This Privacy Policy (version 06.03.2024-122740142) was created to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (referred to as “data”) we, as data controllers, and the processors we commission (e.g., service providers) process now and may process in the future, as well as the lawful options available to you. The terms used are gender-neutral.
In short: We aim to inform you comprehensively about the data we process about you.
Privacy policies are often written in very technical language and use legal jargon. This Privacy Policy, however, is designed to describe the most important aspects as simply and transparently as possible. Where it enhances clarity, technical terms are explained in user-friendly language, links to further information are provided, and visual aids are included.
We aim to communicate clearly and in simple terms that we process personal data in the context of our business activities only when there is a corresponding legal basis. This is certainly not achievable with the kind of brief, unclear, and legally technical explanations often found on the internet when it comes to data protection.
I hope you find the following explanations interesting and informative, and perhaps you’ll learn something new. If you still have questions, we kindly ask you to contact the responsible party listed below or in the legal notice, follow the available links, and consult further information on third-party websites. Our contact details can also be found in the legal notice.
This Privacy Policy applies to all personal data processed by our company and to all personal data processed by companies we commission (processors). By personal data, we mean information as defined in Article 4(1) of the GDPR, such as a person’s name, email address, and postal address. The processing of personal data enables us to offer and bill for our services and products, whether online or offline.
The scope of this Privacy Policy covers:
• all online presences (websites, online shops) we operate,
• social media profiles and email communication,
• mobile apps for smartphones and other devices.
In short: This Privacy Policy applies to all areas where personal data is systematically processed within the company via the mentioned channels. Should we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.
n this Privacy Policy, we provide transparent information about the legal principles and regulations—the legal bases of the General Data Protection Regulation (GDPR)—that allow us to process personal data. Regarding EU law, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can access this EU GDPR online via EUR-Lex, the gateway to EU law, at https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=celex%3A32016R0679.
We process your data only if at least one of the following conditions applies:
• Consent (Article 6(1)(a) GDPR): You have given us your consent to process your data for a specific purpose. An example would be the storage of data you entered into a contact form.
• Contract (Article 6(1)(b) GDPR): We process your data to fulfill a contract or pre-contractual obligations with you. For instance, when entering into a purchase agreement, we require personal information beforehand.
• Legal Obligation (Article 6(1)(c) GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally required to retain invoices for accounting purposes, which typically contain personal data.
• Legitimate Interests (Article 6(1)(f) GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data to operate our website securely and efficiently, which constitutes a legitimate interest.
Other conditions, such as carrying out tasks in the public interest, exercising official authority, or protecting vital interests, generally do not apply to us. If such a legal basis becomes relevant, it will be explicitly stated.
In addition to the EU regulation, national laws also apply:
• In Austria, this is the Federal Act on the Protection of Natural Persons in the Processing of Personal Data (Data Protection Act, DSG).
• In Germany, the Federal Data Protection Act (BDSG) applies.
If other regional or national laws are applicable, we will inform you about them in the relevant sections below.
If you have questions about data protection or the processing of personal data, you can find the contact details of the responsible person or entity below:
Birgit Stangl, MA
Wienerbruckstraße 44
2344 Maria Enzersdorf
Austria
Email: birgit@b-stangl.com
Phone: +43 670 357 9229
Legal Notice: https://www.b-stangl.at/imprint
As a general principle, we store personal data only as long as it is absolutely necessary to provide our services and products. This means that we delete personal data as soon as the purpose for data processing no longer applies. In some cases, we are legally obligated to retain certain data even after the original purpose has ceased, for example, for accounting purposes.
If you request the deletion of your data or revoke your consent for data processing, the data will be deleted as quickly as possible unless there is a legal obligation to retain it.
Wherever we have further information regarding the specific duration of data processing, we provide those details in the sections below.
In accordance with Articles 13 and 14 of the GDPR, we inform you of the following rights you have to ensure the fair and transparent processing of your data:
• Right to Access (Article 15 GDPR): You have the right to know if we process your data. If so, you can request a copy of the data and obtain the following information:
• The purpose of processing.
• The categories (types) of data being processed.
• The recipients of the data and, if applicable, how the security of data transferred to third countries is ensured.
• The duration of data storage.
