Privacy Policy

Data protection at a glance
General information and mandatory disclosures
Data capture on this website
Hosting
Analytics tools and advertising
Plugins and tools

1. Data Protection at a Glance

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

Personal data is any data with which you can be personally identified. For detailed information on data protection, please refer to our privacy policy listed below this text.

Data capture on this website

Who is responsible for data collection on this website?

The processing of data on this website is carried out by the website operator. You can find their contact details in the „Information on the Controller“ section of this privacy policy.

How do we collect your data?

Your data is collected, firstly, by you providing it to us. This could include, for example, data you enter into a contact form.

Other data is collected by our IT systems either automatically or with your consent when you visit the website. This primarily includes technical data (e.g. internet browser, operating system or time of page access). This data is collected automatically as soon as you access this website.

What do we use your data for?

Some data is collected to ensure the flawless operation of the website. Other data may be used to analyse your user behaviour.

What rights do you have regarding your data?

You have the right at any time to receive free information about the origin, recipient, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent for data processing, you can withdraw this consent at any time for the future. Furthermore, you have the right to request the restriction of the processing of your personal data under certain circumstances. You also have a right to complain to the relevant supervisory authority.

You can contact us at any time regarding this and other questions about data protection.

2. General Information and Mandatory Information

When you use this website, various personal data will be collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens.

We would like to point out that data transfer on the internet (e.g. during email communication) can be subject to security vulnerabilities. It is not possible to protect data completely from third-party access.

Responsible body notice

The controller responsible for data processing on this website is:

Cornelia Weber-Fürst
Döllingerstr. 16a
D-80639 München

Phone: +49 (0) 89-17117850
Email: info@cornelia-weber.com

The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses or similar).

Storage duration

Unless a more specific storage period is mentioned within this privacy policy, your personal data will remain with us until the purpose for data processing ceases to exist. If you exercise a legitimate request for deletion or revoke consent for data processing, your data will be deleted, provided we have no other legally permissible grounds for storing your personal data (e.g. statutory retention periods for tax or commercial law); in the latter case, deletion will occur after these grounds cease to exist.

General information on the legal basis for data processing on this website

If you have consented to data processing, we shall process your personal data on the legal basis of Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR where special categories of data pursuant to Art. 9(1) GDPR are processed. In the event of explicit consent to the transfer of personal data to third countries, data processing will also be based on Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or to accessing information on your terminal device (e.g. via device fingerprinting), data processing will additionally be based on § 25(1) TTDSG. Your consent can be revoked at any time. If your data is required for the performance of a contract or to take steps prior to entering into a contract, we shall process your data on the legal basis of Art. 6(1)(b) GDPR. Furthermore, we shall process your data if it is necessary for compliance with a legal obligation on the legal basis of Art. 6(1)(c) GDPR. Data processing may also be based on our legitimate interests pursuant to Art. 6(1)(f) GDPR. The specific legal bases applicable in each individual case are explained in the following paragraphs of this privacy policy.

Information regarding the transfer of data to the USA and other third countries

Among other things, we use tools from companies based in the USA or other third countries that are not considered secure from a data protection perspective. When these tools are active, your personal data may be transferred to and processed in these third countries. We would like to point out that no data protection level comparable to that in the EU can be guaranteed in these countries. For example, US companies are obliged to disclose personal data to security authorities without you, as the data subject, being able to take legal action against it. It is therefore not possible to rule out that US authorities (e.g. intelligence agencies) may process, evaluate and permanently store your data located on US servers for surveillance purposes. We have no influence over these processing activities.

Withdrawal of consent to data processing

Many data processing operations are only possible with your explicit consent. You can withdraw consent already given at any time. The lawfulness of data processing conducted up to the point of withdrawal shall remain unaffected by the withdrawal.

