Privacy Policy
Last updated: June 2026

1. Data Controller
The data controller of personal data collected through this website is:

Linus Zapke
Operating under the name Trendify, travel brand Sommera Journeys
Frobenstraße 86, 12249 Berlin, Germany
Email: linus.zapke@gmail.com

Personal data is processed in accordance with the EU General Data Protection Regulation (GDPR) 2016/679.

2. What Data We Collect and Why
Contact Form
When you use our contact form, we collect your name, email address, and message content. This data is processed based on Art. 6(1)(f) GDPR (legitimate interest) to respond to your inquiry.

Booking and Travel
When booking a trip or retreat with Sommera, we may collect the following data necessary for the execution of the contract:

First and last name
Date and place of birth
Citizenship
Residential address
Email address
Phone number
Legal basis: Art. 6(1)(b) GDPR (contract fulfillment).

Payment Processing
Payments are processed via Stripe or PayPal. We do not store payment details ourselves. Please refer to the privacy policies of Stripe and PayPal for details. Legal basis: Art. 6(1)(b) GDPR.

Website Hosting (Squarespace)
This website is hosted by Squarespace, Inc. During your visit, technical data may be collected automatically, including your IP address, browser type, access times, and operating system. This data is used for security and service optimization purposes. Legal basis: Art. 6(1)(f) GDPR. See Squarespace's Privacy Policy.

External Links
Our website contains links to WhatsApp, Instagram, and Telegram. When you click these links, you leave our website and the respective platform's own privacy policy applies. We have no control over data collected by these third parties.

3. Data Retention
Personal data is stored only as long as necessary:

Contract-based data: for the duration of the contract and thereafter for the period corresponding to the statute of limitations on claims (generally six years, or three years for periodic and business-related claims).
Consent-based data: until consent is withdrawn, and thereafter for the applicable limitation period.
Contact inquiries: typically deleted after 12 months unless an ongoing relationship exists.
4. Cookies
This website uses cookies to ensure basic functionality and improve the user experience. Cookies are small files stored on your device that help us recognize returning visitors and optimize our services.

We use persistent cookies which remain on your device for a set period or until deleted. All cookies on this website comply with current EU law.

You can adjust your cookie preferences at any time through your browser settings. Please note that blocking cookies may limit certain website functions.

Cookies are used for the following purposes:

Session management and secure login
Recognizing returning visitors
Diagnosing technical issues and administering the site
Collecting anonymized statistics to improve the website
5. Advertising (Future Use)
We may in the future run advertising campaigns via Google Ads and/or Meta (Facebook/Instagram) Ads. Should we activate these services, we will update this Privacy Policy and implement the necessary consent mechanisms (e.g. cookie banner) as required by law.

6. Data Sharing
We only share personal data with third-party service providers where necessary for operating our website and services (e.g. payment processors, hosting). All personal data is stored exclusively within the European Economic Area (EEA).

We do not sell personal data to third parties.

7. Your Rights (GDPR)
You have the following rights regarding your personal data:

Right of access (Art. 15 GDPR) – Request a copy of your data.
Right to rectification (Art. 16 GDPR) – Request correction of inaccurate data.
Right to erasure (Art. 17 GDPR) – Request deletion of your data.
Right to restriction (Art. 18 GDPR) – Request limited processing of your data.
Right to data portability (Art. 20 GDPR) – Receive your data in a structured, machine-readable format.
Right to object (Art. 21 GDPR) – Object to processing based on legitimate interests.
Right to withdraw consent (Art. 7(3) GDPR) – Withdraw consent at any time without affecting prior lawful processing.
To exercise any of these rights, please contact us at linus.zapke@gmail.com. We will respond promptly and no later than one month after receiving your request. In complex cases, this may be extended by a further two months, with prior notice.

You also have the right to lodge a complaint with the Berlin data protection authority:
Berliner Beauftragte für Datenschutz und Informationsfreiheit

8. Data Security
We apply appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, alteration, or disclosure. All data transmitted via this website is encrypted using SSL/TLS.

9. Changes to This Policy
We may update this Privacy Policy from time to time. The latest version will always be available on this page.

10. Contact
Linus Zapke – Trendify / Sommera Journeys
Frobenstraße 86, 12249 Berlin, Germany
linus.zapke@gmail.com