top of page

DATA PROTECTION

introduction

We ("we", "us", "our") are committed to protecting the privacy of users ("User" or "you") of our website and/or mobile app (the "Website" or " Mobile App”) very seriously and we are committed to protecting the information that users provide to us in connection with the use of our Website and/or our Mobile App (collectively: “Digital Assets”). Furthermore, we are committed to protecting and using your information in accordance with applicable law.

This Privacy Policy explains our practices regarding the collection, use, and disclosure of your information through the use of our digital assets (the "Services") when you access the Services through your devices.

Please read the Privacy Policy carefully and ensure you fully understand our practices regarding your information before using our Services. If you have read and fully understood this policy and do not agree with our practices, you must stop using our digital assets and services. By using our services, you accept the terms of this privacy policy. Continued use of the Services constitutes your acceptance of this Privacy Policy and any changes thereto.

In this privacy policy you will learn:

  • How we collect data

  • What data we collect

  • Why we collect this data

  • Who we share the data with

  • Where the data is stored

  • How long the data is retained

  • How we protect the data

  • How we deal with minors

  • Updates or changes to the Privacy Policy

 

What data do we collect?

Category: Always

Below is an overview of the data we may collect:

 

  • Unidentified and non-identifiable information that you provide during the registration process or that is collected through the use of our Services ("Non-Personally Identifiable Information"). Non-personal data do not allow any conclusions as to who collected them. Non-Personally Identifiable Information that we collect consists primarily of technical and aggregate usage information.

  • Individually identifiable information, meaning anything from which you can be identified or could be identified with reasonable effort (“Personal Information”). The Personal Information we collect through our Services may include information requested from time to time, such as names, email addresses, addresses, phone numbers, IP addresses and more. If we combine personal information with non-personal information, we treat it as personal information for as long as it is combined.

 

How do we collect data?

Category: Always

Below are the main methods we use to collect data:

 

  • We collect data when you use our services. Therefore, when you visit our digital assets and use the Services, we may collect, record and store usage, sessions and related information.

  • We collect data that you provide to us yourself, for example if you contact us directly via a communication channel (e.g. an e-mail with a comment or feedback).

  • We may collect information from third party sources as described below.

  • We collect information that you provide to us when you log into our Services through a third party such as Facebook or Google.

 

Why do we collect this data?

Category: Always

We may use your data for the following purposes:

 

  • to provide and operate our Services;

  • to develop, customize and improve our Services;

  • to respond to your feedback, requests and requests and to offer assistance;

  • to analyze request and usage patterns;

  • for other internal, statistical and research purposes;

  • to improve our data security and fraud prevention capabilities;

  • to investigate violations and enforce our terms and policies and to comply with applicable law, regulation or governmental request;

  • to provide you with updates, news, promotional materials and other information related to our Services. In the case of promotional e-mails, you can decide for yourself whether you wish to continue to receive them. If not, just click the unsubscribe link in those emails.

 

Who do we share this data with?

Category: Always

We may share your data with our service providers in order to operate our services (e.g. storing data via third-party hosting services, providing technical support, etc.).

 

We may also disclose your information in the following circumstances: (i) to investigate, detect, prevent, or address unlawful activity or other wrongdoing; (ii) to establish or exercise our rights of defense; (iii) to protect our rights, property, or personal safety, or the safety of our users or the public; (iv) in the event of a change of control of us or any of our affiliated companies (by way of a merger, acquisition or purchase of (substantially) all assets, etc.); (v) to collect, hold and/or manage your data using authorized third party service providers (e.g. cloud service providers) as appropriate for business purposes; (vi) to work collaboratively with third parties to improve your user experience. To avoid misunderstandings, we would like to point out that we can transfer or pass on non-personal data to third parties or use them in any other way at our own discretion.

Category: User has a blog or forum

Please note that our Services enable social interactions (e.g. posting content, information and comments publicly and chatting with other users). We remind you that any content or data that you make available in these areas can be read, collected and used by other people. We do not recommend posting or sharing information that you do not want to make public. If you upload content to our digital assets or otherwise make it available as part of using any service, you do so at your own risk. We cannot control the actions of other users or members of the public with access to your data or content. You acknowledge and hereby acknowledge that copies of your data may remain accessible even after deletion on cached and archived pages or after a third party has made a copy/storage of your content.

Cookies and Similar Technologies

When you visit or access our Services, we authorize third parties to use web beacons, cookies, pixel tags, scripts, and other technologies and analytics services ("Tracking Technologies"). These Tracking Technologies may allow third parties to collect your information automatically in order to improve the browsing experience on our digital assets, to optimize their performance and to ensure a customized user experience, as well as for security and fraud prevention purposes.

 

To learn more about this, please read our cookie policy.

Category: The user is NOT affiliated with an advertising service

We will not share your email address or other personally identifiable information with any advertising company or advertising network without your consent.

