Huebner Management

Privacy policy

1 Preamble

The protection of your personal data is very important to Hübner Management GmbH (hereinafter "HM"). Therefore, only the data that is absolutely necessary is collected. HM manages the collected data with due care and processing only takes place on the basis of the legal provisions of the European Data Protection Regulation (hereinafter DSGVO) and the data protection regulations applicable in Liechtenstein. In the following, you will be informed in detail about, among other things, which of your personal data is collected by HM, for what purposes it is used, with whom it is shared and what control and information rights you have.

This Privacy Policy applies to all services offered by HM in relation to the website.

Hübner Management GmbH, Birkenweg 6, 9490 Vaduz, Principality of Liechtenstein is responsible for the processing of personal data within the scope of HM's services within the meaning of the GDPR.

The company data protection officer of Hübner Management GmbH can be reached at the above address or at the e-mail address

The company reserves the right to adjust the statement if necessary. In case of such adjustments, you should check whether you agree with the changes.

This privacy policy also applies to persons who do not have a contractual relationship but whose data is processed for other reasons (e.g. persons who write to us or otherwise contact us; visitors to our websites; recipients of information and marketing communications; contact persons of our suppliers; customers and other business partners; participants in competitions, prize draws and customer events; visitors to our premises).

HM's Services are not intended for minors (i.e., persons under the age of 18), and we do not knowingly collect personal information from minors. If you are under the age of 18 or under the age of majority in your jurisdiction, you are not eligible to apply for, register for, or use HM's Services.

It is imperative that the personal information we have about you is accurate and up-to-date at all times. Failure to do so will affect our ability to provide you with our Services. Please inform us if your personal data changes during your relationship with us. For your right to rectify the data processed, please refer to Section 3a of the Privacy Policy.

Our Services may contain links to third-party websites, plug-ins, and applications. When you click on these links or enable these connections, third parties may collect or share information about you. We have no control over these third party websites and are not responsible for their privacy notices, statements or policies.

2 Scope of the processing of personal data

a) Personal data

Personal data is any information by which a natural person can be directly or indirectly identified. This includes, for example, first name, last name, e-mail address, date of birth or place of birth.

The company collects, processes and uses your personal data exclusively in accordance with the requirements of Art. 5 and 6 DSGVO (contract, legal obligation, legitimate interest or consent of the data subject).

We only collect personal data that is required for the implementation and processing of our services or that you have provided voluntarily.

Data processed by HM:

- Inventory data (e.g. names and dates of birth, user name and password)

- Contact details (e.g. e-mail, telephone numbers, billing address)

- Content data (e.g. text input, photographs, videos)

- Usage data (e.g. use of our course offerings and coaching sessions)

We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data is derived from your personal data, but is not considered personal data for the purposes of the GDPR because it does not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a particular feature of the Site and/or Platform. However, if we combine or link aggregated data with your personal data so that it can directly or indirectly identify you, we will treat the combined data as personal data used in accordance with this Privacy Policy.

b) Sources of personal data

We process personal data that we receive from you in the context of contacting you or establishing a contractual relationship or in the context of pre-contractual measures (Art. 13 DSGVO). If the data is not collected from you but from other sources, you will also be informed within a reasonable period of time in accordance with Art. 14 DSGVO.

c) Processing of personal data

The Company is subject to confidentiality and secrecy obligations that can be derived from data protection law, contract law or professional secrecy. When processing personal data, the company is bound by these obligations. The processing of personal data of our users is limited to those data that are necessary for the provision of a functional website and our content and services. Thus, the processing of personal data is carried out (i) for the performance of the contract, (ii) to comply with our legal obligations, (iii) to pursue our legitimate interests, and (iv) to fulfill obligations in the public interest (e.g., to prevent or detect criminal acts). We only collect personal data that is actually required for the performance and execution of our tasks and services or that you have voluntarily provided to us.

As a rule, personal data is processed on the basis of a contractual relationship, i.e. for the purpose of establishing, managing and implementing the business relationship. In addition, data processing is carried out for the purpose of cultivating and maintaining customer relations and for self-promotion purposes.

3 Your rights (data subject rights)

a) Right to information

You have the right to request information about your personal data processed by us. In particular, you may request information about the purposes of processing, the categories of personal data or the planned storage period. A request for information must be sent in writing to the data controller together with proof of identity.

After receipt of your request for information, you will be informed within the statutory period of 30 days whether your request for information can be complied with. The information may be refused, restricted or postponed if this is required by law or due to the overriding interest of a third party or the requested company.

The request for information may be combined with a request for correction or deletion of data.

b) Right of rectification or erasure

You have the right to request, in writing and free of charge, the rectification or deletion of data concerning you, insofar as they are inaccurate or have been wrongly stored or processed. A justified request for rectification or deletion must be addressed to the data controller, accompanied by proof of identity.

