Privacy Policy

Für die deutsche Fassung der Datenschutzerklärung, klicken Sie bitte hier an!

This is the Privacy Policy (“Policy”) for the Website, whose Owner and Operator is Emad Yacoub Hanna, Bahnhofstraße 126a, 14532 Stahnsdorf, Germany, ("Owner, We, Us and Our").
This Policy applies to Our use of any and all Data collected by Us in relation to your use of the Website and any Services or Systems therein.

1. Definitions and Interpretation

In this Policy the following terms shall have the following meanings:
"Account": means collectively the personal information, Payment Information and credentials used by Users to access Material and/or any communications System on the Website;
"Content": means any text, graphics, images, audio, video, software, data compilations and any other form of information capable of being stored in a computer that appears on or forms part of this Website;
"Cookie": means a small text file placed on your computer when you visit certain parts of this Website. This allows us to identify recurring visitors and to analyse their browsing habits within the Website.
"Personal Data"/"Data": means collectively all information that can be related to you personally as an identifiable natural person. This includes, but is not limited to, Account details and information submitted using any of our Services or Systems;
"Service": means collectively any online facilities, tools, services or information that We make available through the Website either now or in the future;
"System": means any online communications infrastructure that We make available through the Website either now or in the future. This includes, but is not limited to, web-based email, message boards, live chat facilities and email links;
"You, User, and Users": means any third party that accesses the Website and is not employed by Us and acting in the course of their employment. In this Privacy Policy, the use of masculine forms is meant to refer generally to users of any gender;
"Website": means the website that you are currently using,, and any sub-domains of this site unless expressly excluded by their own terms and conditions;
means the Service on the Website that enables the Users to order and make the payment for the courses of the Website;
"Owner, We, Us, and Our"
: means Emad Yacoub Hanna, the Owner and Operator of the Website;
"Data Controller": means the entity that determines the purposes and means for the processing of Personal Data;
"Data Processor": means the entity that processes Personal Data on behalf of the Data Controller; and
means any Sub-Processor engaged by the Data Processor or its Affiliates to assist the Data Processor in fulfilling its obligations related to the provision of Services as a Data Processor to the Data Controller.

2. Responsible Person, Data Controller and Data Processor

2.1 The Data Controller and the person responsible for data processing on this Website is 

Emad Yacoub Hanna
Bahnhofstraße 126a
14532 Stahnsdorf
Telephone number: +49 176 88470612

("hereinafter: Owner, We, Us, and Our").

2.2 The Data Processors are
  • LearnWorlds (CY) Ltd, Gladstonos 120, Foloune Building, 2nd Floor, B1, Limassol, 3032, Cyprus, Telephone number: +357 22000504, email:, ("hereinafter: LearnWorlds");
  • Stripe Payments Europe, Limited, 1, Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland, ("hereinafter: Stripe");
  • Recrea Systems, SLU ('Recrea'), Calle Bravo Murillo, 34, Las Palmas de Gran Canaria, Canary Islands 35003, Spain, ("hereinafter: Quaderno"); and
  • Zoom Video Communications, Inc, San Jose, CA, USA, ("hereinafter: Zoom"). 
2.3 The main role of the Data Processors' services is that they help Us meet the contractual obligations with the Users (Article 6, Paragraph 1, Clause b of the GDPR) and to ensure the secure, fast, and efficient delivery of our online Services through professional service providers (Article 6, Paragraph 1, Clause f of the GDPR).  These Data Processors' services include, but are not limited to the hosting of the Website and the handling of payment and value-added tax as well as providing audio/video communication facilities.
In doing so, Data Processors can store and process Personal Data gathered through the Website on their servers. Such Data may include IP addresses, contact inquiries, meta and communication data, contractual details, visitor names, Website usage statistics, and other data generated by Users of the Website.  Personal Data will be processed by the Data Processors only as much as is required to meet their performance obligations and in accordance with our instructions pertaining to this Data.
A Data Processing Agreement (DPA) is established with each of the Data Processors or a Data Processing Addendum is added to their Service Agreements for utilising their services. These agreements/Addenda are based on data protection laws and regulations to guarantee that the Personal Data of Our Website Users is processed as per our directives and in adherence to GDPR.

