Privacy

This privacy policy explains the nature, scope and purpose of the processing of personal data (hereinafter referred to as “data”) in our online offers and related websites, functions and content as well as external online services (such as our online services). Social Media Profiles (hereinafter collectively referred to as “Online Offerings”). With regard to the terms used, such as “processing” or “controller”, we refer to the definition in Article 4 of the General Data Protection Regulation (GDPR).

Person responsible / data protection officer

Kilian Domaratius
Contact data: see Imprint

Types of data processed

  • Inventory data (name, addresses, etc.).
  • Contact information (email, phone number, etc.).
  • Content data (text details, media, etc.).
  • Usage data (web pages visited, interest in content, access time, etc.).
  • Meta/communication data (device properties, IP address, etc.).

Affected persons

Visitors and users of the online offer (we also refer to the data subjects collectively as “users”).

Purpose of processing

  • Provision of the online offer, with functions and content.
  • Responding to contact requests and communication.
  • Security measures.
  • Measurement of page views and marketing.

Phrases used

“Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”). Natural persons may be considered as identifiable individuals and may be identified, directly or indirectly, in particular through dissemination name, identification number, location data, online identifiers (such as cookies) or one or more specific characteristics indicating the physical, physiological, genetic, psychological, economic, cultural or social identity of the natural person.

“Processing” refers to any process performed with or without automated processes or such series of processes in connection with Personal Data. The term applies to a wide range, including almost all data processing.

The “controller” is a natural or legal person, public authority, institution or other organization which alone or jointly with others determines the purposes and methods of the processing of personal data.

Legal basis

In accordance with Article 13 of the GDPR, we will inform you about the legal basis for our data processing. If the legal basis is not mentioned in the privacy statement, the following provisions apply: The legal basis for obtaining consent is GDPR Article 6(1a) and Article 7, i.e. the legal basis for the performance of the services we provide and the enforcement of contractual measures. The request is GDPR Article 6(1)(b), the legal basis for processing to comply with our legal obligations is GDPR Article 6(1)(c) and the legal basis for processing to protect rights and interests is GDPR Article 6(1f). If the vital interests of the data subject or other natural persons require the processing of personal data, the legal basis is GDPR Article 6(1)(d).

Cooperation with processors and third parties

If we disclose data to other persons and companies (contract processors or third parties) during processing, transfer it to them or otherwise grant them access to the data only if permitted by law (for example, if the data is transferred to third parties in). For example, under Article 6(1b), payment service providers b must comply with the GDPR in order to perform the contract. You have consented to this or established legal obligations based on our legitimate rights and interests (for example, when using a proxy, web host, etc.).

If we entrust a third party with the processing of data pursuant to the so-called “Order Processing Agreement”, this is done in accordance with Article 28 of the GDPR.

Transfers to third countries

If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this happens when a third-party service is used or data is disclosed or transferred to third parties, Only if you do so, this will only happen if we fulfill our (pre-contractual) obligations based on consent, legal obligations or our legitimate interests. According to laws or contracts, we can only process or process data if a third party meets the specific requirements of Article 44 of the GDPR and beyond. This means that the processing is based on specific safeguards, such as: B. The level of data protection officially recognized by the European Union (e.g. by the “Privacy Shield” in the USA) or the officially recognized special requirements. Contractual obligations (so-called “standard contractual clauses”).

Rights of the data subjects

You have the right to request confirmation whether the data is being processed and to receive information about the data and other information and copies of the data in accordance with Article 15 of the GDPR.

You have the corresponding. Article 16 of the GDPR has the right to request the entry of data relating to you or the correction of incorrect data relating to you.

In accordance with Article 17 of the GDPR, you have the right to demand that the data in question be deleted without delay or, alternatively, to demand restriction of the processing of the data in accordance with Article 18 of the GDPR.

Pursuant to Article 17 of the GDPR, you have the right to request the immediate erasure of the relevant data or, pursuant to Article 18 of the GDPR, you have the right to request restriction of data processing.

In accordance with Article 77 of the GDPR, you also have the right to lodge a complaint with the competent supervisory authority.

Right of withdrawal

You have the right to withdraw your consent in accordance with Article 7(3) of the GDPR, and it will take effect in the future.

Right of objection

You can object to the future processing of data in accordance with Article 21 of the GDPR at any time. It is possible to object specifically for the purpose of direct marketing.