Datenschutz – Bring Nature Inside

Datenschutzerklärung

Last updated: 01.04.2026

We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how bringnatureinside.blog (operated by Aparna Vijayakrishnan, Einzelunternehmen) collects, uses, and safeguards your information in compliance with the EU General Data Protection Regulation (GDPR) and other applicable privacy laws.

1. Data Controller

The data controller responsible for your personal data is:

Aparna Vijayakrishnan

Einzelunternehmen
bringnatureinside.blog

c/o Postflex #9466
Emsdettener Str. 10
48268 Greven
Germany

Email: aparna@bringnatureinside.blog

2. Data We Collect

When you visit our website, sign up for our email list, make a purchase, or interact with us on social media, we may collect the following personal data:

Personal Information: Name and email address provided via contact forms, newsletter sign-ups, lead magnet downloads, or social media interactions (including Instagram DMs).
Transaction Data: Payment information processed securely by Stripe or PayPal. We do not store full payment card details.
Technical Data: IP address, browser type, device type, and cookies collected during website visits.
Social Media Data: If you interact with our Instagram account (e.g. comment on a post or send a DM to receive a free resource), your Instagram username and the email address you provide may be collected and stored.

3. How We Use Your Data

We process your personal data for the following purposes:

To fulfill orders and provide access to digital products and memberships (contractual necessity).
To send transactional emails related to your purchase or membership (e.g. receipts, access links, onboarding information).
To send marketing emails and newsletters — only if you have given explicit consent via our sign-up forms.
To deliver free resources (lead magnets) you have requested via our website or Instagram.
To manage your membership in the Tiny Harvest Club community.
To improve our website, content, and services based on usage data.

4. Legal Basis for Processing

We process your personal data on the following legal bases under GDPR Article 6:

Contractual necessity (Art. 6(1)(b)) — for processing orders and delivering purchased products or memberships.
Consent (Art. 6(1)(a)) — for marketing emails and newsletters. You may withdraw consent at any time.
Legitimate interests (Art. 6(1)(f)) — for website analytics and improving our services, where these interests are not overridden by your rights.

5. Email Marketing via FluentCRM

We use FluentCRM, an email marketing plugin hosted directly on our WordPress website, to manage our subscriber lists and send marketing emails.

Your name and email address are stored on our own server — they are not transferred to a third-party email marketing platform.
Our website is hosted on servers operated by Hetzner Online GmbH, based in Germany. Your data remains within the European Union.
You can unsubscribe from marketing emails at any time by clicking the unsubscribe link in any email we send, or by emailing us directly at aparna@bringnatureinside.blog.

6. Website Hosting — Hetzner

Our website is hosted by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. Hetzner processes technical data (including IP addresses) as part of operating our server infrastructure.

Because Hetzner is a German company and our servers are located within Germany, your data remains within the European Union and is subject to EU data protection law.

You can read Hetzner’s Privacy Policy at https://www.hetzner.com/legal/privacy-policy

7. Lead Magnet Delivery via ManyChat (Instagram)

We use ManyChat to automate responses to comments and direct messages on our Instagram account (@bringnatureinside). If you comment a keyword on one of our Instagram posts or send us a DM to request a free resource, ManyChat may collect your Instagram username and process the email address you provide in response to our automated messages.

ManyChat is operated by ManyChat Inc., based in the United States.
Data transfers to the USA are covered by ManyChat’s compliance with applicable data transfer mechanisms including Standard Contractual Clauses (SCCs).
The email address you provide via Instagram DM is transferred to our FluentCRM system (hosted on our EU-based server) and used to deliver the requested resource and send follow-up emails, for which you give consent by sharing your email address.
ManyChat’s Privacy Policy is available at: https://manychat.com/privacy

You may opt out at any time by replying STOP to any ManyChat message or by unsubscribing from our email list.

8. Payment Processing

Stripe

We use Stripe to process payments. When you make a purchase, your payment details are submitted directly to Stripe and are not stored on our servers.

