Privacy policy (Website)

1. Data protection at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit this website.

when you visit this website. Personal data is any data that can be used to personally identify you.

personally identifiable. For detailed information on the subject of data protection

our privacy policy listed below this text.

Data collection on this website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find his contact details

can be found in the "Notice about the responsible party" section of this privacy policy.

On the one hand, your data is collected by you providing it to us. This can be, for example

Data that you enter in a contact form.

Other data is collected automatically or after your consent when you visit the website through our IT systems. This is mainly technical data (e.g. Internet browser, operating system or time of the page of the page view). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Some of the data is collected to ensure error-free provision of the website. Other

data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right at any time to receive information free of charge about the origin, recipient and purpose of your

stored personal data. You also have a right to demand the correction or

deletion of this data. If you have given your consent to data processing,

you can revoke this consent at any time for the future. You also have the right, under

certain circumstances, to demand the restriction of the processing of your personal data.

Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

For this purpose, as well as for further questions on the subject of data protection, you can contact us at any time.

Analysis tools and third-party tools

When visiting this website, your surfing behavior may be statistically analyzed. This is done mainly

mainly with so-called analysis programs.

Detailed information on these analysis programs can be found in the following

Privacy Policy.

2. hosting

We host the contents of our website with the following provider:

External Hosting

This website is hosted externally. The personal data that is collected on this website,

will be stored on the servers of the hoster(s). This can be v. a. IP addresses,

contact inquiries, meta and communication data, contract data, contact data, names, website accesses

and other data generated via a website.

External hosting is carried out for the purpose of contract fulfillment vis-à-vis our potential and

existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient

provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO).

Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the

basis of Art. 6 para. 1 lit. a DSGVO and Section 25 para. 1 TTDSG, insofar as the consent allows the storage of

of cookies or access to information in the user's terminal device (e.g. device fingerprinting) in the

within the meaning of the TTDSG. The consent can be revoked at any time.

Our hoster(s) will only process your data to the extent that this is necessary for the fulfillment of his or her

service obligations and follow our instructions with regard to this data.

We use the following hoster(s):

Rozengracht 207B, 1016 LZ Amsterdam, Netherlands

Order processing

We have concluded an order processing agreement (AVV) for the use of the above-mentioned service.

concluded. This is a contract that is required by data protection law, which

guarantees that the personal data of our website visitors will only be processed in accordance with our

instructions and in compliance with the DSGVO.

3. general notes and obligatory information

Data protection

The operators of these pages take the protection of your personal data very seriously. We treat your

personal data confidentially and in accordance with the statutory data protection regulations and

this data protection declaration.

When you use this website, various personal data are collected.

Personal data is data with which you can be personally identified. This

Privacy Policy explains what data we collect and what we use it for. It also explains how

and for what purpose this is done.

We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have

can have security gaps. A complete protection of the data against access by third parties is not

possible.

Note on the responsible entity

The responsible party for data processing on this website is:

Mark Hagelauer

Ladenburgerstrasse 57

69120 Heidelberg

Germany

markhagelauer@gmail.com

Phone: +49 (0) 15901189818

E-mail: markhagelauer@gmail.com

The responsible party is the natural or legal person who, alone or jointly with others, decides on

the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

decides.

Storage period

Unless a more specific storage period has been specified within this data protection statement, your personal data will remain with us

your personal data with us until the purpose for the data processing ceases to apply. If you assert a

legitimate request for deletion or revoke your consent to data processing,

your data will be deleted, unless we have other legally permissible reasons for storing your

personal data (e.g. retention periods under tax law or commercial law); in the

the latter case, the data will be deleted after these reasons cease to apply.

General information on the legal basis for data processing on this Website

Insofar as you have consented to data processing, we process your personal data on

basis of Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, insofar as special categories of data

are processed according to Art. 9 (1) DSGVO. In the event of express consent to the transfer of

personal data to third countries, the data processing is also carried out on the basis of Art.

