Privacy Policy
Last updated: July 13, 2026
Controller: European Ancestral Medicine is a brand of
One Healthy Future LLC, 1209 Mountain Road PL NE STE N, New Mexico 87110, United States of America (the)
Email: info (at) cherryholistic.com
Website: https://europeanancestralmedicine.com
This notice explains how we process personal data on this website and the connected services listed below.
categories of data & sources
- Usage data: IP address, device/browser, pages viewed, timestamps, referrers.
- Communication data: messages sent via forms or email.
- Newsletter data: email address, double-opt-in (DOI) timestamp, engagement (opens/clicks), preferences.
- Appointment/course data (if applicable): name, email, selected date/time, time zone, booking/payment metadata.
purposes & legal bases (GDPR)
- Operating the site & security (server logs, essential cookies) – Art. 6(1)(f) GDPR; for device storage not related to content transmission: national e-privacy rules (e.g. §25(2) TTDSG equivalent
- Consent-based features (non-essential cookies, embedded media, analytics if activated) – Art. 6(1)(a) + applicable e-privacy rules
- Newsletter (DOI, delivery, measuring opens/clicks) – Art. 6(1)(a); withdraw anytime via unsubscribe.
- Contract / pre-contract (bookings, purchases) – Art. 6(1)(b).
- Legal obligations (tax, retention) – Art. 6(1)(c)
hosting & server logs (All-inkl.com)
Our website is hosted in Germany by ALL-INKL.COM (Neue Medien Münnich). When you access the site, the provider processes server logs (IP, timestamp, requested file, user agent, referrer) for stability and security. Logs are kept briefly and are then deleted. We have a data-processing agreement (Art. 28 GDPR)
Security (AIOS)
We use AIOS – All In One Security to protect the site. This involves processing technical access data in security logs to detect/mitigate attacks. Legal basis: Art. 6(1)(f) (legitimate interests in secure service). AIOS may set functional, necessary cookies (e.g. login protection).
Anti-spam (Anti-Spam Bee)
We use Antispam Bee to reduce spam in forms/comments. Data you submit is checked for spam patterns. We run it in a privacy-friendly configuation (no IP storage; no checks against external public DBs). Legal basis: Art. 6(1)(f).
SEO features (Yoast SEO)
We use the plugin Yoast SEO – free – which supports SEO (meta/structured data). It does set visitor tracking cookies or process personal data for analytics/marketing.
Appointments & calendar bookings (TidyCal)
We use TidyCal for scheduling. When you book, TidyCal processes the data you provide (e.g. name, email, selected date/time, time zone, optional notes) to arrange/confirm the booking and send reminders. Legal basis: Art. 6(1)(b) or Art. 6(1)(f). Transfers outside the EEA (if any) rely on SCCs/appropriate safeguards.
If payments are processed by Stripe/PayPal on the booking page, they act under their own terms/policies; we receive only the data needed to confirm the booking (no full card details).
Social media pages & outbound links
We maintain pages on third-party platforms (e.g. Instagram, Facebook, YouTube). When you follow those links, the respective providers process data under their own policies. We do not embed social plugins that set cookies without your action.
Recipients & processors
We share data with service providers strictly as necessary to run the site (hosting, security, consent management, newsletter, video/CDN, scheduling). These providers act under Art. 28 GDPR agreements.
international transfers
We processing involves countries outside the EEA, we implement safeguards such as SCCs, and, where applicable, rely on the EU-U.S. Data Privacy Framework, plus supplementary measures.
Retention
We retain personal data only as long as needed for each purpose (newsletter until you unsubscribe; enquiries until resolved; statutory retention for invoices). Logs are kept briefly for security.
Security
We use appropriate technical and organizational measures (TLS encryption, access controls, least-prvilege).
your rights (Art. 15-21 GDPR)
You can request access, rectification, erasure, restriction, data portability, and object (where applicable). You may withdraw consent any time with future effect. You also have the right to lodge a complaint with a supervisory authority.
EU representative (Art.27 GDPR)
We have appointed the following representative for inquiries from data subjects and supervisory authorities in the European Union: René Franz, ℅ IP-Management #41471, Ludwig-Erhard-Str. 18, 20459 Hamburg, Germany; E-Mail: eu-rep@cherryholistic.com. The EU representative is the point of contact for data protection issues; the responsibility of One Healthy Future LLC (US) remains unaffected.
Updates
We may update this policy to reflect changes. The current version is published on this page. Please also see our Imprint and our Disclaimer.
Contact: info (at) europeanancestralmedicine.com