Category: The user is connected to an advertising service, a campaign manager or to Facebook Ads

We may provide advertising, which may also be tailored to you, through our Services and our digital assets (including websites and applications that use our Services), such as: B. Ads based on your recent browsing behavior on websites, devices or browsers.

 

In order to serve these advertisements to you, we may use cookies and/or JavaScript and/or web beacons (including clear GIFs) and/or HTML5 local storage and/or other technologies. We may also use third parties such as B. Network advertisers (ie third parties who serve ads based on your website visits) to serve targeted ads. Third-party ad network providers, advertisers, sponsors and/or website traffic measurement services may also use cookies and/or JavaScript and/or web beacons (including clear GIFs) and/or Flash cookies and/or other technologies to improve effectiveness measure your ads and customize ad content for you. These third party cookies and other technologies are governed by the specific privacy policy of the third party and not this one.

 

Where do we store the data?

Category: Always

Non-Personally Identifiable Information

 

Please note that our companies and our trusted partners and service providers are located around the world. For the purposes explained in this Privacy Policy, we store and process all non-personal data that we collect in different jurisdictions.

Category: User collects personal data

Personal Data

Personal information may be maintained, processed and stored in the United States, Ireland, South Korea, Taiwan, Israel and other jurisdictions to the extent required for the proper provision of our Services and/or by law (as further explained below).

 

How long is the data retained?

Category: Always

Please note that we retain the information we collect for as long as is necessary to provide our services, comply with our legal and contractual obligations to you, resolve disputes, and enforce our agreements.

We can correct, supplement or delete incorrect or incomplete data at any time at our own discretion.

How do we protect the data?

Category: Always

The hosting service for our digital assets provides us with the online platform through which we can offer our services to you. Your data may be stored through our hosting provider's data storage, databases and general applications. It stores your data on secure servers behind a firewall, and it offers secure HTTPS access to most areas of its services.

Category: User accepts payments/eCom

All payment options offered by us and our hosting provider for our digital assets comply with the regulations of the PCI-DSS (data security standard of the credit card industry) of the PCI Security Standards Council (council for security standards of the credit card industry). This is a collaboration between brands such as Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card data (including physical, electronic, and procedural controls) by our store and service providers.

Category: Always

Notwithstanding the measures and efforts taken by us and our hosting provider, we cannot and do not guarantee the absolute privacy or security of any information you upload, post or otherwise disclose to us or others.

For this reason, we would like to ask you to set strong passwords and, if possible, not to transmit to us or others confidential information, the disclosure of which you believe could cause serious or lasting harm to you. In addition, since email and instant messaging are not considered secure forms of communication, we ask that you do not share any confidential information through any of these communication channels.

 

How do we deal with minors?

Category: User does NOT collect data from minors

The Services are not intended for users who have not yet reached the legal age of majority. We will not knowingly collect information from children. If you are under the age of majority, you should not download or use the Services or provide any information to us.

 

We reserve the right to request proof of age at any time so that we can verify that minors are using our Services. In the event that we become aware that a minor is using our Services, we may block or block access to our Services for such users and we may delete any information we hold about that user. If you have reason to believe that a minor has provided us with information, please contact us as set out below.

Category: User collects data from minors

Children can use our services. However, if you want access to certain features, you may be required to provide certain information. Collection of some information (including information collected via cookies, web beacons and other similar technologies) may be automatic. If we knowingly collect, use or disclose any information collected from a child, we will provide notice and obtain parental consent in accordance with applicable law. We do not condition a child's participation in an online activity to the child providing more contact information than is reasonably necessary to participate in that activity. We only use the information we collect in connection with the services that the child has requested.

 

We may also use a parent's contact information to communicate about the child's activities on the Services. Parents can see information we have collected from their child, prohibit us from collecting any more information about their child, and request that all information we have collected be deleted from our records.

 

Please contact us to view, update or delete your child's information. To protect your child, we may ask you to provide proof of your identity. We can deny you access to the data if we believe that your identity is in question. Please note that certain data cannot be deleted due to other legal obligations.

Category: Always

We will only use your personal information for the purposes set out in the Privacy Policy and only when we are satisfied that:

 

  • the use of your personal information is necessary to perform or enter into a contract (e.g. to provide you with the Services themselves or to provide customer or technical support);

  • the use of your personal data is necessary to comply with a relevant legal or regulatory obligation, or

  • the use of your personal information is necessary to support our legitimate business interests (provided that we do so at all times in a way that is proportionate and respects your privacy rights).

As an EU resident you can:

 

  • request confirmation as to whether or not personal data concerning you is being processed and request access to your stored personal data and certain additional information;

  • request to receive personal data that you have provided to us in a structured, commonly used and machine-readable format;

  • request rectification of your personal data held by us;

  • request the erasure of your personal data;

  • object to our processing of your personal data;

  • request the restriction of the processing of your personal data, or

  • lodge a complaint with a supervisory authority.

However, please note that these rights are not absolute and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal information we collect and how we use it, please contact us as provided below.

In the course of providing the Services, we may transfer information across borders to affiliates or other third parties and from your country/jurisdiction to other countries/jurisdictions around the world. By using the Services, you consent to the transfer of your information outside of the EEA.

 

If you are a resident of the EEA, your personal data will only be transferred to locations outside the EEA where we are satisfied that an adequate or comparable level of protection of personal data is in place. We will take appropriate steps to ensure that we have appropriate contractual arrangements in place with our third parties to ensure that appropriate safeguards are in place to minimize the risk of unlawful use, alteration, destruction, loss or theft of your personal information and that such third parties will act in accordance with applicable laws at all times.

California Consumer Protection Law Rights

 

If you are using the Services as a California resident, you may have rights under the California Consumer Privacy Act ("CCPA") to request access to and deletion of your information.

 

To exercise your right to access and delete your data, please see below how to contact us.

Category: The website does not sell any data of its users

We do not sell users' personally identifiable information for the intent and purposes of the CCPA.

Category: Websites with a blog or forum

Users of the Services who are California residents and under the age of 18 may request and obtain removal of their posted content by emailing the address provided in the "Contact Us" section below. These requests must all be labeled "California Removal Request." All requests must include a description of the content you wish to remove and information sufficient to enable us to locate the material. We will not accept communications that are unidentified or improperly submitted, and we may not be able to respond if you do not provide sufficient information. Please note that your request does not ensure that the material will be completely or comprehensively deleted. For example, material you post may be republished or reposted by other users or third parties.

 

Updates or changes to the Privacy Policy

Category: Always

We may, in our sole discretion, revise this Privacy Policy from time to time, the version posted on the Website will always be current (see “As of Date” statement). We encourage you to periodically review this Privacy Policy for changes. If there are any significant changes, we will post a notice on our website. Your continued use of the Services after notification of changes has been posted to our website constitutes your acknowledgment and acceptance of the changes to the Privacy Policy and your agreement to be bound by the terms of those changes.

 

Use of cookies

Cookies are small text files or other memory notes that store information on end devices and read information from the end devices. For example, to save the login status in a user account, the content of a shopping cart in an e-shop, the content accessed or the functions used in an online offer. Cookies can also be used for various purposes, e.g. for purposes of functionality, security and comfort of online offers as well as the creation of analyzes of visitor flows.

Notes on consent: We use cookies in accordance with legal regulations. Therefore, we obtain prior consent from users, except where not required by law. In particular, consent is not necessary if the storage and reading of the information, including cookies, is absolutely necessary in order to provide the users with a telemedia service (i.e. our online offer) that they have expressly requested. The revocable consent is clearly communicated to the users and contains the information on the respective cookie use.

Notes on the legal basis for data protection: The legal basis under data protection law on which we process the personal data of users with the help of cookies depends on whether we ask users for their consent. If the users consent, the legal basis for the processing of your data is the declared consent. Otherwise, the data processed with the help of cookies will be processed on the basis of our legitimate interests (e.g. in the commercial operation of our online offer and improving its usability) or, if this is done in the context of fulfilling our contractual obligations, if the use of cookies is necessary to enable our to fulfill contractual obligations. We will explain the purposes for which we process cookies in the course of this data protection declaration or as part of our consent and processing processes.

Storage period: With regard to the storage period, the following types of cookies are distinguished:

  • Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed his end device (e.g. browser or mobile application).

  • Permanent cookies: Permanent cookies remain stored even after the end device is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, the user data collected with the help of cookies can be used to measure reach. Unless we provide users with explicit information on the type and storage period of cookies (e.g. when obtaining consent), users should assume that cookies are permanent and the storage period can be up to two years.

General information on revocation and objection (opt-out): Users can revoke the consent they have given at any time and also object to the processing in accordance with the legal requirements in Art. 21 DSGVO. Users can also declare their objection via their browser settings, e.g. by deactivating the use of cookies (which can also limit the functionality of our online services). An objection to the use of cookies for online marketing purposes can also be declared via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/ .

Further information on processing processes, procedures and services:

  • Processing of cookie data on the basis of consent: We use a cookie consent management procedure, in the context of which the user consents to the use of cookies or the processing mentioned in the context of the cookie consent management procedure and providers can be obtained and managed and revoked by the users. The declaration of consent is stored here so that the query does not have to be repeated and to be able to prove the consent in accordance with the legal obligation. The storage can take place on the server side and/or in a cookie (so-called opt-in cookie, or with the help of comparable technologies) in order to be able to assign the consent to a user or his device. Subject to individual information about the providers of cookie management services, the following information applies: The duration of the storage of the consent can be up to two years. A pseudonymous user identifier is created and stored with the time of the consent, information on the scope of the consent (e.g. which categories of cookies and/or service providers) and the browser, system and end device used.

Contact

Category: Always

If you have general questions about the Services or the information we collect about you and how we use it, please contact us at:

 

Name: Tessa Frehse Graphic Design - Photography

Address: Von-Bodelschwingh Strasse 4,  37671 Höxter

Email address: tf@tessafrehse.de

 

bottom of page