49 para. 1 lit. a DSGVO. If you consent to the storage of cookies or to the access to information in

your terminal device (e.g. via device fingerprinting), the data processing will also be carried out on the basis of

on the basis of § 25 para. 1 TTDSG. The consent can be revoked at any time. If your data is required for

fulfillment of the contract or for the performance of pre-contractual measures, we process your

data on the basis of Art. 6 para. 1 lit. b DSGVO. Furthermore, we process your data insofar as these are

are necessary for the fulfillment of a legal obligation on the basis of Art. 6 para. 1 lit. c DSGVO.

Furthermore, the data processing may be based on our legitimate interest according to Art. 6 para. 1 lit. f

DSGVO. The relevant legal bases in each individual case will be explained in the following paragraphs of this privacy policy

Note on data transfer to third countries that are not secure under data protection law as well as

the transfer to US companies that are not DPF-certified.

Among other things, we use tools from companies that are based in third countries that are not safe

third countries and US tools whose providers are not certified under the EU-US Data Privacy Framework (DPF).

certified. When these tools are active, your personal data may be transferred to and processed in these countries.

and processed there. We would like to point out that in data protection insecure

third countries, a level of data protection comparable to that in the EU cannot be guaranteed.

We would like to point out that the USA, as a secure third country, generally has a level of data protection

level of data protection. Accordingly, data transfer to the USA is permissible if the recipient has

has certification under the "EU-US Data Privacy Framework" (DPF) or has appropriate additional

additional guarantees. For information on transfers to third countries including the

Data Recipients can be found in this Privacy Policy.

Recipients of personal data

In the course of our business activities, we cooperate with various external bodies. In this context

it is sometimes necessary to transfer personal data to these external bodies.

We only pass on personal data to external bodies if this is necessary within the framework of a

contract performance, if we are legally obligated to do so (e.g. transfer of data to tax authorities), if we have a legal

tax authorities), if we have a legitimate interest according to Art. 6 Para. 1 lit. f DSGVO in passing on the data or if there is another

or if another legal basis permits the data transfer. When using

processors, we only disclose personal data of our customers on the basis of a valid

contract on commissioned processing. In the case of joint processing, a contract on

joint processing is concluded.

Revocation of your consent to data processing

Many data processing operations are only possible with your explicit consent. You can revoke

already given consent at any time. The legality of the data processing carried out until the revocation

data processing remains unaffected by the revocation.

Right to object to the collection of data in special cases as well as to

Direct advertising (Art. 21 DSGVO)

IF THE DATA PROCESSING IS BASED ON ART. 6 ABS. 1 LIT. E OR F DSGVO

YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS

SITUATION, TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO

THIS ALSO APPLIES TO A PROFILING BASED ON THESE PROVISIONS.

PROFILING. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED,

PLEASE REFER TO THIS PRIVACY POLICY. IF YOU OBJECT,

WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING

UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT

WHICH OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING SERVES THE ASSERTION

PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING

LEGAL CLAIMS (OBJECTION ACCORDING TO ART. 21 PARA. 1 DSGVO).

IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSE OF DIRECT MARKETING,

YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING.

PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING; THIS ALSO APPLIES TO THE PROFILING

THIS ALSO APPLIES TO PROFILING, INSOFAR AS IT IS CONNECTED WITH SUCH DIRECT ADVERTISING.

CONNECTION. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE PROCESSED FOR THE

WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT ADVERTISING (OBJECTION

ACCORDING TO ART. 21 ABS. 2 DSGVO).

Right of appeal to the competent supervisory authority

In the event of violations of the GDPR, data subjects have a right of appeal to a

supervisory authority, in particular in the Member State of their habitual residence, their place of work

or the place of the alleged infringement. The right of appeal exists without prejudice to other

administrative or judicial remedies.

Right to data portability

You have the right to transfer data that we process automatically on the basis of your consent or in performance of a contract to yourself or to a third party.

automated, to yourself or to a third party in a common, machine-readable format.

hand over. If you request the direct transfer of the data to another person responsible

this will only be done insofar as it is technically feasible.

