Privacy Policy

The protection of your personal data is of particular concern to us. We therefore process your data in accordance with the European General Data Protection Regulations (GDPR). In this privacy policy, we inform you about the most important aspects of data processing concerning our website. This information is directed at our existing and former customers/participants, interested parties, as well as contract processors, suppliers and cooperation partners and their respective shareholders or other employees.

Contact Details


This privacy policy applies to the data collection and data processing of MagnoliaTree, with owner Sabine Gromer as the data protection officer (in the following simply MagnoliaTree). MagnoliaTree can be reached by mail at Porzellangasse 19/18, 1090 Vienna. The e-mail address is:


In the event of violations of data protection law, the person affected by the data collection and/or data processing has a right of appeal to a competent supervisory authority. The competent supervisory authority for data protection issues is the österreichische Datenschutzbehörde (Austrian Data Protection Authority). However, a complaint may also be lodged with the data protection agency responsible for the data subject’s usual place of residence or work.


When using this website

When you access the website, the browser used on your terminal device automatically sends information to MagnoliaTree’s server. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and is stored until it is automatically deleted:

  • IP address of the requesting computer,
  • date and time of access,
  • name and URL of the retrieved file,
  • website from which the access takes place (referrer URL),
  • the browser used and, if applicable, the operating system of your computer and the name of your access provider.

The above-mentioned data will be processed by us for the following purposes:

  • to ensure a smooth connection of the website,
  • guarantee a comfortable use of our website,
  • evaluation of system security and stability,
  • for other administrative purposes.

The legal basis for data processing is Article 6(1)(f) of the GDPR. The legitimate interest of our company follows from the above-mentioned purposes for data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person. Furthermore, we use cookies and analysis services when you visit our website. You will find more detailed explanations on this under points 4 and 5 of this data protection declaration.

When you commission MagnoliaTree, we collect the following information:

  • master data such as your name, address, date of birth, telephone number, email address, fax
  • if applicable, bank details and UID number, FN number
  • contract data
  • data from consulting/coaching/training activities
  • image and sound data (e.g. photos in CVs and for documentation during coaching sessions, video recordings for practice sessions)

For what purposes and on what legal basis are your personal data processed?

Your personal data are processed lawfully based on Article 6(1) of the GDPR for the following purposes:

  • Processing and transmission of data in the context of the provision of pre-contractual measures such as the offering of products and services [Article 6(1)(b) GDPR]
  • In order to fulfil our contractual obligations to provide consulting, training and coaching services to clients/participants and those involved in the consulting process, including computer-assisted creation and archiving of text documents (such as minutes, correspondence) in this matter [Article 6(1)(b) GDPR]
  • To fulfil legal obligations such as tax law [Article 6(1)(c) GDPR]
  • For the purpose of legitimate interests of our company or due to legitimate interests of third parties, namely for the purpose of advertising MagnoliaTree products/services (digital, website and analogue) or for the purpose of internal administration [Article 6(1)(f) GDPR]
  • Within the scope of your express consent [Article 6(1)(a) GDPR]: provided that you have given us your consent to do so, processing of data will also be carried out for the purposes and to the extent specified in the consent. Such consent can be revoked by you at any time. Revocation of the consent does not, however, affect the lawfulness of data processing carried out on the basis of the consent prior to revocation.

You can revoke consent at any time. A revocation of consent has the consequence that we will no longer process your data for the above-mentioned purposes from this point on.

Please contact us for a revocation: Sabine Gromer,

Who receives your data?

In order to fulfill the requirements of our services, it may be necessary to transfer your data to the following recipients: tax consultants, tax authorities, licensors in the case of potential analyses, possibly seminar room landlords, IT and email service, website providers and support staff, banks/legal representatives/courts/administrative, and authorities/collection agencies in the event of an incident.

How long will your data be stored?

We will only store your data for as long as it is necessary to complete the purposes for which we have collected your data. In this context, it should be noted that for tax law reasons, contracts and other documents from our contractual relationship must always be retained for a period of 7 years. In individual cases, for example in the case of pending official proceedings, this storage period can also be longer than 7 years. Apart from these individual cases, we will in any case delete your data after these 7 years or 5 years after our last contact should we no longer be able to contact you (depending on which event occurs first).

Rights of Legal Appeal

You are fundamentally entitled to the rights of information, correction, deletion, restriction, data transferability and revocation. Please contact us for this purpose. If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, you can complain to the supervisory authority. In Austria, the Datenschutzbehörde (Data Protection Authority) is responsible for such cases.


We use cookies on our website. These are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your terminal device, do not contain viruses, Trojans, or other malware.

Information is stored in the cookie that is related to the specific terminal device used. This does not mean, however, that we obtain direct knowledge of your identity.

The use of cookies serves on the one hand to make the use of our services more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted when you leave our site.

