Privacy Policy
Introduction
This privacy policy explains which personal data we process, for which purposes, and on which legal bases. It applies to this website, communication with us, our services, and external online presences such as social media profiles.
Last updated: 5 January 2026
Controller
Natalia Kleemann
Wilhelm-Michel-Straße 10
04249 Leipzig, Germany
Email: natalia@eskyna.com
Overview of data processing
Depending on how you interact with ESKYNA, we may process the following categories of data:
- master and contact data, such as name, address, email address, and phone number
- contract and payment data, such as booked services, invoices, and payment history
- content data, such as messages, inquiries, uploaded files, or form entries
- usage data, such as visited pages, click paths, access times, and device information
- meta, communication, and log data, such as IP addresses, browser type, and server log files
The purposes of processing include providing our services, answering inquiries, handling contracts and appointments, operating this website securely, measuring reach with consent, direct communication, marketing, and fulfilling legal obligations.
Legal bases
Where the General Data Protection Regulation applies, we process personal data on the following legal bases:
- Consent under Article 6(1)(a) GDPR, for example when you consent to analytics cookies or specific communication.
- Contract performance and pre-contractual inquiries under Article 6(1)(b) GDPR, for example when you request or book a service.
- Legal obligation under Article 6(1)(c) GDPR, for example for tax and commercial retention duties.
- Legitimate interests under Article 6(1)(f) GDPR, for example for secure website operation, efficient communication, and business administration.
German data-protection rules, including the Federal Data Protection Act, may also apply where relevant.
Security measures
We use appropriate technical and organizational measures to protect personal data. These include encrypted connections via HTTPS, access controls, careful provider selection, and procedures for handling deletion, access, and security requests.
Transfer of personal data
Personal data may be shared with service providers or other recipients when this is necessary for the purposes described here. This can include hosting providers, email and communication services, payment services, analytics providers used with consent, tax advisors, legal advisors, or public authorities where legally required.
Where required, we conclude appropriate data-processing agreements and take suitable safeguards for data transfers.
International data transfers
Some providers may process data outside the European Union or the European Economic Area. In those cases, transfers take place only where an appropriate legal basis and suitable safeguards are available, such as an adequacy decision, the EU Standard Contractual Clauses, certification under a recognized framework, or your explicit consent where required.
Storage and deletion
We delete personal data when the purpose of processing no longer applies and no legal retention obligations or other legitimate reasons require longer storage.
Typical retention periods include:
- tax and commercial documents: generally up to ten years
- business correspondence and contract-related documents: according to applicable statutory periods
- server log files: usually only for a short period unless longer storage is necessary for security or evidence purposes
- inquiry and communication data: as long as needed to process the request and any follow-up obligations
Your rights
Subject to the legal requirements, you have the right to:
- request access to your personal data
- request correction of inaccurate data
- request deletion of your data
- request restriction of processing
- receive your data in a portable format
- object to processing based on legitimate interests
- withdraw consent with effect for the future
- lodge a complaint with a competent supervisory authority
To exercise your rights, contact us at natalia@eskyna.com .
Contact and appointment inquiries
When you contact us by email, contact form, telephone, messenger, or appointment booking link, we process the information you provide in order to respond to your inquiry, prepare an appointment, or provide the requested service.
Data processed may include your name, email address, phone number, message content, preferred contact method, appointment details, and any information you voluntarily share about your style question.
Contractual services
When you book or request an ESKYNA service, we process the data required to prepare, perform, document, and bill the service. This may include contact data, contract data, payment data, notes relevant to the consultation, and communication history.
Website hosting and server logs
To provide this website, technical access data is processed by the hosting infrastructure. Server logs may include IP address, date and time of access, requested pages or files, browser type, operating system, referrer URL, transferred data volume, and access status.
This processing is necessary for secure and reliable website operation.
Cookies and consent
This website may use cookies or similar technologies. Necessary cookies are used to provide core website functions. Analytics or marketing tools are activated only with your consent, where consent is required.
You can change or withdraw your cookie consent using the cookie settings on the website.
Analytics and Google Tag Manager
If you consent to analytics, Google Tag Manager and Google Analytics may be used to understand how visitors use the website and to improve content and usability. Analytics is not activated without your consent where consent is required.
Google may process usage data, device information, and online identifiers. You can withdraw your consent at any time through the cookie settings.
Contact form and Cloudflare Turnstile
The contact form may use Cloudflare Turnstile to protect the form against misuse and automated spam. For this purpose, technical data such as IP address, browser data, and interaction signals may be processed by Cloudflare.
The contact form sends your inquiry to ESKYNA so Natalia can respond to you.
Social media profiles
ESKYNA may maintain profiles on social networks such as Instagram or LinkedIn. When you visit or interact with those profiles, the respective platform operators may process personal data under their own responsibility. Please refer to the privacy policies of the relevant platforms for details.
Direct communication and marketing
If you contact us or have an existing customer relationship with us, we may use your contact details to communicate with you about your inquiry, booked services, updates, or related offers. You can object to marketing communication at any time.
Changes to this privacy policy
We may update this privacy policy when the website, services, providers, or legal requirements change. The current version is published on this page.