Controller
The controller within the meaning of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:
Sebastian Goßmann
Eismeerweg 13d
22145 Hamburg
Your data subject rights
Under the contact details provided, you may exercise the following rights at any time in accordance with the EU General Data Protection Regulation (GDPR):
- Information about your data stored by us and its processing (Art. 15 GDPR),
- Correction of inaccurate personal data (Art. 16 GDPR),
- Deletion of your data stored by us (Art. 17 GDPR),
- Restriction of data processing if we are not yet permitted to delete your data due to legal obligations (Art. 18 GDPR),
- Objection to the processing of your data by us (Art. 21 GDPR), and
- Data portability, provided you have consented to data processing or have concluded a contract with us (Art. 20 GDPR).
If you have given us your consent, you may withdraw it at any time with effect for the future.
You may lodge a complaint at any time with a supervisory authority, for example with the competent supervisory authority of the federal state of your place of residence or with the authority responsible for us as the controller.
A list of supervisory authorities (for the non-public sector) with addresses can be found at:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Processing activities
Collection of general information when visiting our website
Type and purpose of processing
When you access our website, i.e. if you do not register or otherwise transmit information, information of a general nature is automatically collected. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your Internet service provider, your IP address, and similar data.
They are processed in particular for the following purposes:
- Ensuring a smooth connection to the website
- Ensuring smooth use of the website
- Ensuring and evaluating system security and stability, in particular for the detection of misuse
- Ensuring a technically error-free presentation and optimization of the website
We do not use your data to draw conclusions about your identity. However, we reserve the right to subsequently review the server log files if there are concrete indications of unlawful use.
Legal basis and legitimate interest
Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website as well as ensuring system security and detecting misuse.
Recipients
Recipients of the data may include technical service providers who act as processors for the operation and maintenance of our website.
Storage duration
Data is stored in server log files in a form that allows the identification of the data subjects for a maximum of 7 days, unless a security-relevant event occurs (e.g. a DDoS attack).
In the event of such an incident, server log files are stored until the security-relevant event has been resolved and fully clarified.
Provision required or necessary
The provision of the aforementioned personal data is neither legally nor contractually required. However, without the IP address, the service and functionality of our website cannot be guaranteed. In addition, individual services and features may not be available or may be restricted.
Right to object
Please refer to the information on your right to object under Art. 21 GDPR below.
Contact
Type and purpose of processing
A contact form is available on our website which can be used for electronic contact. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored.
At the time the message is sent, the following data is also stored:
- IP address of the requesting device
- Date and time of the request
- URL from which the request was made
Contact can also be made via the email addresses provided. In this case, the personal data transmitted with the email will be stored. This includes the date and time of sending the email, email address, IP addresses, and information about the servers involved in the email communication.
You can also contact us via the telephone numbers provided. In this case, we collect log data that includes your telephone number and the duration of the call.
Regardless of the communication method chosen, we collect the content of your inquiry. Your data is stored for the purpose of individual communication with you.
Legal basis
Data processing is carried out on the basis of a legitimate interest (Art. 6 para. 1 lit. f GDPR).
Our legitimate interest in processing your data is to enable uncomplicated contact.
If you contact us to request an offer, the data will be processed to carry out pre-contractual measures (Art. 6 para. 1 lit. b GDPR).
Recipients
Recipients of the data may include technical service providers who act as processors for the operation and maintenance of our website.
Storage duration
Data is deleted no later than six months after the contact request has been processed.
If a contractual relationship arises, we are subject to statutory retention periods. These generally amount to 6 or 10 years for reasons of proper accounting and tax law requirements.
Provision required or necessary
The provision of your personal data is voluntary. However, we can only process your inquiry if you provide us with the required data and the reason for your request.
Right to object
Please refer to the information on your right to object under Art. 21 GDPR below.
Comment function
Type and purpose of processing
When users leave comments on our website, we store, in addition to the data entered in the input form, the time of entry and the IP address of the device used to submit the comment.
This serves our security, as we may be held liable for unlawful content on our website, even if it was created by users.
Legal basis and legitimate interest
The processing of data entered as comments is carried out on the basis of a legitimate interest (Art. 6 para. 1 lit. f GDPR). By providing the comment function, we want to enable uncomplicated interaction. The information you provide is stored for the purpose of processing the inquiry and for possible follow-up questions.
Recipients
Recipients of the data may include technical service providers who act as processors for the operation and maintenance of our website.
Storage duration
The data is deleted as soon as it is no longer required for the purpose for which it was collected. This is generally the case when communication with the user has been completed and the company can infer from the circumstances that the matter in question has been conclusively clarified. We reserve the right to delete data without stating reasons and without prior or subsequent notice.
You may also request the deletion of your comment at any time. To do so, please send an email to the contact details listed in this privacy policy and provide the link to your comment as well as the email address used when creating the comment for identification purposes.
Provision required or necessary
The provision of your personal data is voluntary. However, we can only publish your comment if you provide us with the information marked as mandatory.
Right to object
Please refer to the information on your right to object under Art. 21 GDPR below.
Newsletter
Type and purpose of processing
For the delivery of our newsletter or comparable information, we collect personal data that is transmitted to us via an input form.
For effective registration, we require a valid email address. To verify that registration is actually carried out by the owner of an email address, we use the double opt-in procedure. For this purpose, we log the registration for the newsletter, the sending of a confirmation email, and the receipt of the requested response. No further data is collected.
Legal basis
Based on your expressly given consent (Art. 6 para. 1 lit. a GDPR), we send you our newsletter or comparable information by email to the email address you have provided.
Recipients
We use a service provider for dispatch who acts as our processor.
Storage duration
Data is processed in this context only as long as the corresponding consent exists.
Provision required or necessary
The provision of your personal data is voluntary and based solely on your consent. Without existing consent, we cannot send you our newsletter.
Withdrawal of consent
You may withdraw your consent to the storage of your personal data and its use for newsletter delivery at any time with effect for the future. Unsubscription can be requested via the link contained in each email or via the contact details listed in this privacy policy.
Creation of a customer account
Type and purpose of processing
You have the option to create a customer account on our website. For this purpose, we collect your contact details.
Legal basis
The processing of the data entered during registration is based on the user’s consent (Art. 6 para. 1 lit. a GDPR).
Recipients
Recipients of the data may include technical service providers who act as processors for the operation and maintenance of our website.
Storage duration
Data is processed in this context only as long as the corresponding consent exists.
Provision required or necessary
The creation of a customer account is voluntary. It is advantageous for fulfilling a contract with you or carrying out pre-contractual measures, but not mandatory. You may place orders as a guest at any time.
Withdrawal of consent
The deletion of your customer account is possible at any time and can be requested using the contact details listed below.
Reach measurement
Type and purpose of processing
Reach measurement serves to evaluate visitor flows on our online offering and may include behavior, interests, or demographic information of visitors, such as age or gender, as pseudonymous values. With the help of reach analysis, we can, for example, recognize when our online offering or its functions or content are most frequently used or invite reuse. We can also identify which areas require adjustment.
The tools we use for reach measurement are listed below.
Legal basis
Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest. Reach measurement and the resulting information are suitable for adapting the web offering.
Recipients
We use technical service providers for the operation and maintenance of our website who act as our processors.
Storage duration
Information on storage duration can be found in the information on the tools used listed below.
Provision required or necessary
The provision of data is neither legally nor contractually required.
Right to object
Please refer to the information on your right to object under Art. 21 GDPR below.
Tools used for reach measurement
Web Analytics with Matomo (without Cookies)
We use the open‑source web analytics service Matomo on this website to analyze the usage behavior of our visitors in an anonymized form and to optimize our content. Matomo is used without cookies and works exclusively with anonymized data.
Type of Data Processed
When you access our website, the following information is collected:
- Anonymized IP address (the last bytes are removed)
– This prevents any direct personal identification. - Technical browser information
- Pages visited and duration of visit
- Information about device type, operating system, and screen resolution
No unique device identifiers are stored, and no cookies are set. Tracking is carried out using an anonymous, temporary identifier that is renewed daily and does not allow any conclusions to be drawn about individual users.
