SaageBooks.com

Contact | Imprint | Privacy Policy

Privacy Policy

Privacy Policy of Saage Media GmbH

Version: 24.04.2025

We, Saage Media GmbH („we“, „us“), take the protection of your personal data very seriously. This Privacy Policy informs you about how we collect, process, and use your personal data when you visit our websites [SaageMedia.com and SaageBooks.com] or use our services.

1. Controller for Data Processing

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws as well as other data protection provisions is:

Saage Media GmbH
represented by the Managing Director Rico Saage
c/o SpinLab – The HHL Accelerator
Spinnereistraße 7
04179 Leipzig, Germany
Email: [email protected]

2. Data Protection Officer

Due to our company size, we are not legally obliged to appoint an external Data Protection Officer. If you have any questions regarding data protection, please contact the controller named in Section 1 (Rico Saage).

3. General Principles of Data Processing

As a matter of principle, we process personal data of our users only to the extent necessary to provide a functional website as well as our content and services. The processing of our users‘ personal data regularly takes place only with the user’s consent. An exception applies in cases where obtaining prior consent is not possible for factual reasons and the processing of the data is permitted by law.

The legal bases for processing your data are:

  • Where we obtain the data subject’s consent for processing operations involving personal data, Art. 6(1)(a) GDPR serves as the legal basis. For consent related to cookies and similar technologies, § 25(1) TTDSG (German Telecommunications Telemedia Data Protection Act) is also relevant.
  • For the processing of personal data necessary for the performance of a contract to which the data subject is a party, Art. 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations necessary for carrying out pre-contractual measures.
  • Where processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6(1)(c) GDPR serves as the legal basis (e.g., statutory retention obligations, proof of consent).
  • If processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, and such interests are not overridden by the interests or fundamental rights and freedoms of the data subject, Art. 6(1)(f) GDPR serves as the legal basis for the processing. For storing or accessing information in the user’s terminal equipment based on a legitimate interest, § 25(2) TTDSG may be applicable (e.g., for technically strictly necessary cookies).

4. Provision of the Website and Creation of Log Files (Hosting)

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected (server log files):

  • IP address of the requesting computer (possibly anonymized)
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which the access originates (Referrer URL)
  • Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider

This data is stored in the log files of our system. This data is not stored together with other personal data of the user.

Purpose: The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. Storage in log files is done to ensure the functionality of the website, guarantee the security of our information technology systems, and optimize the website.
Legal Basis: Legitimate interest pursuant to Art. 6(1)(f) GDPR. Our legitimate interest lies in ensuring the stability and security of our website.
Hosting Provider: We host our website with Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin, Germany. The servers are located in Germany. We have concluded a Data Processing Agreement (DPA) with Strato in accordance with Art. 28 GDPR (https://www.strato.de/agb/avv/). Strato’s privacy policy can be found here: https://www.strato.de/datenschutz/
Storage Duration: STRATO stores the IP addresses of visitors to our website for a maximum of seven days for the purpose of detecting and defending against attacks. Afterwards, the IP addresses are irrevocably anonymized. In the log files available to us, IP addresses are only viewable in anonymized form. The anonymized log files are stored for up to six weeks.

5. Use of Cookies and Consent Management (CookieYes)

Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user calls up a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.

We use cookies to make our website more user-friendly, provide functions, and analyze usage. A distinction is made between technically necessary cookies, which are essential for the operation of the site, and optional cookies (e.g., for statistics, marketing, external media).