In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our site again to make use of our services, we will automatically recognize that you have already been with us and what entries and settings you have made so that you do not have to enter them again.

We also use cookies to record statistics about the use of our website and to evaluate it for the purpose of optimizing our offer for you (see Section 5). These cookies enable us to automatically recognize that you have already been with us when you visit our site again. These cookies are automatically deleted after a pre-defined time.

The data processed by cookies is required for the above-mentioned purposes to protect our legitimate interests and those of third parties in accordance with Article 6(1)(f) of the GDPR.

Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, disabling cookies completely may mean that you will not be able to use all the features of our website.


We send newsletters, e-mails and other electronic notifications containing information (hereinafter referred to as “newsletters”) only with the consent of the recipients or with legal permission. Our newsletters contain information about our work, current publications and references to our offers.

Our newsletters are sent via “MailChimp”, a newsletter sending platform of the US provider Rocket Science Group (LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA).

The e-mail addresses of our newsletter recipients, as well as their other data described in this document, are stored on the servers of MailChimp in the USA. MailChimp uses this information to send and evaluate the newsletter on our behalf. Furthermore MailChimp may use this data according to its own discretion to optimize or improve its own services, e.g. for technical optimization of sending and presentation of newsletters or for economic purposes to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to contact them or pass information on to third parties.

We trust in the reliability, the IT, and the data security of MailChimp. MailChimp is certified under the US-EU data protection agreement “Privacy Shield” and therefore commits itself to comply with the EU data protection regulations. Furthermore, we have entered into a “Data-Processing-Agreement” with MailChimp. This is a contract in which MailChimp commits itself to protecting the data of our users, processes it on our behalf according to its data protection regulations, and does not to pass it on to third parties. The privacy policy of MailChimp can be viewed here.



The tracking measures listed below and used by us are carried out on the basis of Article 6(1)(f) of the GDPR. We use tracking measures to ensure that our website is designed to meet the needs of our customers and is continuously optimized. Additionally, we use tracking measures to record the use of our website statistically and evaluate it for the purpose of optimizing our services for you. These interests are justified in the aforementioned regulation [Article 6(1)(f) GDPR]. The relevant data processing services we use, and data categories we collect are listed below.


For the purpose of designing our pages to meet your needs and continuously optimizing them, we use Google Analytics, a web analysis service of Google Inc. ( (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). In this context, pseudonymized user profiles are created and cookies (see section 4) are used. Information about your use of our website is then generated by these cookies. Such information includes,

  • browser type/version,
  • the operating system used,
  • referrer URL (the previously visited page),
  • host name of the accessing computer (IP address),
  • time of the server request,

This information is then transmitted to a Google server in the USA and stored there. The information is then used to evaluate how the website is utilized, to compile reports on the website’s activities and to provide further services associated with the use of the website and the internet in general for the purposes of market research and the design of webpages in line with legal requirements. This information may also be transferred to third parties if required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other Google data. The IP addresses are made anonymous, so that an assignment is not possible (IP masking). You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to access the full functionality of our website.

You can also prevent the collection of data generated by cookies based on your use of our website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (

As an alternative to the browser add-on, especially in the case of browsers on mobile devices, you can prevent the collection of data by Google Analytics by clicking on An opt-out of cookies will be set to prevent future collection of your information when you visit our website. The opt-out cookie option is only valid on the browser it has been applied to and only functions to prevent cookie collection on our website. If you delete the cookies in this browser, you will need to set the opt-out cookie option again.

Further information on data protection in connection with Google Analytics can be found on the Google Analytics help page ( 6004245?hl=en).


In order to record statistics on the use of our website and for the purpose of optimizing our website, we also use Google Conversion Tracking. Google AdWords collects cookies (see Section 4) from your computer if you have reached our website via a Google ad.

These cookies lose their validity after 30 days and are not used for personal identification. If the user clicks on a Google Ad for a specific website, Google and the client can recognize that the user clicked on the ad and was redirected to that page.

Each AdWords’ client is assigned a different cookie. As a result, cookies cannot be tracked through the websites of AdWords’ clients. The information collected through the conversion cookie is used to compile conversion statistics for AdWords’ clients who have opted in for conversion tracking. The AdWords’ advertisers learn the total number of users who clicked on their ad and were redirected to a page through a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.

If you do not wish to participate in the tracking process, you may refuse to accept cookies, for example, by changing your browser setting to disable automatic cookies. You can also disable cookies for conversion tracking by setting your browser to block cookies from the domain Google’s privacy policy for conversion tracking can be found here (


We use social media plug-ins from Facebook, Xing, LinkedIn, and Google+ on our website on the basis of Article 6(1)(f) of the GDPR to make OCEANDRIVE??? better known. The promotional purposes behind this are regarded as a legitimate interest within the meaning of the GDPR. The responsibility for data protection is to be guaranteed by the respective providers of these plug-in services. The integration of these plug-ins by us is done via the so-called “two-click method” in order to protect visitors of our website in the best possible way.


