Data protection
1. Data protection at a glance
General notes
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. Detailed information on data protection can be found in my privacy policy listed below this text.
Data collection on this website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the “Note on the responsible body” section of this privacy policy.
How do I collect your data?
On the one hand, your data is collected when you provide it to me. This can include data that you enter into a contact form, for example.
Other data is collected automatically or with your consent when you visit the website by my IT systems. In particular, this includes technical data (e.g. Internet browser, operating system or time of page access). This data is collected automatically as soon as you enter this website.
What do I use your data for?
Some of the data is collected to ensure error-free provision of the website. Other data can be used to analyze your user behavior.
What rights do they have with regard to their data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request that this data be corrected or deleted. If you have given your consent to data processing, you can revoke this consent at any time for the future. They also have the right to request the restriction of the processing of their personal data under certain circumstances. They also have the right to lodge a complaint with the competent supervisory authority.
You can contact me at any time about this and if you have any further questions about data protection.
2. Hosting
I host the content of my website with the following provider:
Webflow
Anbieter ist die Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (nachfolgend Webflow). Wenn Sie unsere Website besuchen, erfasst Webflow verschiedene Logfiles inklusive Ihrer IP-Adressen.
Webflow ist ein Tool zum Erstellen und zum Hosten von Websites. Webflow speichert Cookies oder sonstige Wiedererkennungstechnologien, die für die Darstellung der Seite, zur Bereitstellung bestimmter Webseitenfunktionen und zur Gewährleistung der Sicherheit erforderlich sind (notwendige Cookies).
Details entnehmen Sie der Datenschutzerklärung von Webflow: https://webflow.com/legal/eu-privacy-policy.
Die Verwendung von Webflow erfolgt auf Grundlage von Art. 6 Abs. 1 lit. f DSGVO. Wir haben ein berechtigtes Interesse an einer möglichst zuverlässigen Darstellung unserer Website. Sofern eine entsprechende Einwilligung abgefragt wurde, erfolgt die Verarbeitung ausschließlich auf Grundlage von Art. 6 Abs. 1 lit. a DSGVO und § 25 Abs. 1 TTDSG, soweit die Einwilligung die Speicherung von Cookies oder den Zugriff auf Informationen im Endgerät des Nutzers (z. B. Device-Fingerprinting) im Sinne des TTDSG umfasst. Die Einwilligung ist jederzeit widerrufbar.
Die Datenübertragung in die USA wird auf die Standardvertragsklauseln der EU-Kommission gestützt. Details finden Sie hier: https://webflow.com/legal/eu-privacy-policy.
Das Unternehmen verfügt über eine Zertifizierung nach dem „EU-US Data Privacy Framework“ (DPF). Der DPF ist ein Übereinkommen zwischen der Europäischen Union und den USA, der die Einhaltung europäischer Datenschutzstandards bei Datenverarbeitungen in den USA gewährleisten soll. Jedes nach dem DPF zertifizierte Unternehmen verpflichtet sich, diese Datenschutzstandards einzuhalten. Weitere Informationen hierzu erhalten Sie vom Anbieter unter folgendem Link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000TT9jAAG&status=Active
Auftragsverarbeitung
Wir haben einen Vertrag über Auftragsverarbeitung (AVV) zur Nutzung des oben genannten Dienstes geschlossen. Hierbei handelt es sich um einen datenschutzrechtlich vorgeschriebenen Vertrag, der gewährleistet, dass dieser die personenbezogenen Daten unserer Websitebesucher nur nach unseren Weisungen und unter Einhaltung der DSGVO verarbeitet.
Amazon CloudFront CDN
Wir nutzen das Content Delivery Network Amazon CloudFront CDN. Anbieter ist die Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, L-1855, Luxemburg (nachfolgend „Amazon“).