  • Technically Necessary Cookies: These are required for the website to function and cannot be deactivated in our systems. They are usually only set in response to actions taken by you which amount to a request for services, such as setting your privacy preferences or filling in forms.
    • Legal Basis: § 25(2) No. 2 TTDSG or our legitimate interest in providing our services in a technically flawless and optimized manner pursuant to Art. 6(1)(f) GDPR.
  • Optional Cookies / Technologies (Consent Required): All other cookies and similar technologies (such as loading external scripts or fonts from third-party providers that transmit data) that are not technically necessary are only used with your explicit consent.
    • Legal Basis: Your consent pursuant to § 25(1) TTDSG (for storing/reading on the terminal device) and Art. 6(1)(a) GDPR (for the subsequent processing of personal data).
  • Consent Management with CookieYes: We use the consent management tool „CookieYes“ from CookieYes Limited, 3 Warren Yard, Warren Park, Stony Stratford, Milton Keynes, MK11 1EB, United Kingdom (UK). This tool enables us to obtain, manage, and document your consent to the storage of cookies or the use of certain technologies. CookieYes sets a technically necessary cookie („cookieyes-consent“) to store your choice. No personal data beyond the storage of your preference is processed by CookieYes.
    • Purpose: Fulfillment of the legal obligation to provide proof of consent.
    • Legal Basis: Legal obligation pursuant to Art. 6(1)(c) GDPR.
    • CookieYes Privacy Policy: https://www.cookieyes.com/privacy-policy/
    • Note on UK Transfer: Although CookieYes is based in the United Kingdom, there is an adequacy decision by the EU Commission for the UK, meaning the level of data protection is considered comparable to that in the EU.
  • Withdraw/Adjust Consent: You can withdraw your consent at any time with effect for the future or adjust your cookie settings. To do this, use the cookie icon located at the bottom left of our website to reopen the cookie settings. The lawfulness of the processing carried out until the withdrawal remains unaffected.

6. Contact via Email

If you contact us by email, the personal data you transmit (your email address and the content of your message) will be stored and processed to handle your request.

Purpose: Processing and responding to your inquiry.
Legal Basis: If the contact is made in the context of initiating or fulfilling a contract, the legal basis is Art. 6(1)(b) GDPR. In other cases, the legal basis is our legitimate interest in efficiently processing the inquiries addressed to us (Art. 6(1)(f) GDPR).
Storage Duration: The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected and provided no statutory retention obligations prevent deletion. This is generally the case when the respective conversation with you has ended and the matter has been finally clarified.

7. Newsletter (Brevo)

On our website, you have the option to subscribe to a free newsletter. When registering for the newsletter, the data from the input mask (your email address, possibly other voluntary information) is transmitted to us or our service provider Brevo. Registration uses a so-called double opt-in procedure (DOI). After registering, you will receive an email asking you to confirm your registration. This confirmation is necessary to prevent anyone from registering with third-party email addresses. Newsletter registrations are logged (registration and confirmation time, IP address) in order to be able to prove the registration process in accordance with legal requirements.

Purpose: Sending regular information about our products (e-books, books, audiobooks), offers, and news via email; Proof of consent.
Performance Measurement (Tracking): Our newsletters contain a so-called „web beacon“ or „tracking pixel“, i.e., a pixel-sized file that is retrieved from the server of our dispatch service provider when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval, are collected. This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined using the IP address) or access times. Statistical surveys also include determining whether the newsletters are opened, when they are opened, and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients, but it is neither our intention nor that of the dispatch service provider to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
Legal Basis: The processing of your email address for sending the newsletter and logging the registration, as well as the performance measurement, is based exclusively on your explicit consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG (for the tracking pixel).
Service Provider: We use the service „Brevo“ (formerly Sendinblue) for dispatch and administration. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany. Brevo is a recipient of your personal data and acts as a processor for us. We have concluded a Data Processing Agreement (DPA) with Brevo in accordance with Art. 28 GDPR.
Brevo’s Privacy Policy: https://www.brevo.com/legal/privacypolicy/
Storage Duration: The data is stored as long as the newsletter subscription is active. After unsubscribing, the data is deleted from the distribution list but may be stored for up to three years to fulfill our proof obligations (e.g., regarding consent).
Withdrawal of Consent: You can withdraw your consent to receive the newsletter and the associated performance measurement at any time for the future. You can declare the withdrawal by clicking on the unsubscribe link provided in every newsletter email or by sending a message to the contact address mentioned above.

8. Security Measures (Limit Login Attempts, WPS Hide Login, Wordfence)

We employ technical measures on our website to enhance the security of our systems and protect against unauthorized access and attacks. This includes plugins like Limit Login Attempts Reloaded, WPS Hide Login, and potentially Wordfence Security.