On our website, social media plug-ins from Facebook are used to make content feel more personal. For this we use the “LIKE” or “SHARE” button. This is a service provided by Facebook.

If you pull up a page of our website that contains such a plug-in, your browser establishes a direct connection with Facebook’d servers. The content of the plug-in is transmitted by Facebook directly to your browser, which then integrates it into our website. Through the integration of the plug-in, Facebook receives information that your browser has called up the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there.

If you are logged-in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. If you interact with the plug-in, for example by clicking the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends.

Facebook may use this information for the purposes of advertising, market research and the design of Facebook pages to meet your needs. For this purpose, Facebook creates usage, interest and relationship profiles (e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook) to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.

If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website.

For the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, please refer to Facebook’s data protection information (


The XING “Share Button” is used on our website. When you pull up our website, your browser will establish a short-term connection to servers of XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany (“XING”), which will be used to perform the XING “Share Button” functions. XING does not store any personal data about you when you access our website. In particular, XING does not store any IP addresses. There is also no evaluation of your usage behavior through the use of cookies in connection with the XING “Share Button”. The latest data protection information on the XING “Share Button” and additional information can be found on this website (


Our website also uses the “share function” of the LinkedIn network. The provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (“LinkedIn”). If you click on the LinkedIn “Share-Button”, you will be redirected to your LinkedIn user account in another browser window – provided you are logged in to LinkedIn in your user account. There you can share the content of our website by adding a comment. The plug-in establishes a direct connection between your browser and the LinkedIn server. LinkedIn thereby receives information that your IP address has visited our website. LinkedIn may also connect your visit to our website to your account. We have no knowledge of the content of the information you submit to LinkedIn or how LinkedIn uses it. For more information, please see the LinkedIn Privacy Policy at (


Our website also uses the Google+ button. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). When you click on the Google+ button, your IP address and the fact that you have been on our website are forwarded to Google as data so long as you have created a Google+ user account or use other Google services. We have no knowledge of the exact content of the data transmitted or how Google will use it. For more information, please refer to the Google+ privacy policy at (


This site uses so-called web fonts, which are provided by Google, for the uniform display of fonts. When you pull up our page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

To do this, the browser you are using must connect to Google’s servers. This enables Google to know that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and attractive presentation of our online offers. This represents a legitimate interest in the sense of Article 6(1)(f) of the GDPR.

If your browser does not support Web Fonts, a standard font from your computer will be used.

Further information on Google Web Fonts can be found at ( and in the Google data protection declaration (


This site uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

To use the functions of Google Maps it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.

The use of Google Maps is in the interest of an attractive presentation of our online offers and to make it easy to find the places we have indicated on our website. This represents a legitimate interest in the sense of Article 6(1)(f) of the GDPR.

More information on the handling of user data can be found in Google’s privacy policy (


You have the right:

  • To request information about your personal data processed by us in accordance with Article 15 of the GDPR. In particular, you may request information on the processing of personal data, the category of personal data collected, the recipients to whom your data have been or will be disclosed, the planned storage period, the right to rectify inaccurate data, cancellation, restriction of data processing, the right of appeal, the origin of your data (if not collected by us), and the existence of automated decision making including profiling and, if applicable, meaningful information on the details of data collected.
  • In accordance with Article 16 of the GDPR, to demand without delay the correction of incorrect or incomplete personal data stored by us.
  • In accordance with Article 17 of the GDPR, to demand the deletion of your personal data stored with us, unless processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, and to exercise or defend legal claims.
  • In accordance with Article 20 of the GDPR, to receive your personal data that you have provided us with in a structured, common, and machine-readable format or to request its transfer to another responsible party.
  • In accordance with Article 7(3) of the GDPR to revoke your consent with us at any time. As a result, we may no longer continue data processing based on this consent for the future or complain to a supervisory authority in accordance with Article 77 of the GDPR. As a rule, you can turn to the supervisory authority of your usual place of residence/workplace or to the supervisory authority of our company headquarters.


If your personal data is processed on the basis of legitimate interests in accordance with Article 6(1)(f), you have the right to object to the processing of your personal data in accordance with Article 21 of the GDPR if there are reasons for doing so arising from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right of objection, which will be implemented by us without indicating any special situation. If you wish to exercise your right of revocation or objection, simply send an e-mail to


We use common SSL (Secure Socket Layer) procedure within our website and the highest encryption level supported by your browser. Usually this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted in encrypted form by the display of the key or lock symbol in the lower status bar of your browser.

We also use suitable technical and organizational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.


We hereby object to the use of contact data published to send advertising and information material not expressly requested. Should the operator receive unsolicited promotional material, such as spam etc., the operator expressively reserves the right to take legal action.


This data protection declaration is currently valid and dated May 2020. Due to the further development of our website and offers above, or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on our website.