Information, correction and deletion

Within the scope of the applicable legal provisions, you have the right at any time to free of charge

information about your stored personal data, their origin and recipient and the

purpose of the data processing and, if applicable, a right to correction or deletion of this data. For this and

other questions on the subject of personal data, you can contact us at any time.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data.

For this purpose, you can contact us at any time. The right to restriction of processing exists in

following cases:

If you dispute the accuracy of your personal data stored by us, we need

usually need time to check this. For the duration of the review, you have the right to

Restrict the processing of your personal data.

If the processing of your personal data has happened/is happening unlawfully, you may

Request the restriction of data processing instead of erasure.

If we no longer need your personal data, but you wish to use it to exercise,

defense or assertion of legal claims, you have the right to request the restriction of the processing of your personal data instead of the deletion.

Request the restriction of the processing of your personal data instead of the deletion.

If you have lodged an objection pursuant to Art. 21 (1) DSGVO, a balancing must be made between

your interests and ours will be carried out. As long as it has not yet been determined whose interests are

prevail, you have the right to demand the restriction of the processing of your personal data.

to demand

If you have restricted the processing of your personal data, this data - apart from its

only with your consent or for the assertion, exercise or defense of legal claims or for the protection

defense of legal claims or for the protection of the rights of another natural or

legal person or for reasons of important public interest of the European Union or a

of a Member State are processed.

Encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from

"http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

be read by third parties.

4. data collection on this website

Contact form

If you send us inquiries via the contact form, the information you provide in the

form, including the contact details you provide there, will be stored by us for the purpose of processing the request

and for the case of follow-up questions stored with us. We do not pass on this data without your

without your consent.

The processing of this data is based on Art. 6 (1) lit. b DSGVO, insofar as your request is related to the

the fulfillment of a contract or is necessary for the implementation of pre-contractual measures.

is necessary. In all other cases, the processing is based on our legitimate interest in the

effective processing of the requests addressed to us (Art. 6 para. 1 lit. f DSGVO) or on your

consent (Art. 6 para. 1 lit. a DSGVO) if this has been requested; consent can be revoked at any time.

revocable at any time.

The data you entered in the contact form will remain with us until you request us to delete it, revoke your

revoke your consent to storage, or until the purpose for storing the data no longer applies

(e.g. after the processing of your inquiry has been completed). Mandatory legal provisions -

in particular retention periods - remain unaffected.

Inquiry by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, your inquiry, including all resulting

(name, inquiry) will be stored and processed by us for the purpose of processing your request.

and processed by us. We do not pass on this data without your consent.

The processing of this data is based on Art. 6 (1) lit. b DSGVO, provided that your request is related to

the fulfillment of a contract or is necessary for the implementation of pre-contractual measures.

is necessary. In all other cases, the processing is based on our legitimate interest in the

effective processing of the requests addressed to us (Art. 6 para. 1 lit. f DSGVO) or on your

consent (Art. 6 para. 1 lit. a DSGVO) if this has been requested; consent can be revoked at any time.

revocable at any time.

The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to the

revoke your consent to storage, or until the purpose for storing the data no longer applies

(e.g. after the processing of your request has been completed). Mandatory legal provisions -

in particular statutory retention periods - remain unaffected.

5. social media

Facebook

Elements of the social network Facebook are integrated on this website. The provider of this service is

Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. The collected data is

however, according to Facebook, also transferred to the USA and other third countries.

An overview of Facebook social media elements can be found here:

https://developers.facebook.com/docs/plugins/?locale=de_DE.

When the social media element is active, a direct connection is established between your end device and the

Facebook server is established. Facebook thereby receives the information that you have visited this website with your IP address.

website with your IP address. If you click the Facebook "Like" button while logged into your Facebook account, you can link the content of this website on your Facebook profile.

This allows Facebook to associate your visit to this website with your user account. We point out,

that we, as the provider of the pages, have no knowledge of the content of the transmitted data as well as its use

received by Facebook. For more information, please refer to the privacy policy of

Facebook at: https://de-de.facebook.com/privacy/explanation.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to

Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square,

Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26

DSGVO). The joint responsibility is limited exclusively to the collection of the data and its

data and its forwarding to Facebook. The processing that takes place after the forwarding by

Facebook is not part of the joint responsibility. The obligations incumbent on us jointly

have been set forth in a joint processing agreement. The text of the

Agreement can be found at: https://www.facebook.com/legal/controller_addendum.