• The existence of rights to rectification, deletion, or restriction of processing, as well as your right to object to processing.
• Your right to lodge a complaint with a supervisory authority (links to these authorities are provided below).
• The source of the data, if not collected directly from you.
• Whether profiling is conducted (automatic evaluation of data to create a personal profile).
• Right to Rectification (Article 16 GDPR): If you find errors in your data, you can request that we correct them.
• Right to Erasure (“Right to be Forgotten,” Article 17 GDPR): You may request the deletion of your data.
• Right to Restriction of Processing (Article 18 GDPR): You can request that we only store your data and cease further processing.
• Right to Data Portability (Article 20 GDPR): Upon request, we can provide your data in a commonly used format.
• Right to Object (Article 21 GDPR): You can object to the processing of your data based on Article 6(1)(e) (public interest, exercise of official authority) or Article 6(1)(f) (legitimate interest). We will review your objection promptly to determine if we can legally comply.
• If your data is used for direct marketing, you can object to this at any time. We will then cease using your data for direct marketing purposes.
• If your data is used for profiling, you can object to this at any time. We will then stop processing your data for profiling.
• Right Not to Be Subject to Automated Decision-Making (Article 22 GDPR): You may have the right not to be subject to decisions based solely on automated processing, including profiling.
• Right to Lodge a Complaint (Article 77 GDPR): You can file a complaint with a supervisory authority if you believe the processing of your data violates the GDPR.
In summary: You have rights—do not hesitate to contact the responsible entity listed above!
If you believe that your data has been processed unlawfully or your data protection rights have been infringed, you can file a complaint with a supervisory authority. For Austria, this is the Data Protection Authority, whose website can be found at https://www.dsb.gv.at/.
In Germany, each federal state has its own data protection officer. For further information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
Cookies Overview
👥 Affected Parties: Visitors to the website
🤝 Purpose: Varies depending on the specific cookie. More details are provided below or by the software provider that sets the cookie.
📓 Data Processed: Depends on the specific cookie used. More details are provided below or by the software provider that sets the cookie.
📅 Storage Duration: Varies by cookie, ranging from hours to years
⚖️ Legal Basis: Article 6(1)(a) GDPR (Consent), Article 6(1)(f) GDPR (Legitimate Interests)
Our website uses HTTP cookies to store user-specific data. Below, we explain what cookies are and why they are used, helping you better understand this privacy policy.
Whenever you browse the internet, you use a browser. Popular browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.
Cookies are undeniably useful helpers. Nearly all websites use cookies, specifically HTTP cookies, though there are other types for various applications. HTTP cookies are small files saved on your computer by our website. These cookie files are automatically stored in your browser’s cookie folder, which acts as the “brain” of your browser. Each cookie has a name and a value, along with one or more attributes.
Cookies store specific user data, such as your language preferences or personal site settings. When you revisit our site, your browser sends the “user-specific” information back to our website. Thanks to cookies, our website recognizes you and provides the settings you’re accustomed to. In some browsers, each cookie is stored in its own file, while in others (e.g., Firefox), all cookies are stored in a single file.
The following diagram illustrates a potential interaction between a web browser (e.g., Chrome) and a web server. The browser requests a website and receives a cookie from the server, which the browser uses again when another page is requested.
First-Party vs. Third-Party Cookies
There are two types of cookies:
• First-party cookies are created directly by our website.
• Third-party cookies are created by partner websites (e.g., Google Analytics).
Each cookie must be evaluated individually, as every cookie stores different data. Additionally, the lifespan of a cookie varies from a few minutes to several years. Cookies are not software programs and cannot contain viruses, Trojans, or other malware. They also cannot access information on your PC.
Example of Cookie Data:
• Name: _ga
• Value: GA1.2.1326744211.152122740142-9
• Purpose: To distinguish website visitors
• Expiration Date: After 2 years
Minimum Browser Support for Cookies:
• At least 4096 bytes per cookie
• At least 50 cookies per domain
• At least 3000 cookies in total
The specific types of cookies we use depend on the services implemented, which are detailed in the following sections of this privacy policy. Here, we briefly describe the different types of HTTP cookies.
There are four main categories of cookies:
1. Essential Cookies
These cookies are necessary to ensure the basic functionality of the website. For instance, they enable a user to place a product in the shopping cart, continue browsing on other pages, and later proceed to checkout without losing the cart’s contents—even if the browser window is closed.
2. Functional Cookies
These cookies collect information about user behavior, such as error messages received. They also measure website performance, including loading times and behavior across different browsers.
3. Preference Cookies
These cookies enhance user experience by storing information such as location settings, font sizes, or form data entered by the user.
4. Advertising Cookies
Also known as targeting cookies, these are used to deliver personalized advertising to users. While they can be useful, they may also be perceived as intrusive.
When visiting a website for the first time, you’re typically asked which types of cookies you wish to allow. Your selection is stored in a cookie.
For more technical insights into cookies, refer to the “HTTP State Management Mechanism” by the Internet Engineering Task Force (IETF).
The purpose of processing depends on the specific cookie. More details can be found in the subsequent sections or from the software provider setting the cookie.
Cookies serve a variety of functions. While it’s not possible to generalize the types of data stored in cookies, this privacy policy will inform you about the specific data processed and stored by individual cookies.
The retention period of cookies varies depending on the specific cookie. Some cookies are deleted within an hour, while others may remain stored for several years.
You also have control over the retention period. You can manually delete all cookies via your browser at any time (see “Right to Object” below). Furthermore, cookies based on consent are deleted immediately after consent is withdrawn. However, the legality of their storage up to that point remains unaffected.
You have full control over how cookies are used. Regardless of the service or website they originate from, you can always delete, deactivate, or partially allow cookies. For instance, you can block third-party cookies while allowing all others.
If you want to check which cookies are stored in your browser, modify their settings, or delete them, you can do so in your browser settings:
• Chrome: Delete, enable, and manage cookies in Chrome
• Safari: Manage cookies and website data with Safari
• Firefox: Delete cookies to remove data websites have stored on your computer
• Internet Explorer: Delete and manage cookies
• Microsoft Edge: Delete and manage cookies
If you generally prefer not to allow any cookies, you can configure your browser to notify you each time a cookie is set. This allows you to decide on a case-by-case basis whether to accept or reject the cookie. The steps for this process vary by browser. It’s easiest to search online for specific instructions, such as “delete cookies Chrome” or “disable cookies Chrome,” for guidance tailored to your browser.
Since 2009, “Cookie Directives” have required user consent (Article 6(1)(a) GDPR) for the storage of cookies. However, the implementation of these directives varies across EU countries.
• In Austria, the directive was implemented in Section 165(3) of the Telecommunications Act (2021).
• In Germany, the directive was not transposed into national law as such. Instead, it was largely incorporated into Section 15(3) of the Telemedia Act (TMG).
For essential cookies, consent is not required because they are justified by legitimate interests (Article 6(1)(f) GDPR), which are often economic in nature. Essential cookies are necessary to provide visitors with a seamless user experience.
For non-essential cookies, processing occurs only with your explicit consent, based on Article 6(1)(a) GDPR.
The sections below will provide more details about the use of cookies if the software employed on our website utilizes them.
Web hosting summary
👥 Affected parties: visitors to the website
🤝 Purpose: professional hosting of the website and securing its operation
📓 Processed data: IP address, time of website visit, browser used and other data. You can find more details on this below or from the web hosting provider used.
📅 Storage period: depends on the respective provider, but usually 2 weeks
⚖️ Legal basis: Art. 6 para. 1 lit.f GDPR (legitimate interests)
When you visit websites these days, certain information - including personal data - is automatically created and stored, including on this website. This data should be processed as sparingly as possible and only with justification. By website, we mean the entirety of all web pages on a domain, i.e. everything from the start page (homepage) to the very last subpage (like this one). By domain we mean, for example, example.de or example.com.
If you want to view a website on a computer, tablet or smartphone, you use a program called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox and Apple Safari. We call them browsers or web browsers for short.
To display the website, the browser must connect to another computer where the website code is stored: the web server. The operation of a web server.
Even while you are currently visiting our website, our web server, i.e. the computer on which this website is stored, usually automatically saves data such as
As a rule, the above-mentioned data is stored for two weeks and then automatically deleted. We do not pass this data on, but we cannot rule out the possibility of this data being viewed by the authorities in the event of unlawful behavior.
