When you visit our website (https://www.aliadra.com/), we process technical and personal data.
The following Privacy Policy informs you transparently and comprehensively about the data processing on our website and your rights as a user.
1. Controller responsible for data processing
When you visit the website (https://www.aliadra.com/), the user data listed below is collected and processed. The site is operated by Ali Adra, Am Emplkeller 28, 85435 Erding, Germany, who is therefore the controller responsible for this data and its processing within the meaning of data protection law.
2. Types of data and how they are processed
a. Accessing the website
When you access our website, our web servers temporarily store the following data (log files):
Browser type / browser version
The operating system used
Referrer URL
Hostname of the accessing device
Time of the server request
IP address
This data is required to display the website, enable navigation and other functions and services, and to troubleshoot technical issues.
b. Cookies
Cookies are small text files containing information that a platform transfers to and stores on a device. Our website uses the following cookies for various functions:
Service
Purpose
Type of cookies
Example of cookies
Legal basis
Calendly
The site includes a button to book a free consultation via Calendly. This service may set cookies to provide the calendar’s functionality and track user interaction.
Functional, Analytics
_cfuvid, ajs_anonymous_id, ajs_user_id – for analytics and security
Art. 6 Abs. 1 lit. f DSGVO
Webflow
Webflow may set cookies to ensure form security and website functionality. Details can be found in Webflow’s privacy policy:
https://webflow.com/
legal/eu-privacy-policy./legal/eu-privacy-policy.
Necessary
wf-csrf – protects against CSRF attacks
Art. 6 Abs. 1 lit. f DSGVO
Mailchimp
Mailchimp uses cookies to provide services, analytics, site security, and improve user experience.
Necessary, Performance, Functional, Targeting
_mcid – user identifier for content personalization.
_AVESTA_ENVIRONMENT – necessary for the functioning of subscription forms.
optanonConsent
Art. 6 Abs. 1 lit. f DSGVO
We also use Google Analytics in anonymized form:
To further improve our offering, we collect statistical data about the use of our website. For this we use the Google Analytics service provided by Google Inc., USA, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics is a web analytics service of Google Inc. (“Google”). Google Inc. is certified under the EU-U.S. Data Privacy Framework. The certificate can be found here: https://www.dataprivacyframework.gov/list
The EU-U.S. Data Privacy Framework governs the secure exchange of data between EU Member States and the USA.
Google Analytics uses “cookies”, text files stored on your computer, which enable analysis of your use of the website. The information generated by the cookie about your use of this website is generally transmitted to a Google server in the USA and stored there. If IP anonymization is activated on this website, your IP address will, however, be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before transmission. The IP address transmitted by your browser within the scope of Google Analytics will not be merged with other Google data.
You can prevent cookies from being stored by adjusting your browser settings; however, please note that in this case you may not be able to use all functions of this website to their full extent. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) as well as processing of this data by Google by downloading and installing the browser add-on available at: http://tools.google.com/dlpage/gaoptout?hl=de
You can prevent collection by Google Analytics by clicking the following link. An opt-out cookie will be set that prevents future collection of your data when visiting this website:
<a href=“javascript:gaOptout()“>Google Analytics deaktivieren</a>
Further information on terms of use and data protection can be found at http://www.google.com/analytics/terms/de.html and https://www.google.de/intl/de/policies/.
We also use the “anonymizeIP” extension. This is an IP masking feature provided by Google. Because we use it, the last four digits of your IP address are removed before storage, so that no personal reference can be made from the IP address. Google’s analytical evaluation is therefore carried out in anonymized form.
3. Instagram, TikTok, Twitter, LinkedIn
Our site does not use plugins provided by these social networks. No automatic transfer of user data to the operators of these platforms takes place on our pages.
The logos are merely links to the respective external pages.
4. Newsletter subscription
You can subscribe to a regular newsletter on our homepage. The newsletter contains general information on stroke. For this we only need an email address. You will first receive an email due to your registration containing a link that you must click to confirm your subscription (double opt-in). This helps prevent misuse of email addresses. You also have the option to be addressed by your real name in the newsletter (personalized newsletter). To do so, simply provide your first and last name. We process both your email address and your name solely for the purpose of sending you the newsletter.
Withdrawal of consent
Your consent to receive the newsletter is voluntary and can be withdrawn at any time. To do so, use the unsubscribe link in the newsletter email, send us an email at support@aliadra.com, or write to: Ali Adra, Am Emplkeller 28, 85435 Erding, Germany.
If you withdraw consent, processing up to that point remains lawful. Withdrawal only applies for the future.
5. Data transfers to third countries
Some of our service providers transfer personal data to the USA. On 10 July 2023, the European Commission adopted an adequacy decision for the protection level of personal data under the EU-U.S. Data Privacy Framework (Art. 45 DSGVO).
