Welcome to my website. I take data protection regulations very seriously and treat your personal data confidentially. Personal data is data by which you are or can be personally identified. This privacy statement explains what data I collect and what I use it for. This statement also explains the nature, scope and purpose of the processing of your personal data, as well as the rights you can exercise as a data subject with me.
My website contains links to third-party websites. I have carefully checked the links and no illegal content was detected by me. However, I cannot rule out the possibility that the contents of the links may have been changed subsequently. The operators of these links are solely responsible for their content.
Responsible party in the sense of the GDPR (German: DS-GVO)
Freelance sole trader (German: Freiberufliche Einzelunternehmerin)
Rohrbacher Weg 14
Data protection officer required by law
I am not legally obliged to appoint a data protection officer.
Storage of personal data
Personal data that you transmit to me electronically on this website, such as when using the contact form, are collected and stored by me together with the time and IP address only for the purpose stated in each case and are not passed on to third parties.
I thus only use your personal data for the communication with you, as well as for the processing of my services offered on this website.
Of course, I do not pass on your personal data without your express consent.
I use all necessary technical and organisational measures to protect your personal data against manipulation, loss, destruction and against unauthorised access. These technical and organisational measures are continuously reviewed and improved.
If you wish to send personal data to me by e-mail, I would like to point out that confidential data should never be sent by e-mail without encryption.
What is your data used for?
When you visit my website, some personal data is automatically collected and stored. These are mainly technical data (e.g. browser, operating system, language settings, etc.). Data is therefore collected in order to ensure the error-free provision of my website. When you visit my website, my web server (server on which this website is stored) automatically saves data in files (web server log files) such as:
– the address (URL) of the website you are visiting
– browser and browser version
– the operating system used
– the address (URL) of the previously visited page (referrer URL)
– the host name and IP address of the device from which access is made
– the date and time.
As a rule, web server log files are stored for about two weeks and then automatically deleted. The host provider is responsible for this task.
Secondly, other personal data is also collected if you provide it to me (e.g. by e-mail or via the contact form on my website). In this case, your personal data will only be stored and processed in order to contact you and offer my services. I do not use any data to analyse your user behaviour and therefore no cookies are used for tracking purposes on my website.
Processing of data (customer and contract data)
I therefore only collect, process and use personal data to the extent that it is necessary for the establishment, content or amendment of the legal relationship (inventory data). In this context, further information, such as passwords (for the backend) and possibly date of birth (for possible payment options), may be necessary in order to offer you my services as a web designer. This data is only collected when necessary and is correctly secured and processed.
This is done on the basis of Art. 6, Para. 1, lit. b, DS-GVO (GDPR), which permits the processing of data for the fulfilment of a contract or pre-contractual measures, or on the basis of consent, Art. 6, Para. 1, lit. a, DS-GVO (GDPR). I will delete the collected personal data after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.
Cooperation with third parties
In the event of cooperation with order processors, your personal data could be transferred to them. However, this will be agreed with you in advance. The legal basis for this is Art. 6, Para. 1, lit. a and Art. 28 (order processor) DS-GVO (GDPR).
Recipients of your personal data
I also offer my services to customers outside Germany. Should your personal data be transferred to third parties in this context, this will only be done with your express consent. This takes place, for example, in the context of a transfer of my services. Your data will not be passed on to third parties without your express consent, possibly for advertising purposes.
Further processing on my website
A contact form is embedded on my website, which can be used for electronic contact. The form is implemented with the WPForms plugin for WordPress. During installation, I have ensured that the contact form is data protection compliant.
If you therefore take the opportunity to contact me via the contact form, the personal data you enter in the input mask will be transmitted to me and stored. The processing of your data here is based on Art. 6, Para. 1 lit. b. DS-GVO (GDPR), insofar as your request is necessary for the fulfilment of a contract or for the implementation of pre-contractual measures.
I have set up the form on my website because I also have a legitimate interest in the effective processing of any enquiries addressed to me within the meaning of Art. 6, Para. 1 lit. f DS-GVO (GDPR). Personal data such as your name, e-mail address and telephone number are processed in this connection.
In addition, the following data, among others, are stored by the WordPress system when using the contact forms:
– Your IP address
– Date and time
– Time zone
There is no automatic transfer of your data to third parties here. The personal data collected through the contact form is used, among other things, to prevent misuse of the contact form and to ensure the security of the information technology systems as well as to be able to process your enquiries.
You are also welcome to contact me by e-mail. In this case, the data you provide in the e-mail will be transmitted and stored.
Your data will be deleted as soon as it is no longer required for the purpose. Statutory retention periods remain unaffected.