Your request for correction or deletion will be processed within a reasonable period of time after receipt. The completion of your request for correction or deletion will subsequently be confirmed to you.

c) Right of objection or revocation

You have the right to object in writing to the processing of data concerning you, in whole or in part, or to withdraw your consent to data processing. An objection or revocation must be sent in writing to the data controller together with proof of identification.

The receipt of your objection or revocation will be confirmed to you and subsequently the data concerned will be deleted.

Compliance with an objection or revocation may, under certain circumstances, be precluded by legal regulations. In such a case, the company will only process the data concerning you to the extent necessary to fulfill its legal obligations.

d) Blocking right

You have the right to block the data concerning you from being disclosed to third parties. A request for blocking must be sent in writing to the person responsible, enclosing proof of identity.

Receipt of your request for blocking will be confirmed and your request will be processed within a reasonable period of time.

e) Right of appeal

If you believe that the processing of your personal data by us is contrary to the applicable data protection provisions, you have the right to lodge a complaint with the competent Liechtenstein supervisory authority. You may also contact another supervisory authority of an EU or EEA member state, for example at your place of residence or place of work or at the place of the alleged violation.

The contact details of the data protection authority responsible in Liechtenstein are as follows:

Liechtenstein Data Protection Authority
Städtle 38
PO Box 684
9490 Vaduz
+423 236 60 90

4 Hosting

External hosting

This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster's servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact data, names, website accesses and other data generated via a website.

The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO). Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.

Our hoster will only process your data to the extent necessary to fulfill its service obligations and will follow our instructions regarding this data.

We use the following hoster:

Infomaniak Network Inc.
Rue Eugène Marziano 25
CH-1227 Les Acacias (GE)

Job processing

We have concluded an order processing agreement (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that this provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

5 Cookie Management with the DSGVO Pixelmate

In order to make the best use of the services we use and to respect your decision in accordance with the law, we use DSGVO Pixelmate, developed by Christian Wedel ( and Sabrina Keese-Haufs ( When you visit our website, you can use Pixelmate to control which of the services we use you want to agree to. For each service we use, your decision is stored separately. You can change this setting at any time by using the "cookies" link located at the bottom left of the website. Pixelmate does not store any personal data.

The legal basis for the data processed by cookies is Art. 6 (1) lit. f DSGVO.

The cookies retain their validity for a maximum of 1 year and are then deleted by your browser.

6 Use of Facebook social media plugins

No social media plugins are currently used on this website.

7 Use of contact details

The use of contact data published within the scope of the imprint obligation for the transmission of not expressly requested advertising and information materials is hereby contradicted. We expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

8 Transfer of personal data to third parties

Personal data may be disclosed to third parties acting on behalf of HM to process the personal data in accordance with its underlying purpose, for example, fulfillment of the services offered, evaluation of user behavior of the website or technical support. These third parties are contractually bound by HM, through agreements provided for by law, to use personal data only for the agreed purpose or not to disclose your personal data to other parties without authorization, unless required by law. If you would like more information about HM's data processors, please feel free to contact us at the address listed in Section 1. If other categories of recipients of personal data arise in the context of future data collection, HM will inform you of this at the time of collection of this information for this purpose.

Personal data may be disclosed in particular to the following third parties:

- External Third Parties.

- Suppliers and outside agencies we engage to process information on our behalf and/or your behalf, including to provide you with information and/or materials you request.

- Our subsidiaries, affiliates and agents as necessary to facilitate your relationship with us.

- The Data Protection Authority, supervisory authorities, law enforcement authorities and other authorities that may require reporting of processing activities or request information from us under applicable law and in certain circumstances.

- third parties to whom we may sell, transfer or combine parts of our business or assets (successors in title). Alternatively, we may seek to acquire or merge with other businesses. If our business changes, the new owners may use your personal information in the same manner and for the same purposes as set forth in this policy.

A transfer of personal data may be necessary under the following circumstances:

- If we are under a duty to disclose or share your personal data in order to comply with a legal obligation, judgment or order of a court or governmental authority; or

- If we believe that your actions are inconsistent with our terms and conditions or policies, or to protect the rights, property, or safety of HM or others; or

- In connection with or during negotiations for a merger, sale of company assets, financing or acquisition of all or a portion of our business by another company; or

- When we have your consent or at your direction.

We may also share aggregated or de-identified information that cannot be used to identify you.

The Company transfers your personal data only to countries that have been certified by the EU Commission as having an adequate level of data protection. If the Company transfers your personal data to countries that do not have an adequate level of data protection, the Company will take steps to ensure the protection of your data by contracting with recipients in those countries under the standard contractual clauses (2010/87/EC[2] and/or 2004/915/EC[3]).


We offer the option of processing payment transactions via the following payment service provider:

Stripe Technology Europe, Limited (Stripe)
The One Building. 1
Lower Grand Canal Street
Dublin 2

This corresponds to our legitimate interest in offering an efficient and secure payment method (Art. 6 para. 1 lit. f GDPR). In this context, we pass on the following data to Stripe insofar as it is necessary for the fulfillment of the contract (Art. 6 para. 1 lit. b. GDPR).

- Cardholder name

- E-mail address

- Customer number

- Order number

- Bank details

- Credit card data

- Credit card validity period

- Credit card verification number (CVC)

- Date and time of the transaction

- Transaction amount

- Provider name

- Place

The processing of the data provided under this section is not required by law or contract. We cannot process a payment via Stripe without the transmission of your personal data.

Stripe has a dual role in data processing activities as a controller and processor. As a controller, Stripe uses your submitted data to fulfill regulatory obligations. This corresponds to Stripe's legitimate interest (pursuant to Art. 6 (1) lit. f DSGVO) and serves the performance of the contract (pursuant to Art. 6 (1) lit. b DSGVO). We have no influence on this process.

Stripe acts as an order processor in order to be able to complete transactions within the payment networks. Within the scope of the order processing relationship, Stripe acts exclusively according to our instructions and has been contractually obligated within the meaning of Art. 28 DSGVO to comply with the provisions of data protection law.

Stripe has implemented compliance measures for international data transfers. These apply to all global activities where Stripe processes personal data of individuals in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs).

For more information on opt-out and removal options with respect to Stripe, please visit:

Your data will be stored by us until the completion of the payment processing. This also includes the period required for the processing of refunds, claims management and fraud prevention.

9 Protection of personal data

The company takes appropriate technical and organizational measures with regard to data processing and data storage as well as with regard to its Internet presence in order to protect all data from loss, unauthorized access or misuse.

Regardless of the measures taken to protect the data, you must be aware that data transmission via

the Internet - this applies to both websites and e-mail services - is uncontrolled and cross-border. Even if the sender and the recipient are located in the same country, data may be transmitted across borders. The company can therefore not guarantee the confidentiality of data transmitted via the Internet. If you disclose personal data via the Internet, you must be aware of the fact that third parties may access, read, modify, falsify, monitor, destroy or misuse this information. Data transmission may also be delayed. Furthermore, data may be lost during transmission. Furthermore, third parties could draw conclusions about existing business relationships. Therefore, the company cannot accept any responsibility for the security of your data during transmission via the Internet and rejects any liability for direct or indirect damage.

10 Newsletter

Newsletter data

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the specified e-mail address and agree to receive the newsletter. Further data is not collected or only on a voluntary basis. For the handling of the newsletter we use newsletter service providers, which are described below.


We use MailPoet on our website, a WordPress plugin for our email marketing. The service provider is the Irish company:

Aut O'Mattic A8C Ireland Ltd
Grand Canal Dock
25 Herbert Pl
Dublin, D02 AY86

You can find out more about the data that is processed through the use of MailPoet in the privacy policy at

What data is processed?

If you become a subscriber to our newsletter via our website, you confirm your membership of an e-mail list by e-mail. In addition to your IP address and e-mail address, your title, name, address and telephone number may also be stored. However, only if you consent to this data storage. The data marked as such is necessary so that you can participate in the service offered. Providing this information is voluntary, but if you do not provide it, you will not be able to use the service. In addition, information about your device or your preferred content on our website may also be stored. We record your declaration of consent so that we can always prove that it complies with our laws.

Legal basis

The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time for the future.

Storage duration

The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after unsubscribing from the newsletter or after the purpose has ceased to exist. We reserve the right to delete or block e-mail addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest pursuant to Art. 6 (1) lit. f DSGVO. Data that has been stored by us for other purposes remains unaffected by this.

After you have unsubscribed from the newsletter distribution list, your e-mail address will be stored by us or the newsletter service provider in a blacklist, if necessary, to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) f DSGVO). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

Job processing

We have concluded an order processing agreement (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that this provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

11 Contact form

If you send us inquiries via contact form or e-mail, your data including the contact information you provided will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.

The processing of the entered data is therefore based exclusively on your consent. You can revoke this consent at any time. For this purpose, an informal communication by e-mail to us is sufficient (the contact details are given in this statement). The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

12 Data collection from job applicants

By submitting your application documents, you consent to the processing of personal data for the purpose of our personnel selection. This data includes name, title, address, telephone number, date of birth, education, work experience, as well as those data and images that are included, for example, in the cover letter, resume, letter of motivation, references or other documents submitted to us.

