This Privacy Policy explains how your personal data is collected, used, and protected when you visit our website or use our services. We are committed to handling your data responsibly and transparently, in compliance with applicable laws such as the General Data Protection Regulation (GDPR) and, where applicable, the California Consumer Privacy Act (CCPA).
1. General Information
We take the protection of your personal data seriously. This policy outlines what data we collect, why we collect it, how we use it, and what rights you have regarding your information. We treat your personal data confidentially and in accordance with statutory data protection regulations.
Please note that data transmission over the Internet (e.g., email communication) can have security vulnerabilities. Complete protection of data from access by third parties is not possible.
Controller
Martin Koban
Bahnhofstraße 2a
02733 Cunewalde, Germany
Email: legal@martinkoban.com
Phone: +49 (0) 35877 713 638
The controller is the natural or legal person who determines the purposes and means of processing personal data.
2. What Data We Collect
We collect personal data that you voluntarily provide to us—for example, when filling out a contact form, subscribing to our newsletter, or sending us an email. This data may include your name, email address, phone number, postal address, and any other information you choose to share.
We also collect technical data automatically when you access our website. This may include your browser type and version, operating system, referrer URL, hostname of the accessing computer, time of the server request, and your IP address (stored in anonymized form).
3. How and Why We Use Your Data
We use your data exclusively for the purposes for which it was collected, including:
- Responding to your inquiries via the contact form
- Sending newsletters (with your consent)
- Fulfilling orders (via our reseller Paddle.com)
- Improving website stability, performance, and security using anonymized data
Your data is not used for advertising or profiling purposes.
4. Legal Basis for Processing
We process your data based on:
- Your consent (Art. 6(1)(a) GDPR)
- Contractual necessity (Art. 6(1)(b) GDPR)
- Legal obligations (Art. 6(1)(c) GDPR)
- Legitimate interests (Art. 6(1)(f) GDPR), particularly for website improvement and IT security
5. Data Storage and Retention
We retain your personal data only as long as necessary for the purposes stated or to comply with legal retention periods. Data that is no longer needed is deleted after 60 days unless longer retention is required.
You may request deletion of your personal data at any time. We may retain certain data to meet legal obligations or to establish, exercise, or defend legal claims.
6. Data Security
We implement appropriate technical and organizational measures to protect your data, including SSL encryption during data transmission and access control for stored data.
7. Your Rights
You have the following rights under the GDPR:
- Access to your data
- Rectification of inaccurate data
- Erasure of your data
- Restriction of processing
- Data portability
- Objection to processing
- Withdrawal of consent (without affecting prior processing)
You may also file a complaint with a supervisory authority:
Supervisory Authority
Landesbeauftragte für den Datenschutz und für das Recht auf Akteneinsicht Brandenburg
Stahnsdorfer Damm 77, 14532 Kleinmachnow, Germany
Email: poststelle@lda.brandenburg.de
Website: www.lda.brandenburg.de
8. Newsletter
If you subscribe to our newsletter, we use your email only to send you the requested updates. We require your explicit consent and you can unsubscribe at any time.
We use Aweber (Aweber Systems Inc., USA) as our email marketing service provider. Aweber is certified under the EU-U.S. Data Privacy Framework and bound by GDPR-compliant data processing agreements.
9. Course Platforms and Cookies
Our main website (martinkoban.com) does not use cookies or similar tracking technologies.
Our course platforms (e.g., kneereboot.com, knieneustart.de, toughtendons.com) use technically necessary cookies for login, navigation, and session management. These are essential and cannot be disabled.
Third-party cookies (e.g., for embedded videos via Vimeo) are only activated after your explicit consent and are valid for the current session only.
You can delete or block cookies at any time via your browser settings. For more information, see our Cookie Policy.
10. Server Log Files
Our server automatically collects anonymized log file data, including:
- Browser type/version
- Operating system
- Referrer URL
- Hostname
- Time of request
- IP address (anonymized)
This data is used for security and performance analysis and is not linked to any individual.
11. Web Analytics
We use a privacy-focused, anonymous conversion tracking system that does not use cookies or transmit personal data to third parties.
Processing is based on our legitimate interest in improving our services (Art. 6(1)(f) GDPR).
12. Embedded Content and Third-Party Services
Vimeo
We embed videos from Vimeo (Vimeo.com, Inc., USA). Cookies are only set after your consent. Data may be transferred to the U.S., where data protection laws may differ.
- Purpose: Video playback
- Legal basis: Consent (Art. 6(1)(a) GDPR)
- Duration: Session-based
- Transfer: USA
More info: https://vimeo.com/privacy
YouTube
We embed YouTube videos (YouTube LLC, USA). When you play a video, data may be transmitted to YouTube. If you are logged in to a YouTube account, your viewing behavior may be linked to your profile.
Use is based on your consent (Art. 6(1)(a) GDPR).
Google Web Fonts
We use Google Web Fonts to display fonts consistently. Your browser connects to Google servers, which may log your IP address. This is based on your consent (Art. 6(1)(a) GDPR).
13. Children’s Privacy
This website is not intended for children under 13. We do not knowingly collect data from children. If such data is submitted, we will delete it immediately. Changes to this policy will include parental consent requirements if needed.
14. International Data Transfers
Some providers (e.g., Google, Meta/Facebook, Aweber, Paddle) are based in the U.S. or other non-EU countries. Data transfers are protected by EU Standard Contractual Clauses or participation in the EU-U.S. Data Privacy Framework. Copies of these safeguards are available upon request.
We do not sell, rent, or trade your personal data. Data is only shared where necessary for services, legal compliance, or with your explicit consent.
15. Consent Management
By logging in to the course platform you consent to use of essential and non-essential cookies. Without these cookies, the course website is non-functional. Your consent can be changed at any time by logging out of the course platform. Your consent is valid only for the current session and automatically expires when you log out of the course platform.
You can delete or block cookies at any time via your browser settings.
Processing is based on:
- Legal obligation (Art. 6(1)(c) GDPR)
- Legitimate interest (Art. 6(1)(f) GDPR) in compliant and user-friendly consent management
16. Updates to This Privacy Policy
We reserve the right to amend this privacy policy to reflect legal, technical, or business developments. Major changes will be announced on our website. Continued use of the site constitutes acceptance of the updated policy.
Please keep your contact details up to date. If you disagree with changes, you may request account deletion and data removal.