According to this agreement, we are responsible for providing

information when using the Facebook tool and for the secure implementation of the tool on our website.

implementation of the tool on our website. Facebook is responsible for the data security of the Facebook products. Data subject rights (e.g. requests for information) regarding the data processed at

Facebook can be asserted directly with Facebook. If you assert the

If you assert the data subject rights with us, we are obliged to forward them to Facebook.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here:

https://www.facebook.com/legal/EU_data_transfer_addendum,

https://de-de.facebook.com/help/566994660333381 und

https://www.facebook.com/policy.php.

The company has a certification according to the "EU-US Data Privacy Framework" (DPF). The

DPF is an agreement between the European Union and the USA, which is intended to

European data protection standards for data processing in the USA. Each company

DPF is obligated to comply with these data protection standards. Further

information on this can be obtained from the provider at the following link:

https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000GnywAAC&status=Active

Twitter

Functions of the Twitter service are integrated on this website. These functions will

offered by the Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02

AX07, Ireland.

If the social media element is active, a direct connection between your device and the

Twitter servers are established. As a result, Twitter receives information about your visit to this website.

By using Twitter and the "Re-Tweet" function, the websites you visit with

Linked to your Twitter account and shared with other users. We would like to point out that we

as the provider of the pages, no knowledge of the content of the transmitted data or its use by

Get Twitter. Further information can be found in the privacy policy of Twitter at:

https://twitter.com/de/privacy .

If consent has been obtained, the use of the above-mentioned service is based on

Art. 6 Para. 1 lit. a DSGVO and § 25 TTDSG. The consent is revocable at any time. As far as no

If consent has been obtained, the use of the service is based on our legitimate

Interested in the widest possible visibility on social media.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here:

https://gdpr.twitter.com/en/controller-to-controller-transfers.html .

You can change your privacy settings on Twitter in the account settings under

https://twitter.com/account/settings change

Instagram

Functions of the Instagram service are integrated on this website. These functions will

offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2,

Ireland.

If the social media element is active, a direct connection between your device and the

Instagram servers are established. As a result, Instagram receives information about the visit to this website

through you.

Instagram If you are logged into your Instagram account, you can click on the Instagram button

link the contents of this website to your Instagram profile. This allows Instagram to visit these

Assign the website to your user account. We would like to point out that as the provider of the pages, we do not

Get knowledge of the content of the transmitted data and their use by Instagram.

If consent has been obtained, the use of the above-mentioned service is based on

Art. 6 Para. 1 lit. a DSGVO and § 25 TTDSG. The consent is revocable at any time. As far as no

If consent has been obtained, the use of the service is based on our legitimate

Interested in the widest possible visibility on social media.

Insofar as personal data is collected on our website with the help of the tool described here and sent to

Facebook Instagram, we and the Meta Platforms Ireland Limited, 4 Grand

Canal Square, Grand Canal Harbour, Dublin 2, Ireland jointly for this data processing

responsible (Art. 26 GDPR). The joint responsibility is limited exclusively to

Facebook Instagram, Twitter, Pinterest, Pinterest, Pinterest, Pinterest, Pinterest, Pinterest, Pinterest, Pinterest, Pinterest, Pinterest, Pinterest, Pinterest, Pinterest, Pinterest, Pinterest, Pinterest. After the transfer

Facebook Instagram processing is not part of the joint responsibility.

The obligations incumbent on us jointly were laid down in an agreement on joint

Recorded processing. The text of the agreement can be found at:

https://www.facebook.com/legal/controller_addendum . According to this Agreement, we are responsible for issuing

facebook Instagram, and for the use of the Facebook or Instagram tool and for the

responsible for the data protection-safe implementation of the tool on our website. For the

Facebook Instagram Facebook is responsible for the data security of the Facebook or Instagram products. Rights of data subjects

Facebook Instagram (e.g. requests for information) with regard to the data processed on Facebook or Instagram, you can

make a claim directly on Facebook. If you assert the rights of data subjects with us, we are

we are obliged to forward them to Facebook.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here:

https://www.facebook.com/legal/EU_data_transfer_addendum,

https://privacycenter.instagram.com/policy / and

https://de-de.facebook.com/help/566994660333381 .

