We process your data exclusively on the basis of the General Data Protection Regulation (GDPR), the Austrian Data Protection Act (DSG), and the Telecommunications Act (TKG 2021).
This privacy policy informs you about which personal data we process when you use our website, our chat function and other services, for what purposes this happens and what rights you are entitled to.
Our website is hosted by IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany.
When you visit our website, the following data is automatically processed and stored in server log files:
IP address of the end device
Date and time of access
accessed page/file
Browser type and version
Referrer URL
amount of data transferred
User's operating system
Purpose of processing:
Website operation and security, abuse detection, error analysis
Rechtsgrundlage: Art. 6 Abs. 1 lit. f DSGVO (berechtigtes Interesse)
7–14 days, at the latest until the aforementioned purposes have been achieved
This data will not be merged with other sources.
We use cookies to make our website user-friendly and to enable certain functions.
Some cookies are technically necessary and are set without your consent.
We only set cookies for analysis and marketing purposes if you have given us your prior consent (opt-in).
To manage your consents we use the tool CookieYes
This saves your selection (consent or refusal, time, pseudonymous ID) locally on your device.
You can revoke or change your consent at any time via the cookie banner.
Purpose/Legal basis:
Technically necessary cookies: Section 165 para. 3 TKG 2021
Analysis and marketing cookies: Art. 6 (1) (a) GDPR (consent)
Our website integrates external content and services, the use of which involves transferring data such as IP addresses and device information to the respective providers.
This data processing only takes place after your express
Third-party providers used:
OpenAI, Inc., USA – Chat function Anthropic – Chat function
– YouTube, Google Analytics, Google Tag Manager
Meta Platforms Ireland Ltd. – Facebook Pixel, Instagram
TikTok Technology Limited – TikTok-Videos
LinkedIn Ireland Unlimited Company – LinkedIn-Inhalte
Google Fonts (lokal eingebunden) – keine Datenübertragung
Review widgets (e.g. Google Reviews)
Transfer to third countries:
Data transfers to the USA are carried out exclusively:
on base of the EU-US Data Privacy Frameworks (Art. 45 DSGVO) oder,
if not applicable, based on Standard Contractual Clauses (SCCs) pursuant to Art. 46 GDPR.
We use Google Analytics to evaluate user behavior on our website and to optimize our offering.
Responsible provider:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Data processed:
IP address (shortened/anonymized)
Usage data such as pages visited, click paths, length of stay
Device type, browser information
Location data (approximate, based on IP)
Purpose/Legal basis:
Art. 6 (1) (a) GDPR (consent)
Storage period:
Data is stored for a maximum of 14 months and then automatically deleted.
We have concluded a data processing agreement with Google.
Zur Optimierung unserer Marketingmaßnahmen und zur Ausspielung personalisierter Werbung nutzen wir das Facebook (Meta) Pixel sowie das Instagram Pixel.
Responsible provider:
Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland.
Data processed:
IP address
To optimise our marketing measures and to display personalised advertising, we use the Facebook Pixel.
Nutzungsdaten
Device information
Facebook ID (if logged in)
Purpose/Legal basis:
Art. 6 (1) (a) GDPR (consent)
Meta may combine this data with other data of its own and use it for its own purposes.
For further information, please see the Meta Privacy Policy.
Social-Media- and Marketing-Pixels
To measure the success of our marketing activities and to deliver relevant advertising, we integrate various tracking technologies. All services described below are loaded exclusively after your explicit consent via our cookie banner (CookieYes). Until consent is given, no data is transmitted to the providers (prior blocking). The legal basis for all listed services is Art. 6 (1) lit. a GDPR (consent). You can withdraw your consent at any time with future effect via the cookie banner.
– Facebook Pixel, Instagram
We use the Meta Pixel, an analysis and tracking tool provided by Meta Platforms Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). The following data is processed: your IP address, device and browser information, visited pages, clicking behaviour and – if you are logged into Meta services – your Meta ID. This data is used to measure the effectiveness of our advertisements on Facebook and Instagram, to create target audiences for future advertising (Custom Audiences, Lookalike Audiences) and to deliver personalised advertising. With regard to the collection and transfer of data to Meta, we are joint controllers together with Meta pursuant to Art. 26 GDPR; the details of this arrangement can be found at https://www.facebook.com/legal/controller_addendumSubsequent processing by Meta is their sole responsibility. Data transfer to the USA takes place on the basis of the EU-US Data Privacy Framework or Standard Contractual Clauses. Further information: https://www.facebook.com/about/privacy
TikTok Pixel
We use the TikTok Pixel, a tracking tool provided by TikTok Technology Limited (10 Earlsfort Terrace, Dublin 2, D02 T380, Ireland), with parent company ByteDance Ltd. in China. The following data is processed: your IP address, device and browser information, visited pages and conversion events. This data is used to measure the effectiveness of our TikTok advertisements and to create target audiences. Data is transferred to the USA (on the basis of the EU-US Data Privacy Framework or Standard Contractual Clauses) and potentially to China; here, there are increased risks regarding the level of data protection, which we expressly point out. Further information: https://www.tiktok.com/legal/page/eea/privacy-policy/de
Pinterest Tag
We use the Pinterest Tag, a tracking tool provided by Pinterest Europe Ltd. (Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland). The following data is processed: your IP address, device and browser information, visited pages and conversion events. This data is used to measure the effectiveness of our Pinterest advertising and to create target audiences. Data transfer to the USA takes place on the basis of the EU-US Data Privacy Framework or Standard Contractual Clauses. Further information: https://policy.pinterest.com/de/privacy-policy
YouTube (integrated Videos)
We embed videos from the YouTube platform, a service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland), a subsidiary of Google LLC (USA). When playing a YouTube video, data such as IP address, device information, browser type and playback behaviour is transmitted to Google. If you are logged into YouTube, Google may associate this information with your account. Where possible, we use the enhanced privacy mode ("youtube-nocookie.com"), which reduces user tracking but does not exclude it entirely. Data transfer to the USA takes place on the basis of the EU-US Data Privacy Framework or Standard Contractual Clauses. Further information: YouTube/Google-Link: https://policies.google.com/privacy
Google Analytics 4
We use Google Analytics 4, a web analytics service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). The following data is processed: your IP address (anonymised), usage data such as visited pages, click paths and dwell time, device type, browser information and approximate location data based on the IP address. The analysis serves to optimise our offering. We have concluded a data processing agreement with Google. Data is stored for a maximum of 14 months and then automatically deleted. Data transfer to the USA takes place on the basis of the EU-US Data Privacy Framework or Standard Contractual Clauses. Further information: YouTube/Google-Link: https://policies.google.com/privacy
Google Ads Conversion Tracking
We use Google Ads Conversion Tracking provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). When you arrive at our website via a Google advertisement, a cookie is set that expires after 30 days. The following data is processed: your IP address, information about the advertisement clicked, conversion events (e.g. purchases, newsletter sign-ups) and device information. This data is used exclusively to measure the performance of our Google Ads campaigns and is not merged with other data. Data transfer to the USA takes place on the basis of the EU-US Data Privacy Framework or Standard Contractual Clauses. Further information: YouTube/Google-Link: https://policies.google.com/privacy
If you contact us via form or email, we will process your information (e.g. name, email address, message) to process your request.
Legal basis:
Art. 6 (1) (b) GDPR (pre-contractual communication)
Art. 6 (1) (f) GDPR (legitimate interest in customer communication)
Storage period:
Until your request has been fully answered and resolved, and thereafter only as long as statutory retention periods apply.
Unsere Chat-Funktion wird durch externe KI-Anbieter bereitgestellt. Derzeit nutzen wir Anthropic, PBC (San Francisco, USA) mit dem Modell Claude sowie OpenAI, Inc. (San Francisco, USA) mit dem Modell GPT-4o-mini.
