1. Information on the collection of personal data
1.1. The following document outlines how we collect personal data when you use our website. Personal data includes all data that can be obtained about your person, such as your name, address, email address and user behaviour.
1.2. The controller as defined by Article 4 (7) of the EU General Data Protection Regulation (GDPR) is Susanne Schenavsky, Morsestrasse 8, 85716 Unterschleissheim, firstname.lastname@example.org.
1.3. When you contact us via email, the data you provide (your email address and, where applicable, your name, telephone number and address) is stored by us for the purpose of responding to your enquiries. We delete the personal data collected in this context once its storage is no longer required, or limit its processing where there is a legal obligation to retain it.
2. Collection of personal data when you visit our website
2.1. When you use the website purely for information purposes – that is, if you do not register or otherwise provide us with information – we only collect the personal data transmitted by your browser to our server. In doing so, we collect data each time the server on which this service is located is accessed (so-called ‘server logfiles’) based on our legitimate interests as set out in Article 6 (1) Letter f GDPR. This access data includes:
- name of the website accessed,
- data and time of access,
- data volume transmitted,
- notification of successful access,
- browser type and version,
- user operating system,
- referrer URL (previously visited site),
- IP address,
- requesting provider.
Logfile information is stored for an unlimited period for security reasons (such as the investigation of cases of abuse or fraud). Data that must be retained further for evidential purposes is excluded from erasure until the incident is conclusively clarified.
2.2. We use content and services offered by third-party providers within our online offering to integrate their content and services, e.g. videos or fonts (hereinafter uniformly referred to as ‘content’), based on our legitimate interests (i.e. interests in the analysis, optimisation and viable operation of our online offering within the meaning of Article 6 (1) Letter f GDPR). This always assumes that the third-party provider of this content uses the IP address of the user, as they cannot send the content to your browser without the IP address. The IP address is therefore required in order to display this content. We strive to use only content where its provider requires the IP address solely for the purpose of delivering the content. Third-party providers can also use so-called ‘pixel tags’ (invisible graphics also known as ‘web beacons’) for statistical or marketing purposes. Information such as visitor traffic to the pages of this website can be evaluated through these ‘pixel tags’. Pseudonymous information can also be stored on the user’s device in cookies and can include technical information about the browser and operating system, referring websites and visit time as well as additional information about the use of our online offering, and can also be combined with similar information from other sources.
The following provides an overview of third-party providers and their content, together with links to their privacy policies containing further information on data processing and opportunities to object (‘opt out’) already partially mentioned here:
- External fonts by Google, Inc., https://www.google.com/fonts (‘Google Fonts’). Google Fonts are integrated by accessing the Google server (generally in the USA).
- ‘Gravatar’ avatar service provided by third-party provider Automattic Inc.
- ‘Cookie Consent by Insites’ cookie notice plugin by Silktide Ltd. This is integrated by accessing the server at Cloudflare, Inc, https://www.cloudflare.com/ (generally in the USA).
- Maps from the ‘Google Maps’ service provided by third-party provider Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
3. Your rights:
3.1. You have the following rights with regard to personal data that we process relating to you:
- Right of access
- Right to rectification or erasure
- Right to restriction of processing
- Right to object to processing
- Right to data portability
3.2. You also have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data.
4. Disclosure of data:
Your personal data is not transmitted to third parties for purposes other than those stated above.