Last updated: August 29, 2025
Privacy policy
Information about the Processing of Personal Data
This privacy policy describes how we collect, use and share your personal data when you visit our website and interact with us. It also explains your rights as a data subject arising from the EU General Data Protection Regulation (GDPR).
Personal data is all data that can be related to you personally, such as your name, email, address and user behavior.
The data controller pursuant to Art. 4 (7) GDPR is pHera, represented by Kopano Valerie Masete, Altensteinstraße 40, 14195 Berlin, Germany, info@phera.digital, also referred to as “we”, “us” or “our”. See our imprint/legal notice for further details https://phera.digital/legal-notice/.
Your Rights
You have the following rights towards us regarding personal data concerning you:
- right to information (Art. 15 GDPR)
- right to rectification (Art. 16 GDPR)
- right to erasure (Art. 17 GDPR)
- right to restriction of processing (Art. 18 GDPR)
- right to data portability (Art. 20 GDPR)
- right to object against automated processing (Art. 21 GDPR)
- right to protection against automated decision-making (Art. 22 GDPR)
- right to complain to a data protection supervisory authority about our processing of your personal data
Please feel free to contact us on this at info@phera.digital.
Data Security
We use appropriate technical and organizational measures to protect your data from manipulation, loss, destruction or unauthorized access. In doing so, we take into account the state of the art, the implementation costs and the nature, scope, context and purpose of the processing. In addition, we regularly assess the risks of a possible data breach, including its probability and impact. Our security measures are continuously adapted to technological progress.
Objection or Withdrawal of Consent to Processing your Personal Data
If you have consented to the processing of your data, you may withdraw this consent at any time. The withdrawal applies from the time at which you notify us of it and concerns the future processing of your data. The permissibility of the processing of your data up to the time of your withdrawal remains unaffected.
If we base the processing of your personal data on a balancing of interests, you may object to the processing. We will in particular undertake a balancing of interests if we process your data in the public interest or based on our legitimate interests. When objecting against the processing, please provide us with the reasons for your objection as to why you reject the processing of your data in the previous form. We will review your objection and will either discontinue or adjust the processing, or explain to you our compelling legitimate reasons that justify the continuation of the processing.
You may object to the processing of your personal data for purposes of advertising and data analysis at any time.
Please contact us at info@phera.digital for any withdrawals or objections.
Storage Periods of Your Personal Data
Unless a more specific storage period is stipulated in this data protection declaration, we only store your personal data for as long as is necessary to fulfill the purposes we collected it for. This includes the fulfillment of legal, tax and accounting obligations. When determining the storage period, we take into account the scope, type and sensitivity of the data, the potential risk of unauthorized use or disclosure, the purposes of the processing, whether we can achieve these purposes by other means and applicable legal requirements.
In some circumstances we may anonymize your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.
If you have any questions on the way we retain your personal data, you can contact us at info@phera.digital.
Data Processing by Third Parties
We may commission external service providers to process your data. We carefully select these service providers, bind them to our instructions and monitor them regularly.
The legal basis for the commission of external service providers is Art. 6 (1) sentence 1 lit. b or lit. f GDPR or, if consent has been requested, your consent in accordance with Art. 6 (1) sentence 1 lit. a GDPR. You can revoke your consent at any time.
If our service providers are based outside the European Union (so-called third countries), we will inform you of this in the respective function description below. According to the European Commission’s adequacy decision, some third countries have a level of data protection comparable to that in the EU. A list of these countries and copies of the adequacy decisions can be found here: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en. Other third countries may lack a consistently high level of data protection. In such cases, we ensure that data protection is sufficiently guaranteed, e.g. by standard contractual clauses of the European Commission in accordance with Art. 46 (1), (2) lit. c GDPR.
Processing of Personal Data when Visiting our Website
When you visit our website, the following data is processed and stored in server log files:
- Your IP address,
- date and time of the access,
- time zone difference from Greenwich Mean Time (GMT),
- web pages accessed by your system through our website,
- access status/HTTP status code,
- data volume transferred in each case,
- web pages from which your system accessed our website,
- location data, including location data from your mobile device,
- browser type as well as the version and language used, and
- your operating system.
These data are technically necessary to display our website to you and to ensure the stability and security of the system. The legal basis for the processing of the aforementioned data is Art. 6 (1) sentence 1 lit. f GDPR. Our legitimate interest lies in providing a functional and secure website. The data will be deleted as soon as they are no longer required to achieve the purpose of their collection, but no later than after seven days.
Hosting
The provider is IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany. We use IONOS Managed WordPress to host and provide our website. For details on the processing by IONOS, please refer to the provider’s privacy policy: https://www.ionos.co.uk/terms-gtc/privacy-policy. A data processing agreement (DPA) has been concluded with the provider. The legal basis for the processing of the aforementioned data is Art. 6 (1) sentence 1 lit. f GDPR. Where consent has been obtained, you can revoke it at any time.
Other Functions and Offers on our Website
In addition to using our website for informational purposes, we offer you the opportunity to contact us and to register interest in participating in user interviews or collaborations. For this purpose, you usually have to provide further personal data that we use to provide the respective service and for which the aforementioned data processing principles apply (legal basis, storage period, objection/revocation), unless expressly regulated otherwise below.
