Privacy Policy

Responsible Person

Christoph Sax
Ahornst. 8
84431 Heldenstein
Deutschland

Overview of the processing

The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects.

Types of data processed

inventory data (e.g. names, addresses),
content data (e.g. text entries, photographs, videos),
contact details (e.g. e-mail, telephone numbers),
Meta / communication data (e.g. device information, IP addresses) and
Usage data (e.g. websites visited, interest in content, access times).

Purposes of processing

Provision of the online presence including its functions and content
Answering contact inquiries and communicating with users,
Feedback (e.g. collecting feedback via the online form) and
Safety measures

SSL encryption

To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) over HTTPS.

Cookies

Our website uses cookies. These are small text files that your web browser saves on your device. Cookies help us to make our offer more user-friendly, more effective and safer.

Some cookies are “session cookies”. Such cookies are automatically deleted at the end of your browser session. However, other cookies remain on your device until you delete them yourself. Such cookies help us to recognize you when you return to our website.

With a modern web browser you can monitor, restrict or prevent the setting of cookies. Many web browsers can be configured in such a way that cookies are automatically deleted when the program is closed. Deactivating cookies can limit the functionality of our website.

The setting of cookies, which are necessary to carry out electronic communication processes or to provide certain functions you wish to use (e.g. shopping cart), is based on Art. 6 Para. 1 lit.f GDPR. As the operator of this website, we have a legitimate interest in storing cookies for the technically error-free and smooth provision of our services. If other cookies are set (e.g. for analysis functions), these will be treated separately in this data protection declaration.

Types of data processed: Meta / communication data (e.g. device information, IP addresses) and usage data (e.g. websites visited, interest in content, access times).
Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit.f. GDPR)

Provision of the online offer and web hosting

In order to be able to provide our online offer safely and efficiently, we use the services of one or more web hosting providers from whose servers (or servers managed by them) the online offer can be accessed. For these purposes, we can use infrastructure and platform services, computing capacity, storage space and database services as well as security services and technical maintenance services.

The data processed as part of the provision of the hosting offer can include all information relating to the users of our online offer that is generated in the context of use and communication. This regularly includes the IP address, which is necessary in order to be able to deliver the content of online offers to browsers, and all entries made within our online offer or from websites.

E-Mail sending and hosting

The web hosting services we use also include sending, receiving and storing e-mails. For these purposes, the addresses of the recipients and senders as well as other information regarding the sending of e-mails (e.g. the providers involved) and the content of the respective e-mails are processed. The aforementioned data can also be processed for the purpose of detecting spam. Please note that emails on the Internet are generally not sent in encrypted form. As a rule, e-mails are encrypted while they are being transported, but (if no so-called end-to-end encryption method is used) not on the servers from which they are sent and received. We cannot therefore accept any responsibility for the transmission path of the e-mails between the sender and the receipt on our server.

Collection of access data and log files

We ourselves (or our web hosting provider) collect data every time the server is accessed (so-called server log files). The server log files can include the address and name of the websites and files accessed, the date and time of access, the amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page) and, as a rule, IP Addresses andbelong to the requesting provider.

The server log files can be used on the one hand for security purposes, e.g. to avoid overloading the server (especially in the case of abusive attacks, so-called DDoS attacks) and on the other hand to ensure the load on the servers and their stability.

Types of data processed: Content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times) and meta / communication data (e.g. device information, IP addresses)
Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit.f. GDPR)

Deletion of data

The data processed by us will be deleted in accordance with the legal requirements as soon as the consent permitted for processing is revoked or other permissions are no longer applicable (e.g. if the purpose of processing this data is no longer applicable or is not required for the purpose).

If the data are not deleted because they are required for other and legally permissible purposes, their processing will be limited to these purposes. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax law reasons or whose storage is necessary to assert, exercise or defend legal claims or to protect the rights of another natural or legal person.

Further information on the deletion of personal data can also be found in the individual data protection information of this data protection declaration.

Change and update of the data protection declaration

We ask you to inform yourself regularly about the content of our data protection declaration. We will adapt the data protection declaration as soon as the changes to the data processing carried out by us make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.

If we provide addresses and contact information of companies and organizations in this data protection declaration, please note that the addresses can change over time and ask you to check the information before contacting us.

rights of data subjects

As a data subject, you have various rights under the GDPR, which arise in particular from Articles 15 to 18 and 21 GDPR:

Right to object: You have the right, for reasons that arise from your particular situation, at any time to object to the processing of your personal data, which is based on Art. 6 Para. 1 lit. e or f GDPR, To lodge an objection; this also applies to profiling based on these provisions. If the personal data relating to you are processed in order to operate direct mail, you have the right to object at any time to the processing of the personal data relating to you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.

Right to withdraw consent: You have the right to revoke your consent at any time.
Right of providing information: You have the right to request confirmation as to whether the data in question is being processed and to request information about this data as well as further information and a copy of the data in accordance with the legal requirements.
Right to rectification: In accordance with the legal requirements, you have the right to request the completion of the data relating to you or the correction of incorrect data relating to you.
Right to deletion and restriction of processing: In accordance with the legal requirements, you have the right to demand that the data relating to you be deleted immediately or, alternatively, to request a restriction on the processing of the data in accordance with the legal requirements.
Right to data portability: You have the right to receive data concerning you that you have provided to us in accordance with the legal requirements in a structured, common and machine-readable format or to request that it be transmitted to another person responsible.
Complaint to the supervisory authority: You also have the right, in accordance with the legal requirements, to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, your place of work or the place of the alleged violation, if you are of the opinion that the processing of the personal data concerning you is against violates the GDPR.