Data Processing: These tools typically process the IP addresses of visitors attempting to log in or access protected areas. In case of repeated failed login attempts, IP addresses may be blocked temporarily or permanently. WPS Hide Login obscures the default login URL. Wordfence may additionally analyze traffic and detect and block suspicious activities.
Purpose: Protection of the website against brute-force attacks, unauthorized access, and other security threats; maintaining the integrity and availability of our website.
Legal Basis: Our legitimate interest in the security of our IT systems and the protection of our website and user data pursuant to Art. 6(1)(f) GDPR.
Recipients / Third-Country Transfer: Data is primarily processed on our web server. However, Wordfence (Provider: Defiant Inc., USA) may transfer data (e.g., blocked IPs, information about attack attempts) to its servers in the USA to update and improve its threat database (Threat Defense Feed). This transfer is based on Standard Contractual Clauses (SCCs) as an appropriate safeguard. Details can be found in Wordfence’s privacy policy: https://www.wordfence.com/privacy-policy/.
Storage Duration: IP addresses in security logs or blocklists are stored only as long as necessary to ensure security (e.g., for the duration of a block or for analyzing attack patterns).

9. Website Analysis (Burst Statistics)

We use the Burst Statistics plugin to obtain statistical evaluations of the use of our website and to improve our offering. Burst Statistics is designed to be privacy-friendly.

Data Processing: According to the provider, visitor data (such as pages visited, country of origin – derived from the IP address, referrer, browser/device type) is collected anonymously or pseudonymously and stored locally on our web server. By default, no cookies requiring consent are set, and no data is transferred to external Burst Statistics servers. IP addresses are generally stored anonymously.
Purpose: Statistical analysis of user behavior to optimize the website.
Legal Basis: Provided that the data is processed exclusively anonymously or highly pseudonymously, no cookies are set, and no data transfer to third parties occurs, we base the processing on our legitimate interest in the analysis and improvement of our website pursuant to Art. 6(1)(f) GDPR.
Storage Duration: Statistical data is deleted when it is no longer needed for analysis purposes or after a period configurable in the plugin.

10. Google Fonts

We use so-called Web Fonts provided by Google on our website for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

Data Processing: For this purpose, your browser must establish a connection to Google’s servers. This informs Google that our website was accessed via your IP address. Other information such as browser type and version may also be transmitted.
Purpose: Uniform and appealing presentation of our online offerings.
Legal Basis: The use of Google Fonts is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG, which you can grant via our cookie banner. Without your consent, Google Fonts will not be loaded (standard fonts may be displayed instead).
Recipient / Third-Country Transfer: The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Data may be transferred to Google servers in the USA. There is no adequacy decision by the EU Commission for the USA. The data transfer is based on Standard Contractual Clauses (SCCs) of the European Commission, which are intended to ensure an adequate level of data protection. Nevertheless, we and Google cannot completely exclude the possibility of access by US authorities.
Google’s Privacy Policy: https://policies.google.com/privacy?hl=en

11. Google reCAPTCHA

We use „Google reCAPTCHA“ (hereinafter „reCAPTCHA“) on our website. The provider is Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland. We use reCAPTCHA v2 with the checkbox („I’m not a robot“).

Purpose: reCAPTCHA is used to check whether data entry on our website (e.g., in the newsletter registration form) is done by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the area with reCAPTCHA or clicks the checkbox.
Data Processing: For the analysis, reCAPTCHA evaluates various information (e.g., IP address, time spent by the visitor on the website, mouse movements made by the user, information about browser and operating system, Google cookies set). The data collected during the analysis is forwarded to Google.
Legal Basis: The use of reCAPTCHA is based on your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG (for cookies and data collection), which you can grant via our cookie banner. Integration only occurs after your consent.
Recipient / Third-Country Transfer: The recipient of the data is Google Ireland Limited or the parent company Google LLC in the USA. Data transfer to the USA is based on Standard Contractual Clauses (SCCs). As with Google Fonts, risks exist regarding access by US authorities.
Further information on Google reCAPTCHA and Google’s privacy policy can be found at the following links: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en and https://www.google.com/recaptcha/about/
Importance of Consent: Due to the extensive data collection and transfer to the USA, your active consent is mandatory.

12. No Comment Function / Akismet

Our website currently does not offer a public comment function. The Akismet Anti-Spam plugin is therefore not active or is not used for processing comment data.

13. Sale of Products (External)

Currently, the sale of our e-books, books, and audiobooks takes place via external platforms. The respective privacy policies of the platform operators apply to data processing on these external platforms. We may receive data from these platforms for contract processing (e.g., buyer’s name, purchased products), which we process to fulfill our contractual and tax obligations (Legal basis: Art. 6(1)(b) and (c) GDPR).

14. Future Integration of Shopify

We plan to integrate an online shop using the Shopify platform on our website in the future. As soon as this integration takes place, we will update this Privacy Policy accordingly and inform you in detail about the associated data processing (e.g., order data, customer data, payment data, cookies, data transfer to Shopify).

15. Publication of Book Content

We partially publish content from our books on the website. For the mere reading of this content by you, no specific collection of personal data occurs beyond the data mentioned in Section 4 (Server Log Files) and Section 5 (Cookies).

16. SSL/TLS Encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as requests you send to us. You can recognize an encrypted connection by the fact that the address line of the browser changes from „http://“ to „https://“ and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us generally cannot be read by third parties.

17. Your Rights as a Data Subject

As a data subject, you have various rights under the GDPR:

  • Right of Access (Art. 15 GDPR): You have the right to request information about your personal data processed by us.
  • Right to Rectification (Art. 16 GDPR): You have the right to request the immediate correction of inaccurate personal data concerning you.
  • Right to Erasure (‚Right to be Forgotten‘) (Art. 17 GDPR): You have the right to request the deletion of your personal data stored by us, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims.
  • Right to Restriction of Processing (Art. 18 GDPR): You have the right to request the restriction of the processing of your personal data.
  • Right to Notification (Art. 19 GDPR): If you have asserted the right to rectification, erasure, or restriction of processing, we are obliged to notify all recipients to whom your data has been disclosed of this.
  • Right to Data Portability (Art. 20 GDPR): You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format or to request transmission to another controller.
  • Right to Object (Art. 21 GDPR): You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6(1)(e) or (f) GDPR. This also applies to profiling based on these provisions. We will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims. Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing; this includes profiling to the extent that it is related to such direct marketing.
  • Right to Withdraw Consent (Art. 7(3) GDPR): You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. This means we may no longer continue the data processing based on this consent for the future.
  • Right to Lodge a Complaint with a Supervisory Authority (Art. 77 GDPR): You have the right to lodge a complaint with a data protection supervisory authority about our processing of your personal data. The supervisory authority responsible for us is generally the State Data Protection Authority of our registered office (Saxony). A list of data protection authorities and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html (Note: This link leads to a German page listing German authorities).

To exercise your rights, please contact us using the contact details provided in Section 1.

18. Duration of Data Storage

We store your personal data only for as long as is necessary for the purposes for which it was collected (e.g., duration of the contractual relationship, processing your request) or as long as another legal basis for storage exists (e.g., statutory retention periods under commercial or tax law, § 147 German Fiscal Code (AO), § 257 German Commercial Code (HGB)). Once the purpose no longer applies or the statutory periods expire, the corresponding data will be routinely blocked or deleted in accordance with legal requirements. Specific storage periods are mentioned, where possible, in the respective sections of this policy.

19. Note on Online Dispute Resolution

The European Commission provides a platform for online dispute resolution (ODR): http://ec.europa.eu/consumers/odr/. You can find our email address in the imprint above or in Section 1. We are not willing or obliged to participate in dispute resolution proceedings before a consumer arbitration board.

20. Changes to this Privacy Policy

We reserve the right to adapt this Privacy Policy at any time with effect for the future, in particular in the event of changes to the legal situation, jurisdiction, or our processing procedures. The current version can be found on our website. Please inform yourself regularly about the content of our Privacy Policy.g.