Privacy Policy
pursuant to Art. 13 and 14 GDPR, § 25 TDDDG
Last updated: 16 March 2026
1. Data Controller
The data controller within the meaning of the General Data Protection Regulation (GDPR) and other applicable data protection legislation is:
Annett Burger
Scharnhorststr. 24, 10115 Berlin, Germany
Email: annett@thenewworkplaybook.com
Phone: +49 15124017305
Website: www.thenewworkplaybook.com
(hereinafter “we”, “us”, or “the operator”)
2. General Information on Data Processing
2.1 Scope of processing of personal data
We process personal data of our users only to the extent necessary to provide a functional website and to deliver our content and services. The processing of personal data regularly takes place only with the user’s consent. An exception applies in cases where obtaining prior consent is not possible for practical reasons and the processing of data is permitted by law.
2.2 Legal bases
Where we obtain consent for the processing of personal data, Art. 6(1)(a) GDPR serves as the legal basis.
For the processing of personal data necessary for the performance of a contract, Art. 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
Where the processing of personal data is necessary for compliance with a legal obligation, Art. 6(1)(c) GDPR serves as the legal basis.
Where the processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, Art. 6(1)(f) GDPR serves as the legal basis.
2.3 Data retention and deletion
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Data may be stored beyond that period where provided for by European or national legislators in EU regulations, laws, or other provisions to which the controller is subject. The data will also be blocked or deleted when a storage period prescribed by the aforementioned standards expires, unless there is a necessity for the continued storage of the data for the purpose of entering into or performing a contract.
3. Website Hosting
This website is hosted by IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany. When you visit this website, the hosting provider automatically collects information in so-called server log files, which your browser automatically transmits. These include:
- IP address of the requesting device
- Date and time of the server request
- Name and URL of the file retrieved
- Referrer URL (previously visited page)
- Browser used and, where applicable, the operating system of your device
- Name of the access provider
- Volume of data transferred
This data is not merged with other data sources. The data is collected on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of its website – for this purpose, server log files must be recorded.
Data processing agreement: We have concluded a data processing agreement (DPA) in accordance with Art. 28 GDPR with IONOS. This ensures that IONOS processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
IONOS operates data centres at multiple locations across Europe (including Frankfurt am Main, Berlin, Paris, London, Madrid) as well as in the USA. For our web hosting package, data is processed on servers in Germany. The IONOS Cloud infrastructure and data centres are ISO 27001 certified on the basis of the BSI IT-Grundschutz (IT baseline protection).
4. SSL/TLS Encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content. You can recognise an encrypted connection by the browser’s address bar changing from “http://” to “https://” and by the padlock icon in your browser bar. When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
5. Cookies and Consent Management
5.1 General information about cookies
Our website uses cookies. Cookies are small text files that are stored on your end device by your browser. They are used to make our services more user-friendly and effective.
Some cookies are technically necessary and are automatically set when you visit our website (“strictly necessary cookies”). Other cookies are only set with your express consent (“analytics cookies”).
5.2 Strictly necessary cookies
Strictly necessary cookies ensure functionalities without which you would not be able to use our website as intended. These cookies are set exclusively by us (first-party cookies) and serve, among other things:
- ensuring the technical operation of the website
- storing your cookie consent preferences
- IT security
Legal basis for strictly necessary cookies: § 25(2) No. 2 TDDDG in conjunction with Art. 6(1)(f) GDPR (legitimate interest).
5.3 Analytics cookies (Google Analytics 4)
Analytics cookies are only set if you have given your express consent via our cookie consent tool. For details on Google Analytics 4, please see Section 6.
Legal basis: your consent pursuant to § 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR.
5.4 No marketing or advertising cookies
We do not currently use any marketing or advertising cookies.
5.5 Cookie consent tool (Borlabs Cookie)
Our website uses the cookie consent tool “Borlabs Cookie” to obtain your consent for the storage of certain cookies and data processing, and to document this consent in a manner compliant with data protection law. The provider of this technology is Borlabs GmbH, Hamburger Straße 11, 22083 Hamburg, Germany.
When you enter our website, a Borlabs cookie is stored in your browser in which the consents you have given or the revocation of those consents are recorded. This data is not shared with the provider of Borlabs Cookie.
The collected data is stored until you request deletion, until you delete the Borlabs cookie yourself, or until the purpose of the data storage no longer applies. Mandatory statutory retention obligations remain unaffected.
Legal basis: § 25(2) No. 2 TDDDG in conjunction with Art. 6(1)(c) GDPR. Borlabs Cookie serves to obtain the legally required consent for the use of cookies.
