We would like to begin with a quotation from Article 12, paragraph 1 of the Data Protection Regulation (GDPR). The responsible person in this case is us:
The controller shall take appropriate measures to provide the data subject with all [...] information and any [...] communications related to processing in a clear, transparent, understandable and easily accessible form in a clear and simple language to transfer;
We hope that we have done that - as well as possible with this complex matter. If you have questions or are uncertain about some aspects of this explanation, please contact us.
The collection, processing or storage of your data by us - or on our behalf by third parties - is done because we each have a "legitimate interest" within the meaning of the GDPR in this collection, processing or storage or because they consent to the collection, processing or storage to have. We follow the principle that as few data as possible is collected, processed and stored in a way that is as comprehensible as possible for you.
Basic Data Protection Ordinance (DSGVO) online:
Legality of processing: in the GDPR:
Federal Data Protection Act (BDSG) online:
Your current IP address may also fall under the concept of personal data, but does not have to. If, for example, you access the Internet from the internal network of an international group, then the IP address will only be able to refer to this group.
Due to the shortage of IPv4 address space, many access providers (Telekom, Vodafone, etc.) no longer give users public IP addresses, but instead distribute individual IP addresses to multiple users via "Network Address Port Translation" (NAPT). Again, a personal reference to the IP address is regularly not given. Nevertheless, as far as technically possible, we will not pass on their current IP or only in an abbreviated, anonymous form.
Definition of personal data of the GDPR:
IP address on Wikipedia:
Storage on our systems
If you contact us, be it via our website, by e-mail, telephone or letter, this will leave us with data. Your e-mail address will be stored in our e-mail programs. Among other things, we may collect your data in programs that fall under the keywords address management, goods economy, ERP (Enterprise Resource Planning) or CRP (Customer Relationship Management).
On the one hand, our systems can be local systems in our premises, but on the other hand also hosted web servers or cloud storages, with whose technical operators a contract data processing contract has been concluded in which they commit themselves to treat the data in accordance with the GDPR.
Use of the data for advertising purposes
We reserve the right to use the collected data for our own advertising purposes. Under certain circumstances, we will pass on the data to service providers commissioned by us, who, for example, organize the mailing of letters or newsletters for us. You can discuss the use of your data for these purposes at any time.
Obligation to provide information, correction and deletion of data
You can always request information about which data we have stored by you and if necessary also correct this data.
We will delete your data if you so desire and do not oppose other laws and regulations. These include, for example, the tax records and, as a consequence, the principles of proper accounting.
Incidentally, we would like to point out that the regulations set out in the GDPR are applicable to the deletion of data.
Right to cancellation in the GDPR::
Data transfer for contract performance or during ongoing business
We use the services of third parties for certain activities. For example, this applies to the forwarding and dispatching of goods, letters, packages and newsletters, as to the processing of payments (credit card, direct debit, etc.), and to bookkeeping and tax advice or other comparable services that we regularly use in order to maintain our business operations.
In cases like this, information such as your postal or e-mail address will be shared with these companies in order to enable the requested service. In general, these companies are all legally obliged to handle data discrete, safe and with care (post office, tax advisor, bank) or have contracted to process data in accordance with the GDPR.
Disclosure of data to any other companies or individuals will not be conducted without cause or without prior explicit consent.
Processor within the GDPR:
Data Protection Officer
We are not subject to the obligation to order a data protection officer according to DSGVO. For questions or requests for information, please contact (the managing director).
Appointment of a data protection officer in the GDPR:
Appointment of a data protection officer in the BDSG:
Complaints offices and supervisory authorities
Responsible for compliance with the data protection regulations is the respective Land authorities, where the operator of the website is located. In our case so the from Baden-Württemberg.
The State Representative Baden-Württemberg:
The list at Wikipedia:
The list on the website of the Federal Government:
Your data within the operation of our website
Server hosting and log files on our web server
Our website is hosted at 1&1 Internet SE, Elgendorfer Str. 57, 56410 Montabaur, Germany. With this provider, we have concluded a contract for order processing according to DSGVO. When operating the server so-called log files are written in which every access to our website is logged. Among other things, information about the browser, the operating system and the time of the call are logged. The IP address is only recorded in abbreviated form, so that these log files contain no personal information.
Our web host:
Webhosting at Wikipedia:
Contractor in the DSGVO: