Privacy + Cookie notice

Privacy Policy

… according to the General Data Protection Regulation and the German Federal Data Protection Act (New)

The first part Privacy Policy in a Nutshell briefly describes which personal data is collected and processed and how. It is short, quick to read and is aimed at interested people who want to get an overview. The second part Privacy Statement in Legal Parlance corresponds to the required form. It also contains topics that are not included in the short version, as well as further links, paragraphs and tirades.

Privacy Policy in a Nutshell

The website does not pursue any commercial interests. The offer is a private hobby project. You can use the offer without having to register on this page. On the contrary, it is not intended and possible for you to register.

You can leave comments on articles. If you do this, you must log in toDISQUS. Many blogs use DISQUS. You can create an account there or use a social media account. If you don't want that, don't do it and don't send comments. You can also contact me via anotherchannel instead.

When accessing the website from your browser, the web server temporarily stores your used IP address, with the time of access in a log file. Likewise, each web browser sends its name and version, as well as the name of the operating system. The web server stores this information with the IP address in the log file. The log files are only used to troubleshoot and track attacks. They are automatically deleted.

For access statistics we use Google Analytics to obtain information about the reach of the offer. Details will follow in the next chapter.

For searching our blog we use Algolia as a 3rd party search engine. If you use the search field the entered information and your internet connection data (i.e. IP address, information about the browser) will be sent to Alogila. So if you don't want that just don't use the search field.

Access to the website is encrypted with HTTPS. HTTPS schedules on its own virtual ROOT server. The server hoster therefore has no access to the data transferred.

This data protection declaration explains to you the type, scope and purpose of the processing of personal data (hereinafter referred to as "data") within our online offer and the associated websites, functions and contents as well as external online presences, e.g. our social media profile. (hereinafter jointly referred to as "online offer"). With regard to the terms used, such as "processing" or "person responsible", we refer to the definitions in Art. 4 of the Basic Data Protection Ordinance (GDPR).

Responsible

seeImprint.

Types of data processed:

Content data (e.g., text input, photographs, videos). Usage data (e.g., visited websites, interest in content, access times). Meta/communication data (e.g., device information, IP addresses).

categories of people affected

Visitors and users of the online offer (hereinafter referred to as "users"). Purpose of processing Provision of the online offer, its functions and contents. Answer contact requests and communicate with users. Security measures. Range measurement/marketing

Terms used

"Personal data" means any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more special features that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

"processing" means any operation carried out with or without the aid of automated procedures or any such series of operations in connection with personal data. The term goes a long way and covers practically every handling of data.

Responsible" means the natural or legal person, authority, institution or other body that alone or together with others decides on the purposes and means of processing personal data.

In accordance with Art. 13 GDPR, we inform you of the legal basis of our data processing. If the legal basis is not mentioned in the data protection declaration, the following applies: The legal basis for obtaining consents is Art. 6 para. 1 lit. a and Art. 7 GDPR, the legal basis for processing for the performance of our services and performance of contractual measures as well as for answering inquiries is Art. 6 para. 1 lit. b GDPR, the legal basis for processing to fulfil our legal obligations is Art. 6 para. 1 lit. c GDPR, and the legal basis for processing to protect our legitimate interests is Art. 6 para. 1 lit. f GDPR. In the event that the vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis.

Cooperation with contract processors and third parties If we disclose data to other persons and companies (contract processors or third parties) within the scope of our processing, transmit it to them or otherwise grant them access to the data, this shall only take place on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as payment service providers, in accordance with Art. 6 Para. 1 lit. b GDPR for contract fulfilment is necessary), if you have consented, if a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).

If we commission third parties with the processing of data on the basis of a so-called "order processing contract", this is done on the basis of Art. 28 GDPR.

Transmissions to third countries

If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of the use of third-party services or disclosure or transfer of data to third parties, this only takes place if it occurs for the fulfilment of our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or leave the data in a third country only if the special requirements of Art. 44 ff. Process GDPR. This means, for example, processing is carried out on the basis of special guarantees, such as the officially recognised determination of a data protection level corresponding to the EU (e.g. for the USA by the "Privacy Shield") or compliance with officially recognised special contractual obligations (so-called "standard contractual clauses").

Rights of the persons concerned

You have the right to request confirmation as to whether the data concerned are being processed and to request information about these data as well as further information and a copy of the data in accordance with Art. 15 GDPR.

They have correspondingly. In accordance with Article 16 of the DSBER, you have the right to request the completion of data concerning you or the correction of inaccurate data concerning you.

