Privacy Policy

Last updated May 27th, 2024

This Privacy Policy will help you better understand how we collect, use, and share your personal information.

1. Data Protection at a Glance

General Information

The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data includes all data that can be used to identify you personally. For detailed information on data protection, please refer to our privacy policy below.

Data Collection on This Website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find their contact details in the "Information about the Responsible Party" section of this privacy policy.

How do we collect your data?

On the one hand, your data is collected when you provide it to us, such as when you enter information into a contact form.

Other data is collected automatically or with your consent by our IT systems when you visit the website. This data primarily includes technical information (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter this website.

For what purpose do we use your data?

Some of the data is collected to ensure the error-free provision of the website. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right to receive information about the origin, recipient, and purpose of your stored personal data at any time, free of charge. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time with effect for the future. Additionally, under certain circumstances, you have the right to request the restriction of the processing of your personal data. You also have the right to file a complaint with the competent supervisory authority.

For this and any further questions on data protection, you can contact us at any time.

2. Hosting

We host the content of our website with the following provider:

Strato

The provider is Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin (hereinafter "Strato"). When you visit our website, Strato collects various log files, including your IP addresses.

For more information, please refer to Strato's privacy policy: https://www.strato.de/datenschutz/.

The use of Strato is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in ensuring the most reliable representation of our website possible. If appropriate consent has been requested, processing is carried out exclusively based on Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TTDSG, as long as the consent includes the storage of cookies or access to information on the user's end device (e.g., device fingerprinting) as defined by the TTDSG. Consent can be revoked at any time.

Data Processing Agreement

We have entered into a Data Processing Agreement (DPA) with the above-mentioned service provider. This is a data protection agreement required by law that ensures the service provider processes personal data of our website visitors only according to our instructions and in compliance with the GDPR.

3. General Information and Mandatory Notices

Data Protection

The operators of these pages take the protection of your personal data very seriously. We handle your personal data confidentially and in accordance with legal data protection regulations as well as this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can identify you personally. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose this happens.

Please note that data transmission over the Internet (e.g., when communicating via email) may have security vulnerabilities. A complete protection of data against access by third parties is not possible.

Notice Regarding the Responsible Party

The responsible party for data processing on this website is:

Maximilian Haverbeck
Hans-Thoma-Str. 9
79585 Steinen

Email: contact@maximilianhaverbeck.com

The responsible party is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Storage Period

Unless a specific storage period is mentioned in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you make a legitimate request for deletion or revoke your consent for data processing, your data will be deleted, provided we do not have other legally permissible reasons for storing your personal data (e.g., tax or commercial law retention periods); in such cases, the deletion will occur once these reasons no longer apply.

General Information on the Legal Bases of Data Processing on This Website

If you have consented to data processing, we process your personal data based on Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR if special categories of data are processed under Art. 9 para. 1 GDPR. In cases of explicit consent for transferring personal data to third countries, the data processing is also based on Art. 49 para. 1 lit. a GDPR. If you have consented to storing cookies or accessing information on your device (e.g., device fingerprinting), data processing is also based on Section 25 para. 1 TTDSG. Consent can be revoked at any time.

If your data is required to fulfill a contract or to carry out pre-contractual measures, we process your data based on Art. 6 para. 1 lit. b GDPR. We also process your data if it is required to fulfill a legal obligation based on Art. 6 para. 1 lit. c GDPR. Data processing can also occur based on our legitimate interest under Art. 6 para. 1 lit. f GDPR. The specific legal bases are provided in the following paragraphs of this privacy policy.

Recipients of Personal Data

In our business activities, we cooperate with various external parties. In some cases, it is necessary to transfer personal data to these parties. We only share personal data with external parties when required for contract fulfillment, when we are legally obliged to do so (e.g., sharing data with tax authorities), when we have a legitimate interest under Art. 6 para. 1 lit. f GDPR in sharing data, or when other legal grounds permit the sharing of data. When using data processors, we only share personal data with our customers based on a valid Data Processing Agreement. In cases of joint processing, a Joint Processing Agreement is concluded.

Revoking Your Consent to Data Processing

Many data processing operations are only possible with your explicit consent. You can revoke any consent already given at any time. The legality of the data processing carried out before the revocation remains unaffected.

Right to Object to Data Collection in Special Cases and Direct Marketing (Art. 21 GDPR)

IF DATA PROCESSING IS BASED ON ART. 6 PARA. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OUTWEIGH YOUR INTERESTS, RIGHTS, AND FREEDOMS OR PROCESSING IS FOR THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS (OBJECTION UNDER ART. 21 PARA. 1 GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR SUCH MARKETING PURPOSES AT ANY TIME; THIS ALSO APPLIES TO PROFILING, AS FAR AS IT IS ASSOCIATED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION UNDER ART. 21 PARA. 2 GDPR).

