Contact information in accordance with §5 TMG:
+49 O 173392354
The European Commission provides Online Dispute Resolution: https://ec.europa.eu/consumers/odr
First is first. If you have questions regarding Privacy & GDPR you can always contact us under the aforementioned contact details. Data Protection Officer? We’re still in Beta, let us build a company first. Still, contact details apply. And we like to talk about Privacy & GDPR in general.
You’ve probably read this in so many Privacy Policies before, but here are your rights under GDPR, that new Privacy Law* that you might have heard of before (*you hear sirens and a lawyer scream in the distance: It’s an eu regulation not just some national law! It applies immediatly in all member states!!):
- You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process.
- You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.
- You have the right to ask us to erase your personal information in certain circumstances.
- You have the right to ask us to restrict the processing of your information in certain circumstances.
- You have the right to object to processing if we are able to process your information because the process forms part of our public tasks, or is in our legitimate interests.
- You have the right to ask that we „give you“ the information you gave us. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated.
But now you’re asking: What data are we actually collecting when you visit the site? When you visit our site or sites, our server automatically collects certain browser or device generated information, which may in some cases be personal data, including but not limited to: your IP address; your access or service-provider; time stamp of your visit; information about your browser; your operating system; certain other information about your computer or device. The use of our scanner works with the same data as mentioned before. In addition you – obviously – enter an URL. This is supposed to be a company URL and therefore not really personal data in most cases. We store such URLs for at least one month right now, to improve our algorithms. Again, we think this is a legitimate interest because it helps both sides. It’s public data as long as we don’t connect it with other data sets, come on!
Some might say the most critial part is Mailchimp for sending out e-mails from time to time. Yes, they’re an external service provider from the US. Something that some people might not like when everyone is going for nationalism these days. But! Mailchimp is a good, fast and secure provider. They’re certified under the Privacy Shield, plus we have concluded the required Data Processing Agreement with Mailchimp. And of course we get a double-opt-in. The legal basis is your consent, because this is not the first time we mention Mailchimp. We asked you for it in the e-mail form on the front page, remember? Before we forget or get fined: you can always opt-out from any of our e-mails. It’s in the e-mail, take a closer look. Or let us know by e-mail or phone (did someone ever called someone before to ask them that?)
In addition we use Google Fonts to make the fonts look nicer. Your browser might download them from a Google Server really quick. Therefore your IP might be transferred to big G. Google says that they anonymize all of that data and don’t use corresponding metadata from Fonts services and the like for their crazy advertising practices. Every other sites uses them these days. We think it’s a legitimate interest of both sides, you and us, to have them displayed. And the chances are quite high, that your browser has already cached (aka stored) those files and your computer won’t need to make the connection with Google. When you use our scanner however we go crazy with your data. Just kidding. We wanted to see if you’re still there or if a lawyer is hiding inside of you.
And no, we don’t have any external tracking or analytics installed other than what we already mentioned before. Did we forget retention and deletion? Ups, sorry. It’s quite easy, we’re not storing anything for longer than a few days to a week. With one exception: your e-mail address and the URL you entered. We store them as long as your somehow engaging with us and don’t opt-out. The URL will stay for longer, around a year, since it’s mostly not personal data. If it looks really personal to us, we’ll delete it either right away or after you tell us, whichever comes first. That’s kind of a Privacy by Design practice, right?