1. Responsible party

THS Academy
606 W 3rd Ave.
Spokane, WA 99201
USA

Email info@ths-akademie.de

Data Protection Contact

For all questions regarding data protection and the exercise of your rights, you can contact the following email address:

Email dataprotecetion@ths-academy.com

3. Hosting and Server Log Files

When accessing our website www.ths-homeschooling.com Information is automatically sent to our server by the browser used on your end device and stored in so-called server log files. These include in particular:

• Browser type and browser version

• Operating System Used

• Referrer URL (previously visited page)

• Hostname of the accessing computer

• Server request time

• IP address

This data is technically required to deliver the website correctly, ensure stability and security, and enable analysis in case of errors.

The legal basis is Art. 6(1)(f) GDPR (legitimate interest in a stable, secure, and user-friendly provision of the website). These data are not combined with other data sources. The log files are deleted as soon as they are no longer necessary for the purposes for which they were collected.

3.1 Content Delivery Networks and Security

To secure our website and optimize content delivery, we use a Content Delivery Network (CDN) and security services from Cloudflare Inc. or Cloudflare Ltd. When you visit our pages, requests are routed through Cloudflare's servers. This may involve processing your IP address, the pages you access, the date and time of access, and technical browser information.

The use is based on our legitimate interest in the stable and secure provision of our website (Art. 6(1)(f) GDPR).

To the extent that a transfer to third countries (e.g., the USA) takes place, we base this on appropriate safeguards within the meaning of Art. 46 et seq. GDPR (e.g., standard contractual clauses of the EU Commission and complementary protective measures, where necessary).

4. General Legal Basis for Data Processing

We process personal data to the extent necessary:

• for the preparation and execution of training and apprenticeship contracts, online classes, courses, and seminars (Art. 6 para. 1 lit. b GDPR),

• to answer inquiries and communicate with interested parties, parents, and students (Art. 6 (1) lit. b and lit. f GDPR),

• based on consent, e.g. for newsletter registration (Art. 6 para. 1 lit. a GDPR),

• to fulfill legal obligations (Art. 6 Para. 1 lit. c GDPR).

To the extent we process special categories of personal data, particularly information about religious or philosophical beliefs (e.g., within the scope of our Christian profile), this is done on the basis of Art. 9(2)(d) GDPR (processing by an ecclesiastical or ideological organization) and, if applicable, in addition on the basis of your explicit consent (Art. 9(2)(a) GDPR).

5. Special notes on processing children's data

Our services are specifically aimed at school-aged children and adolescents. However, the contractual partners and primary contacts are usually the parents or legal guardians.

We collect data from children during registration and course execution only to the extent necessary for admission, care, performance evaluation, and communication (e.g., child's name, date of birth, grade, email address for learning portal login).

Since legal guardians are our contractual partners, registration is always done by parents or legal guardians.

We do not share personal data of children with third parties, unless it is necessary for the fulfillment of the educational relationship or required by law.

6. Data Processing on Our Website

6.1 Contact Form

If you send us an inquiry via a contact form on the website, we will process the data you enter (e.g., name, email address, message) to process your inquiry and for possible follow-up questions.

The legal basis is generally Article 6(1)(b) GDPR (pre-contractual measures) or Article 6(1)(f) GDPR (legitimate interest in responding to inquiries). The data will be deleted as soon as your request has been finally processed and there are no legal retention obligations to the contrary.

6.2 Information Meeting Registration

With the info meeting form, interested parties can register for an online information meeting. In doing so, we process in particular:

• Name

• Email address

• if applicable, number and age of children

• Further voluntary information

We use this data to send you the dial-in details, to prepare for the info meeting, and to clarify any subsequent questions.

The legal basis is Article 6(1)(b) GDPR (pre-contractual measures) or Article 6(1)(f) GDPR (legitimate interest in efficient information for prospects).

6.3 Children's Registration Form

Parents can register their children for our online classes using the registration form. The following data, among others, will be collected:

• Number of children to register

• Parental details (Name, email address, address, Telegram username if applicable)

• if applicable, details on planned emigration

• Child's Information (First Name, Last Name, Child's Email Address, Place of Birth, Date of Birth, Desired Grade Level)

• Free text message (Message/Parental notes)

We process this data to review enrollment, plan lessons, create access to the learning portal, and communicate with parents.

The legal basis is Article 6(1)(b) GDPR (contract conclusion and performance) and Article 6(1)(f) GDPR (legitimate interest in efficient school organization).

At the end of the form, we will obtain your consent for the processing of the provided data. You may revoke your consent at any time with future effect, e.g., by email to dataprotection@ths-academy.com.

6.4 Application Form

When you apply through our career portal, we process the data you provide (e.g., name, contact details, resume, cover letter, attachments) for the purpose of reviewing your application and making a decision about establishing an employment relationship.

The legal basis is Art. 6(1)(b) GDPR and, if applicable, Art. 6(1)(f) GDPR (legitimate interest in orderly applicant management). In the event of rejection, application documents will be deleted within a reasonable period after completion of the process, unless there are statutory retention obligations or you have agreed to longer storage.

6.5 Test Evaluations and Email Information on Test Results

Occasionally, we offer voluntary online tests (e.g., for orientation or self-assessment). As part of these tests, we may process the following data:

• Name

• Email address

• Test result

• Optional, age, or other voluntary information

We use this data to send you the result and subsequently to send you further relevant information about our offer or similar topics via email.

The legal basis is your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time with future effect, e.g. via an unsubscribe link in the emails or by email to dataprotection@ths-academy.com.

6.6 Newsletter (MailerLite)

If you subscribe to our newsletter, we will require your email address and your confirmation that you are the owner of the email address and agree to receive the newsletter. For distribution, we use the MailerLite service from MailerLite Limited (Ireland / EU or with appropriate guarantees).

Registration is usually done using the so-called double opt-in procedure: After registering, you will receive an email in which you must confirm your registration.

We use your data exclusively for sending the newsletter and, if applicable, for evaluating whether newsletters are opened and links are clicked, in order to improve our content.

The legal basis is your consent (Art. 6 (1) (a) GDPR). You can withdraw your consent at any time with future effect, e.g. via the unsubscribe link in the newsletter or by emailing us.

The data stored for the newsletter will be deleted once you unsubscribe, unless there are further statutory retention obligations.

6.7 Blog Comments

In our blog, users can leave comments. We use the WordPress plugin „Thrive Comments“ for the comment function on our website. When you submit a comment, we process:

• your comment text

• the name or username chosen by you

• your email address

• Timestamp of the comment

• if applicable, the IP address (to protect against misuse and spam)

We only store IP addresses for as long as is necessary to prevent or prosecute legal violations (e.g., insults, criminal content).

The legal basis is your consent (Art. 6 para. 1 lit. a GDPR) or our legitimate interest (Art. 6 para. 1 lit. f GDPR) in a secure and abuse-free comment section.

If we use technical protective measures against spam (e.g., automatic filters), this serves our legitimate interest in the security and functionality of the website (Art. 6(1)(f) GDPR).

6.8 Messenger Communication (Telegram & WhatsApp)

As part of our services (e.g., info groups, meeting notifications, organizational communication, support), we use messenger services such as Telegram and WhatsApp, among others. If you provide us with your Telegram username or WhatsApp number, or join one of our groups/channels, we will process all necessary information to contact you there or send you information.

The legal bases depend on the context and are your consent (Art. 6 para. 1 lit. a GDPR) as well as our legitimate interest in efficient and practical communication for you (Art. 6 para. 1 lit. f GDPR).

Please note that Telegram and WhatsApp are third-party services, and we cannot influence their data processing. The respective data protection regulations of the providers apply. We recommend that you review their privacy protection settings.

7. Cookies, Statistics & Embedded Content

7.1 Cookies & Burst Statistics

We use a cookie-free statistics tool (Burst Statistics) for the statistical analysis of website usage. This involves processing anonymized or pseudonymized data, which allows us to analyze and improve the use of our website. No user profiles with personal data are created and no cookies are set.

The legal basis is Art. 6(1)(f) GDPR (legitimate interest in user-friendly and needs-based website design).

7.2 Google Fonts

On our website, Google Web Fonts are currently integrated via Google servers (Google Ireland Limited / Google LLC) to display fonts uniformly. When you access the page, your browser establishes a connection to Google's servers, transmitting your IP address among other information.

The legal basis is Art. 6(1)(f) GDPR (legitimate interest in a uniform and appealing presentation of the website).

7.3 YouTube

On some pages, we embed videos from the YouTube platform, operated by Google Ireland Limited or Google LLC (USA). When you visit a page with an embedded YouTube video, a connection is established with YouTube's servers and data may be transmitted to YouTube/Google (e.g., IP address, page visited).

Depending on your browser settings and Google login status, cookies may be set and user profiles created. If you do not wish this to happen, please log out of your Google/YouTube account before visiting our website.

The integration is carried out in the interest of an appealing presentation of our online offering and for the clear communication of content. The legal basis is Art. 6 para. 1 lit. f GDPR.

7.4 Consent Management Tool

We use a consent management tool („cookie banner“) on our website to manage the consents you give for setting cookies and for the use of certain services (e.g., YouTube, Google Fonts, newsletter tools).

When you visit our website, a notice window will inform you about the type and purpose of the cookies and similar technologies used, and you can decide which categories you agree to. Your selection will be saved in a technically necessary cookie so that the website can recognize your settings on subsequent visits.

The legal basis for processing the data associated herewith is Art. 6(1)(c) GDPR (fulfillment of legal obligations in the area of data protection) as well as our legitimate interest in lawful, user-friendly management of consents (Art. 6(1)(f) GDPR).

You can change or revoke your consent at any time with future effect through the relevant settings in the cookie banner.

8. Our social media presences

We maintain publicly accessible profiles on social networks (e.g., Facebook, Instagram, YouTube). When visiting these pages, the terms of use and data protection provisions of the respective platform operators apply.

If you interact with us via social media (e.g., through messages, comments, likes), we process the data you provide (e.g., profile name, content of communication) to respond to your inquiries and for the public relations of our work. The legal basis is our legitimate interest in contemporary public relations and communication (Art. 6(1)(f) GDPR) as well as, if applicable, your consent (Art. 6(1)(a) GDPR).

Depending on the platform, we and the operator share responsibility within the meaning of Art. 26 GDPR for certain evaluations (e.g., page statistics). You will find information regarding this in the respective platform operator's privacy policy.

9. Data Transfer and Order Processor

We generally only disclose personal data to third parties if:

• is necessary for the performance of a contract or for taking steps prior to entering into a contract (Art. 6(1)(b) GDPR),

• we are legally obliged to do so (Art. 6(1)(c) GDPR),

• we or third parties have a legitimate interest in it and your interests do not prevail (Art. 6 para. 1 lit. f GDPR), or

• You have expressly consented (Art. 6(1)(a) GDPR).

To fulfill our tasks, we use service providers as so-called order processors, for example for:

• Hosting and technical operation of the website

• Email Communication (Gmail / Google Workspace)

• Newsletter Sending (MailerLite)

• Video conferencing and online teaching (e.g., Zoom)

Contracts for order processing according to Art. 28 GDPR are in place with these service providers, where necessary.