PRIVACY POLICY

(16.11.2020)

The security and protection of your personal data is very important to us. Therefore, we would like you to be informed about the processing of personal data (referred to as ‘data’ below) within the scope of our internet presence at https://monikadeimling.com There also exist third party websites which are linked to our website to optimize it and improve the user experience. For this reason, we provide you with relevant information about the third-party components which may result in processing the data they collect.

1. Information About us as the Data Controller

Our website address is: https://monikadeimling.com.
Monika Deimling

mmonika.deimling[at]gmail.com

2. Affected Parties, Type of Data and the Time and Purpose of Collecting and Processing

When you visit our website at https://monikadeimling.com, the following information is automatically collected and temporarily stored:

  • Usage data (e.g. the date and time of access, previously visited website)
  • Meta or communication data (e.g. the browser and, if applicable, your computer’s operating system and the name of your access provider, IP addresses)

Furthermore, the data you send us as the user of our website is also affected by the collection and processing, for example, through contacting us using the provided contact options or by filling in the application form. In this context, the following information may be collected and processed:

  • User’s inventory data (e.g. name and address)
  • User’s contact or communication data (e.g. e-mail address or phone number)
  • Further content data (e.g. by using the contact form or by uploading photographs)

We also collect and process your data as part of our business activities, for the provision of our website (by a hosting provider), for administration, financial accounting, office organisation and/or contact management as well as for business management analysis (see also Section 15 of the declaration). In addition to the data listed above, the following data may be collected and processed by us or our hosting provider:

  • Contract data (e.g. customer’s name and address, prospect or business partner, contract’s subject matter, portfolio)
  • Payment data (e.g. name, bank details, payment history)
  • Inventory data, contact data, content data, usage data, metadata, communication data (see above for examples of the individual points)

The purpose of collecting and processing the above-mentioned data is:

  • the provision of our website, including its functions and contents as well as the guarantee of a smooth user experience for the website visitors (g. provision of a contact form, infrastructure and platform services, computing capacity, storage space and database services, e-mail transmission, security services and technical maintenance services),
  • the guarantee of communication with customers, interested parties or business partners (e.g. by the possibility of answering your contact inquiries or the possibility of a later establishment of contact),
  • enabling measures for system security and stability
  • implementation of a range measurement/marketing/market research/advertising
  • provision of contractual services (e.g. checking your inquiry) and customer care,
  • ensuring a functioning business (e.g. through administration, financial accounting, office organization, archiving of data),
  • adaptation and optimisation of our Internet presence to the user’s needs (this includes e.g. contractual partners, interested parties, customers or website visitors).

We would also like to point out that we use cookies and analysis services on our website. For more information, please refer to sections 8 and 13 of this privacy policy.

3. Definitions

The terms used in this privacy policy, such as ’personal data‘, ’processing‘, ’pseudonymisation‘, ’responsible person‘ or ’processor‘, correspond to the definitions in Article 4 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as the “GDPR”) to which we hereby refer.

4. Relevant Legal Bases

According to Art. 13 GDPR, we are obligated to inform you about the legal basis of our data processing. First of all, the basis of data collection and data processing is our legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. This results from the purpose listed under No. 2. If we obtain your consent for the collection and processing of your personal data, the corresponding legal bases are Art. 6 para. 1 lit. a and Art. 7 GDPR. The processing to fulfil our legal obligations is carried out on the basis of Art. 6 para. 1 lit. c GDPR. In addition, we collect and process data within the scope of our performance, contract execution and processing of inquiries on the basis of Art. 6 Para. 1 lit. b GDPR. The legal basis for the processing of data based on the vital interests of the data subject or another natural person is Art. 6 para. 1 lit. d GDPR. Should the processing be carried out on further legal bases, we will expressly point this out.

5. Security of Processing

In accordance with Art. 32 GDPR and with the collaboration of contract processors, we take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity fort he rights and freedoms of natural persons.
Such measures include, inter alia:

  • the pseudonymisation and SSL encryption of personal data;
  • the ability to ensure the long-term confidentiality, integrity, availability and resilience of the systems and services associated with the processing;
  • the ability to rapidly restore the availability of and access to personal data in the event of a physical or technical incident;
  • a procedure for the regular review, testing and evaluation of the effectiveness of technical and organisational measures to ensure the security of processing.

In addition, we take appropriate technical and organisational measures to ensure that only personal data whose processing is necessary for the respective specific processing purpose is processed by default. This obligation applies to the amount of personal data, the scope of its processing, its storage period and its accessibility. The measures also ensure in particular that personal data cannot be made accessible to an indefinite number of natural persons without our intervention (Art. 25 GDPR).

6. Data Subject Rights

You have the right:

  • to request information from us as to whether or not we process your personal data; if this is the case, you have information rights on this personal data and on further information in accordance with Art. 15 GDPR (e.g. the purpose of the processing, the categories of personal data being processed or, if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining that duration).
  • to request the correction or completion of incorrect or incomplete personal data concerning you (Art. 16 GDPR).,
  • to request us to erase any personal data relating to you without delay (Art. 17 GDPR). In accordance with Art. 18 GDPR, you may also request us to restrict the processing of your data.,
  • to receive the personal data concerning you, which you have previously provided to us, in a structured, commonly used and machine-readable format (Art. 20 GDPR). You also have the right to transfer this data to another controller without our interference in accordance with Art. 20 GDPR,
  • to withdraw any consent you may have given at any time (Art. 7 GDPR). The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal,
  • to lodge a complaint with the competent supervisory authority (Art. 77 GDPR).

7. Right to Object

You also have the right to object to the future processing of your personal data at any time in accordance with Art. 21 GDPR.

8. Cookies and the Right to Object in Direct Advertising

Cookies are used on our website to protect our legitimate interests and those of third parties pursuant to Art. 6 Para. 1 lit. f) GDPR. Cookies are small files that are automatically stored on the user end devices when they visit the website. These cookies do not cause any damage but serve to store different data. This is mainly information about a user and his terminal device which is used (although this information does not directly lead us to become aware of your identity). So-called temporary cookies are used, which are stored on your terminal device for a certain defined period of time and serve to make a renewed visit to our website even more pleasant with already existing data (then it is not necessary to re-enter your data). Also used so-called session cookies serve only to recognize that you have already visited several of the subpages of our Internet presence and are deleted after you have left our website and closed your browser. In order to optimize our website for you, we use cookies that record usage statistically so that we can evaluate it. These cookies are also deleted after a certain time. Detailed information can be found in section 11 of this privacy policy.

Many Internet browsers automatically accept cookies. However, if you do not want them to be accepted and thus stored on your end device, you can configure your browser settings so that no cookies are stored or a message always appears before a new cookie is created. In addition, cookies that have already been saved can be subsequently deleted in the settings of your browser. However, please note that complete removal and deactivation of cookies may prevent you from using all functions of our website.

9. Retention and Erasure of Data

Apart from the deletion or restriction of data in accordance with Art. 17 and Art. 18 GDPR (see section 8 of the privacy policy) or any other explicit reference, we delete the data stored by us if they are no longer required for the fulfilment of their purpose and we are not legally obliged to store them. However, should your data be stored for other, legally permissible reasons, we limit the processing of the data to such an extent that they are used solely for the specific permissible purposes.

The legal basis for the storage of your data within the scope of our business operations in documents such as books, accounting documents or other records in Germany is §§ 147 para. 1 Fiscal Code of Germany (AO), 257 para. 1 no. 1 and 4, para. 4 German Commercial Code (HGB). This is a retention obligation for 10 years (tax retention obligation). If your data is available to us in the context of commercial letters, it must be kept for 6 years in accordance with § 257 Para. 1 No. 2 and No. 3, Para. 4 HGB (commercial law retention obligation).

10. Contact

If you contact us (e.g. via the contact form, e-mail or telephone), your data will be stored and processed to process and handle the contact request in accordance with Art. 6 Para. 1 lit. b) GDPR. However, we delete the data if it is no longer necessary. The necessity is reviewed every two years; in addition, the statutory archiving obligations apply.

11. Integration of Third Party Services and Third Party Content

We use content or service offers from third parties within our webpage on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our webpage pursuant to Art. 6 para. 1 lit. f. GDPR) in order to integrate their content and services, e.g. videos or fonts (hereinafter uniformly referred to as content).
This always requires that the third party providers of this content perceive the IP address of the user since without the IP address they could not send the content to their browser. The IP address is therefore required for the display of this content. We make every attempt to use only those contents whose respective providers use the IP address only for the delivery of the contents. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. Pixel tags can be used to evaluate certain information on the website (e.g. visitor traffic on the pages of this website). The pseudonymous information may also be stored in cookies on the user’s device and may include technical information about the browser and operating system, referring websites, visiting time and other information about the use of our webpage, as well as be linked to such information from other sources.

12. Customer Account or Registration

You have the possibility to register on our website and create a customer account. The data provided by you will be collected and processed by us exclusively for the purpose stated under point 2. Your IP address, as well as the date and time of your access or registration, are also stored. We do not pass this data on to third parties. During registration, we ask for your consent to the storage and processing of your data for the purpose of creating an account. You may, of course, revoke this consent at any time with effect for the future pursuant to Art. 7 para. 3 GDPR (see section 8 of this privacy policy).

13. Google Analytics

We use the Google Analytics service, a web analysis service provided by Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter „Google“), to adapt and optimise our website to the needs of users (this includes e.g. contractual partners, interested parties, customers, visitors to our website).
Google creates and uses pseudonymised user profiles and cookies. The information generated by the cookie about your use of our website is transferred to a Google server in the USA and stored there. The information is used to enable an evaluation of website usage, to document website activities and to provide further services associated with website and internet usage for market research and design purposes. By subjecting Google to the Privacy Shield Agreement, Google guarantees that it complies with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

We use Google Analytics within the framework of our website with activated IP anonymisation. Your IP address will be reduced by Google within the EU member states or in other signatory states to the Agreement on the European Economic Area and only in exceptional cases will the full IP address be transmitted to a Google server in the USA, where it will subsequently be reduced. Your IP address will not be combined with other information that may also be available to Google.

You can prevent the storage of cookies by activating the relevant setting of your browser software (see Section 10 of this privacy policy) and you can also prevent the collection of data generated by the cookie and relating to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de). The following link offers an alternative to this add-on: https://tools.google.com/dlpage/gaoptout. When you click on this link, an opt-out cookie will be set for that particular browser and website to prevent future collection and storage of your information when you visit that website. For more information about privacy in connection with Google Analytics, please visit the Google Analytics Help Center (https://support.google.com/analytics/answer/6004245?hl=de).

14. Social Media

In addition to this website, you can also find us on social networks and other platforms. The purpose is to be able to communicate with customers, interested parties and users as well as being able to inform them about our services there as well. Please note that the respective terms and conditions and data processing guidelines of the respective operator of the network or platform apply there. If you contact us via social networks or other platforms, we collect and process your data in accordance with this privacy policy, unless we expressly state otherwise.

14.1 Instagram

On our website, we use the Instagram social network plug-in offered by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (hereinafter referred to as “Instagram”) to improve quality (legitimate interest pursuant to Art. 6 Para. 1 lit. f) GDPR).
When you visit a Web page that contains the Instagram plug-in, your Internet browser downloads a representation of the plug-in from Instagram’s servers in the United States. Instagram stores and processes the website you visit, your IP address as well as the date and time of your access.
If you are logged in with your Instagram account when using our website, your data can be linked to your Instagram account. This will store the information you share in your Instagram account and may publish it on the Instagram platform. To prevent this, you must log out of your Instagram account before using our website. Alternatively, you can adjust the settings in your Instagram user account so that the data is not linked. For more information about Instagram’s data collection and processing, please visit https://help.instagram.com/155833707900388/.

15. PayPal

Orders submitted on our website can be directed to PayPal for processing. We have no access to your credit card data. According to PayPal’s Privacy Policy at the time of posting this page, when you visit the PayPal website or use PayPal Services, PayPal may collect data on the pages you access, your computer IP address, device identifiers, the type of operating system you’re using, your location, mobile network information, standard web log data and other information. It may also collect information about your transactions and your activities, including contact, financial and personal information. PayPal does not sell or rent your personal information to third parties for their marketing purposes without your explicit consent. It shares with us only the billing address and order details required for order processing. For more details, see PayPal’s Privacy Policy.


16. Links to External Websites

This website may contain links to external sites. We have no influence on the contents of external linked websites and are therefore not responsible for them, in particular, we do not adopt their contents as our own. If you are directed to an external site, the data protection declaration provided there applies. If you notice any illegal activities or contents on this page, you are welcome to inform us. In this case, we will review the content and respond appropriately (notice and takedown procedure).

17. Inclusion, Validity and Updating of the Data Protection Declaration

We need to be able to change our privacy practices and this privacy statement to adapt them to changes in laws and regulations or to better meet your needs (e.g. if our website is further developed). The current version of our data protection declaration is available for review, download and/or print on our website at any time.