If a transfer to third countries is not possible on the basis of an adequacy decision under Art. 45 DSGVO, we have taken steps to ensure an adequate level of data protection for the transfer, for example by concluding Standard Contractual Clauses. These are contracts prescribed by the European Commission under which the parties commit to appropriate data protection standards for data transfers. The service provider thereby gives specific guarantees to protect the data.
We may also carry out data processing on the basis of consent. If we obtain consent, you will be specifically informed about the data processing.
6. Sharing data with processors
We engage service providers for specialized tasks (e.g., IT services for our systems, maintenance of IT infrastructure). These providers may also gain access to data.
We have concluded data processing agreements with these providers (Art. 28 DSGVO) to ensure the best possible protection of the data. We have carefully selected these providers. They process personal data only on our behalf and strictly in accordance with our instructions on the basis of the relevant contracts.
7. Legal basis for storage
The legal basis for storing the data mentioned above is, as applicable, Art. 6 Abs. 1 lit. a and f DSGVO. The legitimate interest referred to in lit. f arises from the necessity to display the website and provide the functions described above to users. The legitimate interest for using Google Analytics in anonymized form lies in the continuous improvement of our site. Neither we nor Google can draw conclusions about a person based on this user data.
When logging in to any restricted-access area, we process the login data you provide on the basis of Art. 6 Abs. 1a DSGVO.
8. Secure data transmission
Our website uses SSL encryption. You can recognize this by the “HTTPS” in the address bar. SSL encryption is transport encryption that prevents third parties from viewing the data.
9. Communication
If users send us an email, we use the email address and any personal data and information contained in the email solely to handle the relevant request. For content requiring special protection, we recommend sending the email in encrypted form only.
10. Your rights
a. Right of access, Art.15 DSGVO
Data subjects have the right to obtain information at any time, free of charge, about the personal data we store. The information includes:
The purposes of processing;
The categories of personal data processed;
The recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organizations;
Where possible, the envisaged storage period for the personal data, or, if not possible, the criteria used to determine that period;
The existence of the right to rectification or erasure of personal data or restriction of processing by the controller or to object to such processing;
The existence of a right to lodge a complaint with a supervisory authority;
Where the personal data is not collected from the data subject, any available information as to its source;
The existence of automated decision-making, including profiling, referred to in Article 22 paragraphs 1 and 4, and, at least in those cases, meaningful information about the logic involved as well as the significance and the envisaged consequences of such processing for the data subject.
b. Right to rectification, Art.16 DSGVO
You may request the rectification or completion of personal data if it is inaccurate or incomplete.
c. Right to erasure (“right to be forgotten”), Art.17 DSGVO
You may also request the deletion of personal data we store if one of the following applies:
The personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
You withdraw your consent on which the processing is based according to Article 6 paragraph 1 point a or Article 9 paragraph 2 point a, and there is no other legal ground for the processing.
You object to the processing pursuant to Article 21 paragraph 1 and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21 paragraph 2.
The personal data has been unlawfully processed.
The personal data must be erased for compliance with a legal obligation in the European Union or Member State law to which the controller is subject.
The personal data has been collected in relation to the offer of information society services referred to in Article 8 paragraph 1.
Where retention obligations prevent deletion, the data will be restricted for that purpose. You may request deletion (“right to be forgotten”), rectification, and access at any time, to the extent possible.
d. Right to restriction of processing Art.18 DSGVO
You also have the right to request restriction of processing where one of the following applies:
The accuracy of the personal data is contested by you for a period that enables us to verify the accuracy of the personal data;
The processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;
We no longer need the personal data for the purposes of the processing, but you or we need it for the establishment, exercise or defense of legal claims; or
You have objected to processing pursuant to Article 21 paragraph 1 pending verification whether our legitimate grounds override yours.
e. Right to data portability Art.20 DSGVO
You may receive the data you have provided voluntarily in a machine-readable format or have it transmitted to a third party (data portability). This right does not apply to other data that is not processed on the basis of Art. 6 paragraph 1 point a or b or Art. 9 paragraph 2 point a DSGVO or that is not processed by automated means.
f. Right to object Art.21 DSGVO
You have the right to object at any time to the processing of your personal data that is based on Art. 6 paragraph 1 point e or f DSGVO. In that case we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.
g. Right to lodge a complaint
Every data subject also has the right to lodge a complaint with a data protection supervisory authority at any time. The supervisory authority responsible for us is:
Der Bayerische Landesbeauftragte für den Datenschutz (BayLfD)
Wagmüllerstraße 18, 80538 Munich, Germany
11. Validity and changes to this Privacy Policy
This Privacy Policy is currently valid and dated September 2025. Due to the further development of our website or because of changes in legal or regulatory requirements, it may become necessary to adjust this Privacy Policy accordingly. The most current Privacy Policy can be accessed and printed from the website at any time.
12. Data Protection Officer
For questions or to exercise your rights, please contact our Data Protection Officer.
Status: September 2025
