Privacy Policy
As of March 2026
1. Introduction
This Privacy Policy explains how Intrapreneurship Cafe – www.intrapreneurshipcafe.com ("the Platform", "we", "us", "our") collects, uses, discloses, and protects personal data when you:
visit and use www.intrapreneurshipcafe.com,
register for and participate in the Intrapreneurship Cafe community,
subscribe to the Intrapreneurship Cafe newsletter, and/or
participate in online events organized through this Platform.
Intrapreneurship Cafe is an independent, privately operated initiative run by an individual in a personal capacity. It is not a commercial enterprise, and no products or services are sold through this Platform.
By accessing this Platform, registering for an account, subscribing to the newsletter, or otherwise providing personal data to us, you acknowledge that you have read and understood this Privacy Policy.
This Privacy Policy forms an integral part of our Terms & Conditions, which are available on this website.
If you do not agree with this Privacy Policy, please do not use this Platform or its services.
2. Data Controller and Contact
The person responsible for the processing of your personal data (data controller within the meaning of Art. 4(7) GDPR) is:
Philipp Rubenhaus
Kiesselbachweg 2
22399 Hamburg, Germany
E-Mail: phil@intrapreneurshipcafe.com
If we engage service providers that process personal data on our behalf (e.g., hosting, email marketing), they act as data processors under appropriate data processing agreements (Art. 28 GDPR).
If you have questions about this Privacy Policy or your personal data, you can contact us at:
3. Scope of This Privacy Policy
This Privacy Policy applies to personal data that we collect about:
Visitors of this website.
Registered members of the Intrapreneurship Cafe community forum.
Subscribers to the Intrapreneurship Cafe email newsletter.
Participants in online events organized through this Platform (e.g., via Google Meet or similar tools).
It covers data collected online via this website, registration forms, the community platform, email, and online event tools.
4. Types of Data We Collect
We may collect and process the following categories of personal data, depending on how you interact with the Platform:
1. Identification and contact data
Name, email address, country of residence.
2. Account and profile data
Username, password (stored in encrypted form), profile photo (if uploaded), biography or profile information (if provided), community participation details.
3. Community and forum content
Posts, comments, messages, reactions, uploaded files, timestamps, and other content you submit in the community area.
4. Newsletter data
Email address, subscription status, consent timestamp and method (double opt-in record), email engagement data (e.g., open rates, link clicks) where technically tracked.
5. Online event data
First name and/or display name used in events, email address used for event registration or invitations, participation records. Please note: online events are conducted via third-party platforms (e.g., Google Meet), which process additional data independently under their own privacy policies.
6. Usage and technical data
IP address, device identifiers, browser type, language, operating system, referral URLs, pages viewed, links clicked, session duration, approximate location (e.g., country or city). This data may be collected via cookies and similar technologies.
7. Support and correspondence data
Information you provide when you contact us (e.g., via email or contact forms), including inquiries, feedback, and related correspondence.
We do not seek to collect special categories of personal data (such as health data, political opinions, or religious beliefs). If you voluntarily share such information in the community forum, you do so at your own responsibility and should exercise caution before posting sensitive information in shared areas.
5. How We Collect Data
We collect personal data in the following ways:
Directly from you: When you create an account, subscribe to the newsletter, register for an event, complete a form, contact us, or participate in the community.
Automatically: When you use this Platform, via cookies and similar technologies that capture usage and technical data (see Section 7).
From third-party tools: Where you use third-party platforms in connection with our services (e.g., Google Meet for events), those providers may collect data independently in accordance with their own privacy policies.
6. Purposes and Legal Bases for Processing
We process your personal data only where we have a valid legal basis under Art. 6 GDPR. The following table describes our processing purposes and the applicable legal bases:
Purpose Legal Basis (Art. 6 GDPR)
Providing and operating the Platform, including account creation, authentication, and access to the community Art. 6(1)(b) — performance of a contract (Terms & Conditions); Art. 6(1)(f) — legitimate interests in operating a secure platform
Managing community participation, forum moderation, and enforcement of Community Rules Art. 6(1)(b) — performance of a contract; Art. 6(1)(f) — legitimate interests in maintaining a safe community
Sending the email newsletter Art. 6(1)(a) — consent (double opt-in); consent may be withdrawn at any time
Organizing and facilitating online events Art. 6(1)(b) — performance of a contract; Art. 6(1)(f) — legitimate interests in providing community activities
Responding to inquiries and providing support Art. 6(1)(b) — performance of a contract; Art. 6(1)(f) — legitimate interests in communication
Analyzing usage to improve Platform functionality and content Art. 6(1)(f) — legitimate interests in improving the service
Complying with legal obligations Art. 6(1)(c) — legal obligation
Protecting the rights and safety of users and the Platform Art. 6(1)(f) — legitimate interests in security and abuse prevention
Where we rely on consent as the legal basis, you may withdraw your consent at any time with future effect. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.
Where we rely on legitimate interests, we have weighed our interests against your fundamental rights and freedoms and concluded that our interests do not override yours, in particular because (i) the processing is proportionate, (ii) you have a reasonable expectation of such processing, and (iii) we implement appropriate safeguards.
7. Cookies and Similar Technologies
We use cookies and similar tracking technologies (such as pixels or local storage) to:
Enable core Platform functionality and security (e.g., login sessions, session management).
Remember your preferences and settings.
Analyze website traffic and usage patterns to improve the Platform.
You can manage your cookie preferences through your browser settings and, where implemented, through our on-site cookie consent tool. Please note that disabling certain cookies may affect the functionality of this Platform.
In accordance with the German Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz (TDDDG) and the EU ePrivacy framework, cookies that are not strictly necessary for the operation of the Platform will only be set with your prior consent.
If we use third-party analytics tools (e.g., Google Analytics), these providers may set their own cookies and process data in accordance with their own privacy policies. Where such tools are used, we will inform you via our cookie consent mechanism and, where required, enter into data processing agreements with the respective providers.
8. Community, Forum, and Public Areas
The Intrapreneurship Cafe community offers member-accessible interactive areas such as discussion threads, posts, and comments.
Content you post in these areas is visible to all registered members of the Platform.
You should not post personal or sensitive data that you do not wish to share with other members.
We may moderate, remove, or restrict content and access in accordance with our Terms & Conditions and Community Rules.
By posting content, you acknowledge that it is visible to all members, and we cannot control whether individual members save, copy, or further share content outside the Platform.
We do not publicly index community content for search engines. However, you should always be mindful of what you share in shared spaces.
9. Newsletter
If you subscribe to the Intrapreneurship Cafe newsletter, we will process your email address for the purpose of sending you periodic newsletter communications on topics related to intrapreneurship and community activities.
Consent: Newsletter subscription requires your freely given, specific, informed, and unambiguous consent, collected via a double opt-in process as required under German and EU law. We store a record of your consent (timestamp and method) as required.
Content: The newsletter is non-commercial. It contains community updates, topic discussions, event announcements, and related informational content.
Service providers: We use [name of email marketing provider, e.g., Mailchimp / Brevo / MailerLite — [fill in your tool]] to manage and send newsletters. This provider acts as a data processor under an appropriate data processing agreement. Your email address may be stored on their servers, which may be located outside the EU/EEA (see Section 11 on international transfers).
Opt-out: You may unsubscribe from the newsletter at any time, free of charge, by clicking the unsubscribe link in any newsletter email or by contacting us at [your@email.com]. Unsubscribing will not affect your community membership or account.
10. Online Events (Google Meet and Similar Platforms)
From time to time, we organize online events for community members conducted via Google Meet or comparable video conferencing tools.
When you join an online event, the relevant third-party platform provider (e.g., Google LLC) processes technical and participation data independently under their own terms and privacy policies. We encourage you to review those policies before joining.
We may process your name/display name and email address for the purpose of sending you event invitations and managing participation.
Events are not recorded without prior explicit notice to all participants. If a recording is planned, you will be informed in advance.
Legal basis: Art. 6(1)(b) GDPR (performance of the community participation agreement) and Art. 6(1)(f) GDPR (legitimate interests in facilitating community interaction).
11. How We Share Personal Data
We do not sell your personal data. We may share your personal data only in the following circumstances:
1. Service providers (processors)
Hosting providers, email marketing services, analytics services, and community platform tools that process data on our behalf under appropriate data processing agreements (Art. 28 GDPR).
2. Professional advisors
Legal, tax, or other professional advisors where necessary for our legal obligations or legitimate interests.
3. Authorities and legal entities
Public authorities, regulators, or courts where required by applicable law, in response to lawful requests, or to protect the rights, property, or safety of users or the Platform.
4. Operational necessity within the community
Your username and profile information, and any content you post, are visible to other registered members of the community as part of the Platform's normal operation.
All recipients are required to handle personal data in compliance with applicable data protection law.
12. International Data Transfers
Some of our service providers (e.g., email marketing tools, hosting services) may be located outside the European Union / European Economic Area (EU/EEA). Where such transfers occur, we ensure appropriate safeguards are in place, including:
Standard Contractual Clauses (SCCs) approved by the European Commission (Art. 46(2)(c) GDPR), or
other lawful transfer mechanisms recognized under applicable EU data protection law.
