← Back to home

Privacy Policy

Last updated: June 2026

This Privacy Policy applies to the website lizethquintero.com and all related services operated by Lizeth Quintero Rodriguez ("I", "me", "my").

I take your privacy seriously. This policy explains what data I collect, why I collect it, how I use it, and what rights you have under the EU General Data Protection Regulation (GDPR).

1. Who I Am (Data Controller)

Name: Lizeth Quintero Rodriguez
Location: Leipziger Straße, 10117, Berlin, Germany — full address available on request
Email: hello@lizethquintero.com
Legal status: Freiberuflerin (freelance professional), based in Germany

I am the data controller for personal data collected through this website and associated services.

2. What Data I Collect and Why

2.1 Client Advisory

What I collect: Name, email address, professional information you share during our engagement.

Why: To deliver services, manage invoicing, and communicate with you professionally.

Legal basis: Performance of a contract (GDPR Article 6(1)(b)) and legitimate interests (GDPR Article 6(1)(f)).

Processors: Google Meet (live sessions), Notion (templates), Google Calendar and Cal.com (scheduling), Stripe (payments). I do not store your full payment details — these are handled directly by Stripe under their own data processing terms.

Session transcription: With your explicit prior consent, I may use AI-powered note-taking tools to create summaries of meetings and improve internal workflow efficiency. You will always be asked for permission before any transcription tool is activated, and you may decline without any impact on the service. If you consent, the transcription data is used solely to support your advisory engagement and is not shared with third parties beyond the transcription tool provider.

Legal basis for transcription: Consent (GDPR Article 6(1)(a)) or our legitimate interest in conducting efficient business meetings (Art. 6(1)(f) GDPR). You can withdraw consent at any time, and future sessions will not be transcribed.

2.2 Discovery Call and Intake Form Respondents

What I collect: Name, email address, and answers you provide in the intake form.

Why: To assess your needs, schedule a discovery call, and communicate with you about potential advisory services.

Legal basis: Pre-contractual steps at your request (GDPR Article 6(1)(b)).

Processor: Cal.com (scheduling and intake forms), Google Calendar (scheduling), Google Meet (live sessions).

Session transcription: With your explicit prior consent, I may use AI-powered note-taking tools to create summaries of meetings and improve internal workflow efficiency. You will always be asked for permission before any transcription tool is activated, and you may decline without any impact on the service. If you consent, the transcription data is used solely to support your advisory engagement and is not shared with third parties beyond the transcription tool provider.

Legal basis for transcription: Consent (GDPR Article 6(1)(a)) or our legitimate interest in conducting efficient business meetings (Art. 6(1)(f) GDPR). You can withdraw consent at any time, and future sessions will not be transcribed.

2.3 Newsletter Subscribers

What I collect: Your name and email address.

Why: To send you my newsletter, which you subscribed to voluntarily.

Legal basis: Consent (GDPR Article 6(1)(a)). You can withdraw consent at any time by unsubscribing.

Processor: Kit (formerly ConvertKit), a US-based email platform. Kit processes your data under Standard Contractual Clauses for EU–US data transfers.

2.4 General Enquiries

What I collect: Name, email address, and information you share when reaching out to me.

Why: To respond to your enquiry and communicate professionally.

Legal basis: Legitimate interests (GDPR Article 6(1)(f)).

3. Website Hosting

This website is hosted by Netlify, a US-based hosting provider. When you visit this website, Netlify may automatically collect certain technical data such as your IP address and browser information through server logs. This data is processed by Netlify under their privacy policy and applicable data transfer safeguards.

4. Cookies

This website does not currently use analytics or marketing cookies. If this changes in the future, this policy will be updated and a cookie consent mechanism will be implemented.

Strictly necessary cookies may be used to ensure basic website functionality.

5. Who I Share Your Data With

I do not sell your data. I do not share your data with third parties for their own marketing purposes.

I share data only with service providers who process it on my behalf and where you have given consent.

I may also share data with legal or regulatory authorities if required by law.

6. International Data Transfers

Some of my service providers are based outside the EU. When your data is transferred outside the European Economic Area, these transfers are supported by safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission, the EU-US Data Privacy Framework, or equivalent mechanisms intended to protect your data during international transfers.

7. How Long I Keep Your Data

Data typeRetention period
Newsletter subscribersUntil you unsubscribe
Advisory client data3 years after engagement ends
Session transcription dataDeleted within 90 days after engagement ends, or upon withdrawal of consent
Discovery call / intake data1 year after enquiry (if not enrolled)
Payment records and invoices10 years (German tax retention requirement)
General enquiries1 year after last communication

8. Your Rights Under GDPR

If you are in the EU or UK, you have the right to:

To exercise any of these rights, email me at: hello@lizethquintero.com

I will respond within 30 days.

You also have the right to lodge a complaint with your national data protection authority. In Germany: Die Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI) or the data protection authority of your federal state (Landesdatenschutzbeauftragter). In Berlin: Berliner Beauftragte für Datenschutz und Informationsfreiheit.

9. Data Security

I take reasonable technical and organisational measures to protect your personal data from unauthorised access, loss, or misuse. If a data breach occurs that is likely to affect your rights, I will notify you and the relevant supervisory authority as required by GDPR.

10. Changes to This Policy

I may update this policy from time to time. When I make significant changes, I will update the "Last updated" date at the top. If you are a newsletter subscriber, I may also notify you by email.

11. Contact

Lizeth Quintero Rodriguez
Berlin, Germany — full address available on request
Email: hello@lizethquintero.com
Website: lizethquintero.com