Bei Amazon CloudFront CDN handelt es sich um ein weltweit verteiltes Content Delivery Network. Dabei wird technisch der Informationstransfer zwischen Ihrem Browser und unserer Website über das Content Delivery Network geleitet. Hierdurch können wir die weltweite Erreichbarkeit und die Leistungsfähigkeit unserer Website erhöhen.
Der Einsatz von Amazon CloudFront CDN beruht auf unserem berechtigten Interesse an einer möglichst fehlerfreien und sicheren Bereitstellung unseres Webangebotes (Art. 6 Abs. 1 lit. f DSGVO).
Die Datenübertragung in die USA wird auf die Standardvertragsklauseln der EU-Kommission gestützt. Details finden Sie hier: https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/.
Weitere Informationen zu Amazon CloudFront CDN finden Sie hier: https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice__German_Translation.pdf.
Das Unternehmen verfügt über eine Zertifizierung nach dem „EU-US Data Privacy Framework“ (DPF). Der DPF ist ein Übereinkommen zwischen der Europäischen Union und den USA, der die Einhaltung europäischer Datenschutzstandards bei Datenverarbeitungen in den USA gewährleisten soll. Jedes nach dem DPF zertifizierte Unternehmen verpflichtet sich, diese Datenschutzstandards einzuhalten. Weitere Informationen hierzu erhalten Sie vom Anbieter unter folgendem Link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000TOWQAA4&status=Active
Auftragsverarbeitung
Wir haben einen Vertrag über Auftragsverarbeitung (AVV) zur Nutzung des oben genannten Dienstes geschlossen. Hierbei handelt es sich um einen datenschutzrechtlich vorgeschriebenen Vertrag, der gewährleistet, dass dieser die personenbezogenen Daten unserer Websitebesucher nur nach unseren Weisungen und unter Einhaltung der DSGVO verarbeitet.
3. General information and mandatory information
Data protection
As the operator of these pages, I take the protection of your personal data very seriously. I treat your personal data confidentially and in accordance with the legal data protection regulations and this privacy policy.
When you use this website, various personal data is collected. Personal data is data that can be used to personally identify you. This privacy policy explains what data I collect and what I use it for. It also explains how and for what purpose this is done.
I take your digital security seriously and keep data collection to a minimum.
To evaluate my website, I use the tool from Digistats. In contrast to other analysis tools, digistats DOES NOT use cookies. The tool counts page views and unique visits without tracking the IP address. The digistats server is located in Switzerland and the processes are DSGVO, GDPR, CCPRA and PECR compliant. I evaluate from which country, which city, which device and with which software they access. I also measure whether they were accessed via an advertising campaign, a search engine or via social networks. However, no personal data is stored for this purpose. Neither I nor digistats sell the collected data to third parties. I use the data to improve my services and to improve your browsing experience.
I would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) may have security gaps. It is not possible to completely protect data from access by third parties.
Note on the responsible body
The body responsible for data processing on this website is:
Jan Ammenwerth
Heligolandring 65
45149 Essen
+49 177 8520210
info@janammenwerth.com
The responsible body is the natural or legal person who alone or together with others decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).
Storage period
Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with me until the purpose for data processing no longer applies. If you make a legitimate request for deletion or withdraw your consent to data processing, your data will be deleted unless I have any other legally permissible reasons for storing your personal data (e.g. tax or commercial retention periods); in the latter case, the deletion will take place after these reasons no longer apply.
General information on the legal basis for data processing on this website
If you have consented to data processing, I will process your personal data on the basis of Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO, insofar as special categories of data are processed in accordance with Art. 9 para. 1 GDPR. In the event of express consent to the transfer of personal data to third countries, data processing is also carried out on the basis of Article 49 (1) (a) GDPR. If you have consented to the storage of cookies or access to information on your device (e.g. via device fingerprinting), data processing is also carried out on the basis of Section 25 Paragraph 1 TTDSG. The consent can be withdrawn at any time. If your data is required to fulfill the contract or to carry out pre-contractual measures, I process your data on the basis of Art. 6 para. 1 lit. b DSGVO. I also process your data insofar as it is necessary to fulfill a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR. Data processing may also be carried out on the basis of my legitimate interest in accordance with Art. 6 para. 1 lit. f DSGVO. The following paragraphs of this privacy policy provide information on the relevant legal bases in each individual case.
Withdrawal of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke any consent you have already given at any time. The legality of the data processing carried out up to the time of revocation remains unaffected by the revocation.
Right to object to data collection in special cases and to direct marketing (Art. 21 GDPR)
IF DATA PROCESSING IS BASED ON ART. 6 PARA. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU FILE AN OBJECTION, I WILL NO LONGER PROCESS YOUR PERSONAL DATA, UNLESS I CAN PROVE COMPELLING LEGITIMATE REASONS FOR PROCESSING WHICH OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS (OBJECTION UNDER ARTICLE 21 (1) GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS ASSOCIATED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL THEN NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION UNDER ARTICLE 21 (2) GDPR).
Right to lodge a complaint with the competent supervisory authority
In the event of violations of the GDPR, the person concerned has the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work or the place of the alleged infringement. The right of appeal is without prejudice to other administrative or judicial remedies.
Right to data portability
You have the right to have data that we process automatically based on your consent or in fulfilment of a contract handed over to you or to a third party in a standard, machine-readable format. If you request the direct transfer of data to another person responsible, this will only be done if it is technically feasible.
Information, deletion and correction
Within the framework of the applicable legal provisions, you have the right to obtain free information about your stored personal data, its origin and recipient and the purpose of data processing and, if applicable, the right to correct or delete this data at any time. You can contact me at any time about this and if you have any further questions about personal data.
Right to restrict processing
You have the right to request that the processing of your personal data be restricted. You can contact me about this at any time. The right to restrict processing exists in the following cases:
- If you dispute the accuracy of your personal data stored with me, I usually need time to verify this. For the duration of the examination, they have the right to request the restriction of the processing of their personal data.
- If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of deletion.
- If I no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
- If you have filed an objection under Article 21 (1) GDPR, a balance must be made between your interests and mine. As long as it is not yet clear whose interests prevail, they have the right to demand that the processing of their personal data be restricted.
If you have restricted the processing of your personal data, this data — apart from storage — may only be processed with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to me as the site operator. You can recognize an encrypted connection by the fact that the browser's address line changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you send to me cannot be read by third parties.
4. Data collection on this website
Cookies
My website uses so-called “cookies.” Cookies are small data packets and do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or until they are automatically deleted by your web browser.
Cookies can come from me (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies to process payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies can be used to evaluate user behavior or for advertising purposes.
Cookies that are necessary to carry out the electronic communication process, to provide certain functions they require (e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f DSGVO, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG); the consent can be withdrawn at any time.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies in certain cases or in general, and activate the automatic deletion of cookies when you close the browser. If cookies are deactivated, the functionality of this website may be limited.
You can find out which cookies and services are used on this website in this privacy policy.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to me. These are:
- Browser type and version
- operating system used
- Referrer URL
- Host name of the accessing computer
- Time of server request
- IP address
This data is not combined with other data sources.
This data is collected on the basis of Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website — for this purpose, the server log files must be collected.
Request by e-mail, telephone or fax
If you contact me by e-mail or telephone, your request, including all resulting personal data (name, request), will be stored and processed by me for the purpose of processing your request. I will not share this data without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR, insofar as your request is related to the fulfilment of a contract or is necessary to carry out pre-contractual measures. In all other cases, processing is based on my legitimate interest in the effective processing of inquiries addressed to me (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a DSGVO) if this has been requested; the consent can be withdrawn at any time.
The data you send to me via a contact request will remain with me until you request me to delete it, withdraw your consent to storage or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions — in particular statutory retention periods — remain unaffected.