Privacy Policy

Privacy Overview

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data includes any data that can personally identify you. Detailed information on data protection can be found in our privacy policy listed below this text.

Data Collection on This Website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find the operator’s contact information in the section "Notice on the Responsible Entity" in this privacy policy.

How do we collect your data?

Some of your data is collected when you provide it to us. This might include data you enter into a contact form, for example. Other data is collected automatically or with your consent when you visit the website, primarily through our IT systems. This data typically includes technical information (e.g., web browser, operating system, or the time the page was accessed). This data is collected automatically as soon as you access this website.

Why do we use your data?

Part of the data is collected to ensure the website operates without errors. Other data can be used to analyze your usage behavior. If contracts can be established or initiated through the website, the data you submit may also be used for contract offers, orders, or other service inquiries.

What rights do you have regarding your data?

You have the right to receive, at any time and free of charge, information about the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have granted consent for data processing, you may withdraw that consent at any time with future effect. Additionally, under certain circumstances, you have the right to request the restriction of the processing of your personal data. Furthermore, you have the right to lodge a complaint with the relevant supervisory authority.

If you have any questions about privacy or related issues, please feel free to contact us at any time.

Analytics Tools and Third-Party Tools

When you visit this website, your browsing behavior may be statistically analyzed, primarily using analytics programs.

Detailed information on these analytics programs can be found in the following privacy policy.

2. Hosting

We host the content of our website with the following provider:

Squarespace

The provider is Squarespace Ireland Ltd., Le Pole House, Ship Street Great, Dublin 8, Ireland (hereinafter referred to as "Squarespace").

Squarespace is a platform for creating and hosting websites. When you visit our website, your data is processed on Squarespace’s servers. Personal data may also be transferred to Squarespace’s parent company, Squarespace Inc., located at 8 Clarkson St, New York, NY 10014, USA. Additionally, Squarespace stores cookies that are essential for displaying the site and ensuring security (necessary cookies).

The use of Squarespace is based on Art. 6 (1) (f) of the GDPR, as we have a legitimate interest in the most reliable presentation of our website. If explicit consent has been requested, processing will occur exclusively on the basis of Art. 6 (1) (a) of the GDPR and § 25 (1) of the TTDSG, provided that the consent covers the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) as per the TTDSG. Consent can be withdrawn at any time.

Data transfer to the United States is based on the EU Commission's standard contractual clauses. For details, please see: https://support.squarespace.com/hc/en/articles/360000851908-GDPR-and-Squarespace.

The company is certified under the “EU-U.S. Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the United States aimed at ensuring compliance with European data protection standards for data processing in the United States. Any company certified under the DPF agrees to adhere to these data protection standards. More information is available from the provider at the following link: https://www.dataprivacyframework.gov/participant/4774.

3. General Information and Mandatory Disclosures

Data Protection

The operators of this site take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations as well as this privacy policy.

When you use this website, various personal data are collected. Personal data includes data that can personally identify you. This privacy policy explains what data we collect and how we use it. It also explains how and for what purpose this occurs.

Please note that data transmission over the internet (e.g., email communication) may have security vulnerabilities. Complete protection of data from access by third parties is not possible.

Notice on the Responsible Entity

The entity responsible for data processing on this website is:

Kristi Pokorny
c/o Block Services
Stuttgarter Straße 106
70736 Fellbach

E-Mail: hello@kristipokorny.com
Kontaktformular: link

The responsible entity is the individual or legal entity that, alone or together with others, decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Data Retention Period

Unless a specific retention period is stated in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you submit a legitimate deletion request or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for retaining your personal data (e.g., tax or commercial law retention periods); in the latter case, data will be deleted after these reasons no longer apply.

General Information on the Legal Basis for Data Processing on This Website

If you have consented to data processing, we process your personal data on the basis of Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR, provided that special data categories under Art. 9 (1) GDPR are processed. In the event of express consent to transfer personal data to third countries, data processing is also based on Art. 49 (1) (a) GDPR. If you have consented to the storage of cookies or to access information on your device (e.g., via device fingerprinting), data processing is additionally based on § 25 (1) TTDSG. Consent may be revoked at any time. If your data is necessary for contract fulfillment or to carry out pre-contractual measures, we process it based on Art. 6 (1) (b) GDPR. Furthermore, we process your data if required to fulfill a legal obligation, under Art. 6 (1) (c) GDPR. Data processing may also be based on our legitimate interest, as outlined in Art. 6 (1) (f) GDPR. Further details on applicable legal bases are provided in the subsequent sections of this privacy policy.

Recipients of Personal Data

In the course of our business, we work with various external entities, which may necessitate the transfer of personal data to these parties. We only share personal data with external parties if necessary for contract fulfillment, if we are legally required to do so (e.g., sharing data with tax authorities), if we have a legitimate interest in sharing (Art. 6 (1) (f) GDPR), or if another legal basis permits it. When engaging data processors, we share personal data only based on a valid data processing agreement. In cases of joint processing, a joint processing agreement is established.

Revocation of Your Consent to Data Processing

Many data processing activities are only possible with your explicit consent. You may revoke any previously granted consent at any time. The legality of data processing conducted prior to the revocation remains unaffected.

Right to Object to Data Collection in Specific Cases and to Direct Advertising (Art. 21 GDPR)

IF DATA PROCESSING IS BASED ON ART. 6 (1) (E) OR (F) GDPR, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE SPECIFIC LEGAL BASIS FOR PROCESSING CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING, OR DEFENDING LEGAL CLAIMS (OBJECTION ACCORDING TO ART. 21 (1) GDPR). IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING, INCLUDING ANY PROFILING RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION ACCORDING TO ART. 21 (2) GDPR).

Right to File a Complaint with the Competent Supervisory Authority

In the event of violations of the GDPR, individuals affected have the right to file a complaint with a supervisory authority, particularly in the member state of their habitual residence, place of work, or where the alleged violation occurred. This right to file a complaint exists independently of other administrative or judicial remedies.

Right to Data Portability

You have the right to receive data that we process automatically based on your consent or in fulfillment of a contract in a commonly used, machine-readable format, either for yourself or a third party. If you request a direct transfer of data to another responsible entity, this will only occur if technically feasible.

Access, Correction, and Deletion

Under applicable legal provisions, you have the right to free access to your stored personal data, its origin, recipients, and the purpose of data processing, as well as a right to correct or delete this data, if necessary. If you have any questions about personal data, please feel free to contact us at any time.

Right to Restrict Processing

You have the right to request the restriction of processing your personal data. You may contact us at any time to exercise this right. The right to restriction of processing applies in the following cases:

  • If you dispute the accuracy of your personal data stored with us, we generally require time to verify this. During the verification period, you have the right to request the restriction of processing your personal data.

  • If the processing of your personal data is unlawful, you may request restriction of data processing instead of deletion.

  • If we no longer need your personal data but you require it for the establishment, exercise, or defense of legal claims, you have the right to request the restriction of processing instead of deletion.

  • If you have objected under Art. 21 (1) GDPR, a balance must be struck between your and our interests. Until it is determined whose interests prevail, you have the right to request the restriction of processing your personal data.

If processing is restricted, your data may only be processed, apart from its storage, with your consent, for asserting, exercising, or defending legal claims, for protecting the rights of another individual or legal entity, or for reasons of important public interest for the European Union or a member state.

SSL or TLS Encryption

This site uses SSL or TLS encryption for security and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator. An encrypted connection is indicated by the browser’s address bar changing from “http://” to “https://” and by the lock symbol in the browser bar.

When SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.

Objection to Advertising Emails

We hereby object to the use of contact data published as part of the legal notice obligation for sending unsolicited advertising and informational materials. The operators of this site expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam emails.

4. Data Collection on This Website

Cookies

Our website uses "cookies," small data files that do not harm your device. Cookies are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted once you leave the website. Persistent cookies remain on your device until you delete them or they are automatically removed by your web browser.

Cookies can be set by us (first-party cookies) or by third-party providers (third-party cookies). Third-party cookies enable the integration of services provided by external companies on the website (e.g., cookies to process payment services).

Cookies have various purposes. