Privacy Policy.

Last updated: 08 April 2026

1. General Information

This privacy policy explains how we collect, use, and protect your personal data when you visit this website.

Personal data is any information relating to an identified or identifiable natural person.

2. Controller

The controller responsible for data processing is:

Lisa Fechtner

Stuttgarter Str. 106

c/o Block Services

70736 Fellbach

Germany

Email: info@scamprofiler.com

3. Data Collection on This Website

How we collect your data

We collect personal data in the following ways:

- Data you provide voluntarily

(e.g., via email or newsletter subscription form)

- Data collected automatically

(e.g., IP address, browser type, operating system, time of access)

Purpose of processing

We process your data for the following purposes:

- to provide and operate the website

- to ensure security and stability

- to respond to inquiries

- to send newsletters (if subscribed)

Legal bases

Processing is based on:

- Art. 6(1)(b) GDPR – contract or pre-contractual measures

- Art. 6(1)(a) GDPR – consent (newsletter)

- Art. 6(1)(f) GDPR – legitimate interest

Our legitimate interest lies in maintaining a secure, stable, and functional website.

4. Hosting (Wix)

This website is hosted by Wix.com Ltd., Tel Aviv, Israel.

Wix processes:

- IP address

- device and browser data

- usage data

Legal basis

Art. 6(1)(f) GDPR

Data processing agreement

A DPA has been concluded.

International data transfers

Wix may transfer personal data to countries outside the European Union or the European Economic Area, including Israel and the United States.

Israel is considered to provide an adequate level of data protection by the European Commission.

Where data is transferred to third countries without an adequacy decision (e.g., the United States), appropriate safeguards are implemented, in particular the use of EU Standard Contractual Clauses (SCCs).

However, it cannot be excluded that authorities in such countries may access personal data, which may result in risks for data subjects that cannot be fully controlled by us.

5. Data Retention

We retain personal data only as long as necessary.

Specific periods:

- Email inquiries: up to 6 months

- Contract-related data: up to 10 years (legal obligations)

- Newsletter data: until withdrawal of consent

6. Cookies and Consent Management

This website uses cookies and similar technologies. Cookies are small data files stored on your device that help ensure the functionality and security of the website.

When you visit this website, you can manage your cookie preferences via a consent banner provided by Wix.

Cookie categories

The following categories of cookies are used:

Essential cookies

These cookies are strictly necessary for the operation of the website (e.g., security, identity verification, network management).

They cannot be disabled.

→ Legal basis: § 25(2) TDDDG, Art. 6(1)(f) GDPR

Functional cookies

These cookies enable the website to remember choices you make (e.g., preferences) and provide enhanced, more personalized features.

They are only used with your consent.

→ Legal basis: § 25(1) TDDDG, Art. 6(1)(a) GDPR

Analytics cookies

These cookies help us understand how visitors interact with the website (e.g., usage statistics, performance).

They are only used with your consent.

→ Legal basis: § 25(1) TDDDG, Art. 6(1)(a) GDPR

Marketing cookies

These cookies are used to measure advertising effectiveness and deliver relevant content or advertisements.

They are only used with your consent.

→ Legal basis: § 25(1) TDDDG, Art. 6(1)(a) GDPR

Consent management

You can accept or reject non-essential cookies via the cookie banner when you first visit the website.

You can change or withdraw your consent at any time via the cookie settings link provided on the website.

Storage and access

The storage of and access to information on your device is governed by § 25 TDDDG.

Subsequent data processing is carried out in accordance with the GDPR.

7. Contact

If you contact us via email, we process:

- your name

- contact details

- your message

Purpose

Handling your request

Legal basis

Art. 6(1)(b) and Art. 6(1)(f) GDPR

Retention

Data will be deleted within 6 months unless legal obligations apply.

8. Newsletter

Subscription via website form

When you subscribe to our newsletter via the website form, we process:

- your name, your last name, email address

- confirmation of subscription (double opt-in)

- timestamp and IP address for proof of consent

Purpose

Sending newsletters and related communication

Provider

Brevo (Sendinblue), 12 rue de la Grande Chaumière, 75006 Paris, France

Data is processed on servers within the EU.

A data processing agreement (DPA) has been concluded.

Legal basis

Art. 6(1)(a) GDPR (consent)

Newsletter tracking

Our newsletters may contain tracking (e.g., open rates, clicks).

The tracking of newsletter interactions is only carried out if you have been informed about this prior to subscribing and have given your consent

Withdrawal of consent.

You can withdraw your consent at any time via the unsubscribe link in each email.

Retention

Your data will be deleted after unsubscribing.

Your email address may be stored in a suppression list to prevent further mailings (Art. 6(1)(f) GDPR).

9. Embedded Content (YouTube)

We embed YouTube videos using enhanced privacy mode.

