Data Privacy

Controller

The controller within the meaning of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

Patrick Schöbel
Rahlstedter Straße 79
22149 Hamburg
Germany

Your Rights as a Data Subject

You may exercise the following rights at any time using the contact details provided, in accordance with the EU General Data Protection Regulation (GDPR):

  • Access to your data stored by us and its processing (Art. 15 GDPR),
  • Rectification of inaccurate personal data (Art. 16 GDPR),
  • Erasure of your data stored by us (Art. 17 GDPR),
  • Restriction of data processing, insofar as we are not yet permitted to delete your data due to legal obligations (Art. 18 GDPR),
  • Objection to the processing of your data by us (Art. 21 GDPR), and
  • Data portability, provided you have consented to the data processing or have concluded a contract with us (Art. 20 GDPR).

If you have given us consent, you may revoke it at any time with effect for the future.

You may at any time lodge a complaint with a supervisory authority, e.g. the competent supervisory authority of the federal state of your residence or the authority responsible for us as the controller.

A list of supervisory authorities (for the non-public sector) with addresses can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

Processing Activities

Collection of General Information When Visiting Our Website

Nature and Purpose of Processing

When you access our website, i.e. when you do not register or otherwise submit information, information of a general nature is automatically collected. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your Internet service provider, your IP address, and similar data.

This data is processed in particular for the following purposes:

  • Ensuring and evaluating system security and stability, particularly for abuse detection

We do not use your data to draw conclusions about your person. However, we reserve the right to subsequently review the server log files should concrete indications of unlawful use come to our attention.

Legal Basis and Legitimate Interest

Processing is carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website and ensuring system security and abuse detection.

Recipients

Recipients of the data may be technical service providers who act as processors for the operation and maintenance of our website.

Storage Duration

Data is stored in server log files in a form that permits identification of the data subjects for a maximum of 7 days, unless a security-relevant event occurs (e.g. a DDoS attack).

In the event of such an occurrence, server log files are stored until the security-relevant event has been resolved and fully investigated.

Provision Required or Necessary

The provision of the aforementioned personal data is neither legally nor contractually required. However, without the IP address, the service and functionality of our website cannot be guaranteed. In addition, individual services and features may be unavailable or limited.

Objection

Please read the information about your right to object under Art. 21 GDPR below.

Contact

Nature and Purpose of Processing

A contact form is available on our website which can be used for electronic contact. If a user makes use of this option, the data entered in the input form is transmitted to us and stored.

At the time the message is sent, the following data is also stored:

  • The URL from which the request was made

Contact can also be made via the email addresses provided. In this case, the user's personal data transmitted with the email is stored. This includes the date and time of sending, the email address, IP addresses, and information about the servers involved in the email communication.

You may also contact us via the telephone numbers provided. In this case, we collect log data including your telephone number and the duration of the call.

Regardless of the communication method chosen, we collect the content of your enquiry. Your data is stored for the purpose of individual communication with you.

Legal Basis

Processing is carried out on the basis of a legitimate interest (Art. 6(1)(f) GDPR).

Our legitimate interest in processing your data is to enable straightforward contact.

If you contact us to request a quote, the data is processed for the implementation of pre-contractual measures (Art. 6(1)(b) GDPR).

Recipients

Recipients of the data may be technical service providers who act as processors for the operation and maintenance of our website.

Storage Duration

Data is deleted no later than 4 weeks after the contact enquiry has been processed.

If a contractual relationship arises, we are subject to the statutory retention periods. These are generally 6 or 10 years for reasons of proper bookkeeping and tax law requirements.

Provision Required or Necessary

The provision of your personal data is voluntary. However, we can only process your enquiry if you provide us with the necessary data and the reason for your enquiry.

Objection

Please read the information about your right to object under Art. 21 GDPR below.

Cloudflare Turnstile

Cloudflare Turnstile (a service of Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA) is an automated detection service that helps us verify whether a request was sent by a human or a bot. This detection is necessary to prevent spam messages.

We use Turnstile to ensure the secure use of the contact form. The legal basis for this type of data processing is our legitimate interest in the secure operation of the contact form, Art. 6(1)(f) GDPR.

During this verification, Cloudflare processes your IP address on Cloudflare's servers. Cloudflare processes the data on our behalf on the basis of a data processing agreement between us and Cloudflare. This ensures that the data processing on our behalf is carried out in accordance with the General Data Protection Regulation while guaranteeing the protection of the rights of the data subjects. It is possible that the IP address may be transferred to Cloudflare's servers in the USA. In this case, the standard contractual clauses agreed between us and Cloudflare also apply to protect your rights.

You have the right to object to this data processing at any time; in this case, you may no longer be able to use the contact form.

Cloudflare has submitted to the Privacy Shield agreement between the European Union and the USA and has been certified. Further information can be found in the following linked list of Cloudflare participants: Privacy Shield Participants

Further information from the third-party provider on data protection can be found on the following website: here

Audience Measurement

Nature and Purpose of Processing

Audience measurement serves to evaluate visitor flows on our website and may include behaviour, interests, or demographic information about visitors, such as age or gender, as pseudonymous values. With the help of audience analysis, we can, for example, identify at what time our website or its functions or content are most frequently used or invite reuse. We can also identify which areas require adjustment.

The tools we use for audience measurement are listed below.

Legal Basis

Processing is carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest. The measurement of reach and the resulting information are suitable for adapting the web offering.

Recipients

We use technical service providers for the operation and maintenance of our website who act as our processors.

Storage Duration

Information on storage duration can be found in the information on the tools used below.

Provision Required or Necessary

The provision of data is neither legally nor contractually required.

Objection

Please read the information about your right to object under Art. 21 GDPR below.

Tools Used for Audience Measurement

Matomo (without cookies)

We use the locally installed analysis tool Matomo (formerly Piwik) for audience measurement. With the help of this tool, we analyse user behaviour locally on the server. Matomo does not collect data itself but accesses the data of the web server. The web server truncates each requesting IP address before storing it in the log file. This means the data is sufficiently anonymised and no conclusions about individual persons are possible.

Information About Your Right to Object Under Art. 21 GDPR

Individual Right to Object

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6(1)(f) GDPR (data processing on the basis of a balancing of interests); this also applies to profiling based on this provision within the meaning of Art. 4(4) GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing serves the assertion, exercise, or defence of legal claims.

Recipient of an Objection

Patrick Schöbel
Rahlstedter Straße 79
22149 Hamburg
Germany
info@patrickschoebel.de

Changes to Our Privacy Policy

We reserve the right to adapt this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. The new privacy policy will then apply to your next visit.

Questions About Data Protection

If you have any questions about data protection, please send us an email to the controller named above.

Copyright Notice

This privacy policy was created with the help of activeMind AG — the experts for external data protection officers (Version # 2024-10-25).