custom solutions and consulting beyond the obvious
»»»

Data Privacy Policy

»»»

Privacy Policy
Effective Date: January 7, 2025

This notice informs the users of the website (“You” or “Users”) about the collection and processing of personal data in accordance with Articles 13 and 14 of the General Data Protection Regulation (GDPR). Additionally, it provides information about storing data on or accessing data from the devices you use to visit our website.

For third-party websites accessible via links on our site, their respective privacy policies apply.

A. General Information

1. Data Controller and Data Protection Officer

1.1 The data controller for this website is:
Ute Schmalhofer, Karlstraße 7, 82054 Sauerlach, Germany,
Email: contact@ute-schmalhofer.com

1.2 We are not required to appoint a data protection officer.

1.3 Our website is hosted by ALL-INKL.COM (www.all-inkl.com), which acts as our data processor under Article 28 GDPR.

2. Data Subject Rights

As a data subject, you have the following rights when we collect and process your personal data:

2.1 Right to Access
You have the right to request information about your personal data we process, as per Article 15 GDPR.

2.2 Right to Object
Under Article 21(1) GDPR, you can object to the processing of your personal data. Detailed information about this is provided in section “B.”

2.3 Right to Rectification
If your data is incorrect or incomplete, you have the right to request corrections or completion under Article 16 GDPR.

2.4 Right to Erasure
Under the conditions specified in Article 17 GDPR, you can request the deletion of your personal data.

2.5 Right to Restrict Processing
In certain situations defined under Article 18 GDPR, you can request the restriction of processing your personal data.

2.6 Right to Lodge a Complaint
If you believe your data is processed unlawfully, you can file a complaint with a data protection authority of your choice under Article 77(1) GDPR.

2.7 Right to Data Portability
For data provided based on consent or a contract (Article 20(1) GDPR), you can request it in a structured, commonly used, and machine-readable format. However, this right does not apply to data collected for the website’s operation or security purposes (see section 3.1).

3. Website Operation and Log Files

3.1 Data Collected and Purpose
When you access our website, the following data is temporarily collected and stored by our hosting provider’s web server:

  • IP address,
  • Date and time of access,
  • Protocol used (e.g., HTTP),
  • Request method (“GET” or “POST”),
  • Requested content or file,
  • Access status (success, error, etc.),
  • Data volume transmitted,
  • Incoming and outgoing traffic,
  • Process ID,
  • Response time,
  • Referring webpage,
  • Browser type, operating system, language, and version.

3.1.2 The temporary storage of this data is necessary for delivering the website during your session.

3.1.3 Log files, including the data above, are retained for up to 7 days to ensure website functionality and system security.

3.2 Legal Basis
The data is processed under Article 6(1)(f) GDPR, as it serves the legitimate interests of ensuring a functional and secure website.

3.3 Recipients
Our hosting provider, as our data processor, has technical access to the data.

3.4 Retention Period
Session data is deleted when your visit ends. Log files are retained for up to 7 days unless a security event necessitates a longer retention period.

4. Data Processing Procedures

4.1 Consent-Based Processing
Where required, we collect and process personal data based on your consent through a consent banner.

4.2 Email and Contact Form Usage
4.2.1 Data submitted via email or contact forms is stored and processed for communication purposes.

4.2.2 Legal basis: Article 6(1)(f) GDPR (legitimate interest). If your inquiry relates to a contract, Article 6(1)(b) GDPR also applies.

4.2.4 Data is retained until communication is complete or no longer necessary.

4.3 Session Cookie “wbk_sid”
A session cookie containing a unique ID is stored temporarily when using the contact form to differentiate legitimate users from bots.

4.3.2 Legal Basis: Article 6(1)(f) GDPR.

5. End-User Device Data

5.1 We use cookies and similar technologies only with your consent, except when necessary for providing website services (e.g., § 25(2) TTDSG).

B. Special Information

Right to Object (Article 21(1) GDPR)

You have the right to object to data processing under Article 6(1)(f) GDPR. Please provide specific reasons for your objection based on your situation to allow us to reassess the processing.

C. Copyright and Performance Rights

The content on this website is protected under German copyright law. Any unauthorized reproduction or distribution is prohibited.

The display of this website in external frames is only allowed with prior written permission.

»»»