3. Collection of Personal Data on The Website

3.1 In the case of informative use of the Website, that is, if you, the User, do not register or otherwise provide Us with information, the following Personal Data can be collected, automatically processed and sent to our Data Processor's servers.  This is technically necessary for Us to display our website and to ensure the stability and security:
  • IP address;
  • Date and time of the request;
  • Time zone difference to Greenwich Mean Time (GMT);
  • Content of the requirement (concrete page);
  • Access status/HTTP status code;
  • Each transmitted amount of data,
  • Website from which the request comes;
  • Browser;
  • Operating system and its interface; and
  • Language and version of the browser software.

The legal basis for this processing is Art. 6 Para. 1 (f) GDPR.
If the User chooses to create an Account on the Website, they provide a name, an e-mail address, and a password, which are used to establish and manage the User's account on the Website. The email address is also used to send information, notifications, and support to the User. The name provided by the User is used for identification and recognition purposes when addressing the User's specific Service and requests. The password is stored in an encrypted format and is necessary for the User to access and use the Website's Services and System as a registered User.
We also keep a record of the registration details including the date the User created their Account.
The legal basis for this processing is Art. 6 Para. 1 (b) GDPR.
The Users can add voluntarily to their Accounts on the Website other optional Personal Data including location, their website address, their professional experience, their links on social media, and their avatars.
The legal basis for this processing is Art. 6 Para. 1 (a) GDPR.  The User's consent is given with the User's acceptance of the Terms and Conditions including Clause 6.
3.4 When the User make orders of purchase in our WebShop, it is necessary for the conclusion of the contract that they provide other Personal Data that We need for the processing of the order including their e-mail address, your address, country and credit card information.The legal basis for this processing is Art. 6 Para. 1 (b) GDPR.3.5 Unless a specific storage duration is mentioned in this Privacy Policy, Users' Personal Data shall be stored until the purpose for processing it no longer applies. However, if the User makes a legitimate request for deletion or withdraws their consent for Data processing, their Data shall be erased, unless We have other legal grounds for storing it, such as tax or commercial law retention periods. In the latter case, the data will be erased once those reasons no longer exist.
The legal basis for this processing is Art. 6 Para. 1 (f) GDPR.
3.6 We may employ the services of other third-party providers for dealing with matters that may include but are not limited to processing of payment, handling of value-added tax, delivery of purchased courses, search engine facilities, advertising, and marketing. Any Data processed by such third-party providers is used only to the extent required to perform the intended services and based on Data Processing Agreements with them.
The legal basis
for this processing is Art. 6 Para. 1 (f) GDPR.

4. Use of Cookies

4.1 In addition to the aforementioned data, Cookies are stored on your computer when you use Our Website. Cookies are small text files that are stored on your hard drive, assigned to the browser you are using and through which certain information flows to the place that sets the cookie. Cookies serve to make the Internet offer more user-friendly and more effective overall.
We use Cookies to identify you for subsequent visits if you have an Account with Us. Otherwise, you would have to log in again for each visit.
4.3 This Website uses different types of cookies, the scope and operation of which are explained in the Cookie Policy of this Website on
4.4 We have a legitimate interest in the storage of necessary Cookies for the technically error-free and optimized provision of the Services on the Website.
4.5 You can configure your cookie preferences for this Website under your profile on the Website, if you have an Account on the Website.
You can also configure your browser settings according to your preferences and decline for example to accept third-party Cookies or all Cookies. We would like to point out that you may not be able to use all the functions of this Website depending on your selection of settings.
The legal basis for this processing is Art. 6 Para. 1 (f) GDPR.

5. Collection of Personal Data When Using The WebShop

5.1 When you order in our WebShop, it is necessary for the conclusion of the contract that you provide the Personal Data that We need for the processing of your order. Mandatory data necessary for the execution of the contracts is marked separately for you when you make the payment, further details are optional.
5.2 We may also process the Personal Data you provide to send you technical information about your order.
The legal basis for this processing is Art. 6 Para. 1 (b) GDPR.

