Skip to main content

Privacy Policy

Last Updated: March 12, 2026

1. Introduction & Controller Identity

This Privacy Policy explains how axontryx (“we”, “us”, “our”) collects, uses, and protects your personal data when you visit our website and interact with our educational offerings, including online courses, live webinars, masterclasses, intensives, and related learning programs.

For the purposes of the EU General Data Protection Regulation (GDPR) and applicable German data protection law, the data controller is:

We do not appoint a Data Protection Officer (DPO) unless required by law due to the scale and nature of processing. If this changes, we will publish DPO contact details on this page.

2. Personal Data We Collect

The personal data we collect depends on how you use the site. We aim to collect only what is necessary to deliver educational information, respond to requests, and keep the site secure.

  • Identity and contact data: name, email address, phone number (if provided), and any other information you choose to share when contacting us.
  • Form content: messages, course/program interest, scheduling preferences, and other details you submit through our forms.
  • Technical data: IP address, browser type and version, device identifiers, operating system, language settings, and approximate location derived from IP.
  • Usage data: page views, time spent on pages, referrer/exit pages, click paths, and interactions with site elements.
  • Cookies and identifiers: first-party and third-party cookie IDs and similar identifiers described in Section 4 and our Cookie Policy.
  • Conversion events: events such as successful form submission or confirmation page views used to measure performance and improve user experience (subject to consent where required).

We do not intentionally collect special-category data (such as health data, political opinions, religious beliefs), financial account details, or government identification numbers through this website. Please avoid submitting such information in free-text fields.

3. Why We Process Personal Data & Legal Basis (GDPR Art. 6)

We process personal data only where we have a lawful basis under GDPR. The purposes and legal bases typically include:

  • Responding to contact and enrollment requests: to reply with dates, format options, course details, and enrollment instructions. Legal basis: GDPR Art. 6(1)(b) (steps prior to entering into a contract) and, where applicable, Art. 6(1)(a) (consent).
  • Providing analytics (optional): to understand how visitors use the site and improve content, navigation, and program pages. Legal basis: GDPR Art. 6(1)(a) (consent).
  • Advertising measurement and marketing (optional): to measure campaigns, attribute conversions, and support remarketing or audience creation. Legal basis: GDPR Art. 6(1)(a) (consent).
  • Security, fraud prevention, and service integrity: to protect the site, prevent abusive traffic, and diagnose issues. Legal basis: GDPR Art. 6(1)(f) (legitimate interests).
  • Legal obligations: to comply with applicable laws and respond to lawful requests. Legal basis: GDPR Art. 6(1)(c) (legal obligation).

Automated decision-making (Art. 22): We do not engage in automated decision-making or profiling that produces legal or similarly significant effects for individuals.

4. Cookies & Tracking

We use cookies and similar technologies to operate the website, remember your preferences, and (with consent) measure usage and advertising performance. Cookies may be first-party (set by us) or third-party (set by providers). We also refer to “pixel tags” or “tracking tags” as small code snippets that can record page views and conversion events.

Essential (always active)

Essential cookies are required for core functionality and security. These do not require consent in many jurisdictions.

  • _site_session: helps maintain basic session continuity and stability.
  • cookie_consent: stores your cookie preference selection.
  • CSRF and security-related cookies: may be used to protect forms and prevent abuse.

Typical retention for essential cookies ranges from session-based to 12 months depending on the cookie purpose.

Analytics (consent required)

With your consent, we may use Google Analytics 4 (GA4) to understand how visitors use the site. Where configured, IP addresses are anonymized or truncated and data is used to improve educational content and navigation. Typical cookies include _ga and _ga_XXXXXXXXXX. Analytics retention is typically configured for 14 months.

Marketing (consent required)

With your consent, we may use marketing cookies and advertising pixels to measure ads, attribute conversions, and deliver relevant messaging. This can include Google Ads conversion cookies (such as _gcl_au) and Meta Pixel cookies (such as _fbp and _fbc when click IDs are present). These identifiers can be used for remarketing, custom audiences, lookalike audiences, and conversion attribution.

Beyond cookies, advertising measurement can also involve server-side event forwarding (for example via Meta Conversion API or server-side tag management). When used, identifiers may be hashed prior to transfer where appropriate, and processing remains subject to consent choices.

For details and examples, read our Cookie Policy. You can also manage cookie choices at any time using the “Manage cookie preferences” link in the footer.

5. Consent (EEA/UK)

Users in the EEA and the UK receive a consent notice under GDPR/UK GDPR. Analytics and marketing cookies activate only after explicit, informed, freely given consent under GDPR Art. 6(1)(a). Your consent choice is recorded in the cookie_consent browser cookie (typically for 12 months).

You may withdraw consent at any time using the “Manage cookie preferences” link in the footer or by clearing cookies in your browser settings. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

6. Sharing With Advertising & Service Partners

We use service providers to operate the site and (where you consent) to measure and improve our marketing and content. Depending on your cookie choices, personal data may be shared with:

  • Google LLC: for Google Analytics 4, Google Ads, tag management, and remarketing. Data can include cookie IDs, usage events, and conversion signals.
  • Meta Platforms, Inc.: for Meta Pixel and audience/conversion measurement. Data can include page views, conversions, and audience membership, and may include hashed identifiers when applicable.
  • Cloudflare: for content delivery and security features, including IP-based threat detection and performance optimization.