Provider: Google Ireland Limited, Dublin, Ireland

Data is only transmitted after you give consent.

Legal basis

Art. 6(1)(a) GDPR

§ 25(1) TDDDG

10. Payments

We process personal data to perform contracts (orders, payments).

Legal basis

Art. 6(1)(b) GDPR

Payment providers

We use:

- Stripe (Ireland)

- PayPal (Luxembourg)

- Klarna (Sweden)

Data is transferred only as required.

11. Social Media Presence

We maintain publicly accessible profiles on the following social media platforms:

• LinkedIn

• YouTube

• Facebook

• Instagram

In Detail:

Facebook

business: https://www.facebook.com/scamprofiler

YouTube

business: https://www.youtube.com/@scamprofiler

Instagram

private: https://www.instagram.com/characterprofilerlisa

business: https://www.instagram.com/scamprofiler/

private: https://www.linkedin.com/in/characterprofilerlisa
business: https://www.linkedin.com/in/scamprofiler

Joint controllership

When you visit our social media profiles, personal data is processed not only by us but also by the respective platform providers.

For certain processing operations (e.g., provision of usage statistics such as “Insights”), we act as joint controllers with the platform providers pursuant to Art. 26 GDPR.

The primary responsibility for these processing operations lies with the respective platform provider.

Platform providers

• LinkedIn

LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland

• YouTube

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

• Facebook / Instagram

Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland

Legal basis

Art. 6(1)(f) GDPR

Our legitimate interest lies in maintaining an online presence and communicating with users.

Data subject rights

You can exercise your rights both against us and against the respective platform provider.

Please note that we have limited influence over data processing carried out by the platforms.

12. Data Security

We use SSL/TLS encryption to protect your data.

13. Your Rights

You have the right to:

- access (Art. 15 GDPR)

- rectification (Art. 16 GDPR)

- erasure (Art. 17 GDPR)

- restriction (Art. 18 GDPR)

- data portability (Art. 20 GDPR)

- objection (Art. 21 GDPR)

- withdraw consent (Art. 7(3) GDPR)

- lodge a complaint (Art. 77 GDPR)

14. Right to Object (Direct Marketing)

You may object at any time to processing for direct marketing purposes.

15. No Data Protection Officer

We are not legally required to appoint a data protection officer.

16. Google reCAPTCHA

We use Google reCAPTCHA on this website in order to protect our website and forms from misuse, automated requests, and spam.

reCAPTCHA is only activated in specific situations where there is a suspicion of automated or abusive behavior (e.g., repeated or unusual form interactions).

The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Data processing

When reCAPTCHA is activated, personal data may be processed, including:

- IP address

- device and browser information

- user interaction data (e.g., mouse movements, time spent on the page)

This data is used to determine whether the user is a human or an automated program.

Legal basis

The use of reCAPTCHA is based on:

- Art. 6(1)(f) GDPR (legitimate interest)

Our legitimate interest lies in protecting our website from misuse, spam, and automated attacks.

Where the use of reCAPTCHA involves the storage of or access to information on the user’s device, processing may additionally be based on:

- Art. 6(1)(a) GDPR in conjunction with § 25(1) TDDDG (consent), where required

International data transfers

Data may be transferred to servers operated by Google outside the European Union, including the United States.

Such transfers are carried out on the basis of appropriate safeguards, in particular EU Standard Contractual Clauses (SCCs).

However, it cannot be excluded that authorities in third countries may access personal data.

Further information

For more information, please refer to Google’s privacy policy:

https://policies.google.com/privacy

17. Login via Google and Facebook

We offer users the option to register and log in to our website using their existing accounts with third-party providers such as Google and Facebook.

Providers:

- Google: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

- Facebook: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland

Data processing

When you choose to register or log in via one of these providers, we receive certain personal data from your respective account, depending on your settings with the provider. This may include:

- name

- email address

- profile information (e.g., profile picture)

The exact data transferred depends on your individual privacy settings with the respective provider.

Purpose of processing

The data is processed for the purpose of:

- creating and managing your user account

- authenticating your identity

- simplifying the registration and login process

Legal basis

Processing is based on:

- Art. 6(1)(b) GDPR (performance of a contract or pre-contractual measures)

- Art. 6(1)(a) GDPR (consent), insofar as you actively choose to use the social login function

Data sharing and responsibility

Please note that by using social login, personal data may be exchanged between us and the respective provider.

The authentication process is carried out directly with the provider. We do not receive your login credentials.

International data transfers

Data may be transferred to countries outside the European Union, including the United States.

Transfers are carried out on the basis of appropriate safeguards, such as EU Standard Contractual Clauses (SCCs).

However, it cannot be excluded that authorities in third countries may access personal data.

Further information

For more details, please refer to the privacy policies of the providers:

Google: https://policies.google.com/privacy

Facebook: https://www.facebook.com/privacy/policy/