Privacy Notice

Privacy Policy

1. Overview of Data Protection

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data refers to all data that can be used to personally identify you. Detailed information on data protection can be found in the privacy policy outlined below.

Data Collection on This Website

Who is responsible for data collection on this website?

The data processing on this website is carried out by the website operator. You can find the operator's contact details in the section "Notice regarding the responsible party" in this privacy policy.

How do we collect your data?

Your data is collected firstly by you providing it to us, for example by entering information into a contact form.

Other data is collected automatically or after your consent when you visit the website through our IT systems. This data includes technical details (e.g., browser, operating system, or the time of page access). The collection of this data occurs automatically when you access this website.

What do we use your data for?

Some of the data is collected to ensure the error-free provision of the website. Other data may be used to analyze user behavior. If contracts are made or initiated via the website, the transmitted data is also processed for contract offers, orders, or other inquiries.

What rights do you have regarding your data?

You have the right to obtain information about the origin, recipients, and purpose of your stored personal data at any time, free of charge. You also have the right to request the correction or deletion of this data. If you have given consent for data processing, you can revoke this consent at any time. Furthermore, under certain circumstances, you have the right to restrict the processing of your personal data. Additionally, you have the right to lodge a complaint with the competent supervisory authority.

You can contact us at any time with questions regarding data protection.

2. Hosting

We host the content of our website with the following provider:

External Hosting

This website is externally hosted. The personal data collected on this website is stored on the servers of the host provider(s). This may include, but is not limited to, IP addresses, contact inquiries, metadata, communication data, contract data, contact details, names, website visits, and other data generated via the website.

External hosting occurs for the purpose of fulfilling contracts with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of a secure, fast, and efficient provision of our online offering through a professional provider (Art. 6(1)(f) GDPR). If consent has been requested, processing is carried out solely on the basis of Art. 6(1)(a) GDPR and § 25(1) TTDSG, provided that consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting). Consent can be revoked at any time.

Our hosting provider(s) will only process your data to the extent necessary to fulfill their service obligations and follow our instructions regarding this data.

We use the following host:

netcup GmbH
Daimlerstraße 25
D-76185 Karlsruhe

Data Processing Agreement

We have entered into a data processing agreement (DPA) with the above-mentioned provider. This legally required contract ensures that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

3. General Information and Mandatory Disclosures

Data Protection

The operators of this website take the protection of your personal data very seriously. We handle your personal data confidentially and in accordance with the legal data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data refers to data that can be used to personally identify you. This privacy policy explains what data we collect and how we use it. It also explains how and for what purpose this is done.

Please note that data transmission on the Internet (e.g., when communicating by email) can have security vulnerabilities. It is not possible to completely protect data from third-party access.

Notice Regarding the Responsible Party

The responsible party for data processing on this website is:

Tobias Köcher
07743 Jena

The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Storage Period

Unless a specific storage period is mentioned in this privacy policy, your personal data will remain with us until the purpose for data processing ceases. If you make a legitimate deletion request or revoke your consent for data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial retention periods); in such cases, deletion will occur after these reasons no longer apply.

General Information on the Legal Basis for Data Processing on This Website

If you have given consent for data processing, we process your personal data on the basis of Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR if special categories of data according to Art. 9(1) GDPR are processed. In the case of explicit consent for the transfer of personal data to third countries, data processing is also carried out on the basis of Art. 49(1)(a) GDPR. If consent has been requested for the storage of cookies or access to information on your device (e.g., via device fingerprinting), data processing is also carried out on the basis of § 25(1) TTDSG. Consent can be revoked at any time. If your data is required to fulfill a contract or for pre-contractual measures, we process your data on the basis of Art. 6(1)(b) GDPR. Furthermore, we process your data if required to fulfill a legal obligation on the basis of Art. 6(1)(c) GDPR. Data processing may also be based on our legitimate interest pursuant to Art. 6(1)(f) GDPR. Information on the applicable legal basis for each case can be found in the following sections of this privacy policy.

...

SSL or TLS Encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator. You can recognize an encrypted connection by the change in the browser's address bar from "http://" to "https://" and by the lock icon in your browser bar.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

4. Data Collection on This Website

Server Log Files

The provider of these pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This information includes:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources.

The collection of this data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – for this purpose, the server log files must be collected.

Contact Form

If you submit inquiries to us via the contact form, your details from the inquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and for any follow-up questions. We do not share this data without your consent.

The processing of this data is based on Art. 6(1)(b) GDPR if your request is related to the performance of a contract or is necessary for pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), provided that this consent has been requested; the consent can be revoked at any time.

...

5. Plugins and Tools

Google Fonts (Local Hosting)

This site uses so-called Google Fonts, provided by Google, for the uniform display of fonts. The Google Fonts are installed locally. No connection to Google's servers occurs in this process.

For more information about Google Fonts, visit https://developers.google.com/fonts/faq and Google's privacy policy: https://policies.google.com/privacy?hl=en.

Google reCAPTCHA

We use “Google reCAPTCHA” (hereinafter ‘reCAPTCHA’) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

reCAPTCHA is used to verify whether the data entered on this website (e.g., in a contact form) is entered by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. reCAPTCHA evaluates various information for the analysis (e.g., IP address, length of time the website visitor stays on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run completely in the background. Website visitors are not notified that an analysis is taking place. The storage and analysis of the data is based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated exploitation and from SPAM. If consent has been requested, processing will be carried out exclusively on the basis of Art. 6 (1) (a) GDPR and § Section 25 (1) TDDDG, insofar as the consent covers the storage of cookies or access to information on the user's terminal device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time. For more information about Google reCAPTCHA, please refer to Google's privacy policy and Google's terms of use at the following links: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de.

The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the US that aims to ensure compliance with European data protection standards when processing data in the US. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.