In short: Your visit is logged by our provider (company that runs our website on special computers (servers)), but we do not pass on your data without your consent!
The lawfulness of the processing of personal data in the context of web hosting is based on Art. 6 para. 1 lit. f GDPR (protection of legitimate interests), because the use of professional hosting with a provider is necessary to present the company on the Internet in a secure and user-friendly manner.
Website builder systems Privacy policy summary
👥 Data subject: Visitors to the website
🤝 Purpose: Optimization of our service performance
📓 Processed data: Data such as technical usage information such as browser activity, clickstream activity, session heatmaps as well as contact details, IP address or your geographical location. You can find more details on this below in this privacy policy and in the providers' privacy policies.
📅 Storage duration: depends on the provider
⚖️ Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interests), Art. 6 para. 1 lit. a GDPR (consent)
We use a modular website system for our website. Modular systems are special forms of a content management system (CMS). With a modular system, website operators can create a website very easily and without programming knowledge. In many cases, web hosters also offer modular systems. By using a modular system, your personal data can also be collected, stored and processed. In this data protection text, we provide you with general information about data processing by modular systems. You can find more detailed information in the provider's data protection declarations.
The biggest advantage of a modular system is its ease of use. We want to offer you a clear, simple and well-organized website that we can easily operate and maintain ourselves - without external support. A modular system now offers many helpful functions that we can use even without programming knowledge. This enables us to design our web presence according to our wishes and offer you an informative and enjoyable time on our website.
Exactly what data is stored depends, of course, on the website builder system used. Each provider processes and collects different data from the website visitor. As a rule, however, technical usage information such as operating system, browser, screen resolution, language and keyboard settings, hosting provider and the date of your website visit are collected. Tracking data (e.g. browser activity, clickstream activity, session heatmaps, etc.) may also be processed. Personal data may also be collected and stored. This usually involves contact data such as email address, telephone number (if you have provided this), IP address and geographical location data. You can find out exactly which data is stored in the provider's privacy policy.
We will inform you about the duration of data processing below in connection with the website building block system used, if we have further information on this. You can find detailed information about this in the provider's privacy policy. In general, we only process personal data for as long as is absolutely necessary for the provision of our services and products. The provider may store your data according to its own specifications, over which we have no influence.
You always have the right to information, correction and deletion of your personal data. If you have any questions, you can also contact the person responsible for the website building block system used at any time. Contact details can be found either in our privacy policy or on the website of the relevant provider.
You can delete, deactivate or manage cookies that providers use for their functions in your browser. Depending on which browser you use, this works in different ways. Please note, however, that not all functions may then work as usual.
We have a legitimate interest in using a website building block system to optimize our online service and present it to you in an efficient and user-friendly manner. The legal basis for this is Art. 6 para. 1 lit. f GDPR (legitimate interests). Nevertheless, we only use the toolbox if you have given your consent.
If the processing of data is not absolutely necessary for the operation of the website, the data will only be processed on the basis of your consent. This applies in particular to tracking activities. The legal basis in this respect is Art. 6 para. 1 lit. a GDPR.
In this privacy policy, we have provided you with the most important general information about data processing. If you would like more detailed information in this regard, you will find further information - if available - in the following section or in the provider's privacy policy.
Social media privacy policy summary
👥 Data subjects: Visitors to the website
🤝 Purpose: Presentation and optimization of our services, contact with visitors, interested parties, etc., advertising
📓 Processed data: Data such as telephone numbers, e-mail addresses, contact data, user behavior data, information about your device and your IP address.
You can find more details on this in the respective social media tool used.
📅 Storage duration: depending on the social media platforms used
⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)
In addition to our website, we are also active on various social media platforms. User data may be processed so that we can target users who are interested in us via the social networks. In addition, elements of a social media platform may also be embedded directly in our website. This is the case, for example, if you click on a social button on our website and are forwarded directly to our social media presence. Social media refers to websites and apps through which registered members can produce content, share content openly or in specific groups and network with other members.
For years, social media platforms have been the place where people communicate and get in touch online. With our social media presence, we can bring our products and services closer to interested parties. The social media elements integrated on our website help you to switch to our social media content quickly and without complications.