Legal Basis
Processing is carried out on the basis of Art. 6(1)(f) GDPR (legitimate interest).
Our legitimate interest lies in analyzing how our website is used in order to continuously improve our services.
Since we operate Matomo without cookies and exclusively with anonymized data, no consent via a cookie banner is required.
Server Location & Data Sovereignty
Matomo is operated on a server within the EU. All data remains exclusively on our server and is not shared with third parties.
Deactivation of Data Collection (Opt‑Out)
You may object to the anonymized collection of your visit at any time. In this case, a so‑called “Do‑Not‑Track” signal will be respected, provided it is activated in your browser. Matomo honors this setting.
Cookies
A cookie is a small data record that is created when visiting a website and temporarily stored on the website visitor’s system. When the server of this website is accessed again by the website user, the user’s browser sends the previously received cookie back to the server. The server can evaluate the information obtained through this process. Cookies can in particular facilitate navigation on a website.
Detailed information on the topic of cookies and which cookies are used on this website for which purpose can be accessed at any time in the cookie settings.
Deleting cookies
You can delete individual cookies or the entire cookie inventory. In addition, you will find information and instructions on how these cookies can be deleted or their storage blocked in advance. Depending on your browser provider, you can find the necessary information under the following links:
- Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-loeschen-daten-von-websites-entfernen
- Microsoft Edge: https://support.microsoft.com/de-de/windows/verwalten-von-cookies-in-microsoft-edge-anzeigen-zulassen-blockieren-l%C3%B6schen-und-verwenden-168dab11-0753-043d-7c16-ede5947fc64d
- Google Chrome: https://support.google.com/accounts/answer/61416?hl=de
- Opera: http://www.opera.com/de/help
- Safari: https://support.apple.com/kb/PH17191?locale=de_DE&viewlocale=de_DE
Additionally, you can generally prevent the loading of so-called scripts. NoScript allows JavaScript, Java, and other plugins to be executed only on trusted domains of your choice.
Information and instructions on how to configure this function can be obtained from your browser provider (e.g. for Mozilla Firefox:
https://addons.mozilla.org/de/firefox/addon/noscript/).
Technically necessary cookies
Type and purpose of processing
We use cookies to make our website more user-friendly. Some elements of our website require that the accessing browser can be identified even after a page change.
The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.
An overview of the cookies used can be found in our cookie consent tool.
Legal basis and legitimate interest
Data processing is carried out solely on the basis of our legitimate interest in a user-friendly design of our website and in documenting consent pursuant to Art. 6 para. 1 lit. f GDPR in conjunction with a balancing of interests pursuant to §25 para. 2 TDDDG.
Recipients
Recipients of the data may include technical service providers who act as processors for the operation and maintenance of our website.
Storage duration
The respective storage duration of the cookies can be found in the cookie consent tool.
Provision required or necessary
The provision of the aforementioned personal data is neither legally nor contractually required. However, without this data, the service and functionality of our website cannot be guaranteed. In addition, individual services and features may not be available or may be restricted.
Right to object
Please refer to the information on your right to object under Art. 21 GDPR below.
Provision required or necessary
The provision of your data is voluntary and based solely on your consent. However, please note that in this case you may not be able to fully use all functions of this website.
Withdrawal of consent
You may withdraw your consent for the future via the cookie consent tool.
Profiling
With the help of technically non-essential cookies, the behavior of website visitors can be evaluated and interests analyzed. For this purpose, we create a pseudonymous user profile.
Information about your right to object under Art. 21 GDPR
Right to object on a case-by-case basis
You have the right to object, at any time and on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6 para. 1 lit. f GDPR (data processing based on a balancing of interests); this also applies to profiling based on this provision within the meaning of Art. 4 no. 4 GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.
Recipient of an objection
Sebastian Goßmann
Eismeerweg 13d
22145 Hamburg
Changes to our privacy policy
We reserve the right to adapt this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, for example when introducing new services. The new privacy policy will then apply to your next visit.
Questions about data protection
If you have any questions about data protection, please send us an email to the controller listed above.
Copyright notice
This privacy policy was created with the help of activeMind AG – the experts for external data protection officers (version #2024-10-25).