For more information, please see the Instagram privacy Policy:

https://privacycenter.instagram.com/policy /.

6. Newsletter

Newsletter data

If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the

you agree to the use of the e-mail address provided and to the receipt of the newsletter. Other

Data will not be collected or only on a voluntary basis. We use this data exclusively for

the sending of the requested information and do not pass it on to third parties.

The processing of the data entered in the newsletter registration form takes place exclusively on

The basis of your consent (Art. 6 para. 1 lit. a DSGVO). The given consent to the storage of the

Data, the e-mail address as well as their use for sending the newsletter, you can at any time

for example, via the "unsubscribe" link in the newsletter. The legality of the already

Data processing operations remain unaffected by the revocation.

The data you have stored with us for the purpose of subscribing to the newsletter will be processed by us until your

Unsubscribing from the newsletter is stored by us or the newsletter service provider and after the

Unsubscribing from the newsletter or deleted from the newsletter distribution list after expiration of the purpose. We

we reserve the right to use e-mail addresses from our newsletter distribution list at our own discretion as part of

our legitimate interest pursuant to Art. 6 para. 1 lit. f DSGVO to delete or block.

Data that has been stored by us for other purposes remains unaffected by this.

After you have been unsubscribed from the newsletter distribution list, your e-mail address will be sent to us or the

Newsletter service providers may be stored in a blacklist, if this is to prevent future

Mailings are required. The data from the blacklist will only be used for this purpose and not with

other data is merged. This serves both your interest and our interest in the

Compliance with the legal requirements when sending newsletters (legitimate interest in the sense of

Art. 6 Para. 1 lit. f GDPR). The storage in the blacklist is not limited in time. You can use the

Object to the storage, provided that your interests outweigh our legitimate interest.

7. Plugins and Tools

YouTube with extended data protection

This website includes videos from the YouTube website. The operator of the pages is Google Ireland Limited

("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in the extended data protection mode. According to YouTube, this mode causes

YouTube does not store any information about visitors to this website before they watch the video

watch it. The transfer of data to YouTube partners is facilitated by the extended data protection mode

however, not necessarily excluded. This is how YouTube presents itself - regardless of whether you watch a video

view - connect to the Google Marketing Network.

As soon as you start a YouTube video on this website, a connection to the servers of

YouTube is made. The YouTube server will be informed which of our pages you have visited.

If you are logged into your YouTube account, you enable YouTube to track your surfing behavior directly

To assign it to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, YouTube can store various cookies on your device after starting a video

or use comparable recognition technologies (e.g. device fingerprinting). In this way

YouTube may receive information about visitors to this website. This information is used, among other things.

used to collect video statistics, improve usability and

To prevent fraud attempts.

If necessary, further data processing operations may be carried out after the start of a YouTube video

be triggered, on which we have no influence.

The use of YouTube is in the interest of an appealing presentation of our online offers.

This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. If a corresponding

If consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a

GDPR and § 25 para. 1 TTDSG, as far as the consent allows the storage of cookies or access to

Includes information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Which

Consent is revocable at any time.

Further information about data protection at YouTube can be found in their privacy policy at:

https://policies.google.com/privacy?hl=de .

The company has a certification according to the "EU-US Data Privacy Framework" (DPF). The

DPF is an agreement between the European Union and the USA that ensures compliance with

european data protection standards for data processing in the USA. Each after

companies certified to the DPF are obliged to comply with these data protection standards. Other

You can get information about this from the provider at the following link:

https://www.dataprivacyframework.gov/s/participant-search/participant detail?contact=true&id=a2zt000000001L5AAI&status=Active

Source: https://www.e-recht24.de