Data protection information according to Art. 13 GDPR
Name and address of the person responsible
The responsible body within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:
Katharina Mauer
Gerichtstraße 12a
61462 Königstein
Telefon: +49 163 514 8335
E-Mail: mail@katharinamauer.com
General information on data processing
Legal basis for the processing of personal data
In accordance with Art. 13 GDPR, I hereby inform you of the legal basis for our data processing. If the legal basis is not precisely stated in the data protection notice, the following applies: The legal basis for obtaining consent is Art. 6 (1) (a) in conjunction with Art. 7 GDPR. The legal basis for processing to fulfill my services and implement contractual measures as well as to answer inquiries is Art. 6 (1) (b) GDPR. The legal basis for processing to fulfill my legal obligations is Art. 6 (1) (c) GDPR. If the processing of your data is necessary to protect a legitimate interest of my company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 (1) (f) GDPR serves as the legal basis for processing. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) (d) GDPR serves as the legal basis.
Data deletion and storage period
I adhere to the principles of data minimization pursuant to Art. 5 (1) (c) GDPR and storage limitation pursuant to Art. 5 (1) (e) GDPR. I store your personal data only for as long as necessary to achieve the purposes stated here or as required by the retention periods stipulated by law. Once the respective purpose no longer applies or after these retention periods have expired, the corresponding data will be deleted as quickly as possible.
External links
This website may contain links to third-party websites or to other websites under our control. If you follow a link to one of the websites outside of my control, please note that these websites have their own privacy policies. I assume no responsibility or liability for these third-party websites and their privacy policies. Therefore, please check whether you agree to the privacy policies posted there before using these websites.
You can recognize external links either by their color contrasting with the rest of the text or by their underlined appearance. Your cursor will show you external links when you hover over such a link. Only when you click on an external link will your personal data be transferred to the link's destination. The operator of the other website receives, in particular, your IP address, the time you clicked the link, the page on which you clicked the link, and other information that you can find in the privacy policy of the respective provider.
Please also note that individual links may lead to data transfer outside the European Economic Area. This could give foreign authorities access to your data. You may not have any legal recourse against this data access. If you do not want your personal data to be transferred to the link destination or even be exposed to unwanted access by foreign authorities, please do not click on any links.
Rights of the person concerned
As a data subject within the meaning of the GDPR, you have the opportunity to assert various rights. The data subject rights arising from the GDPR are the right to information (Article 15), the right to rectification (Article 16), the right to erasure (Article 17), the right to restriction of processing (Article 18), the right to object (Article 21), the right to lodge a complaint with a supervisory authority, and the right to data portability (Article 20).
Right of withdrawal:
Some data processing can only take place with your express consent. You have the right to revoke your consent at any time. However, this does not affect the legality of the data processing until the revocation.Right to object:
If the processing is based on Art. 6 (1) (e) or (f) GDPR, you as the data subject may object to the processing of personal data concerning you at any time for reasons arising from your particular situation. You also have this right to object to the processing of personal data concerning you based on these provisions within the meaning of Art. 4 (4) GDPR. Unless I can demonstrate a legitimate interest in the processing that outweighs your interests, rights, and freedoms, or if the processing serves to assert, exercise, or defend legal claims, I will refrain from processing your data after you have objected.
If the processing of personal data is for direct marketing purposes, you also have the right to object at any time. The same applies to profiling related to direct marketing. Here, too, I will no longer process personal data once you object.
Right to lodge a complaint with a supervisory authority:
If you consider that the processing of personal data concerning you infringes the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, without prejudice to any other administrative or judicial remedy.
Right to data portability:
If your data is processed automatically based on your consent or to fulfill a contract, you have the right to receive this data in a structured, common, and machine-readable format. You also have the right to request that the data be transferred and made available to another controller, provided this is technically feasible.
Right to information, correction and deletion:
You have the right to receive information about your personal data processed, including the purpose of the data processing, the categories, the recipients, and the storage period. If you have any questions about this or other topics related to personal data, you can of course contact us using the contact details provided in the legal notice.
Right to restriction of processing:
You can request the restriction of processing of your personal data at any time. To do so, you must meet one of the following conditions:
You dispute the accuracy of the personal data. You have the right to request restriction of processing while the accuracy is being verified.
If processing is unlawful, you can request restriction of the use of the data as an alternative to deletion.
If I no longer need your personal data for the purposes of processing, but you require the data to assert, exercise or defend legal claims, you can request restriction of processing as an alternative to deletion.
If you object to processing pursuant to Art. 21 (1) GDPR, your interests will be weighed against mine. Until this balancing is carried out, you have the right to request restriction of processing.
Restriction of processing means that, apart from storage, personal data may only be processed with your consent or for the establishment, exercise or defense of legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
Webhoster
My website is hosted by:
Squarespace Ireland Limited
Squarespace House, Ship Street Great, Dublin 8, D08N12C Irland
The server location is USA.
When you visit my website, I automatically collect and store information in so-called server log files. Your browser automatically transmits this information to my server or to the server of my hosting company.
These are:
IP address of the website visitor's device
Used device
Hostname of the accessing computer
Visitor's operating system
Browser type and version
Name of the retrieved file
Time of server request
Amount of data
Information whether the data retrieval was successful
This data will not be merged with other data sources. Instead of running this website on my own server, I can also have it run on the server of an external service provider (hosting company), which I have named above in this case. The personal data collected by this website will then be stored on the servers of the hosting company. In addition to the data mentioned above, the web host also stores, for example, contact inquiries, contact details, names, website access data, meta and communication data, contract data and other data generated via a website. The legal basis for the processing of this data is Art. 6 (1) (f) GDPR. My legitimate interest is the technically error-free presentation and optimisation of this website. If the website is accessed in order to enter into contract negotiations with me or to conclude a contract, this serves as an additional legal basis (Art. 6 (1) (b) GDPR). In the event that I have commissioned a hosting company, a contract for order processing exists with this service provider.
Use of Local Storage Items, Session Storage Items and Cookies
My website uses local storage items, session storage items and/or cookies. Local storage is a mechanism that enables the storage of data within the browser on your device. This data usually contains user preferences, such as the "day" or "night mode" of a website, and is retained until you manually delete the data. Session storage is very similar to local storage, whereas the storage period only lasts for the current session, i.e. until the current tab is closed. After that, the session storage items are deleted from your device. Cookies are information that a web server (server that provides web content) stores on your device in order to identify this device. They are either temporarily deleted for the duration of a session (session cookies) and after you have finished visiting a website, or permanently stored on your device (permanent cookies) until you delete them yourself or they are automatically deleted by your web browser.
These objects can also be stored on your device by third-party companies when you visit my site (third-party requests). This enables me, as the operator, and you, as a visitor to this website, to use certain services provided by third parties installed on this website. Examples include the processing of payment services or the display of videos.
These mechanisms have a wide range of possible uses. They can improve the functionality of a website, control shopping cart functions, increase the security and convenience of website use, and perform analyses of visitor flows and behavior. Depending on the individual functions, these mechanisms are classified under data protection law. If they are necessary for the operation of the website and intended to provide certain functions (shopping cart function) or serve to optimize the website (e.g., cookies for measuring visitor behavior), then their use is based on Art. 6 (1) (f) GDPR. As a website operator, I have a legitimate interest in storing local storage items, session storage items, and cookies to ensure the technically error-free and optimized provision of my services. In all other cases, local storage items, session storage items, and cookies are only stored with your express consent (Art. 6 (1) (a) GDPR). If local storage items, session storage, or cookies are used by third-party companies or for analysis purposes, I will inform you separately in this privacy policy. Your required consent will be requested and can be revoked at any time.
Use of external services
External services are used on my website. External services are third-party services that are used on my website. This can be done for various reasons, for example, to embed videos or to ensure website security. When using these services, personal data is also passed on to the respective providers of these external services. If I have no legitimate interest in using these services, I will obtain your consent as a visitor to my website before using them, which can be revoked at any time (Art. 6 (1) (a) GDPR).
Analytics
To analyze user behavior, I process personal data of website visitors. By evaluating the data obtained, I am able to compile information about the use of the individual components of my website. This allows me to increase the user-friendliness of my website. Using the analysis tools used, for example, user profiles could be created for the delivery of targeted or interest-based advertising messages, my website visitors could be recognized the next time they visit my website, their click/scroll behavior and downloads could be measured, heat maps could be created, page views could be recognized, the duration of visits or bounce rates could be measured, and the origin of website visitors (city, country, which page the visitor came from) could be tracked. The analysis tools can be used to improve my market research and marketing activities.
Processing only occurs if you consent to this data processing (via my consent banner on the website). The legal basis for this processing is consent (Art. 6 (1) (a) GDPR). Without your consent, data processing will not take place in the manner described above. If you revoke your consent (e.g., via the consent banner or other options provided on this website), I will terminate this data processing. The legality of the processing carried out up to the time of revocation remains unaffected.
Squarespace Analytics
I use the Squarespace Analytics service on my website. The service is provided by Squarespace Ireland Limited, Squarespace House, Ship Street Great, Dublin 8, D08N12C, Ireland. Using this service may result in data being transferred to a third country (the USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection. Further information can be found in the provider's privacy policy at the following URL: https://www.squarespace.com/privacy
Webfonts
This website uses so-called web fonts for the uniform display of fonts. These fonts are provided by an external provider and loaded by the browser when the website is accessed. The provider of the web font becomes aware that my website was accessed from your IP address because your browser establishes a direct connection to the provider of the web font. Processing only takes place if you consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent (Art. 6 (1) (a) GDPR). Without your consent, data processing in the manner described above will not take place. If you revoke your consent (e.g. via the consent banner or other options provided on this website), we will stop this data processing. The legality of the processing carried out up to the time of revocation remains unaffected.
Adobe Typekit
I use the Adobe Typekit service on my website. The service is provided by Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland. Using this service may result in data being transferred to a third country (the USA). The provider is certified according to the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection. Further information can be found in the provider's privacy policy at the following URL: https://www.adobe.com/privacy/policy.html
Contact form
On my website you have the option of contacting me via a contact form. In order to contact you via this form we require your contact details in particular. If you give your consent, the legal basis is Art. 6 (1) (a) GDPR. This can be revoked at any time. If you send inquiries about my products, services or my company, the processing will be carried out for the purpose of fulfilling the contract or taking pre-contractual measures in accordance with Art. 6 (1) (b) GDPR. There may also be a legitimate interest in maintaining business relationships or answering your inquiry for other reasons. In this case the legal basis for processing your data would be Art. 6 (1) (f) GDPR. The data will be deleted once I have conclusively answered your inquiry and there are no other retention obligations to the contrary.