This privacy policy clarifies the nature, scope, and purpose of the processing of personal data (hereinafter referred to as "data") within my online offer and the associated websites, functions, and content, as well as external online presences, such as my social media profiles (hereinafter collectively referred to as "online offer"). With regard to the terminology used, such as "processing" or "controller," I refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).
Boris Wesemann Gartenstraße 4, 21737 Wischhafen, Germany E-mail: boris.wesemann@gmail.com Tel.: +49 (0)151 207 840 86
Contact details when contacting (e.g., e-mail, telephone numbers). Content data (e.g., text entries, photographs, videos). Usage data (e.g., websites visited, interest in content, access times). Meta/communication data (e.g., device information, IP addresses).
Visitors and users of the online offer (hereinafter referred to collectively as "users").
- Provision of the online offer, its functions, and contents. Responding to contact requests and communicating with users. Security measures. Range measurement/Marketing
“Personal data” means any information relating to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. “Processing” means any operation or set of operations which is performed on personal data, whether or not by automated means. The term is broad and covers practically any handling of data. “Pseudonymisation” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person. “Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements. “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. “Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
In accordance with Art. 13 GDPR, I inform you of the legal bases of my data processing. If the legal basis is not mentioned in the privacy policy, the following applies: The legal basis for obtaining consent is Art. 6 (1) lit. a and Art. 7 GDPR; the legal basis for processing for the performance of my services and implementation of contractual measures as well as responding to inquiries is Art. 6 (1) lit. b GDPR; the legal basis for processing for the fulfillment of my legal obligations is Art. 6 (1) lit. c GDPR; and the legal basis for processing for the protection of my legitimate interests is Art. 6 (1) lit. f GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) lit. d GDPR serves as the legal basis.
I take appropriate technical and organizational measures in accordance with Art. 32 GDPR, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different probability of occurrence and severity of the risk for the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk. The measures include, in particular, securing the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, entry, transfer, securing of availability and its separation. Furthermore, I have established procedures that ensure the exercise of data subject rights, deletion of data and reaction to data threats. Furthermore, I already take the protection of personal data into account during the development or selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and through data-protection-friendly default settings (Art. 25 GDPR).
If, within the scope of my processing, I disclose data to other persons and companies (processors or third parties), transmit it to them or otherwise grant them access to the data, this is only done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as to payment service providers, is required for contract fulfillment pursuant to Art. 6 (1) lit. b GDPR), if you have consented, if a legal obligation provides for this or on the basis of my legitimate interest (e.g. when using agents, web hosts, etc.). If I commission third parties to process data on the basis of a so-called "Data Processing Agreement", this is done on the basis of Art. 28 GDPR.
If I process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs within the framework of using third-party services or disclosure or transmission of data to third parties, this only takes place if it is done to fulfill my (pre)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of my legitimate interest. Subject to legal or contractual permissions, I process or have the data processed in a third country only if the special requirements of Art. 44 et seq. GDPR are met. This means, for example, that processing is carried out on the basis of special guarantees, such as the officially recognized determination of a level of data protection corresponding to the EU (e.g. for the USA through the "Privacy Shield") or compliance with officially recognized special contractual obligations (so-called "standard contractual clauses").
You have the right to request confirmation as to whether data concerning you is being processed and to information about this data as well as further information and a copy of the data in accordance with Art. 15 GDPR. According to Art. 16 GDPR, you have the right to request the completion of the data concerning you or the correction of the incorrect data concerning you. In accordance with Art. 17 GDPR, you have the right to demand that relevant data be deleted immediately, or alternatively, in accordance with Art. 18 GDPR, to demand a restriction on the processing of the data. You have the right to request to receive the data concerning you that you have provided to me in accordance with Art. 20 GDPR and to request its transmission to other controllers. Furthermore, according to Art. 77 GDPR, you have the right to file a complaint with the competent supervisory authority.
You have the right to withdraw consents granted pursuant to Art. 7 (3) GDPR with effect for the future.
You can object to the future processing of the data concerning you in accordance with Art. 21 GDPR at any time. The objection can be made in particular against processing for direct marketing purposes.
"Cookies" are small files that are stored on the users' computers. Different information can be stored within the cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after their visit to an online offer. Temporary cookies, or "session cookies" or "transient cookies," are cookies that are deleted after a user leaves an online offer and closes their browser. In such a cookie, for example, the contents of a shopping cart in an online shop or a login status can be stored. Cookies are referred to as "permanent" or "persistent" if they remain stored even after the browser is closed. For example, the login status can be stored if the users visit them after several days. Likewise, the interests of users can be stored in such a cookie, which are used for range measurement or marketing purposes. "Third-party cookies" are cookies offered by providers other than the controller operating the online offer (otherwise, if they are only their cookies, they are called "first-party cookies").
I maintain online presences within social networks and platforms in order to communicate with the interested parties and users active there and to be able to inform them about my services there. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply. Unless otherwise stated in my privacy policy, I process the data of users if they communicate with me within social networks and platforms, e.g. write posts on my online presences or send me messages.
Within my online offer, I use content or service offers from third-party providers on the basis of my legitimate interest (i.e. interest in the analysis, optimization and economic operation of my online offer within the meaning of Art. 6 (1) lit. f. GDPR) in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”). This always requires that the third-party providers of this content perceive the IP address of the user, as they could not send the content to their browser without the IP address. The IP address is therefore required for the display of this content. I endeavor only to use such content whose respective providers use the IP address only for delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Through the "pixel tags," information such as visitor traffic on the pages of this website can be evaluated. The pseudonymous information can also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, visiting time and other details about the use of my online offer, as well as be linked to such information from other sources.
Created with Datenschutz-Generator.de by RA Dr. Thomas Schwenke