Privacy

1. Your personal data within the meaning of Art. 4 No. 1 GDPR (e.g. IP address, name, e-mail address and telephone number, payment information) will only be processed by us in accordance with the provisions of German data protection law and taking into account the European General Data Protection Regulation (GDPR ) processed. The following regulations inform you about the type, scope and purpose of the collection, processing and use of personal data.

2. The processing of personal data within the meaning of Art. 4 No. 2 GDPR is lawful in accordance with Art. 6 GDPR if one of the following conditions is met:

a) The data subject has given their consent to the processing of their personal data for one or more specific purposes;

b) the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;

c) processing is necessary for compliance with a legal obligation to which the controller is subject;

d) processing is necessary to protect vital interests of the data subject or another natural person;

e) the processing is necessary for the performance of a task that is in the public interest or in the exercise of official authority that has been delegated to the controller;

f) processing is necessary to safeguard the legitimate interests of the person responsible or a third party, unless the interests or fundamental rights and freedoms of the data subject that require the protection of personal data prevail, in particular if the data subject is a child acts.

3. The processing of special personal data (e.g. health data) within the meaning of Art. 9 Para. 1 GDPR is lawful in accordance with Art. 9 Para. 2 GDPR if one of the following conditions is met:
– there is an explicit consent of the person;
– the processing is necessary for the establishment, exercise or defense of legal claims or in the case of actions by the courts in the context of their judicial work.

4. There is no automatic decision-making or profiling regarding personal data within the meaning of Art. 22 GDPR.

5. The operator ensures the security of the data in accordance with Art. 32 GDPR, taking into account the principle of proportionality, by means of suitable technical measures.

6. If, contrary to expectations, there is a breach of data protection, the competent supervisory authority in accordance with Art. 33 GDPR and the data subject in accordance with Art. 34 GDPR will be notified.

This data protection declaration only applies to our websites. If you are redirected to other sites via links on our site, please inform yourself there about the respective handling of your data.

The duration of the storage of the data transmitted by you depends on the legal storage obligations. In accordance with commercial and tax laws, invoices must be retained for a period of 10 years.

Data transmitted as part of the contractual relationship will only be passed on to third parties (Art. 4 No. 10 GDPR) if you have expressly given your consent (Art. 4 No. 11 GDPR) or if the transfer is necessary to fulfill the contract. Consent can be revoked informally at any time. Data collected by visiting the website is only collected by third parties who are expressly named below.

The person responsible within the meaning of the General Data Protection Regulation (GDPR), as well as other data protection laws applicable in the European Union and other provisions of a data protection nature is:

Stefanie Kling
Albrechtstr. 22
80636 Munich
Germany
Telephone: +49 (0) 175 8036460
Email: mail@stefaniekling.com

We use cookies on our site. These are small files that your browser creates automatically and that are stored on your end device (PC, laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not damage your end device and do not contain viruses, Trojans or other malware. Information is stored in the cookie that arises in connection with the specific end device used. However, this does not mean that we are immediately informed of your identity.

On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. We use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically deleted after leaving our site.

In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a specific period of time. If you visit our site again to make use of our services, it will automatically be recognized that you have already been with us and what inputs and settings you have made so that you do not have to enter them again.

These cookies enable us to automatically recognize when you visit our site again that you have already been with us. These cookies are automatically deleted after a defined period of time. The data processed by cookies are required for the stated purposes to protect our legitimate interests and those of third parties in accordance with Article 6 Paragraph 1 Sentence 1 lit. f GDPR. Most browsers accept cookies automatically. However, you can configure your browser in such a way that no cookies are stored on your computer or that a message always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.

You can visit our website without providing any personal information.

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

• Browser type/ browser version

• operating system used

• Referrer URL

• Host name of the accessing computer

• Time of server request

This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to subsequently check this data if we become aware of specific indications of illegal use.

The purpose of the processing results from our legitimate interest within the meaning of Article 6 (1) sentence 1 lit. f) GDPR.

A contract for order processing was concluded with our hoster.

External fonts, Google Fonts, are used on this website. Google Fonts is a service provided by Google Inc. (“Google”). These web fonts are integrated by calling a server, usually a Google server in the USA. This transmits to the server which of our Internet pages you have visited. The IP address of the browser of the end device of the visitor to this website is also stored by Google.

The use of Google Fonts serves to improve the visual presentation of our website and this therefore represents a legitimate interest within the meaning of Article 6 (1) sentence 1 lit. f) GDPR.

For more information, see Google's privacy policy, which you can access here:

https://www.google.com/fonts#AboutPlace:about
https://www.google.com/policies/privacy/

Our website uses plugins from the YouTube website. The site operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. 

We use YouTube in the extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the extended data protection mode does not necessarily exclude the transfer of data to YouTube partners. This is how YouTube establishes a connection to the Google DoubleClick network, regardless of whether you are watching a video.

As soon as you start a YouTube video on our website, a connection to the YouTube servers is established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, YouTube can save various cookies on your end device after starting a video. With the help of these cookies, YouTube can receive information about visitors to our website. This information is used, among other things, to collect video statistics, to improve user-friendliness and to prevent attempts at fraud. The cookies remain on your end device until you delete them.

If necessary, after the start of a YouTube video, further data processing operations can be triggered over which we have no influence.

YouTube is used in the interest of an attractive presentation of our online offers. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR.

You can find more information about data protection on YouTube in their data protection declaration at: https://policies.google.com/privacy?hl=de

Our website uses plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

If you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers will be established. The Vimeo server is informed which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged into Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to the Vimeo server in the USA.

If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account.

Vimeo is used in the interest of an attractive presentation of our online offers. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR.