Your rights as a data subject
As a visitor (data subject) to my website, you have the following rights under the European Data Protection Regulation:
- Right to information about the data processed (Article 15 DS-GVO)
- Right to rectification if your personal data is incorrect (Article 16 DS-GVO)
- Right to erasure (“right to be forgotten”) (Article 17 DS-GVO)
Right to restriction of processing if your data cannot be deleted for legal reasons (Article 18 DS-GVO)
- Right to notification – obligation to notify in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 DS-GVO)
- Right to data portability (Article 20 DS-GVO)
- Right to withdraw your consent: Many processing operations are only possible with your explicit consent (Article 7, Paragraph 3, DSGVO). You can revoke your consent at any time, e.g. by sending an informal e-mail to me (see contact details above and in the imprint). However, this will mean that I will no longer be able to continue processing based on your consent in the future.The lawfulness of the processing of your data that took place until the revocation remains unaffected by the revocation.
- Right of objection (Article 21 DS-GVO): You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(a), (e) or (f) of the GDPR. Your personal data will then no longer be processed unless the controller can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.
- Right of appeal (Art. 77 DS-GVO): You have the right to lodge a complaint with a supervisory authority.
The competent supervisory authority in matters of data protection law is the State Data Protection Commissioner of the federal state in which my company is based. For Hesse this is as follows:
The Hessian Commissioner for Data Protection and Freedom of Information.
Telephone: +49 611 1408-0
SSL or TLS encryption
The encryption of personal data is the most secure solution for data transmission. For websites, this is SSL or TLS encryption.
You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and/or by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to me cannot be read by third parties.
My website is hosted by an external service provider. Personal data collected on my website is stored on the service provider’s servers. This includes, for example, technically necessary cookies, such as IP addresses, etc.
The service provider only processes your data as required to fulfil its service obligations.
The service provider is used for the purpose of fulfilling the contract with my potential and existing customers (Art. 6, para. 1, lit. b DS-GVO) and in the interest of a secure and fast provision of my website by a professional provider (Art. 6, para. 1 lit. f DS-GVO).
I use the following service provider:
Hetzner Online GmbH
My internet service provider, Hetzner Online GmbH, automatically collects and stores information in so-called server log files, which your browser automatically transmits to me. These are for example:
– browser type and browser version
– the operating system
– the website previously visited (if transmitted by the user)
– the number of visits
– the date and time of the server request
– the user’s IP address is anonymised before it is stored.
This data is not merged with other data sources.
In order to ensure that your data is processed by the service provider in accordance with data protection regulations, I have concluded an order processing contract with the service provider.
Cookies on my website
What are cookies?
Every time you visit a website, small data sets are stored in your browser. These data records are called cookies.
Some cookies are, among others, so-called “session cookies”. They are automatically deleted at the end of your visit.
Other cookies, however, remain stored on your end device until you delete them (“permanent cookies”).
These cookies store certain usage data, such as the selected language or personal page settings. With these cookies, your browser will be recognised the next time you visit. Therefore, when you call up my website again, your browser transmits the “user-related” information back to my website.
These cookies do not cause any damage to your computer and do not contain any viruses. These cookies are used to make my website more user-friendly, effective and secure.
Cookies that are necessary to carry out electronic communication are stored on the basis of § 25 para. 2 TTDSG. This is absolutely necessary so that I can provide the telemedia service requested by the visitor.
You can set your browser to inform you when cookies are set. Thus, you can decide yourself which cookies you want to allow and accept or exclude cookies for certain cases. You can also specify that cookies should be deleted automatically when you close the browser.
- Chrome: Click on the three-dot menu in the top right corner the settings > Click on Privacy and Security > Subitem Privacy and Security > Delete Browser Data.
- Safari: Click on “Safari” in the menu bar and then on “Preferences” > Privacy” and here uncheck the box next to “Block all cookies”.
- Firefox: Click on the menu button > Settings > Privacy & Security > Paragraph Cookies and Website Data. Click on the Remove Data… button to open the “Delete Data” dialogue.
- Microsoft Edge: Click on Settings and more in the top right corner > Settings > Privacy, search and services > Delete browser data > Delete browser data now.
Processing through cookies on my website
I use the content management system WordPress to create my website. Through the use of WordPress and the plugins necessary for my site, personal data may be collected and processed. Among other things, plugins from WordPress are used, such as the WordPress Plugin WPForms for the contact form. In the following, I will go into more detail about the individual cookies.
Information about cookies on this website:
Storage time: 6 months
Storage time: 1 hour
Storage time: session
These cookies are technically necessary cookies
Legal basis for these cookies
Cookies that are necessary to carry out electronic communication are stored on the basis of § 25 para. 2 TTDSG.
If you wish to delete cookies stored in your browser, you can do this in your browser settings. How you can manually delete the cookies in your browser is described above in the section Cookies on my website.
Videos and pictures on my website
I partly present my services with videos and pictures on my website. These are all integrated locally. Therefore, no transmission takes place here.
I present my services to my existing and prospective clients on various social networks and other platforms. These are integrated on my website with an icon (small graphic) and a URL to my profile on the respective platform. No personal data is transmitted directly to the social network when you visit my website! If you click on the icon with the embedded link, you will be redirected to the page of e.g. Instagram and here your personal data will then be automatically collected and stored by the network concerned.