Stripe Inc. is based in the United States and complies with GDPR through Standard Contractual Clauses. You can read Stripe’s Privacy Policy at https://stripe.com/privacy.

PayPal

We also offer payment via PayPal. If you choose to pay with PayPal, your payment is processed by PayPal (Europe) S.à r.l. et Cie, S.C.A., based in Luxembourg, which is subject to EU data protection law. You can read PayPal’s Privacy Policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

9. Contact Forms — Fluent Forms

Our website uses Fluent Forms to handle contact forms, newsletter sign-ups, and lead magnet requests. Data submitted through these forms (name and email address) is stored directly in our WordPress database on our Hetzner-hosted server and transferred to FluentCRM for email communication.

No form data is sent to third-party servers other than those described in this policy.

10. Community Platform — Fluent Community

We intend to use Fluent Community, a WordPress-based community plugin, to host the Tiny Harvest Club member community. When this feature is active, members will create accounts on our website. Account data (name, email address, username, and any profile information provided) will be stored on our Hetzner-hosted server within the EU.

This section will be updated when the community platform is launched.

11. Cookies

Our website uses cookies to improve your browsing experience and analyse site performance.

Essential cookies: Always active. Required for the website to function correctly.
Analytics cookies: Used to understand how visitors use the website. These require your consent before activation.
Marketing cookies: If used in future, these will require your explicit consent.

You can manage your cookie preferences via the cookie banner when you first visit our website.

12. Analytics

We may use website analytics tools in future to understand how visitors interact with our website. Any analytics tools we use will be disclosed in this policy and, where required by GDPR, will only be activated with your explicit consent.

This section will be updated when analytics tools are implemented.

13. Data Sharing

We only share your personal data with service providers necessary to operate our business, as described in this policy:

Hetzner Online GmbH (Germany) — website hosting
Stripe Inc. (USA) — payment processing
PayPal (Europe) S.à r.l. et Cie, S.C.A. (Luxembourg) — payment processing
ManyChat Inc. (USA) — Instagram DM automation for lead magnet delivery

We do not sell your personal data to third parties. We do not share your data with any parties not listed in this policy.

14. Data Retention

We retain your personal data only as long as necessary to fulfil the purposes described in this policy or as required by law:

Email subscribers: Until you unsubscribe or request deletion.
Customer/transaction data: 10 years, as required by German commercial and tax law (§ 147 AO, § 257 HGB).
Contact form submissions: 3 years, or until the matter is resolved.
Community member accounts: Until account deletion is requested.

15. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

Right of access (Art. 15): Request a copy of the personal data we hold about you.
Right to rectification (Art. 16): Request correction of inaccurate personal data.
Right to erasure (Art. 17): Request deletion of your personal data (‘right to be forgotten’).
Right to restriction of processing (Art. 18): Request that we limit how we use your data.
Right to data portability (Art. 20): Request your data in a structured, machine-readable format.
Right to object (Art. 21): Object to processing based on legitimate interests.
Right to withdraw consent (Art. 7(3)): Withdraw consent for marketing at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at aparna@bringnatureinside.blog. We will respond within 30 days.

You also have the right to lodge a complaint with the competent supervisory authority: Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg, www.baden-wuerttemberg.datenschutz.de

16. Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. These include:

SSL/TLS encryption on all data transmitted to and from our website.
Secure server infrastructure provided by Hetzner, based in Germany.
Access controls limiting who can access personal data within our systems.
Regular updates to software and security protocols.

17. Kleinunternehmerregelung

Gemäß § 19 UStG wird keine Umsatzsteuer berechnet. (We operate under the German small business regulation and do not charge VAT.)

18. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The date at the top of this page indicates when the policy was last updated. We encourage you to review this page periodically.

19. Contact

For any questions, requests, or concerns regarding this Privacy Policy or your personal data, please contact:

Aparna Vijayakrishnan
bringnatureinside.blog

c/o Postflex #9466
Emsdettener Str. 10
48268 Greven
Germany

Email: aparna@bringnatureinside.blog