1. Data Protection at a Glance
General Information
The following overview provides a concise summary of what happens to your personal data when you visit this website. Personal data refers to any data that can be used to identify you personally. For detailed information on data protection, please refer to the full privacy policy provided below.
Data Collection on This Website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find the operator’s contact details in the section titled “Contact Details of the Responsible Party” in this privacy policy.
How do we collect your data?
Data is collected in two ways:
• You provide some of the data directly, for example by entering it into a contact form.
• Other data is automatically collected or recorded with your consent by our IT systems when you visit the website—mainly technical data (such as browser type, operating system, or time of page access). This data is collected as soon as you enter the website.
What do we use your data for?
Some data is required to ensure the website functions correctly. Other data may be used to analyse your usage behaviour. If contracts can be concluded or negotiated via the website, the transmitted data may also be used for contract offers, orders or other service requests.
What rights do you have regarding your data?
You have the right to request, at any time and free of charge, information on the origin, recipients and purposes of your stored personal data. You also have the right to request correction or deletion of this data. If you have granted consent to data processing, you may withdraw this at any time for the future. Furthermore, you have the right to request restriction of processing under certain circumstances. You also have the right to lodge a complaint with the competent supervisory authority.
You may contact us at any time regarding this or other data protection concerns.
2. Hosting
We host the content of our website with the following provider: All‑Inkl (ALL‑INKL.COM – Neue Medien Münnich, René Münnich, Hauptstraße 68, 02742 Friedersdorf).
For detailed information, please consult All‑Inkl’s privacy policy.
Legal Basis
Wir haben einen Vertrag über Auftragsverarbeitung (AVV) zur Nutzung des oben genannten Dienstes geschlossen. Hierbei handelt es sich Use of All‑Inkl is based on Article 6(1)(f) of the GDPR, as we have a legitimate interest in the reliable presentation of our website. If consent has been obtained, processing occurs only on the basis of Article 6(1)(a) GDPR and § 25(1) of the TDDDG, insofar as consent includes cookie storage or access to information on your device. Consent may be revoked at any time.
Data Processing Agreement
We have concluded a data processing agreement (DPA) with the hosting provider to ensure that your data is processed exclusively according to our instructions and in compliance with the GDPR.
3. General Information and Mandatory Disclosures
Data Protection
The operators of this site take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.
When you use this website, various personal data are processed. Personal data refers to any information that can be used to identify you. This privacy policy explains what data we collect and why, and how and for what purpose this occurs.
Please be aware that data transmission over the Internet (e.g., communication by email) may involve security vulnerabilities. Complete protection of data from third-party access cannot be guaranteed.
Contact Details of the Responsible Party
Responsible for data processing on this website:
Birgid List
Bergstrasse 16a
D‑86946 Vilgertshofen
Phone: +49 (0)177 308 6438
Email: birgid@birgidlist.de
The responsible party is the individual or entity who decides, alone or jointly with others, on the purposes and means of processing personal data.
Retention Period
Unless otherwise specified, personal data will be retained until the purpose for data processing no longer applies. If you request deletion or withdraw consent, data will be erased unless legally required to be stored (e.g., under tax or commercial retention periods). In such cases, deletion will occur once the legal requirements lapse.
Legal Basis for Data Processing
• With your consent: Article 6(1)(a) GDPR (and Article 9(2)(a) GDPR for special categories of data).
• If consent has been granted for cross-border data transfer: Article 49(1)(a) GDPR.
• For cookies or device access, pursuant to § 25(1) TDDDG.
• For contract fulfilment or pre-contractual measures: Article 6(1)(b) GDPR.
• For legal compliance: Article 6(1)(c) GDPR.
• For legitimate interests (absent consent or necessity): Article 6(1)(f) GDPR.
Recipients of Personal Data
We share personal data with third parties only when necessary for contract fulfilment, legal obligation, legitimate interest, or another lawful basis. Processors only receive data under a valid data processing agreement, and joint data processing is governed by a joint processing agreement.
Withdrawal of Consent
You may withdraw consent at any time. Data processed before revocation remains lawful.
Right to Object (Article 21 GDPR)
You may object at any time to processing based on Article 6(1)(e) or (f) GDPR, including profiling. We will stop processing unless we can demonstrate compelling grounds overriding your interests, or for legal claims.
For direct marketing, you may object at any time, including profiling connected to direct marketing. If you object, your data will no longer be used for this purpose.
Right to Lodge a Complaint
You may lodge a complaint with a supervisory authority, particularly in your country of residence, workplace, or the site of the alleged infringement.
Right to Data Portability
You have the right to receive data processed automatically based on consent or contract in a structured, commonly used, machine-readable format. You may request transfer to another controller, where technically feasible.
Right to Access, Correction and Deletion
You may request free access to your personal data, including their origin, recipients and purpose, and the right to correct or delete data, in accordance with applicable law.
Right to Restrict Processing
Sie haben das Recht, die Einschränkung der Verarbeitung Ihrer personenbezogenen Daten zu verlangen. Hierzu können Sie sich jederzeit an uns wenden. Das Recht auf Einschränkung der Verarbeitung besteht in folgenden Fällen:
You may request restriction of processing if:
• You contest data accuracy pending verification.
• Processing is unlawful, but you oppose deletion and request restriction.
• We no longer need data, but you require it for legal claims.
• You have objected and a balancing of interests is pending.
Restricted data may only be processed with consent, legal claims, protection of another’s rights, or important public interest.
SSL/TLS Encryption
This site employs SSL/TLS encryption for secure transmission of confidential content (e.g., inquiries or orders). You can tell a secure connection by “https://” and the padlock icon. Encrypted communication protects data from third-party interception.
