Privacy Policy
1. Privacy at a Glance
General Information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally. For detailed information on data protection, please refer to our full privacy policy listed below this text.
Data Collection on this Website
Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. You can find the operator’s contact details in the section „Notice on the Responsible Party“ in this privacy policy.
How do we collect your data?
Your data is collected partly by you providing it to us. This can include data entered into a contact form, for example.
Other data is automatically collected by our IT systems when you visit the website, or after your consent. This mainly includes technical data (e.g., internet browser, operating system, or time of page visit). This data collection occurs automatically as soon as you enter this website.
What do we use your data for?
Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior. If contracts can be concluded or initiated via the website, the transmitted data will also be processed for contract offers, orders, or other service requests.
What rights do you have regarding your data?
You have the right at any time to receive free information about the origin, recipients, and purpose of your stored personal data. You also have the right to request correction or deletion of this data. If you have given consent for data processing, you can revoke this consent at any time for the future. Furthermore, under certain circumstances, you have the right to request the restriction of the processing of your personal data. You also have the right to lodge a complaint with the relevant supervisory authority.
You can contact us at any time for this or for other questions regarding data protection.
2. Hosting
We host the content of our website with the following provider:
All-Inkl
The provider is ALL-INKL.COM – Neue Medien Münnich, Inh. René Münnich, Hauptstraße 68, 02742 Friedersdorf (hereinafter All-Inkl). Details can be found in All-Inkl’s privacy policy: https://all-inkl.com/datenschutzinformationen/.
The use of All-Inkl is based on Art. 6(1)(f) GDPR. We have a legitimate interest in the most reliable representation of our website. If consent is requested, processing is based solely on Art. 6(1)(a) GDPR and §25(1) TDDDG, insofar as consent includes storing cookies or accessing information on the user’s device (e.g., device fingerprinting). Consent can be revoked at any time.
3. General Information and Mandatory Information
Data Protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various personal data is collected. Personal data is data that can be used to personally identify you. This privacy policy explains which data we collect and what we use it for, as well as how and for what purpose it is processed.
Please note that data transmission over the Internet (e.g., communication via email) can have security gaps. Complete protection of data against access by third parties is not possible.
Notice on the Responsible Party
The responsible party for data processing on this website is:
[Full name or complete company name of the website operator and full address]
Phone: [Phone number of the responsible party]
E-mail: sebastian.kerssen@rebyteit.de
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).
Storage Duration
Unless a more specific storage period is stated in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate deletion request or revoke consent for data processing, your data will be deleted, provided we have no other legally permissible reasons for storing your personal data (e.g., tax or commercial retention periods); in such cases, deletion will occur after these reasons no longer apply.
General Information on Legal Basis of Data Processing on this Website
If you have consented to data processing, we process your personal data based on Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR if special categories of data are processed according to Art. 9(1) GDPR. In case of explicit consent for the transfer of personal data to third countries, data processing is also based on Art. 49(1)(a) GDPR. If you consented to storing cookies or accessing information on your device (e.g., via device fingerprinting), processing is additionally based on §25(1) TDDDG. Consent can be revoked at any time. If your data is required for contract performance or pre-contractual measures, we process your data based on Art. 6(1)(b) GDPR. Furthermore, we process your data if required to fulfill a legal obligation based on Art. 6(1)(c) GDPR. Data processing may also occur based on our legitimate interest under Art. 6(1)(f) GDPR. The applicable legal basis in each case is indicated in the following sections of this privacy policy.
Recipients of Personal Data
In the course of our business activities, we work with various external parties. Sometimes, this requires transferring personal data to these external parties. We only share personal data with external parties if it is necessary for contract performance, legally required (e.g., tax authorities), based on our legitimate interest under Art. 6(1)(f) GDPR, or another legal basis permits the transfer. When using processors, we only transfer customer personal data based on a valid data processing agreement. In case of joint processing, a joint processing agreement is concluded.
Revocation of Consent to Data Processing
Many data processing operations are only possible with your explicit consent. You can revoke consent at any time. The legality of data processing up to the revocation remains unaffected.
Right to Object in Certain Cases and Against Direct Marketing (Art. 21 GDPR)
If data processing is based on Art. 6(1)(e) or (f) GDPR, you have the right to object at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. The relevant legal basis is indicated in this privacy policy. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms, or if the processing serves the establishment, exercise, or defense of legal claims (Art. 21(1) GDPR).
If your personal data is processed for direct marketing purposes, you have the right to object at any time; this also applies to profiling related to such direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (Art. 21(2) GDPR).
Right to Lodge a Complaint with the Supervisory Authority
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, particularly in the member state of their habitual residence, place of work, or place of the alleged infringement. This does not affect other administrative or judicial remedies.
Right to Data Portability
You have the right to receive data that we process automatically based on your consent or contract in a commonly used, machine-readable format, and to have it transmitted to a third party, where technically feasible.
Access, Correction, and Deletion
You have the right, under applicable law, to request free information about your stored personal data, its origin, recipients, and purpose, as well as the right to request correction or deletion. You can contact us at any time regarding these rights or other questions concerning personal data.
Right to Restrict Processing
You have the right to request restriction of processing of your personal data. This right applies in the following cases:
- If you dispute the accuracy of your personal data, we need time to verify it. During this verification, you have the right to request restriction.
- If processing is unlawful but you oppose deletion, you can request restriction instead.
- If we no longer need the data but you need it to exercise or defend legal claims, you can request restriction instead of deletion.
- If you have objected under Art. 21(1) GDPR, processing may be restricted until it is clear whose interests prevail.
Restricted data may only be processed with your consent, for legal claims, for the protection of rights of others, or for important public interest reasons.
SSL/TLS Encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries, this site uses SSL/TLS encryption. You can recognize an encrypted connection when the address line of the browser changes from „http://“ to „https://“ and by the padlock symbol in your browser line.
When SSL/TLS is active, the data you transmit to us cannot be read by third parties.
4. Data Collection on this Website
Cookies
Our website uses “cookies.” Cookies are small data packages that do not harm your device. They are stored temporarily for the session (session cookies) or permanently (persistent cookies). Session cookies are deleted automatically after your visit. Persistent cookies remain until you delete them or your browser does so automatically.
Cookies can be first-party or third-party. Third-party cookies allow the integration of third-party services within the website (e.g., payment processing cookies).
Cookies serve various functions. Many are technically necessary (e.g., shopping cart or video display). Others may be used for user behavior analysis or advertising.
Necessary cookies are stored based on Art. 6(1)(f) GDPR unless otherwise stated. Consent-based cookies are stored based on Art. 6(1)(a) GDPR and §25(1) TDDDG; consent can be revoked at any time.
You can configure your browser to be informed about cookies, allow them on a case-by-case basis, block them, or delete them automatically. Disabling cookies may affect website functionality.
Contact Form
If you contact us via the contact form, your information, including contact details, will be stored to process the request and follow-up questions. This data will not be shared without your consent.
Processing is based on Art. 6(1)(b) GDPR if related to contract performance, otherwise on our legitimate interest (Art. 6(1)(f)) or your consent (Art. 6(1)(a)); consent can be revoked at any time.
Your contact form data remains with us until you request deletion, revoke consent, or the purpose ends (e.g., after processing your request). Mandatory legal retention periods remain unaffected.
Contact via Email, Phone, or Fax
Data sent via email, phone, or fax, including personal data (name, inquiry), is stored to process your request. It is not shared without consent. Processing is based on Art. 6(1)(b) GDPR if related to contract performance, otherwise on our legitimate interest (Art. 6(1)(f)) or your consent (Art. 6(1)(a)); consent can be revoked at any time. Data remains until deletion request, revocation, or purpose ends. Legal retention periods remain unaffected.
5. Social Media
Instagram functions are integrated via Meta Platforms Ireland Limited, Merrion Road, Dublin 4, Ireland. When active, a direct connection between your device and Instagram is established. Instagram may link website visits to your account if logged in. We do not see content or data usage by Instagram. Use is based on your consent (Art. 6(1)(a) GDPR and §25(1) TDDDG), revocable at any time.
If personal data is transmitted to Facebook/Instagram, we and Meta Platforms Ireland are joint controllers (Art. 26 GDPR) only for collection and transfer. Further processing by Facebook/Instagram is not part of our joint responsibility. Details: https://www.facebook.com/legal/controller_addendum. Transfer to the USA is based on EU Commission Standard Contractual Clauses. More info: https://privacycenter.instagram.com/policy/.
The company is certified under the EU-US Data Privacy Framework (DPF), ensuring compliance with EU data protection standards. More info: https://www.dataprivacyframework.gov/participant/4452.
6. Newsletter
Newsletter Data
To subscribe to the newsletter, we require your email address and information verifying you are the owner and consent to receive the newsletter. Data is used solely for sending requested information and is not shared with third parties. Processing is based on your consent (Art. 6(1)(a) GDPR) and can be revoked at any time. Data is stored until unsubscription or purpose expiration. Blacklist storage may occur to prevent future mailings, subject to your right to object.
Newsletter for Existing Customers
If you provide an email when ordering goods or services, it may be used for newsletters about similar products/services after prior notice. You can unsubscribe at any time via link in the newsletter. Legal basis: Art. 6(1)(f) GDPR in conjunction with §7(3) UWG.
7. Plugins and Tools
Google Maps
This site uses Google Maps (Google Ireland Limited, Gordon House, Dublin 4, Ireland). Using Google Maps may require storing your IP address, usually transferred to and stored on servers in the USA. Use is based on Art. 6(1)(f) GDPR unless consent is requested. Transfer to the USA is based on EU Standard Contractual Clauses. More info: https://privacy.google.com/businesses/gdprcontrollerterms/.
Company certified under EU-US Data Privacy Framework: https://www.dataprivacyframework.gov/participant/5780.
8. Own Services
OneDrive
OneDrive is embedded on this website (Microsoft Ireland Operations Limited, Dublin, Ireland). OneDrive allows file uploads, which are stored on OneDrive servers. Use is based on Art. 6(1)(f) GDPR, or Art. 6(1)(a) GDPR if consent is given. Company certified under EU-US Data Privacy Framework: https://www.dataprivacyframework.gov/participant/6474.