Right to object to data processing in special cases and to direct marketing (Art. 21 GDPR)

Where the processing of personal data is based on Article 6(1)(e) or (f) of the GDPR, you have the right to object to the processing of your personal data at any time, on grounds relating to your particular situation; this also applies to profiling based on these provisions. You can find the respective legal basis on which processing is based in this privacy policy. If you object, we will no longer process your affected personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims (objection pursuant to Article 21(1) GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS ASSOCIATED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE PROCESSED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).

Right of complaint to the competent supervisory authority

In the event of infringements of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or the place of the alleged infringement. The right to complain is without prejudice to any other administrative or judicial remedy.

Right to data portability

You have the right to have data that we automatically process on the basis of your consent or in fulfilment of a contract handed over to you or a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done if it is technically feasible.

Information, deletion and correction

Under the applicable legal provisions, you have the right at any time to free information about your stored personal data, their origin and recipients, and the purpose of the data processing, and, if applicable, a right to correction or deletion of this data. You can contact us at any time for this and for further questions on the subject of personal data.

Right to restrict processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time for this purpose. The right to restriction of processing exists in the following cases:

If you dispute the accuracy of your personal data stored with us, we will generally need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data was/is unlawful, you can, instead of requesting its erasure, ask for the restriction of its processing.
If we no longer need your personal data, but you require them for the establishment, exercise or defence of legal claims, you have the right to request restriction of processing of your personal data instead of erasure.
If you have lodged an objection under Article 21(1) of the GDPR, a balancing of your interests and ours must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data may only be processed – apart from its storage – with your consent, or to establish, exercise or defend legal claims, or for the protection of the rights of another natural or legal person, or for reasons of an important public interest of the European Union or of a Member State.

SSL or TLS encryption

This page uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognise an encrypted connection by the browser's address bar changing from „http://“ to „https://“ and by the padlock symbol in your browser bar.

When SSL/TLS encryption is enabled, the data you transmit to us cannot be read by third parties.

Objection to advertising emails

The use of contact details published within the context of the imprint obligation for sending advertising and informational materials that have not been expressly requested is hereby objected to. The operators of the sites expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, for example via spam e-mails.

3. Data collection on this website

Our websites use what are known as „cookies“. Cookies are small data packets and do not cause any damage to your end device. They are stored on your end device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until automatic deletion occurs through your web browser.

Cookies

Third-party cookies may also be stored on your device when you visit our site. These allow us or you to use certain services provided by the third party (e.g. cookies for processing payment services).

Cookies have various functions. Numerous cookies are technically necessary, as certain website functions would not work without them (e.g., the shopping basket function or the display of videos). Other cookies are used to analyse user behaviour or to display advertising.

Cookies that are necessary for the electronic communication process, for providing certain functionalities that you request (e.g., for the shopping cart function), or for optimising the website (e.g., cookies for measuring web traffic) (necessary cookies) are stored on the basis of Art. 6(1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimised provision of its services. If consent has been requested for the storage of cookies and comparable recognition technologies, the processing is carried out exclusively on the basis of this consent (Art. 6(1)(a) GDPR and § 25(1) TTDSG); the consent can be revoked at any time.

You can configure your browser to notify you when cookies are set and to allow cookies only in individual cases, to exclude the acceptance of cookies for specific cases or in general, and to activate the automatic deletion of cookies when closing the browser. The functionality of this website may be restricted if cookies are deactivated.

Where third-party cookies or cookies for analysis purposes are used, we will inform you separately within this privacy policy and, if applicable, ask for your consent.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

Browser type and browser version
Operating system used
Referrer URL
Hostname of the accessing computer
Server request time
IP address

A merging of this data with other data sources will not be carried out.

The collection of this data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically flawless presentation and optimisation of its website – to achieve this, server log files must be collected.

Enquiry via email, telephone or fax

If you contact us via email, telephone, or fax, your enquiry, including any personal data arising from it (name, enquiry), will be stored and processed by us for the purpose of handling your request. We will not pass on this data without your consent.

The processing of this data is carried out on the basis of Art. 6 para. 1 lit. b GDPR, provided that your request relates to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; consent can be withdrawn at any time.

The data you send us via contact requests will remain with us until you request its deletion, withdraw your consent for storage, or the purpose for data storage ceases to apply (e.g., after your request has been processed). Mandatory legal provisions, particularly statutory retention periods, remain unaffected.

4. Hosting

We host the content of our website with IONOS SE, Elgendorfer Str. 57, 56410 Montabaur (hereinafter referred to as IONOS). When you visit our website, IONOS records various log files, including your IP addresses. For details, please refer to the IONOS privacy policy: https://www.ionos.de/terms-gtc/terms-privacy.

The use of IONOS is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the most reliable representation of our website possible. Where consent has been requested, processing is exclusively based on Art. 6(1)(a) GDPR and Section 25(1) TTDSG, insofar as consent includes the storage of cookies or access to information on the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be withdrawn at any time.

Order processing

We have concluded a contract for order processing (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that they only process the personal data of our website visitors according to our instructions and in compliance with the GDPR.

5. Analysis Tools and Advertising

This website uses the analysis services of IONOS WebAnalytics (hereinafter: IONOS). The provider is 1&1 IONOS SE, Elgendorfer Straße 57, D – 56410 Montabaur.

This website also uses the WP Statistics analysis tool to statistically evaluate visitor access. The provider is Veronalabs, ARENCO Tower, 27th Floor, Dubai Media City, Dubai, Dubai 23816, UAE.https://veronalabs.com).

IONOS WebAnalytics

As part of the analyses with IONOS, it is possible to analyse, among other things, visitor numbers and behaviour (e.g. page views, duration of website visits, bounce rates), visitor sources (i.e. which page the visitor came from), visitor locations, as well as technical data (browser and operating system versions).

For this purpose, IONOS stores in particular the following data:

Referrer (previously visited website)
Requested web page or file
Browser type and browser version
Operating system used
Device type used
Time of access
IP address in anonymised form (used only to determine the location of access)

According to IONOS, data collection is fully anonymised, meaning it cannot be traced back to individual persons. IONOS WebAnalytics does not store cookies.

The storage and analysis of data is carried out on the basis of Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in the statistical analysis of user behaviour in order to optimise both its web offering and its advertising. Where corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 (1) lit. a GDPR and Section 25 (1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be withdrawn at any time.

For further information on data collection and processing by IONOS WebAnalytics, please refer to the IONOS privacy policy at the following link:

https://www.ionos.de/terms-gtc/index.php?id=6

Order processing

WP Statistics

With WP Statistics, we can analyse the usage of our website. WP Statistics records log files (IP address, referrer, browser used, user's origin, search engine used) and actions that website visitors have taken on the site (e.g., clicks and views).

The data collected by WP Statistics is stored exclusively on our own server.

The use of this analysis tool is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the anonymised analysis of user behaviour in order to optimise both our web offering and our advertising. If appropriate consent has been requested, processing will be carried out exclusively on the basis of Art. 6(1)(a) GDPR and Section 25(1) TTDSG, insofar as consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

6. Plugins and Tools

The installation uses the adjacent extensions (plugins) to improve the display and increase the security of the website.

Google Fonts (local hosting)

This page uses Google Fonts, provided by Google, for consistent font display. The Google Fonts are installed locally. No connection to Google servers is made.

Further information about Google Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://policies.google.com/privacy?hl=de.

TranslatePress

We use the TranslatePress extension for our website to translate content into English. TranslatePress uses cookies to determine the visitor's current language, their most recently visited language, and the language of logged-in users.

Wordfence

We have integrated Wordfence into this website. The provider is Defiant Inc., Defiant, Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter „Wordfence“).

Wordfence serves to protect our website from unwanted access or malicious cyberattacks. To this end, our website establishes a permanent connection to Wordfence's servers, allowing Wordfence to match its databases with the accesses made on our website and, if necessary, block them.

The use of Wordfence is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the most effective protection of its website against cyberattacks. If appropriate consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

Data transfers to the USA are based on the EU Commission's Standard Contractual Clauses. Details can be found here: https://www.wordfence.com/help/general-data-protection-regulation/.