Right to Lodge a Complaint with the Competent Supervisory Authority

In case of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, particularly in the member state of their habitual residence, workplace, or the location of the alleged violation. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.

Right to Data Portability

You have the right to receive data that we process automatically based on your consent or in fulfillment of a contract, in a commonly used, machine-readable format, or to have it transferred to a third party. If you request the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

Information, Rectification, and Erasure

You have the right, within the applicable legal provisions, to obtain information free of charge about your stored personal data, its origin and recipients, and the purpose of data processing. You also have the right to rectification or erasure of this data. For this and any further questions about personal data, you can contact us at any time.

Right to Restrict Processing

You have the right to request the restriction of processing of your personal data. You can contact us at any time regarding this right. The right to restrict processing exists in the following cases:

If you dispute the accuracy of the personal data we have stored about you, we generally need time to verify this. During the verification period, you have the right to request the restriction of processing of your personal data.
If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of deletion.
If we no longer need your personal data, but you need it to exercise, defend, or assert legal claims, you have the right to request the restriction of processing your personal data instead of deletion.
If you have lodged an objection under Art. 21 para. 1 GDPR, a balance must be struck between your interests and ours. As long as it is not yet clear whose interests prevail, you have the right to request the restriction of processing of your personal data.

If you have restricted the processing of your personal data, this data may only be processed – apart from its storage – with your consent or to assert, exercise, or defend legal claims or protect the rights of another natural or legal person or for reasons of an important public interest of the European Union or a member state.

SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator, this site uses SSL or TLS encryption. An encrypted connection can be recognized by the browser address bar changing from "http://" to "https://" and by the lock symbol in your browser bar.

If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

4. Data Collection on this Website

Contact Form

If you send us inquiries via the contact form, the data you provide, including your contact information, will be stored with us for the purpose of processing your inquiry and for potential follow-up questions. We do not share this data without your consent.

The processing of this data is based on Article 6(1)(b) GDPR if your inquiry is related to contract fulfillment or required for pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling inquiries addressed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR), if requested; consent can be revoked at any time.

The data you provide in the contact form will remain with us until you request its deletion, revoke your consent for storage, or the purpose for data storage no longer applies (e.g., after your inquiry has been processed). Mandatory legal provisions—especially retention periods—remain unaffected.

Inquiry via Email, Phone, or Fax

If you contact us via email, phone, or fax, your inquiry, including all related personal data (name, inquiry), will be stored and processed with us for the purpose of handling your concern. We do not share this data without your consent.

The data sent to us through contact inquiries will remain with us until you request its deletion, revoke your consent for storage, or the purpose for data storage no longer applies (e.g., after your concern has been handled). Mandatory legal provisions—especially statutory retention periods—remain unaffected.

5. Plugins and Tools

Google Fonts

This website uses Google Fonts to ensure a consistent appearance of fonts, which are provided by Google. When you access a page, your browser loads the required fonts into its cache to correctly display texts and fonts.

For this purpose, the browser you are using needs to establish a connection to Google's servers. As a result, Google becomes aware that your IP address accessed this website. The use of Google Fonts is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in ensuring the consistent presentation of the website's fonts. If consent has been requested, data processing is based exclusively on Article 6(1)(a) GDPR and Section 25(1) TTDSG, where consent includes storing cookies or accessing user device information (e.g., device fingerprinting) in accordance with TTDSG. Consent can be revoked at any time.

If your browser does not support Google Fonts, a standard font from your computer will be used.

For more information about Google Fonts, please see https://developers.google.com/fonts/faq and Google's privacy policy: https://policies.google.com/privacy?hl=en.

The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards for data processing in the US. Each company certified under the DPF is committed to upholding these data protection standards. More information can be found via this link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active.

Google reCAPTCHA

We use "Google reCAPTCHA" (hereinafter referred to as "reCAPTCHA") on this website. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

reCAPTCHA is used to verify whether data entered on this website (e.g., in a contact form) is submitted by a human or an automated program. To do so, reCAPTCHA analyzes the website visitor's behavior based on various characteristics. This analysis begins automatically as soon as the visitor accesses the website. For the analysis, reCAPTCHA evaluates different information (e.g., IP address, the time the visitor spends on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analysis runs entirely in the background. Website visitors are not informed that an analysis is taking place.

The storage and analysis of the data are based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in protecting their web offerings from abusive automated spying and spam. If consent has been requested, data processing is based exclusively on Article 6(1)(a) GDPR and Section 25(1) TTDSG, where consent includes storing cookies or accessing user device information (e.g., device fingerprinting) in accordance with TTDSG. Consent can be revoked at any time.

For more information about Google reCAPTCHA, please see Google's privacy policy and terms of service at the following links: https://policies.google.com/privacy?hl=en and https://policies.google.com/terms?hl=en.