The following privacy policy serves to inform you about which kinds of your personal data (hereafter also briefly referred to as “data”) are processed for which purposes and to what extent. The privacy policy applies to all instances of processing of your personal data carried out by me, both in the context of providing my services and, in particular, on my website.
Terms used within the policy are not gender-specific.
As of: 27 October 2019
Controller
Juliane Byrenheid
Hohe Straße 70
01187 Dresden, Germany
Email address: info@julianebyrenheid.de
Legal notice: https://julianebyrenheid.de/impressum/
Terms and Definitions
This section provides an overview of the terms used in this privacy policy. Many of the terms are borrowed from law and are defined primarily by article 4 of the GDPR. The legal definitions are binding. The following explanations, however, are mainly intended to aid in understanding the privacy policy. The terms are arranged in alphabetical order
Overview on the Data Processes
The following overview summarises the kinds of data processed as well as the purposes of its processing and refers to the data subjects.
Kinds of Data Processed
Categories of Data Subjects
Purposes of Processing
Security measures
SSL encryption (https): To protect the data you transmitted via my online offer, I use SSL encryption. You can identify such encrypted connections by the prefix “https://” in the address field of your browser.
Providing the Online Offer and Web Hosting
In order to provide my online offer securely and efficiently, I use the services of WebhostOne GmbH, from whose servers (or from servers managed by them) the online offer can be accessed. For these purposes I may utilize infrastructure and platform services, computing capacity, storage space, and database services as well as security and technical maintenance services.
The data processed within the scope of the hosting offer may include all data relating to the users of my online offer that is generated in the course of use and communication. This usually includes the IP address, which is necessary to deliver the contents of online offers to browsers.
Email Delivery and Hosting: The web hosting services utilized also include the transmission, reception, and storage of emails. For these purposes, the email addresses of recipients and senders as well as other information regarding the sending of emails (e.g. the providers involved) and the contents of the respective emails are processed. The aforementioned data may also be processed for the purpose of spam detection. Please note that emails sent over the internet are generally not encrypted. As a general rule, emails are encrypted during transit, but (unless a so-called end-to-end encryption method is used) not on the servers that send or receive them. Therefore, no responsibility can be assumed for the email’s transit route between the sender and the reception on our server.
Collection of Access Data and Log Files: I (or our web-hosting provider) will collect data on every server access (so-called server-log files). Server-log files may include the address and name of the web pages and files accessed, date and time of access, transferred data volumes, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), and usually IP addresses and the requesting provider.
The server-log files may be used for security purposes, e.g. to avoid server overload (especially in the case of abusive attacks, so-called DDoS attacks) as well as to ensure the utilization of the servers and their stability.
Plugins and Embedded Functions and Contents
Into my online offer I integrate functional and content elements that are retrieved from the servers of their respective providers (hereafter referred to as “third-party providers”). These may for instance be images, videos, or social-media interfaces and contributions (hereafter uniformly referred to as “content”).
The implementation always requires that the third-party providers of this content process the users’ IP address, as without the IP address the content could not be sent to their browsers. The IP address is thus required to display these contents or functions. I make every effort to utilize only such content, whose respective providers use the IP address solely for the purpose of delivering the content. Moreover, third-party providers may use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. By means of these “pixel tags”, information such as visitor traffic on the pages of this website can be analysed. The pseudonymous information may also be stored in cookies on the user’s device and may contain technical information about the browser and operating system, referring web pages, access time, and other details about the use of our online offer and may also be connected to such information from other sources.
Notes on legal bases: If I ask users for their consent for the use of third-party providers, the legal basis for the processing of data is their consent. In all other cases, the users’ data will be processed on the basis of my legitimate interests (i.e. interest in efficient, economic and user-friendly services). To this end, I would also like to draw your attention to the information on the use of cookies in this privacy policy.
Implemented Services and Service Providers:
Deletion of Data
The data processed by me will be deleted in accordance with the legal requirements as soon as the consent granted for processing is revoked or other permissions cease to apply (e.g. if the purpose for processing this data ceases to apply or if it is not necessary for the purpose).
If the data is not deleted, because it is required for other and legally permissible purposes, its processing is limited to these particular purposes. This means that the data is locked and will not be processed for other purposes. This applies, for instance, to data that must be retained for reasons of commercial or tax law, or whose preservation is necessary for the assertion, exercise, or defence of legal claims or for the protection of the rights of another natural or legal person.
Further information on the deletion of personal data may also be given in the individual data protection notes of this privacy policy.
Rights of the Data Subjects
As data subjects, you are entitled to various rights under the GDPR, which in particular arise from articles 15 through 18 and 21 GDPR:
Relevant Legal Bases
Hereafter, I will inform you about the legal basis of the General Data Protection Regulation (GDPR), on the basis of which I process personal data. Please note that in addition to the regulations of the GDPR, national data protection regulations may apply in your or our country of residence and seat.
National Data Protection Regulations in Germany: In addition to the data protection regulations of the General Data Protection Regulation, national regulations on data protection apply in Germany. This in particular includes the law on protection against the misuse of personal data in data processing (Bundesdatenschutzgesetz—BDSG). The BDSG specifically contains special regulations on the right of information, the right of deletion, the right of appeal, the processing of special categories of personal data, processing for other purposes, and transmission as well as automated decision making in individual cases, including profiling. Furthermore, it regulates the processing of data for purposes of the employment relationship (§ 26 BDSG), with particular regard to the establishment, implementation, or termination of employment relationships as well as the consent of employees. Moreover, federal state data protection laws of the individual federal states may apply.