In accordance with Art. 17 GDPR, you have the right to demand that relevant data be deleted immediately or, alternatively, to demand a restriction on the processing of the data in accordance with Art. 18 GDPR.

You have the right to request that the data concerning you that you have provided to us be received in accordance with Art. 20 GDPR and to request its transmission to other persons responsible.

In accordance with Art. 77 GDPR, they also have the right to file a complaint with the competent supervisory authority.

Right of withdrawal

You have the right to revoke consents granted pursuant to Art. 7 para. 3 GDPR with future effect

Right of objection

You can object to the future processing of the data concerning you in accordance with Art. 21 GDPR at any time. The objection may be lodged in particular against processing for direct marketing purposes.

Cookies and right of objection in direct advertising

Cookies" are small files that are stored on the user's computer. Different data can be stored within the cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after his or her visit to an online offer. Temporary cookies, or "session cookies" or "transient cookies", are cookies that are deleted after a user leaves an online offer and closes his browser. In such a cookie, for example, the content of a shopping basket can be stored in an online shop or a login jam. Cookies are referred to as "permanent" or "persistent" and remain stored even after the browser is closed. For example, the login status can be saved when users visit it after several days. Likewise, the interests of users used for range measurement or marketing purposes may be stored in such a cookie. Third-party cookies" are cookies that are offered by providers other than the person responsible for operating the online offer (otherwise, if they are only its cookies, they are referred to as "first-party cookies").

We may use temporary and permanent cookies and clarify this within the framework of our data protection declaration.

If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.

A general objection to the use of cookies used for online marketing purposes can be declared for a large number of services, especially in the case of tracking, via the US sitehttp://www.aboutads.info/choices/ or the EU sitehttp://www.youronlinechoices.com/. Furthermore, the storage of cookies can be achieved by deactivating them in the browser settings. Please note that in this case not all functions of this online offer can be used.

Deletion of data

The data processed by us will be deleted or their processing restricted in accordance with Articles 17 and 18 GDPR. Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory storage obligations. If the data are not deleted because they are necessary for other and legally permissible purposes, their processing is restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons.

In accordance with statutory requirements in Germany, the records are kept in particular for 6 years in accordance with § 257 (1) HGB (trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with § 147 (1) AO (books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).

In accordance with legal requirements in Austria, storage is carried out in particular for 7 years in accordance with § 132 (1) BAO (accounting documents, receipts/invoices, accounts, receipts, business papers, statement of income and expenses, etc.), for 22 years in connection with real estate and for 10 years for documents in connection with electronically provided services, telecommunications, radio and television services which are provided to non-entrepreneurs in EU member states and for which the Mini-One-Stop-Shop (MOSS) is used.

Collection of access data and log files

We, or our hosting provider, collect the following data on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR data on each access to the server on which this service is located (so-called server log files). Access data includes the name of the accessed website, file, date and time of access, transferred data volume, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.

Log file information is stored for a maximum of 7 days for security reasons (e.g. to investigate misuse or fraud) and then deleted. Data whose further storage is required for evidentiary purposes are excluded from deletion until the respective incident has been finally clarified.

Contact me

When contacting us (e.g. via contact form, e-mail, telephone or social media), the user's details are processed for processing the contact enquiry and its processing in accordance with Art. 6 para. 1 lit. b) GDPR. User information can be stored in a customer relationship management system ("CRM system") or comparable request organization.

We delete the requests if they are no longer necessary. We review this requirement every two years; the statutory archiving obligations also apply.

DISQUS comment function On the basis of our legitimate interests in an efficient, secure and user-friendly comment management pursuant to Art. 6 para. 1 lit. f. GDPR has launched the commentary service DISQUS, offered by DISQUS, Inc. 301 Howard St, Floor 3 San Francisco, California- 94105, USA. DISQUS is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law: https://www.privacyshield.gov/participant.

 To use the DISQUS comment function, users can log in via their own DISQUS user account or an existing social media account (e.g. OpenID, Facebook, Twitter or Google). DISQS obtains the user's login data from the platforms. It is also possible to use the DISQUS comment function as a guest, without creating or using user accounts at DISQUS or one of the specified social media providers.

We only embed DISQUS with its functions into our website, whereby we can influence the comments of the users. However, the users enter into a direct contractual relationship with DISQUS, in the context of which DISQS processes the comments of the users and is a contact for any deletion of the user's data. We refer to theDISQUS Privacy Policy and point out to users that they can assume that DISQUS stores not only the comment content but also its IP address and the time of the comment and can also store cookies on users' computers and use them to display advertising. Users may, however, object to the processing of their data for the purpose of displaying advertisements (https://disqus.com/data-sharing-settings).