6. Collection of Personal Data When Using The Contact Form

6.1 The contact form at (“Contact Form”) may be used by you to send Us inquiries about Our courses, training events, seminars, or any other business.
6.2 When you use the Contact Form, you provide Personal Data to Us, such as your email address, name, and any additional data you may choose to provide in connection with your inquiry or request.
6.3 The Personal Data you provide through the Contact Form to Us may be used to
  • answer your inquiry or request;
  • help you make a decision about enrolment in an on-demand course, live webinar, or other types of courses;
  • receive and process your feedback, comments, complaints, and suggestions about Our Service;
  • inform you about the availability of new courses previously requested or inquired about by you through the Contact Form;
  • develop and maintain possible cooperation, when applicable; and
  • facilitate technical administration, maintenance, security, and improvements to Our Website and contact service, when applicable.
6.4 The collected Personal Data will be stored and processed only for as long as it is required for the purposes for which they have been collected, provided no exception as per Art. 17 (3) GDPR applies. Art. 17 (3) GDPR lays out the exceptional conditions for not erasing Personal Data.
6.5 When you use the Contact Form to send Us an inquiry or a request you give your consent that you authorise Us to store and process your data according to this as well as other clauses of the Policy.
This includes amongst others, using the data to answer your request, temporarily store it as reference for future requests, and to allow Us to manage improvements requested by you to Our courses.  The consent can be revoked at any time with effect for the future.
The legal basis for the processing of data subject to this Clause is Art. 6 Para. 1 (a) GDPR.

7. Collection of Personal Data When Using Post, E-Mail and Telephone Communications

7.1 When the User contacts us via post, email, or phone, we will store and process their inquiry and Personal Data (including name, address, e-mail address, and inquiry) in order to respond to the request.
If the User's inquiry relates to the fulfilment of a contract, their Personal Data will be processed under Art. 6 Para. 1 (b) of the GDPR. Otherwise, the legal basis for processing the Data is either Art. 6 Para. 1 (f) of the GDPR, where our legitimate interest is handling received inquiries, or Art. 6 Para. 1 (a) of the GDPR if the User's consent is given. The User may withdraw their consent at any time.
7.3 We will not share the User's data without their consent and only if it is necessary to fulfil their request.
7.4 We will store the Data received from the User through this type of communication until the purpose of storing the Data is no longer relevant, or until the User requests deletion or withdraws their consent. Mandatory legal requirements and statutory retention periods will still apply and stay unaffected.

8. Collection of Personal Data When Using Audio and Video Conferencing and Webinars

8.1 We utilise online conference tools to provide our Service to Users, especially for webinars and live online courses. When using the conference tool to fulfil service-related contractual obligations with Users, our legal basis is Article 6 Paragraph 1 (b) of GDPR. We may also use the conference tool to streamline communication with Users, which aligns with our legitimate interest under Article 6 Paragraph 1 (f) of GDPR.
8.2 We use Zoom's conference tools. Zoom provides a Data Processing Addendum (Zoom Global Data Processing Addendum) to their Master Subscription Agreement/Terms and Conditions for using their services. This addendum is based on applicable data protection laws and regulations to ensure that the Personal Data of our Website users is processed only according to our directives and in compliance with GDPR, when using the services of Zoom.
8.3 When We use Zoom to communicate with Users or to provide them with our Service, Zoom collects the data that users supply or use while accessing the tool, such as their email address or phone number. Zoom processes also details related to the communication process, such as start and end times of participation, number of participating Users, and other metadata.
8.4 Zoom handles all necessary technical information for the online communication, such as connection type, MAC and IP addresses, device types and IDs, operating system, client versions, camera, microphone and speaker details. Any content shared or provided within the tool while providing the Service can be stored on Zoom's servers, including cloud recordings, chat messages, photos, videos uploaded, files, and any other information shared during the conference or Webinar.
8.5 We may collect Data when communicating with Users or providing them with our Service using Zoom including name and e-mail addresses of Users when they are invited to the Zoom communication, start and end times of participation, number of participating Users, chat messages, shared photos, videos or other uploaded, files.
We will delete any Data collected by Us using conference tools upon the User's request for deletion or withdrawal of storage consent, if given, or when the purpose for storing the Data no longer applies. Cookies stored on the User's end device will remain until the User deletes them. Mandatory retention periods prescribed by law will still apply.
8.7 Our control over the Data processing procedures of Zoom, including the duration for which the User's data is stored by Zoom for their own purposes, is limited. Users can find more details regarding Data processing conducted by Zoom in their Privacy Policy. The Privacy Policy of Zoom Video Communications, Inc can be seen on this link

