Loading...
Loading...
Personal data is information that reveals or can reveal the identity of the user. We adhere to the principle of data minimization. We avoid collecting personal data wherever possible.
Personal data is used exclusively for contract formation, content design, implementation or processing of the contractual relationship (Art. 6 I S. 1 b GDPR).
Beyond this, personal data is only processed if we have obtained your consent (Art. 6 I S. 1 a GDPR) or if it concerns data whose processing is necessary for our legitimate interests and the assessment shows that no overriding interests, fundamental rights or freedoms on your part oppose this (Art. 6 I S. 1 f GDPR).
We may use data processors to process your personal data, with whom we have concluded a data processing agreement where necessary, but we will generally not pass on personal data to third parties beyond this.
Only for contract fulfillment will data be passed on to the payment processing company (Mollie) and the email service provider (Lettermint), insofar as this is necessary for contract implementation.
The processing of your personal data takes place in the EU and in countries classified as safe or adequate by the EU. Should personal data be processed in the USA, we ensure that the services we use are certified under the "Data Privacy Framework".
When visiting the website, general technical information is collected. This includes the IP address used, time, duration of visit, browser type and possibly the referring page. This usage data is technically registered in a log file and can be used and stored for statistical evaluation of this website. No linking of this usage data with your other personal data takes place.
Registration is required for comprehensive use of our website functions. Registration data is collected through your corresponding entries and used for the specifically stated purpose according to your consent (Art. 6 I S. 1 a GDPR).
We store your personal data after the end of the purpose for which the data was collected only as long as required by legal (particularly tax) regulations.
You can request information from us about whether we process personal data about you and if so, you have a right to information about this personal data and the additional information mentioned in Art. 15 GDPR.
You have the right to correction of incorrect personal data concerning you and can request completion of incomplete personal data according to Art. 16 GDPR.
You have the right to request that we delete personal data concerning you immediately. We are obligated to delete this immediately, particularly if one of the following reasons applies:
The right to deletion does not exist insofar as your personal data is necessary for asserting, exercising or defending our legal claims.
You have the right to request restriction of processing of your personal data if
You have the right to receive personal data concerning you, which you have provided to us, in a structured, common and machine-readable format and you have the right to transmit this data to another controller without hindrance from us, provided the processing is based on consent or a contract and the processing is carried out using automated procedures.
Insofar as the processing of your personal data is based on consent, you have the right to revoke this consent at any time.
The exercise of your aforementioned rights is generally free of charge for you. You have the right to contact the supervisory authority responsible for us, the State Data Protection Officer, directly with complaints.
We offer the option to log in via your Google account. The following data is processed:
Authentication takes place directly with Google. We only receive the basic data necessary for login.
More information: https://policies.google.com/privacy
You can revoke the connection to the social login services at any time in your account settings. The data already transmitted will remain stored with us until you delete your account.
When using social login, data is transmitted to the following providers:
This transmission only occurs when actively using the respective login option and is based on your express consent.
We do NOT use tracking cookies. The social login functions only set technically necessary cookies.
All data on our website is secured against loss, destruction, access, modification and distribution through technical and organizational measures.
To operate the website, we use server-side sessions in which data can be stored. We ensure that no personal data is taken from sessions without your express consent and sessions are only used if this is technically required for the website (e.g. user authentication, shopping cart function) and thus the assessment shows that no overriding interests on your part oppose this (Art. 6 I S. 1 f GDPR).
We have commissioned the payment service provider Mollie (Mollie B.V., Keizersgracht 126, 1015 CW Amsterdam, Netherlands) to handle our payment process. Mollie is a Dutch payment service provider and is fully subject to GDPR.
For this purpose, Mollie will be provided with the information communicated to us during the booking process along with information about your booking (name, address, email address, invoice amount, currency and transaction number) according to Art. 6 I S.1 b GDPR.
The transfer of your data is exclusively for the purpose of payment processing with the payment service provider Mollie and only to the extent necessary for this.
More detailed information about Mollie's privacy policy can be found at the URL https://www.mollie.com/de/privacy
Our email communication is handled via "Lettermint" (operated by Lettermint, based in the European Union). Your email address and other data described in these notices are stored on Lettermint's servers.
Lettermint uses the aforementioned information to send and evaluate emails on our behalf. Lettermint does not use our users' data to contact them directly or pass it on to third parties. We have concluded a data processing agreement with Lettermint.
The use of Lettermint is based on our legitimate interest in reliable email delivery (Art. 6 I S. 1 f GDPR) or, in the case of newsletter dispatch, based on your consent (Art. 6 I S. 1 a GDPR).
Lettermint's privacy policy can be found at https://lettermint.co/privacy
Our website is hosted on our own VPS (Virtual Private Server) provided by Hetzner Online GmbH, Germany.
All data is processed and stored exclusively in Germany (data center in Nuremberg). Technical data such as your IP address, access data, and uploaded files may be stored on our server.
Use is based on our legitimate interest in reliable and secure provision of our website (Art. 6 I S. 1 f GDPR).
More information about privacy at Hetzner can be found at https://www.hetzner.com/de/rechtliches/datenschutz
For contact regarding data protection, you are welcome to contact us using the following contact options. Controller within the meaning of GDPR: