1. Objective and controller
This privacy policy sets out the type, scope and purpose of the processing of personal data (including its collection, processing and use and the obtaining of consent) within our online offering and its associated websites, functions and contents (hereinafter collectively referred to as “online offering” or “website”). The privacy policy applies regardless of the domains used and the systems, platforms and devices (e.g. desktop or mobile) on which the online offering is executed.
The provider of the online offering and the controller within the meaning of data protection law is the website owner, whose contact details can be found in the site notice of this website. The hosting of this website is provided by Hetzner Online GmbH.
The term “user” encompasses all customers and visitors of our online offering. The terms used, such as “user”, are to be understood as gender-neutral.
2. Basic details of data processing
We only process the personal data of users in compliance with the relevant data protection provisions according to the principles of data protection law. This means that users’ data are only processed where this is permitted by law, in particular if the data are required or legally prescribed for the provision of our contractual and online services, or where consent to such processing has been granted.
We shall adopt organisational and technical security measures in accordance with the state of the art in order to ensure that the provisions of data protection laws are upheld and in doing so to protect the data processed by us against accidental or wilful manipulation, loss and destruction and against access by unauthorised persons.
To the extent that contents, tools or other resources of other providers (hereinafter collectively referred to as “third-party providers”) are used within the framework of this privacy policy and the stated domicile of such providers is abroad, data transfer to the countries of domicile of said third-party providers must be assumed to take place. Data transfer to third countries takes place either on the basis of legal permission or user consent or based on special contractual clauses that guarantee the security of the data as required by the law.
3. Processing of personal data
Alongside the uses explicitly specified in this privacy policy, personal data are processed for the following purposes on the basis of legal permission or user consent:
- The provision, execution, maintenance, enhancement and safeguarding of our services for customers and users;
- The safeguarding of effective customer service and user support.
We only forward the data of users to third parties if this is necessary for invoicing purposes (e.g. to a payment service provider) or for other purposes if these are necessary to meet our contractual obligations towards users (e.g. address notification to suppliers).
When contacting us, the details of the user are stored for the purpose of processing the request and in the event that follow-up questions arise. Personal data are deleted once they have fulfilled their intended purpose and as long as no retention obligations prevent deletion.
4. Collection of access data
We collect data about each access to the server on which this service is located (so-called server log files). The access data include the name of the retrieved website, file retrieved, date and time of retrieval, volume of data transmitted, notification of successful retrieval, browser type and version, operating system of the user, referrer URL (previously visited site), IP address and requesting provider.
We make use of the log data without identification of the person of the user or other profile creation in accordance with the legal provisions solely for statistical evaluations for the purpose of operating, safeguarding and enhancing our online offering. However, we reserve the right to review the log data subsequently if there are justified suspicions of unlawful use based on concrete evidence.
5. Cookies & audience measurement
Cookies comprise information transferred from our web server or third-party web servers to the web browsers of users and stored there for later retrieval. Users are informed by this privacy policy about the use of cookies for pseudonymous audience measurement.
It is also possible to view this online offering with the exclusion of cookies. If users do not wish cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies may limit the functionality of this online offering.
6. Inclusion of third-party services and contents
It may be that contents or services of third-party providers, such as maps or fonts of other websites, are included within our online offering. The inclusion of contents of third-party providers always presupposes such third-party providers becoming aware of user IP addresses as without the IP address they would be unable to send the contents to the user’s browser. The IP address is thus required for the presentation of these contents. Moreover, the providers of third-party contents may use their own cookies and process user data for their own purposes. This may involve user profiles of the users being created from the processed data. We will deploy such contents with the greatest possible data economy and data avoidance and select reliable third-party providers with a view to data security.
The following provides an overview of third-party providers and their contents, together with links to their privacy policies that contain further information concerning the processing of data and opt-outs:
– External fonts of Google, Inc., https://www.google.com/fonts (“Google Fonts”). Google Fonts are integrated by server call to Google (normally in the USA).
Privacy policy: https://www.google.com/policies/privacy/
Opt-out: https://www.google.com/settings/ads/
– BackWPup WordPress plugin of Inpsyde GmbH, https://backwpup.com/
Privacy policy: https://backwpup.com/privacy/
– Limit Login Attempts Reloaded WordPress plugin of WPChef, https://wordpress.org/plugins/limit-login-attempts-reloaded/h
Privacy policy: https://wordpress.org/about/privacy/h
– Polylang WordPress plugin of WP SYNTEX, https://polylang.pro/
Privacy policy: https://polylang.pro/privacy-policy/
– Cookie Notice plugin of Digital Factory, https://dfactory.eu/products/cookie-notice/
Privacy policy: https://dfactory.eu/privacy-policy/
– Yoast SEO plugin of Yoast BV, https://yoast.com/wordpress/plugins/seo/
Privacy policy: https://yoast.com/privacy-policy/
7. User rights and deletion of data
Users are entitled on request to receive information free of charge about the personal data stored by us about them. Users additionally have a right to demand the correction of incorrect data, a general right of objection to processing, a right of revocation of consents granted, a right to request restriction and deletion of their personal data and a right to lodge a complaint with the responsible supervisory authority based on the assumption that unlawful data processing is taking place. They also have a right to the transferability of data that they have made available.
The data stored with us will be deleted as soon as they are no longer required for their intended purpose and no statutory retention obligations prevent deletion.
8. Changes to the privacy policy
We reserve the right to make changes to the privacy policy in order to adjust it to changes in the legal situation or in the event of changes to the service or to data processing. However, this only applies with regard to declarations about data processing. Where user consent is required or components of the privacy policy contain provisions governing the contractual relationship with users, such changes will only be carried out with the consent of the users. Users are requested to keep themselves regularly up to date about the content of the privacy policy.