Legal
Privacy Policy
We process personal data sparingly and transparently under the General Data Protection Regulation (GDPR).
The legally binding version is the German one.
1. Controller
The controller within the meaning of the GDPR is:
Hüseyin Kurtoglu Wolfsohn (Einzelunternehmen)
Alte Schulgasse 9, 64850 Schaafheim, Germany
Email: [email protected]
2. Principle
This website is designed for data minimisation. We use no tracking cookies, no marketing pixels and no third-party profiling services. Personal data is processed only where necessary to operate the website or to respond to your enquiry.
3. Server log files
When you access the website, our hosting provider processes technically necessary access data (e.g. IP address, date and time, page requested, user agent) to ensure delivery and security of the website.
Lawful basis: Art. 6 (1) (f) GDPR (legitimate interest in secure, error-free operation).
4. Contact form
If you write to us via the contact form, your details (e.g. name, email address and message) are transmitted to us solely by email via the mailbox of our hosting provider Hostinger (processing within the EU) so that we can respond to your enquiry. This data is not stored in a database of this website. Via our project form ('Start your project') you may additionally submit details such as a phone number, company name and optional file attachments you upload; these are likewise sent to us solely by email via this mailbox and are not stored in a database of this website.
Lawful basis: Art. 6 (1) (b) and (f) GDPR (handling your enquiry / legitimate interest in communication).
5. Audience measurement (cookieless)
Where we measure usage of the website, this is done cookielessly and without cross-device tracking. No tracking cookies are set and no personal profiles are created.
6. No third-party marketing pixels
We embed no third-party marketing or advertising pixels (e.g. from social networks or ad networks).
7. Recipients / processors
To operate this website we use carefully selected service providers as processors (Art. 28 GDPR):
- Hosting: Hostinger (Hostinger International Ltd, Lithuania/EU) – serving the website; processing takes place in data centres within the EU.
- Content delivery network, DNS and protection/proxy: Cloudflare, Inc. (USA) – secure and fast delivery of the website; in doing so it processes technical access data (incl. IP address).
- Email delivery of form submissions: Hostinger (Hostinger International Ltd, Lithuania/EU) – delivering your contact and project enquiries to our mailbox; processing takes place within the EU.
Data-processing agreements pursuant to Art. 28 GDPR are in place with these providers.
8. Transfers to third countries
One of the above providers (Cloudflare, Inc.) is based in the USA or may process data there. Where personal data is transferred to a third country outside the EU/EEA, this is done on the basis of appropriate safeguards under Art. 44 et seq. GDPR – in particular the EU Commission's Standard Contractual Clauses (Art. 46 (2) (c) GDPR) and, where the providers are certified, the EU-US Data Privacy Framework. As a European company we process your data primarily within the EU; any transfer beyond that occurs only to the extent described above.
9. Retention period
We store personal data only for as long as is necessary for the respective purpose or as required by statutory retention obligations. Server log files are kept for a short period for security reasons and then deleted. Details from contact and project enquiries are deleted once your enquiry has been conclusively handled and no statutory retention obligations apply.
10. Your rights
Under the GDPR you have the following rights vis-à-vis the controller:
- Access (Art. 15 GDPR)
- Rectification (Art. 16 GDPR)
- Erasure (Art. 17 GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Objection (Art. 21 GDPR)
You also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).