PRIVACY POLICY

With this privacy policy, we – as the controller responsible for data processing in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) – inform you about the type, scope, and purpose of the processing of personal data in connection with our website.

Definitions

  1. “Personal data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  2. “Processing” means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  3. “Controller” means the natural or legal person, public authority, agency or other body which determines the purposes and means of the processing of personal data, alone or jointly with others; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
  4. “Recipient” means a natural or legal person, public authority, agency or another body to which personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;

General Information

Controller

Wilfried Nill
Alexanderstraße 25
72116 Mössingen / Germany

Data Protection Officer

We have not appointed a data protection officer and are not required to do so.

Legal Bases

We process personal data based on at least one of the following legal bases:

- Consent of the data subject (Art. 6(1)(a) GDPR);

- Performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR);

- Compliance with a legal obligation (Art. 6(1)(c) GDPR);

- Legitimate interests (Art. 6(1)(f) GDPR)

In this privacy policy, we will indicate the respective legal basis for individual processing operations.

Data Sharing

We only share personal data with recipients (processors or third parties) to the extent necessary and under one of the following conditions:

- Consent has been given;

- Required for contractual obligations;

- Legal obligation;

- Legitimate interests.

Third Countries

Transfers of personal data to countries outside the EU/EEA are only carried out in accordance with Art. 44 et seq. GDPR, e.g., based on adequacy decisions, appropriate safeguards, or binding corporate rules.

Rights of Data Subjects

You have the following rights:

- Access (Art. 15 GDPR)

- Rectification (Art. 16 GDPR)

- Erasure (Art. 17 GDPR)

- Restriction of processing (Art. 18 GDPR)

- Data portability (Art. 20 GDPR)

- Objection (Art. 21 GDPR)

- Withdrawal of consent (Art. 7(3) GDPR)

- Lodge a complaint with a supervisory authority (Art. 77 GDPR)

Deletion and Restriction

Personal data will be deleted when no longer necessary unless legal retention obligations apply. If deletion is not possible, processing will be restricted.

Cookies

We use cookies to improve usability, effectiveness, and security. Cookies are small text files stored on your device. They do not contain viruses or cause harm.

Session cookies are deleted after your visit. You can configure your browser to reject cookies. Disabling cookies may limit functionality.

Processing Activities

Hosting

We use hosting services to provide our website (servers, storage, security). Processing is based on legitimate interests (Art. 6(1)(f) GDPR).

Registration / User Account

Registration is voluntary and based on consent. Data is used for account management and communication. Data is stored until deletion of the account or legal retention obligations apply.

IP address and usage timestamps are stored for security purposes and deleted/anonymized after 7 days.

Access Data and Log Files

When accessing our website, information is automatically collected and stored in log files (e.g., IP address, time, URL, browser).

Purpose:

- Website functionality

- System security

- Optimization

Legal basis: Art. 6(1)(f) GDPR.

Contract Data

We process personal data necessary for contract fulfillment (e.g., name, address, payment details).

Legal basis: Art. 6(1)(b) GDPR.

Statistics and Analysis

Matomo

We use Matomo (Novotec GmbH) for analytics. Data is anonymized and not shared with third parties.

Google Services

Provider: Google LLC.

Legal basis: legitimate interests (Art. 6(1)(f) GDPR).

Google Tag Manager

Used for managing tags. No personal data is collected directly.

Google Maps

Used for displaying maps. IP address and usage data may be processed.

Social Media Plugins

We use plugins from social networks. Data transfer only occurs after activation (2-click solution).

Google+ Button

Google+ plugin may collect IP and usage data.

Facebook Plugins

We use Facebook plugins. Data processing is handled by Facebook.

Twitter Button

Twitter plugins may collect IP and usage data.

Media Content

We embed third-party content to improve our website.

YouTube

We embed YouTube videos. Data may be transferred to Google servers in the USA.

Wilfried Nill - 72116 Mössingen - Germany - legal notice