication service providers
IT service providers
Data is only passed on where there is a legal basis or where a data processing agreement has been concluded.
Personal data is stored only for as long as necessary for the respective purpose.
Data from requests will be deleted once the request has been finally processed and no statutory retention obligations or legitimate interests in further storage apply.
Contract and invoice data is stored in accordance with statutory retention obligations.
Data processed on the basis of consent is generally processed until consent is withdrawn, unless another legal basis applies for further storage.
Under the GDPR, data subjects have the following rights:
access to the personal data processed
rectification of inaccurate data
erasure of personal data
restriction of processing
data portability
objection to certain processing activities
withdrawal of consent with effect for the future
complaint with a data protection supervisory authority
To exercise these rights, contact can be made at any time using the contact details provided above.
Consent that has been given can be withdrawn at any time with effect for the future. This applies in particular to consent for Google Analytics.
Consent can be withdrawn via the cookie settings on this website or by contacting me.
The lawfulness of processing carried out before withdrawal remains unaffected.
If personal data is processed for direct marketing purposes, there is a right to object to this processing at any time.
After an objection, the affected data will no longer be used for direct marketing.
This Privacy Policy may be updated if the services used, technical processes, legal requirements or data processing activities change.
The version published on this website applies.
Last updated: May 17, 2026
.svg)