As my clients are also on social networks, I have an Instagram page to be able to reach a larger audience. The Instagram service is provided by Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. If you have and are logged into an Instagram account and click on the icon on my page, your visit to my website may be linked to your account on Instagram. To prevent Instagram from collecting and associating your personal data, you should log out of your Instagram account before you continue browsing.
I have no influence and no access to the data that may be collected and stored by Instagram. In contrast, when you visit my Instagram page, I also receive information about your visit and therefore also your personal data. This data is also accessed by Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, through Instagram. I am therefore, in accordance with the case law of the ECJ, jointly responsible with Instagram and Facebook for the processing of your personal data when you visit my site.
Facebook Ireland Ltd. refers to our joint responsibility on a page which you can read here: https://www.facebook.com/legal/terms/page_controller_addendum.
Here Facebook Ireland Ltd. also describes in detail how Facebook ensures data security when using Facebook. Facebook can best provide you with information about which data Instagram and Facebook process and for what purpose; I, as the site operator, do not make any decisions about the processing of this data.
In the information on shared responsibility with Facebook, you can also read that Facebook Ireland Ltd. is responsible for fulfilling the obligations under the GDPR for the processing of personal data (including Articles 12 and 13 GDPR, Articles 15 to 21 GDPR, Articles 33 and 34 GDPR): https://www.facebook.com/legal/terms/information_about_page_insights_data.
How you can exercise your data subject rights is described in the section “Responsibility for your information used to create page insights”.
You can read more information about your data at Instagram and its processing by Facebook Ireland Limited, on what basis Instagram and thus also Facebook collects and processes your data, for what purpose, how long your data is stored and how you can assert your data subject rights at Instagram here:
https://privacycenter.instagram.com/policy?section_id=7-WhatIsOurLegal as well as https://privacycenter.instagram.com/policy.
You can also exercise your data protection rights (e.g. revocation) with me regarding the processing of your data, and I will be happy to provide you with information about the processing of your personal data. In this context, however, I can only provide you with information about my own processing for the above reasons.
Should you revoke the processing with me, the lawfulness of the data processing carried out until the revocation remains unaffected by the revocation.
Since Facebook Ireland Ltd. also transmits data when processing your personal data in countries outside the EU, you can read more information about the transmission by Facebook Ireland Ltd. under the following link:
As I would like to present my services on other platforms, I also have a profile on Pinterest. The Pinterest service is provided by Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland. If you have a Pinterest account and are logged into it, and then click on the icon on my page, your visit to my website may be linked to your account on Pinterest. To prevent Pinterest from collecting and associating your personal data, you should log out of your account before you continue browsing.
I have no influence and no access to the data that may be collected and stored by Pinterest. In contrast, when you visit my Pinterest page, I also receive information about your visit and therefore also your personal data. Pinterest also accesses this data. I am therefore, in accordance with the case law of the ECJ, jointly responsible with Pinterest for the processing of your personal data when you visit my profile.
Information about which data Pinterest processes and for what purpose can best be given to you by Pinterest, I as the site operator do not make any decisions about the processing of this data. You can read more information about your data at Pinterest and its processing, on what basis Pinterest collects and processes your data, for what purpose, how long your data is stored and what options you have to protect your data at this platform here:
You can also exercise your data subject rights (e.g. revocation) with me regarding my processing of your data, including I will be happy to provide you with information about my processing of your personal data. In this context, however, I can only provide you with information about my own processing for the above reasons.
Should you revoke the processing with me, the lawfulness of the data processing carried out until the revocation remains unaffected by the revocation.
I have a profile on the Etsy marketplace to provide another means of selling my digital products as well as print products. The Etsy marketplace is provided by Etsy Ireland UC, 66/67 Great Strand Street, Dublin 1, Ireland.
When you visit my site on Etsy, your personal data will also be collected and processed by Etsy through your visit to my site on Etsy. I have no control or access over the data that may be collected and stored by Etsy.
I am, according to the case law of the ECJ, jointly responsible with Etsy for the processing of your personal data when you visit my site (store page) on Etsy. Etsy can best provide you with information about which data Etsy processes and for what purpose; I, as the site operator, do not make any decisions about the processing of this data here. You can read more information about your data at Etsy and its processing, on what basis Etsy collects and processes your data, for what purpose, how long your data is stored and what options you have to protect your data at this platform here:
Data deletion and storage period
Your personal data will be deleted or blocked as soon as the purpose for processing the data no longer applies. If you have sent me a deletion request or revoked your consent to the processing of your personal data, I will delete your data provided there are no further legal reasons for storing your personal data (mandatory retention periods under tax or commercial law). This data will then be deleted once these reasons no longer apply. If I cannot delete all of your personal data as requested for legal reasons, I will block your data and no longer use it.