6. Web Analytics – Google Analytics 4
6.1 Scope and purpose
This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, D04 E5W5, Ireland (“Google”). Google Analytics 4 uses cookies that enable an analysis of the use of the website. The information generated by these cookies about the use of this website is generally transferred to and stored on a Google server in the USA.
We use Google Analytics 4 for the analysis and regular improvement of the use of our website. The statistics obtained help us to improve our offering and to design content that meets your needs.
6.2 IP anonymisation
Google Analytics 4 anonymises IP addresses by default. Your IP address is therefore generally truncated within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there.
6.3 Cookies used
Google Analytics 4 sets the following cookies in particular:
- _ga – used to distinguish website visitors; storage duration: 2 years
- _ga_<container-id> – used to persist session state; storage duration: 2 years
6.4 Legal basis
The legal basis for the use of Google Analytics 4 is your consent pursuant to § 25(1) TDDDG in conjunction with Art. 6(1)(a) GDPR. You may withdraw your consent at any time via our cookie consent tool.
6.5 Data transfers to third countries
Google LLC is certified under the EU-U.S. Data Privacy Framework (DPF). The European Commission’s adequacy decision pursuant to Art. 45 GDPR ensures an adequate level of data protection for the transfer of personal data to the USA. In addition, the EU Standard Contractual Clauses (SCCs) apply.
6.6 Data processing agreement
We have concluded a data processing agreement (Google’s Data Processing Terms) with Google, which governs the processing of your data according to our instructions and in compliance with the GDPR.
6.7 Objection and opt-out
You can prevent data collection by Google Analytics by not granting your consent or by withdrawing your consent via our cookie consent tool. You may also download and install the browser add-on to deactivate Google Analytics: https://tools.google.com/dlpage/gaoptout
For more information on how Google Analytics handles user data, please refer to Google’s privacy policy: https://policies.google.com/privacy
7. Google Search Console
We use Google Search Console, a service provided by Google Ireland Limited, to monitor and optimise the visibility of our website in Google search results. Google Search Console does not directly process personal data of our website visitors. The data collected (e.g. search queries, click-through rates, impressions) is provided in aggregated form and does not allow conclusions to be drawn about individual persons.
8. Contact Form
If you send us enquiries via our contact form, your details from the enquiry form, including the contact data you provide (e.g. name, email address, telephone number where applicable) and the content of your message, will be stored by us for the purpose of processing the enquiry and in case of follow-up questions.
Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in processing enquiries).
Data is transmitted via TLS encryption. We will not share this data without your consent. The data will be deleted once your enquiry has been conclusively processed, unless statutory retention obligations require otherwise.
9. Newsletter and Email Marketing (CleverReach)
9.1 Newsletter content
We send newsletters and other electronic notifications containing promotional information (hereinafter “Newsletter”) only with the consent of the recipients or where legally permitted. Where the content of the newsletter is specifically described at the time of registration, such description shall be determinative for the scope of consent.
9.2 Registration and double opt-in
Registration for our newsletter follows a so-called double opt-in procedure. This means that after registration you will receive an email asking you to confirm your registration. This confirmation is necessary to prevent anyone from registering with someone else’s email address. Newsletter registrations are logged in order to demonstrate compliance with the legal requirements. This includes storing the registration and confirmation timestamps as well as the IP address.
9.3 Email service provider: CleverReach
Our newsletters are sent using the email service provider CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (“CleverReach”).
CleverReach is a service that can be used, among other things, to organise and analyse the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter (e.g. email address, name) is stored on CleverReach’s servers in Germany.
9.4 Server location and data storage
CleverReach is a German company based in Rastede, Germany. The data collected is stored in German data centres. No transfer of personal data to third countries outside the EU/EEA takes place.
CleverReach privacy policy: https://www.cleverreach.com/en-de/privacy-policy/
9.5 Data processing agreement
We have concluded a data processing agreement (Auftragsverarbeitungsvertrag, AVV) in accordance with Art. 28 GDPR with CleverReach. This agreement can be concluded directly within the CleverReach account and ensures that CleverReach processes the personal data of our newsletter subscribers only in accordance with our instructions and in compliance with the GDPR.
9.6 Newsletter analytics
The newsletters may contain a so-called “web beacon” or “tracking pixel.” This is a small image file that is retrieved when the newsletter is opened. As part of this analysis, it can be determined, among other things, whether and when a newsletter was opened and which links were clicked. The evaluation serves to better tailor our newsletters to the interests of the recipients.
Legal basis for newsletter analytics: your consent pursuant to Art. 6(1)(a) GDPR.