Comments and Posts

If users leave comments or other contributions, their IP addresses will be used on the basis of our legitimate interests within the meaning of Art. 6 (1) (f). GDPR for 7 days. This takes place for our safety, if someone leaves illegal contents in comments and contributions (insults, forbidden political propaganda, etc.). In this case we can be prosecuted ourselves for the comment or contribution and are therefore interested in the identity of the author.

Comment subscriptions

Users may subscribe to the follow-up comments with their consent in accordance with Art. 6 para. 1 lit. a GDPR. Users will receive a confirmation email to verify that they are the owner of the email address they entered. Users can unsubscribe from ongoing comment subscriptions at any time. The confirmation email will contain information on the cancellation options. For the purpose of providing proof of user consent, we store the login dot along with the user's IP address and delete this information when users unsubscribe from the subscription.

You can cancel the receipt of our subscription at any time, i.e. revoke your consent. We may store the e-mail addresses we have unsubscribed for up to three years on the basis of our legitimate interests before we delete them in order to be able to prove a previously given consent. The processing of these data is limited to the purpose of a possible defence against claims. An individual application for cancellation is possible at any time, provided that at the same time the former existence of a consent is confirmed.

retrieval of profile pictures at Gravatar

We use the service Gravatar of Automattic Inc. 60 29th Street #343, San Francisco, CA 94110, USA, within our online offer and especially in our blog.

Gravatar is a service where users can log in and store profile pictures and their e-mail addresses. If users leave contributions or comments with the respective e-mail address on other online presences (especially in blogs), their profile pictures can be displayed next to the contributions or comments. For this purpose, the e-mail address provided by the users is transmitted to Gravatar in encrypted form for the purpose of checking whether a profile has been saved for it. This is the sole purpose of the transmission of the e-mail address and it will not be used for other purposes, but will be deleted thereafter.

The use of Gravatar is based on our legitimate interests within the meaning of Art. 6 Para. 1 letter f) GDPR, as we offer the possibility of personalising their contributions with a profile picture with the help of Gravatar.

Automattic is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant).

 By displaying the images, Gravatar obtains the IP address of the users, as this is necessary for communication between a browser and an online service. For more information on Gravatar's collection and use of the data, please refer to the Automattic Privacy Policy.

 If users do not want an image associated with their email address to appear in Gravatar's comments, you should use a non-Gravatar email address for commenting. We would also like to point out that it is also possible to use an anonymous or no e-mail address if users do not wish their own e-mail address to be sent to Gravatar. Users can completely prevent the transfer of data by not using our comment system.

Google Analytics

On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR) Google Analytics, a web analysis service of Google LLC ("Google"). Google uses cookies. The information generated by the cookie about the use of the online offer by users is generally transferred to a Google server in the USA and stored there.

Google is certified under the Privacy Shield Agreement and thereby offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant).

Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with further services associated with the use of this online offer and the use of the Internet. Pseudonymous user profiles can be created from the processed data.

We use Google Analytics only with IP anonymization enabled. This means that Google will reduce the IP address of users within Member States of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

The IP address transmitted by the user's browser is not merged with other Google data. Users may refuse the use of cookies by selecting the appropriate settings on their browser software; users may also prevent Google from collecting data generated by the cookie and relating to their use of the website and from processing such data by downloading and installing the browser plug-inavailable at the following link. 

Further information on data use by Google, possible settings and objections can be found on the Google websites: "Data use by Google when using our partners' websites or apps", "Data use for advertising purposes", Manage information that Google uses to show you advertising".

Online presence in social media

We maintain online presences within social networks and platforms in order to communicate with active customers, interested parties and users and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply. 

Unless otherwise stated in our privacy policy, we process the data of users who communicate with us within social networks and platforms, e.g. write articles on our websites or send us messages.

Algolia Search Engine

On the basis of our legitimate interests (i.e. finding articles based on search phrases) this site uses Algolia Search Engine as search service. It is owned by Algolia, Inc., 589 Howard Street, Suite 5, San Francisco, CA 94105, USA. If a user uses the search field the entered information and the users connection data (i.e. IP address, information about the browser) is sent to Alogila. Algolia is part of TRUSTe Certified Privacy. For more information on Algolia please refer to the Algolia Privacy Policy.

Created with Datenschutz-Generator.de by RA Dr. Thomas Schwenke.

Translated with DeepL.