The data that is stored and processed through your use of a social media channel is primarily used to carry out web analyses. The aim of these analyses is to be able to develop more precise and personalized marketing and advertising strategies. Depending on your behavior on a social media platform, the evaluated data can be used to draw conclusions about your interests and create user profiles. This also enables the platforms to present you with customized advertisements. Cookies are usually set in your browser for this purpose, which store data on your usage behavior.
As a rule, we assume that we remain responsible under data protection law, even if we use the services of a social media platform. However, the European Court of Justice has ruled that in certain cases the operator of the social media platform may be jointly responsible with us within the meaning of Art. 26 GDPR. If this is the case, we will point this out separately and work on the basis of an agreement to this effect. The essence of the agreement is then set out below for the platform concerned.
Please note that when using the social media platforms or our built-in elements, your data may also be processed outside the European Union, as many social media channels, such as Facebook or Twitter, are American companies. As a result, you may not be able to claim or enforce your rights in relation to your personal data as easily.
Exactly which data is stored and processed depends on the respective provider of the social media platform. However, it is usually data such as telephone numbers, email addresses, data that you enter in a contact form, user data such as which buttons you click, who you like or follow, when you visited which pages, information about your device and your IP address. Most of this data is stored in cookies. Data can be linked to your profile, especially if you have a profile on the social media channel you are visiting and are logged in.
All data that is collected via a social media platform is also stored on the provider's servers. This means that only the providers have access to the data and can provide you with the appropriate information or make changes.
If you want to know exactly what data is stored and processed by the social media providers and how you can object to data processing, you should read the company's privacy policy carefully. We also recommend that you contact the provider directly if you have any questions about data storage and data processing or wish to assert corresponding rights.
We will inform you about the duration of data processing below if we have further information on this. For example, the social media platform Facebook stores data until it is no longer required for its own purposes. However, customer data that is compared with our own user data is deleted within two days. In general, we only process personal data for as long as is absolutely necessary for the provision of our services and products. If required by law, for example in the case of accounting, this storage period may be exceeded.
You also have the right and opportunity to withdraw your consent to the use of cookies or third-party providers such as embedded social media elements at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser.
As cookies may be used with social media tools, we also recommend that you read our general privacy policy on cookies. To find out exactly what data is stored and processed by you, you should read the privacy policies of the respective tools.
If you have consented to your data being processed and stored by integrated social media elements, this consent is the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). In principle, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in fast and good communication with you or other customers and business partners if you have given your consent. Nevertheless, we only use the tools if you have given your consent. Most social media platforms also set cookies in your browser to store data. We therefore recommend that you read our data protection text on cookies carefully and consult the privacy policy or cookie guidelines of the respective service provider.
Information on specific social media platforms - if available - can be found in the following sections.
Audio & video privacy policy summary
👥 Data subject: Visitors to the website
🤝 Purpose: Optimization of our service performance
📓 Processed data: Data such as contact details, user behavior data, information about your device and your IP address may be stored.
You can find more details on this below in the corresponding data protection texts.
📅 Storage duration: Data is generally stored for as long as it is required for the purpose of the service
⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. f GDPR (legitimate interests)
We have integrated audio and video elements on our website so that you can watch videos or listen to music/podcasts directly via our website. The content is provided by service providers. All content is therefore also obtained from the corresponding servers of the providers.
These are integrated functional elements from platforms such as YouTube, Vimeo or Spotify. The use of these portals is usually free of charge, but paid content can also be published. With the help of these integrated elements, you can listen to or watch the respective content via our website.
If you use audio or video elements on our website, your personal data may also be transmitted to the service providers, processed and stored.
Of course we want to provide you with the best offer on our website. And we realize that content is no longer just text and static images. Instead of simply giving you a link to a video, we offer you audio and video formats directly on our website that are entertaining or informative and ideally even both. This expands our service and makes it easier for you to access interesting content. We therefore offer video and/or audio content in addition to our texts and images.
When you access a page on our website that has an embedded video, for example, your server connects to the server of the service provider. Your data is also transmitted to the third-party provider and stored there. Some data is collected and stored regardless of whether you have an account with the third-party provider or not. This usually includes your IP address, browser type, operating system and other general information about your end device. In addition, most providers also collect information about your web activity. This includes, for example, session duration, bounce rate, which button you clicked on or which website you used to access the service. All this information is usually stored using cookies or pixel tags (also known as web beacons). Pseudonymized data is usually stored in cookies in your browser. You can always find out exactly which data is stored and processed in the privacy policy of the respective provider.
You can find out exactly how long the data is stored on the servers of the third-party providers either below in the data protection text of the respective tool or in the provider's privacy policy. In principle, personal data is only ever processed for as long as is absolutely necessary for the provision of our services or products. This generally also applies to third-party providers. In most cases, you can assume that certain data will be stored on the servers of third-party providers for several years. Data can be stored for different lengths of time, especially in cookies. Some cookies are deleted as soon as you leave the website, while others may be stored in your browser for several years.
You also have the right and the option to withdraw your consent to the use of cookies or third-party providers at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser. The legality of the processing until the revocation remains unaffected.
As the integrated audio and video functions on our website usually also use cookies, you should also read our general privacy policy on cookies. You can find out more about the handling and storage of your data in the privacy policies of the respective third-party providers.
If you have consented to your data being processed and stored by integrated audio and video elements, this consent is the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). In principle, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in fast and good communication with you or other customers and business partners. Nevertheless, we only use the integrated audio and video elements if you have given your consent.
We always endeavor to write our privacy policy as clearly and comprehensibly as possible. However, this is not always easy, especially when it comes to technical and legal topics. It often makes sense to use legal terms (such as personal data) or certain technical terms (such as cookies, IP address). However, we do not want to use these without explanation. Below you will find an alphabetical list of important terms used, which we may not have sufficiently addressed in the previous privacy policy. If these terms have been taken from the GDPR and are definitions, we will also quote the GDPR texts here and add our own explanations if necessary.
Definition according to Article 4 of the GDPR
For the purposes of this Regulation, the term:
"processor ” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
Explanation: As a company and website owner, we are responsible for all data that we process from you. In addition to controllers, there may also be so-called processors. This includes any company or person that processes personal data on our behalf. In addition to service providers such as tax consultants, processors can therefore also be hosting or cloud providers, payment or newsletter providers or large companies such as Google or Microsoft.
Definition according to Article 4 of the GDPR
For the purposes of this Regulation, the term:
"consent ” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
Explanation: In the case of websites, such consent is usually given via a cookie consent tool. You are probably familiar with this. Whenever you visit a website for the first time, you are usually asked via a banner whether you agree or consent to the data processing. In most cases, you can also make individual settings and thus decide for yourself which data processing you allow and which you do not. If you do not give your consent, your personal data may not be processed. In principle, consent can of course also be given in writing, i.e. not via a tool.
Definition according to Article 4 of the GDPR
For the purposes of this Regulation, the term
“personal data” means any information relating to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
Explanation: Personal data is therefore all data that can identify you as a person. This is usually data such as
According to the European Court of Justice (ECJ), your IP address is also considered personal data. IT experts can use your IP address to determine at least the approximate location of your device and subsequently you as the owner of the connection. Therefore, the storage of an IP address also requires a legal basis within the meaning of the GDPR. There are also so-called "special categories ” of personal data, which are also particularly worthy of protection. These include
Definition according to Article 4 of the GDPR
For the purposes of this Regulation, the term
"profiling ” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements;
Explanation: Profiling involves collecting various pieces of information about a person in order to learn more about that person. In the web sector, profiling is often used for advertising purposes or for credit checks. For example, web and advertising analysis programs collect data about your behavior and interests on a website. This results in a special user profile that can be used to target advertising to a specific target group.
Definition according to Article 4 of the GDPR
For the purposes of this Regulation, the term:
"controller ” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
Explanation: In our case, we are responsible for the processing of your personal data and are therefore the “controller”. If we pass on collected data to other service providers for processing, these are “processors”. An “order processing contract (AVV)” must be signed for this.
Definition according to Article 4 of the GDPR
For the purposes of this Regulation, the term
“processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
Note: When we refer to processing in our privacy policy, we mean any kind of data processing. As mentioned above in the original GDPR declaration, this includes not only the collection but also the storage and processing of data.
All texts are protected by copyright.
Source: Created with the data protection generator from AdSimple