For more information on how to handle user data, see Vimeo's privacy policy at: https://vimeo.com/privacy

Functions of the Instagram service are integrated on our website. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to our site with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or how it is used by Instagram.

For more information, see Instagram's privacy policy:
https://instagram.com/about/legal/privacy/

When users submit ratings in the shop or other posts, their IP addresses are saved. This is done for the security of the provider in case someone writes illegal content (including insults, pornographic or protected material). In this case, the provider himself can be prosecuted for the comment or contribution and is therefore interested in the identity of the author. The collection of this data is justified by Article 6 Paragraph 1 Clause 1 Letter f) GDPR.

When using the contact form offered on these pages, the information you enter is transmitted and stored for the purpose of answering your request. The data will not be passed on to third parties. The lawfulness of using the form results from Art. 6 (1) sentence 1 lit. f) GDPR.

If you contact us by e-mail, telephone or fax, your inquiry including all resulting personal data (name, enquiry) will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.

This data is processed on the basis of Article 6 (1) (b) GDPR if your request is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 Para. 1 lit. a GDPR) and / or on our legitimate interests (Art. 6 Para. 1 lit. f GDPR), since we have a legitimate interest in the effective processing of inquiries addressed to us.

The data you sent to us via contact requests will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular statutory retention periods - remain unaffected.

We have our own social media pages for the third-party providers that can be reached via links from this website. By using the links you get to the respective third-party websites (e.g. Facebook, LinkedIn, Instagram, YouTube, Vimeo) and can also share our content. No data transfer takes place when you visit our website. As soon as you have called up the third-party provider's website, you are in the area of responsibility of the respective third-party provider, so that their data protection declaration or their declarations on the use of data also apply. We have no influence on this, but to avoid unnecessary data transfer, we recommend that you log out of the respective third-party provider before using a corresponding link, so that usage profiles cannot be created by the third-party provider simply by using the link.

On our site we offer you the opportunity to subscribe to our newsletter. With this newsletter we inform you about our offers at regular intervals. In order to receive our newsletter, you need a valid e-mail address. We will check the e-mail address you have entered to ensure that you are actually the owner of the e-mail address provided or that the owner is authorized to receive the newsletter. When you register for our newsletter, we will save your IP address and the date and time of your registration. This serves to protect us in the event that a third party misuses your e-mail address and subscribes to our newsletter without your knowledge. We do not collect any further data. The data collected in this way is used exclusively for subscribing to our newsletter. A transfer to third parties does not take place. A comparison of the data collected in this way with data that may be collected by other components of our site does not take place either. You can cancel your subscription to this newsletter at any time. Details on this can be found in the confirmation email and in each individual newsletter.

The dispatch of the newsletter and the storage of your e-mail address are justified by your consent in accordance with Article 6 (1) sentence 1 lit. a) GDPR.

Shipping via Mailchimp
This website uses Mailchimp to send newsletters. The provider is the Rocket Science Group, Atlanta, Georgia, United States.

Mailchimp is a service that can be used, among other things, to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter will be stored on the Mailchimp servers.

Data analysis by Mailchimp
When we send newsletters using Mailchimp, we can determine whether a newsletter message has been opened and which links, if any, have been clicked.

Mailchimp also enables us to subdivide the newsletter recipients into different categories (so-called tagging). The newsletter recipients can be divided according to gender, personal preferences (e.g. vegetarian or non-vegetarian) or customer relationship (e.g. customer or potential customer). In this way, the newsletters can be better adapted to the respective target groups. For more information, see: https://mailchimp.com/de/.

If you do not want an analysis by Mailchimp, you must therefore unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. You can also unsubscribe from the newsletter directly on the website.

legal basis
The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke this consent at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

storage duration
The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted both from our servers and from the servers of Mailchimp after you have canceled the newsletter. Data stored by us for other purposes remain unaffected.

In accordance with the legal regulation according to § 13 Abs. 7 TMG, this site uses SSL encryption, recognizable by a lock symbol in the address bar of your browser. Transmitted data cannot be read by third parties if SSL encryption is activated.

This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed representation of the key or lock symbol in the lower status bar of your browser.

We also use appropriate technical and organizational security measures (TOM) to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

You can request information about the personal data stored about you at any time and free of charge. Your rights also include a confirmation, correction, restriction, blocking and deletion of such data and the provision of a copy of the data in a form suitable for transmission, as well as the revocation of a given consent and the objection. Statutory retention requirements remain unaffected.

Your rights arise in particular from the following standards der GDPR:

• Article 7(3) – Right to withdraw consent under data protection law

• Article 12 - Transparent information, communication and modalities for exercising the rights of the data subject

• Article 13 - Obligation to provide information when collecting personal data from the data subject

• Article 14 - Information to be provided when the personal data have not been collected from the data subject

• Article 15 - Right of access of the data subject, right to confirmation and to be provided with a copy of the personal data

• Article 16 – Right to rectification

• Article 17 – Right to erasure (“right to be forgotten”)

• Article 18 – Right to restriction of processing

• Article 19 – Obligation to notify in relation to rectification or erasure of personal data or restriction of processing

• Article 20 – Right to data portability

• Article 21 – Right to object

• Article 22 - Right not to be subject to a decision based solely on automated processing, including profiling

• Article 77 – Right to lodge a complaint with a supervisory authority

To exercise your rights (with the exception of Art. 77 GDPR), please contact the office named under “Responsible within the meaning of the GDPR” (e.g. by email).

The Federal Commissioner for Data Protection and Freedom of Information

hussar street 30
53117 Bonn

Telephone: +49 (0)228 997799-0
Fax: +49 (0)228 997799-5550
Email: redaktion@bfdi.bund.de

Homepage: https://bfdi.bund.de
(Please check the above-mentioned website before contacting us to ensure that the contact details are still up-to-date)