Contact via our website
When you contact us via our website, for example, to request collaboration or to register interest in a user interview via our appointment link (Nextcloud Appointments), we process the personal data you provide (e.g., name, email address, role/affiliation, availability and your message) in order to handle your request and to schedule a conversation. We conduct these conversations primarily via Nextcloud Talk. BigBlueButton may be used as a backup. The aforementioned data is processed for the purpose of carrying out the contractual relationship. The processing of the data is based on Art. 6 (1) sentence 1 lit. b GDPR. The storage period is limited to the purpose of the contract and, if applicable, legal and contractual retention obligations.
User research interviews
If you participate in a research interview, we process your participation data and the interview responses you choose to share with us. Depending on the content of your responses, this may include special categories of personal data (e.g., health information). We do not record audio or video; we conduct interviews primarily via Nextcloud Talk (BigBlueButton may be used as a backup) and take handwritten notes which we anonymize so that they cannot be attributed to individual persons. The legal basis for interview participation data is your consent under Art. 6 (1) sentence 1 lit. a GDPR; for any special categories of data we rely on your explicit consent under Art. 9 (2) (a) GDPR. The storage period is limited to the purposes described and to any applicable statutory retention obligations.
Contact via email
When you contact us via email or via a contact form, the data you provide (your email address, name and telephone number, if applicable) will be stored by us in order to answer your questions or handle your complaint. The data processing for the purpose of contacting us is carried out in accordance with Art. 6 (1) sentence 1 lit. a GDPR on the basis of your voluntarily given consent. You may revoke your consent at any time. We delete the data accruing in this context, (i) if the inquiry is assigned to a contract, after the term of the contract has elapsed, and (ii) otherwise after the storage is no longer necessary, or (iii) restrict the processing if there are legal obligations to retain data.
Up-To-Dateness and Amendments of this Privacy Policy
Due to the further development of our website and offers on it or due to changed legal or regulatory requirements, we may be required to amend this privacy policy.
Cookie Policy
This Cookie Policy was last updated on September 7, 2025 and applies to citizens and legal permanent residents of the European Economic Area and Switzerland.
1. Introduction
Our website, https://phera.digital (hereinafter: “the website”) uses cookies and other related technologies (for convenience all technologies are referred to as “cookies”). Cookies are also placed by third parties we have engaged. In the document below we inform you about the use of cookies on our website.
2. What are cookies?
A cookie is a small simple file that is sent along with pages of this website and stored by your browser on the hard drive of your computer or another device. The information stored therein may be returned to our servers or to the servers of the relevant third parties during a subsequent visit.
3. What are scripts?
A script is a piece of program code that is used to make our website function properly and interactively. This code is executed on our server or on your device.
4. What is a web beacon?
A web beacon (or a pixel tag) is a small, invisible piece of text or image on a website that is used to monitor traffic on a website. In order to do this, various data about you is stored using web beacons.
5. Cookies
5.1 Technical or functional cookies
Some cookies ensure that certain parts of the website work properly and that your user preferences remain known. By placing functional cookies, we make it easier for you to visit our website. This way, you do not need to repeatedly enter the same information when visiting our website and, for example, the items remain in your shopping cart until you have paid. We may place these cookies without your consent.
5.2 Marketing/Tracking cookies
Marketing/Tracking cookies are cookies or any other form of local storage, used to create user profiles to display advertising or to track the user on this website or across several websites for similar marketing purposes.
5.3 Social media
On our website, we have included content from Instagram and LinkedIn to promote web pages (e.g. “like”, “pin”) or share (e.g. “tweet”) on social networks like Instagram and LinkedIn. This content is embedded with code derived from Instagram and LinkedIn and places cookies. This content might store and process certain information for personalized advertising.
Please read the privacy statement of these social networks (which can change regularly) to read what they do with your (personal) data which they process using these cookies. The data that is retrieved is anonymized as much as possible. Instagram and LinkedIn are located in the United States.
6. Placed cookies
7. Consent
When you visit our website for the first time, we will show you a pop-up with an explanation about cookies. As soon as you click on “Save preferences”, you consent to us using the categories of cookies and plug-ins you selected in the pop-up, as described in this Cookie Policy. You can disable the use of cookies via your browser, but please note that our website may no longer work properly.
7.1 Manage your consent settings
8. Enabling/disabling and deleting cookies
You can use your internet browser to automatically or manually delete cookies. You can also specify that certain cookies may not be placed. Another option is to change the settings of your internet browser so that you receive a message each time a cookie is placed. For more information about these options, please refer to the instructions in the Help section of your browser.
Please note that our website may not work properly if all cookies are disabled. If you do delete the cookies in your browser, they will be placed again after your consent when you visit our website again.
9. Your rights with respect to personal data
You have the following rights with respect to your personal data:
- You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
- Right of access: You have the right to access your personal data that is known to us.
- Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
- If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
- Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
- Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.
To exercise these rights, please contact us. Please refer to the contact details at the bottom of this Cookie Policy. If you have a complaint about how we handle your data, we would like to hear from you, but you also have the right to submit a complaint to the supervisory authority (the Data Protection Authority).
10. Contact details
For questions and/or comments about our Cookie Policy and this statement, please contact us by using the following contact details:
pHera
Profund Innovation – Freie Universität Berlin
Altensteinstraße 40
14195 Berlin
Germany
Website: https://phera.digital
Email: info@ex.comphera.digital
This Cookie Policy was synchronized with cookiedatabase.org on October 29, 2025.