9. Processing of Personal Data

9.1 The storage and processing of the Personal Data is carried out on behalf of the Data Controller by LearnWorlds.  LearnWorlds stores and process the Data for as long as it is necessary for the delivery of the services.
 To deliver its services, LearnWorlds may transfer Personal Data to third-party entities, some of which are located outside of the EEA (European Economic Area). To comply with the law requirements regarding transferring Personal Data to third countries, as outlined in Chapter 5 of GDPR, LearnWorlds shall ensure an adequate level of protection for any transferred Personal Data in line with Data Processor's obligations.
9.3 In the event that Personal Data is transferred from a Member State of the European Economic Area to a recipient or country that is not acknowledged by the European Commission as having an adequate level of protection, the applicable standard contractual clauses for the Transfers of Personal Data to Processors Established in Third Countries (Module Three -data processor to data processor) will be utilised.
9.4 If Personal Data is transferred by LearnWorlds to third-party Sub-Processors, it shall be transferred strictly subject to the terms of a suitable agreement.
9.5 LearnWorlds maintains security measures for all Personal Data received from or processed on behalf of the Data Controller. The standard of security will be appropriate to the potential harm from unauthorised processing, accidental loss, damage, or destruction of the Personal Data, as well as the nature of the Personal Data.
9.6 LearnWorlds implements various technical and organisational data protection measures, including a security policy, virus protection, preventing unauthorised access, pseudonymisation, secure storage and transfer of Personal Data, personnel reliability, breach detection and handling, secure backup and disposal methods, and separate processing of data collected for different purposes.  The Security Policy of LearnWorlds can be consulted on the following link
The legal basis
for the processing of data subject to this Clause is Art. 6 Para. 1 (f) GDPR.

10. Processing of Personal Data of Payment

10.1 Users can complete the payment for the paid Services on the Website by using credit cards. The payment and the associated Personal Data of Users are processed by Stripe, which processes the data on behalf of the Data Controller to facilitate payment transactions, and to service the Stripe platform.  The processing takes place for as long as it is needed to provide the Stripe's services to the Data Controller.
10.2 Stripe shall not sell, use, or disclose Personal Data for any purpose other than performing services and complying with the law.
10.3 Stripe may engage Sub-Processors and Affiliates as necessary, which are essential to provide the Services. Stripe will enter into a written agreement with each Sub-Processor that imposes on that Sub-Processor obligations comparable to those imposed on Stripe, including implementing appropriate data security measures.  The current list of Stripe Service Providers, Sub-Processors and Affiliates can be seen on this link
Stripe shall ensure that authorised personnel access Personal Data on a need-to-know basis and are committed to confidentiality.
10.5 Stripe shall implement a comprehensive security program and policies for managing security, risk, personnel education and controls, training and awareness, network and operations management, technical access controls, physical access controls, availability controls, disclosure controls, entry controls, and separation controls. The Data Processing Agreement including the Data Security policy of Stripe can be consulted on the following link
The legal basis
for the processing of data subject to this Clause is Art. 6 Para. 1 (b) GDPR.