You may contact us for further information about the safeguards in place for any specific international data transfer.
13. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy and to comply with applicable legal obligations. Specific retention periods are as follows:
Data Category Retention Period
Account and profile data Retained while your account is active; deleted or anonymized upon account deletion, subject to any legally required retention periods
Community content (posts, comments) Retained while your account is active; upon account deletion, content may be anonymized and retained in aggregated form where permissible
Newsletter subscription data Retained until you unsubscribe, plus a limited period to document your opt-out choice and original consent record
Event participation data Retained for a reasonable period following the event, for organizational purposes
Correspondence and support data Retained for a reasonable period necessary to resolve the matter and document the interaction
Technical and usage data (logs) Typically deleted or anonymized within [[fill in, e.g., 6 months]]
When data is no longer needed, we will delete or anonymize it in accordance with applicable law.
14. Security of Personal Data
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure. These measures may include encryption, access controls, secure hosting, and regular security reviews.
However, no method of transmission over the internet or electronic storage is completely secure. While we strive to protect your personal data, we cannot guarantee its absolute security. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the competent supervisory authority and, where required, inform affected users in accordance with Art. 33 and 34 GDPR.
15. Your Rights Under GDPR
As a data subject located in the EU/EEA, you have the following rights regarding your personal data under the GDPR:
Right of access (Art. 15 GDPR): You may request confirmation of whether we process your data and obtain a copy of it.
Right to rectification (Art. 16 GDPR): You may request correction of inaccurate or incomplete data.
Right to erasure (Art. 17 GDPR): You may request deletion of your personal data, subject to applicable exceptions.
Right to restriction of processing (Art. 18 GDPR): You may request that we restrict processing of your data in certain circumstances.
Right to data portability (Art. 20 GDPR): You may request your data in a structured, commonly used, machine-readable format.
Right to object (Art. 21 GDPR): You may object to processing based on legitimate interests or to direct marketing at any time.
Right to withdraw consent (Art. 7(3) GDPR): Where processing is based on consent, you may withdraw it at any time without affecting prior lawful processing.
To exercise any of these rights, please contact us at: [your@email.com]. We may need to verify your identity before processing your request. We will respond within the timeframes required by applicable law (generally within one month).
Right to lodge a complaint: You have the right to lodge a complaint with a competent data protection supervisory authority. As this Platform is operated from Lower Saxony, Germany, the competent authority is:
Die Landesbeauftragte für den Datenschutz Niedersachsen (LfD Niedersachsen)
Prinzenstraße 5, 30159 Hannover, Germany
You may also contact the supervisory authority in your EU/EEA Member State of habitual residence or place of work.
16. Children's Privacy
This Platform is directed exclusively at professionals and is not intended for persons under the age of 18. We do not knowingly collect personal data from individuals under 18. If you believe that a person under 18 has provided personal data to us without appropriate parental or guardian consent, please contact us so that we can take appropriate steps to delete such data.
17. Marketing Communications and Opt-Out
The only marketing-style communication we send is the Intrapreneurship Cafe newsletter, which is sent exclusively to users who have given their explicit, documented consent via double opt-in.
You may opt out of the newsletter at any time by:
Clicking the "unsubscribe" link in any newsletter email, or
Contacting us at phil@intrapreneurshipcafe.com.
Opting out of the newsletter will not affect your community membership. We may still send you non-marketing messages related to your account or this Platform where necessary (e.g., important changes to Terms & Conditions or this Privacy Policy).
18. Third-Party Websites and Links
This Platform may contain links to third-party websites, platforms, or services (including Google Meet, LinkedIn, and other external tools or resources). We are not responsible for the privacy practices, content, or terms of such third parties.
We encourage you to review the privacy policies of any third-party sites or services you visit. Your use of third-party services is at your own risk.
19. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, applicable technologies, or legal requirements. When we make material changes, we will inform you by posting a prominent notice on this website or by sending a notice via the newsletter, and we will update the "As of" date at the top of this document.
Your continued use of this Platform after the updated Privacy Policy becomes effective constitutes your acceptance of the revised Policy.
20. Contact
For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:
Philipp Rubenhaus
Kiesselbachweg 2
22399 Hamburg, Germany
E-Mail: phil@intrapreneurshipcafe.com
For the legally required Impressum (Legal Notice) under § 5 DDG, please refer to the dedicated Impressum page on this website.
Last updated: March, 2026