We do not sell personal data. We use providers as processors or service partners for defined purposes. Where applicable, we configure tools so providers may not use site data for their own independent commercial purposes beyond providing the contracted services.

7. International Transfers

Some of our service providers may process data outside the EEA/UK, including in the United States. Where required, transfers rely on appropriate safeguards such as the EU–US Data Privacy Framework (DPF) (including the UK Extension and Swiss–US DPF where applicable) and/or Standard Contractual Clauses (EU 2021/914) as a fallback mechanism, as well as supplemental measures when needed.

8. Data Retention

We keep personal data only as long as necessary for the purposes described in this Policy:

  • Contact submissions: typically up to 2 years from last interaction, unless a longer period is needed for legitimate business reasons or legal compliance.
  • Analytics data: typically retained for 14 months (tool configuration dependent).
  • Marketing cookies: retained based on cookie lifetimes (for example 90 days for some marketing cookies).
  • Email correspondence: kept for the duration of the relationship and typically for 1 year afterward for continuity and auditability.
  • Server/security logs: typically up to 90 days unless a longer period is needed to investigate abuse or incidents.
  • Cookie consent record: typically up to 3 years for audit purposes.
  • Legal/tax records: retained as required by law (often 6–10 years for invoicing and related records).

9. Your Rights (GDPR & UK GDPR)

Subject to applicable conditions and exceptions, you may have the right to:

  • Request access to your personal data (GDPR Art. 15).
  • Request rectification of inaccurate personal data (Art. 16).
  • Request erasure of your personal data (Art. 17).
  • Request restriction of processing (Art. 18).
  • Request data portability (Art. 20).
  • Object to processing based on legitimate interests (Art. 21).
  • Withdraw consent at any time (Art. 7(3)) when processing is based on consent.
  • Lodge a complaint with a supervisory authority (Art. 77).

To exercise rights, email [email protected]. We typically respond within 30 days, with a possible extension of up to 60 additional days for complex requests.

Supervisory authority references:

  • EU: European Data Protection Board (EDPB) website for authority listings.
  • Germany: the relevant German data protection authority (federal or state) depending on circumstances.
  • UK: Information Commissioner’s Office (ICO).

10. Children

This website is not directed at individuals under 16. We do not knowingly collect personal data from minors. If we become aware that personal data has been collected from a child under 16 without verifiable parental consent, we will delete it promptly.

11. Do Not Track

This website does not respond to “Do Not Track” (DNT) browser signals. Third-party providers may have their own DNT-related behavior.

12. Data Deletion Requests

To request deletion, email us with the subject line “Data Deletion Request” at [email protected]. We may need to verify identity before acting on the request. If we must retain limited data to comply with legal obligations, we will restrict processing and retain only what is required.

13. Business Transfers

If Axontryx Learning GmbH is involved in a merger, acquisition, asset sale, financing, insolvency, or similar transaction, personal data may be transferred to a successor entity. If such a transfer materially changes how personal data is used, we will provide notice on the website.

14. California (CCPA/CPRA)

This section applies to California residents to the extent the California Consumer Privacy Act (CCPA) as amended by the CPRA applies to our processing.

In the past 12 months, we may have collected the following categories of personal information:

  • Identifiers: name, email address, IP address, and cookie identifiers.
  • Internet or network activity: browsing and interaction data, such as pages visited and clicks.
  • Inferences: preferences or interests inferred from site interactions for advertising measurement (where consent is provided and tools are enabled).

We do not sell personal information as defined by the CCPA. We may share personal information for cross-context behavioral advertising depending on your cookie preferences. California residents may opt out of such sharing via our cookie preferences panel accessible from the footer.

California privacy rights may include the right to know, delete, correct, and opt out of sale/sharing, and the right to non-discrimination. Requests can be submitted by emailing [email protected] with the subject line “California Privacy Request”. We may need to verify identity and residency. Authorized agents must provide written permission.

15. Virginia (VCDPA)

Virginia residents may have rights to access, correct, delete, and obtain a copy of personal data, and to opt out of targeted advertising. We do not sell personal data and we do not engage in profiling that produces legal or similarly significant effects.

To submit a request, email [email protected] with the subject line “Virginia Privacy Request”. If a request is denied, you may appeal by emailing with the subject line “Appeal of Refusal — Privacy Request”. We aim to respond to appeals within 60 days.

16. Nevada

Nevada residents may submit a verified opt-out request by emailing [email protected] with the subject line “Nevada Do Not Sell Request”. We do not currently sell personal information under Nevada Revised Statutes Chapter 603A.

17. Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will provide notice on the homepage at least 14 days before the updated policy takes effect where feasible. The “Last Updated” date at the top of this page reflects the most recent revision.

18. Contact

If you have questions about privacy, data use, or this policy, contact:

Privacy questions

If you want to exercise a data right or ask a privacy question, email [email protected]. For cookie settings, use the footer link “Manage cookie preferences”.