Both providers act as independent controllers for the processing of content transmitted via their APIs. The processed data includes the content of your chat messages during the active session as well as technical metadata such as timestamps and error logs. Chat content is used exclusively to provide the response function; according to the current API terms of both providers, API data is not used for training purposes.
We do not permanently store chat messages; they are processed only temporarily during the active session and discarded after its end. Data transfer to the USA takes place on the basis of the EU-US Data Privacy Framework (Art. 45 GDPR) or, if not applicable, on the basis of Standard Contractual Clauses pursuant to Art. 46 GDPR. For further information, please refer to the privacy policies of Anthropic (https://www.anthropic.com/legal/privacy) and OpenAI (https://openai.com/policies/privacy-policy).
To prevent automated abuse and disproportionate use of our service, we additionally process the following technical data: When using the free trial function (without a registered account), we store a cryptographically hashed value of your IP address (SHA-256 with server-side salt) as well as the number of contents generated during the trial period. The IP address itself is not stored and cannot be reconstructed from the hash. This data is automatically reset after a maximum of seven days. For users with an active subscription, we additionally store daily and monthly counters of the number of learning materials generated, linked to your account's user ID, in order to ensure fair use within the contractually agreed scope of service. These counters are automatically reset at the end of each day or month respectively.
The legal basis for this processing is Art. 6 (1) lit. f GDPR (legitimate interest in abuse prevention) or Art. 6 (1) lit. b GDPR (performance of contract) for registered users.
Legal basis for the use of the chat function: Art. 6 (1) lit. b GDPR (performance of contract) for registered users and Art. 6 (1) lit. f GDPR (legitimate interest in providing the service) for other use.
We use Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Dublin for payment.
Data processed:
Name, email, billing address
Payment information (tokenized, we do not store complete card details)
Transaction and fraud prevention data
Legal basis:
Art. 6 (1) (b) GDPR (contract)
Art. 6 (1) (f) GDPR (legitimate interest in secure payment processing)
For further information, please see our privacy policy.
Payment processing with SureCart
For the processing of subscriptions and payments, we use SureCart Inc. (USA) in conjunction with Stripe Payments Europe, Ltd. (Dublin, Ireland). SureCart processes your name, email address, billing address and subscription information. The actual payment processing (credit card, SEPA) is carried out exclusively via Stripe; we do not store complete payment details ourselves. Data transfer to SureCart in the USA is based on the EU-US Data Privacy Framework or Standard Contractual Clauses. Legal basis: Art. 6 (1) lit. b GDPR (contract) and Art. 6 (1) lit. f GDPR (legitimate interest in secure payment processing).
We only store personal data for as long as necessary for the respective purposes or as long as statutory retention periods apply.
After these deadlines, the data will be irrevocably deleted.
Specific retention periods with Paulina:
Our offering is directed at teachers and educational professionals. Use requires the user to be of legal age (18 years). If we become aware that we have received personal data from minors, we will delete it immediately.
You have the following rights under the GDPR:
Information (Art. 15 GDPR)
Correction (Art. 16 GDPR)
Deletion (Art. 17 GDPR)
Restriction of processing (Art. 18 GDPR)
Data portability (Art. 20 GDPR)
Objection to certain processing (Art. 21 GDPR)
Revocation of consent (Art. 7 para. 3 GDPR)
To assert your rights, please contact hello@paulinagreen.com.
Name Melanie Liebisch
Email: hello@paulinagreen.com
Contact form
Since I operate a sole proprietorship and am not required to appoint a data protection officer, I do not have an external data protection officer. For all data protection concerns, please contact the address provided above.
If you believe that your data is being processed unlawfully, you have the right to lodge a complaint with the competent supervisory authority:
Austrian Data Protection Authority
Barichgasse 40-42, 1030 Vienna
Web: www.dsb.gv.at
We reserve the right to adapt this privacy policy if this is necessary due to technical, legal or organizational changes.
We will actively inform you of any significant changes that affect your consent by email or notice on the website.
Status: Salzburg, 04.01.2026