9.7 Unsubscription / withdrawal of consent
You can unsubscribe from our newsletter at any time, i.e. withdraw your consent. You will find a link to unsubscribe at the end of every newsletter. The data stored in connection with the newsletter registration will be deleted after you unsubscribe, unless it is required for other purposes or a statutory retention obligation applies.
10. Worksheet Download (Lead Magnet)
On our website, we offer the opportunity to download free worksheets and guides. To download the worksheets and guides, you are required to provide your email address and, where applicable, your name. The data provided will be used exclusively for the purpose of delivering the worksheet and – if you have given separate consent – for sending our newsletter.
Legal basis: Art. 6(1)(a) GDPR (consent) or Art. 6(1)(b) GDPR (performance of a contract, insofar as the provision of the worksheet can be regarded as a contractual service).
Data processing is carried out via CleverReach (see Section 9).
11. Podcast (Apple Podcasts)
We offer a podcast that is available, among other platforms, via Apple Podcasts. When you access our podcast through Apple Podcasts, data is processed by Apple Inc., One Apple Park Way, Cupertino, California 95014, USA. This may include in particular:
- IP address
- Device and usage data
- Information about listening behaviour (e.g. episodes played, listening duration)
Where we embed the podcast player on our website, a connection to Apple’s servers may be established when the player loads, whereby Apple receives your IP address and other technical data.
Apple is certified under the EU-U.S. Data Privacy Framework (DPF).
Legal basis: Art. 6(1)(a) GDPR (consent) for embedding the player on our website, or Art. 6(1)(f) GDPR (legitimate interest) for making the podcast available in general.
Apple privacy policy: https://www.apple.com/legal/privacy/
In addition, we may use the analytics features provided by the respective podcast platforms to evaluate the performance of our podcast. The data provided is generally aggregated and does not allow conclusions to be drawn about individual persons.
12. Social Media Links
Our website contains links to our profiles on the social networks LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) and Instagram (Meta Platforms Ireland Limited, Merrion Road, Dublin 4, Ireland).
These are exclusively links (not social media plugins). Therefore, no connection to the servers of the respective providers is established when you visit our website. Only when you click on a link will you be redirected to the respective external page. The privacy policies of the respective provider apply there.
LinkedIn privacy policy: https://www.linkedin.com/legal/privacy-policy
Instagram / Meta privacy policy: https://privacycenter.instagram.com/policy
13. Your Rights as a Data Subject
You have the following rights with respect to the personal data concerning you:
Right of access (Art. 15 GDPR)
You have the right to request information about the personal data we have stored about you, including the purposes of processing, the categories of personal data concerned, the recipients, and the envisaged storage period.
Right to rectification (Art. 16 GDPR)
You have the right to request, without undue delay the rectification of inaccurate personal data or the completion of incomplete personal data.
Right to erasure (Art. 17 GDPR)
You have the right to request the deletion of your personal data, provided the legal requirements are met. This is the case in particular where the data is no longer necessary for the purposes for which it was collected, you have withdrawn your consent, or the data has been unlawfully processed.
Right to restriction of processing (Art. 18 GDPR)
You have the right to request the restriction of processing of your personal data, for example where the accuracy of the data is contested or the processing is unlawful.
Right to data portability (Art. 20 GDPR)
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format, and you have the right to transmit that data to another controller.
Right to object (Art. 21 GDPR)
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Art. 6(1)(e) or (f) GDPR. We will then no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms.
Right to withdraw consent (Art. 7(3) GDPR)
Where processing is based on your consent, you have the right to withdraw that consent at any time. The lawfulness of processing carried out on the basis of the consent prior to its withdrawal shall not be affected.
Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
You have the right to lodge a complaint with a data protection supervisory authority regarding our processing of your personal data. The competent supervisory authority for us is:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59-61
10555 Berlin
Phone: 030/138 89-0
Mail: mailbox@datenschutz-berlin.de
14. Currency and Amendments to This Privacy Policy
This privacy policy is currently valid as of the date stated above. Due to the further development of our website or changes in statutory or regulatory requirements, it may become necessary to amend this privacy policy. The current version of the privacy policy can be viewed and printed at any time on our website.
15. Google reCAPTCHA
We use the Google service reCaptcha to determine whether a person or a computer makes a specific entry in our contact or newsletter form. Google uses the following information to determine if you are a human being or a computer: IP address of the terminal device you are using, the website you are visiting and on which the captcha is integrated, the date and duration of the visit, the identification data of the browser and operating system type used, Google account if you are logged in to Google, mouse movements on the reCaptcha areas and tasks for which you must identify images. The legal basis for the described data processing is Art. 6 para. 1 lit. f General Data Protection Regulation. There is a legitimate interest on our part in this data processing to ensure the security of our website and to protect us from automated input (attacks).