Your data will not be disclosed to third parties without your consent. There is also no automated decision-making according to Art. 22 DSGVO. Data processing is based on the legal provisions of Art. 6 para. 1 lit. a (consent) and lit. b (necessary for the performance of the contract) of the DSGVO. If no employment takes place, we delete your data within 6 months in order to be documented for any legal proceedings. At your request, we will delete the data immediately if the application process does not lead to employment.

13 Courses, coaching and community

For bookings of our courses, coachings and for participation in our community you have to register once and define a username and a personal password. On future visits to our website, you can log in with your username and password and do not have to re-enter your address and payment information for each order process. Your password is stored in encrypted form and cannot be viewed by us.

When registering, you must provide your name and email address, and for individual services, your dates of birth or the date and place of incorporation of your company. For payment transactions we use the provider Stripe (see above). In order for us to store the registration data (as your personal customer account), your express consent is required. At the appropriate place on the registration page, we first inform you comprehensively about the purpose and scope of data processing. You can then give your declaration of consent by activating a checkbox. Your declaration of consent will be logged by us; in doing so, we will store your name, e-mail address, the corresponding location on the website, as well as the date and time.

You have the option to informally revoke your declaration of consent at any time. The revocation is to be sent to the address in chapter 1 of this privacy policy.

The data of your orders will also be stored in your customer account.

We use the personal data collected during registration and ordering exclusively for the proper processing of your order.

You can view the data in your customer account at any time and change it yourself. If you update information, we keep a copy of your original information stored to clarify any issues between you and us.

You can object to the use of the data for the purpose just mentioned at any time. In this case, a complete registration is required again for each order. The objection should be sent to the address in chapter 1 of this privacy policy.

We delete all data that we do not have to keep due to legal requirements, e.g. in accounting, as soon as the order is completed.

You have the option to delete your customer account at any time, as soon as no booking is open.


We use ChatGPT via our API to provide you with an improved user experience in our online service. The data transmitted to ChatGPT via the API is used to respond to your requests, answer your questions and personalize your user experience. The data transmitted to ChatGPT via our API may include text messages, user interactions and other information needed to provide the chat function in our Service.

OpenAI is responsible for data processing:

OpenAI Ireland Limited
"The Liffey Trust Center"
117-126 Sheriff Street Upper
Dublin 1, D01 YC43

We use ChatGPT as a third-party service from OpenAI. Please refer to OpenAI's privacy policy on their website for information on how OpenAI processes your data. The processing of your data is based on our legitimate interest in improving our services and fulfilling our contract with you as a user of our online service.

Privacy policy of OpenAI

The data processed by ChatGPT is stored for the period required to fulfill the above-mentioned purposes. We delete this data when it is no longer required or if you so request. We have implemented appropriate security measures to protect your data from unauthorized access or misuse. You have the right to access, rectify, erase and object to the processing of your personal data.


This website contains at least one plugin from YouTube, which belongs to Google Inc. based in San Bruno/California, USA.

We use the YouTube no-cookies function, i.e. we have activated extended data protection, videos are not accessed via, but via

YouTube provides this itself and thus ensures that YouTube does not initially store any cookies on your device. However, when the relevant pages are accessed, the IP address and the other data mentioned in section 4 are transmitted and thus, in particular, which of our Internet pages you have visited. However, this information cannot be assigned to you if you are permanently logged in to YouTube or another Google service when you access the page.

As soon as you start playing an embedded video by clicking on it, YouTube only stores cookies on your device through the extended data protection mode, which do not contain any personally identifiable data, unless you are currently logged in to a Google service. These cookies can be prevented by making the appropriate browser settings and extensions.

The body responsible for data processing at Google/YouTube:

Google Ireland Limited
Gordon House
Barrow Street
Dublin 4

Privacy policy:
Privacy Shield:


This website uses the YouTube embedding function to display and play videos from YouTube. We use the extended data protection mode, which, according to the provider, only starts storing user information when the video is played. The moment playback of the embedded video is started, YouTube uses cookies to collect information about user behavior.

According to information from YouTube, these are used, among other things, to record video statistics, improve user-friendliness and prevent abusive behavior.

Irrespective of playback of the embedded videos, a connection to the Google "DoubleClick" network is established each time this website is accessed, which may trigger further data processing operations without our influence.

Further information on data protection at YouTube can be found in the provider's privacy policy at:

14 Contact

When contacting us by e-mail or other electronic message, your information will only be stored for the processing of the request and possible related further questions and used only in the context of the request. The legal basis for processing your request is Art. 6 para. 1 p. 1 lit. b DSGVO. We will delete your email address after your request has been dealt with.

If you have any questions regarding data protection and data processing, please contact the person responsible or the data protection officer in writing.