11. Processing of Personal Data of Value-Added Tax

11.1 When Value-Added Tax applies to orders of paid Service on the WebShop, Quaderno, a service provided by Recrea Systems, SLU ('Recrea'), Calle Bravo Murillo, 34, Las Palmas de Gran Canaria, Canary Islands 35003, Spain, ("hereinafter: Quaderno") acts as the Data Processor that handles this tax, processes and stores the Personal Data associated with it. Quaderno shall process and store that Personal Data for as long as the processing is required to deliver Quaderno's services to the Data Controller.
11.2 Quaderno guarantees adherence to applicable data protection legislation and regulations and commits to using Personal Data solely for providing Services and fulfilling obligations outlined in the Data Processing Agreement.
11.3 Quaderno may employ Sub-Processors to deliver the services. The Sub-Processors shall be bound by data protection agreements with the Quaderno, in accordance with the prevailing data protection laws, to guarantee that a satisfactory degree of data protection is maintained.
11.4 The main data servers of Quaderno are situated in data centers located within the EU. If Data needs to be transferred from a country within the European Economic Area to a country outside of it, Quaderno will obtain the consent of the Data Controller and take measures to protect the Personal Data including the application of the EU-approved standard contractual clauses to ensure proper protection of Personal Data.
11.5 Quaderno implements several technical and organisational security measures to ensure the security of Users' Data as outlined in the Data Processing Agreement. Additionally, the Security Policy of Quaderno can be seen on the following link
The legal basis for the processing of data subject to this Clause is Art. 6 Para. 1 (b) GDPR.

12. Your Rights

You have the following rights with regard to your personal data.
12.1 Right to access your data, whereby, the User has the right under Article 15 of GDPR to obtain confirmation from Us on whether their Personal Data is being processed or not. If it is being processed, the User has the right to obtain a copy of their Personal Data that is undergoing processing.
12.2 Right to rectification, whereby Article 16 of GDPR, Users have the right to request Us to rectify any inaccurate Personal Data concerning them. Additionally, Users have the right to have incomplete personal data completed by providing a supplementary statement.
12.3 Right to erasure, whereby Users have the right to request from Us the deletion of their personal data as per Article 17(1)of GDPR, except when any of the exceptions listed in Article 17(3) of GDPR apply.
12.4 Right to revoke consent, whereby Users have the right to withdraw their consent for Data processing, as described in Clause 6, at any time and with future effect. This can be done by sending a simple declaration via email to
12.5 Right to object to processing on the basis of legitimate interests, whereby, if processing of data is based on Art. 6 Para. 1 (f) of GDPR ("legitimate interests"), the User has the right to object to the processing of their Personal Data at any time under Article 21 of GDPR. If the User objects, We will no longer process their personal data, except for cases where the processing is necessary for legal claims, or We can prove necessary legitimate grounds for the processing that outweigh the User's interests, rights, and freedoms. In such cases, Services that rely on such processing will no longer be available to the User.
If the User's Personal Data is processed for direct advertising, the User has the right to object at any time to the processing of their Personal Data for such advertising purposes; this also applies to profiling to the extent related to such direct advertising. If the User objects, the User's Personal Data will no longer be used for direct advertising purposes.
12.6 Right to restrict the processing of your data, whereby, under Article 18 (1) of GDPR, Users, in certain cases, have the right to request that the processing of their Personal Data be restricted. Those cases are detailed in Art. 18 (1) of GDPR.
12.7 Right to portability, whereby under Article 20(1) of GDPR, Users have the right to receive their Personal Data that they have provided to Us in a structured, commonly used, and machine-readable format. Additionally, they have the right to transmit this data to another data controller in certain circumstances. However, this will only be done to the extent that it is technically feasible.
12.8 Right to lodge a complaint with a supervisory authority, whereby under Article 77 of GDPR, Users have the right to lodge a complaint with a supervisory authority if they believe that the processing of their Personal Data violates the GDPR. The complaint can be filed with the supervisory authority in the Member State where the User resides, works, or where the alleged infringement took place. The User should refer to their local data protection authority for more information. The European Commission website can also be consulted for reference.

13. Changes to This Privacy Policy

We reserve the right to change this Privacy Policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Website and you are deemed to have read the terms of the Policy on your first use of the Website following the alterations.
Created with