Objection to Promotional Emails
Use of contact data listed under the Imprint requirement for sending unsolicited promotional content is objected to. We reserve the right to take legal action in case of unsolicited emails (spam).
4. Data Collection on This Website (Cookies)
Cookies
Our site uses cookies—small data packets that do not harm your device. Session cookies are deleted after your visit, while permanent cookies remain until deleted by you or by your browser.
Cookies may be first-party (from us) or third-party (for integrated services such as payment processing). Some cookies are necessary for core functionality (e.g., shopping cart or video display), while others are used for behaviour analysis or advertising.
Necessary cookies are stored under legitimate interest (Article 6(1)(f) GDPR). With your consent (Article 6(1)(a) GDPR and § 25(1) TDDDG), we may store other cookies, and you may withdraw consent at any time.
Your browser settings may allow you to be informed of cookie use, accept or reject cookies on a case-by-case basis, disable cookies entirely, or enable automatic deletion on closing the browser. Blocking cookies may limit some website functionality.
Details on which cookies and services are used can be found in this privacy policy.
Real Cookie Banner
We use Real Cookie Banner technology from devowl.io GmbH (Tannet 12, 94539 Grafling) to manage and document your cookie consents. It is hosted locally on our servers, with no connection to the vendor’s servers. A cookie is stored in your browser to record your consent or withdrawal. Data is stored until you request deletion or consent becomes obsolete, subject to legal retention requirements. Use of Real Cookie Banner is legally mandated and based on Article 6(1)(c) GDPR.
5. Contact Form & Communications
Contact Form
If you submit an enquiry via the contact form, the information you provide (including contact details) is stored to process your request and for follow-up communication. We do not share these data without your consent. Data processing is based on Article 6(1)(b) GDPR if related to contract fulfilment, otherwise on legitimate interest (Article 6(1)(f) GDPR) or consent (Article 6(1)(a) GDPR), which can be withdrawn at any time. Data is kept until you request deletion, withdraw consent, or the storage purpose ends, subject to legal retention requirements.
Email, Telephone or Fax
Correspondence via email, telephone, or fax—including your personal data—is saved and processed to address your inquiry, and is not shared without consent. Processing basis is the same as for the contact form. Data is retained until deletion is requested, consent is withdrawn, or the purpose ends. Legal retention obligations remain unaffected.
6. Newsletter
Newsletter Subscription
To receive our newsletter, we require your email address and consent to verify your ownership and agreement to receive it. No other data is collected unless voluntarily provided.
Provider: Brevo
We use Brevo (Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin) for newsletters. Data are stored on Brevo’s servers in Germany.
Daten Analysis via Brevo
Brevo allows us to analyse metrics such as open rates and link clicks, track conversions, and segment subscribers by categories (e.g., age, gender, location). If you wish to opt out of analysis, you may unsubscribe using the link provided in each newsletter.
Further information is available in Brevo’s privacy documentation and newsletter software info.
Legal Basis
Processing is based on consent (Article 6(1)(a) GDPR), which you may withdraw at any time. Processing already carried out remains lawful.
Retention Period
The data you provide to us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter. Once you unsubscribe, your data will be removed from the newsletter distribution list. Any data stored by us for other purposes remains unaffected.
After you unsubscribe from the newsletter distribution list, your email address may be stored in a blacklist by us or the newsletter service provider, if this is necessary to prevent future mailings. The data stored in the blacklist will be used exclusively for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements for the sending of newsletters (legitimate interest pursuant to Art. 6(1)(f) GDPR). Storage in the blacklist is not time-limited. You may object to this storage if your interests outweigh our legitimate interest.
For further information, please refer to Brevo’s privacy policy at: https://www.brevo.com/de/datenschutz-uebersicht/ and https://www.brevo.com/de/legal/privacypolicy/.
We have a DPA with the provider to ensure GDPR compliance.
7. Plugins and Tools
Google Fonts (Locally Hosted)
We use Google Fonts for consistent typography. Fonts are hosted locally; no connections to Google servers occur. More details: Google Fonts FAQ and Google’s privacy policy.
Further information about Google Fonts can be found at https://developers.google.com/fonts/faq and in Google’s Privacy Policy at https://policies.google.com/privacy?hl=en.
8. Audio and Video Conferencing
Data Processing
We use online conferencing tools for communication. Recorded data may include your email address or phone number, call duration, meeting times, participant numbers and metadata. Technical information such as IP addresses, device IDs, operating systems, camera/microphone data, and other device details may also be processed. Shared content (cloud recordings, chat messages, files) may be stored on the provider’s servers.
We do not have full control over the provider’s data processing. Please refer to each provider’s privacy policy (listed below).
Purpose & Legal Basis
Tools are used for communication with existing or prospective clients (Article 6(1)(b) GDPR) and to streamline communication (legitimate interest, Article 6(1)(f) GDPR). Where consent is required, processing occurs on that basis and is revocable.
Retention Period
Data handled directly by us via conferencing tools is deleted when you request deletion, withdraw consent, or the purpose ends. Cookies remain on your device until deleted. Legal retention obligations apply.
We cannot influence the provider’s storage duration—please consult their privacy policies for details.
Tools Used: Zoom
We use Zoom. The provider of this service is Zoom Communications Inc., 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. Details regarding data processing can be found in Zoom’s privacy policy: https://explore.zoom.us/en/privacy/
Data transfers to the USA are based on the EU Commission’s Standard Contractual Clauses. More details can be found here: https://explore.zoom.us/en/privacy/
The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the United States that aims to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is committed to complying with these data protection standards. Further information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5728
Data Processing Agreement
We have concluded a data processing agreement (DPA) with the provider mentioned above. This is a data protection agreement required by law, ensuring that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.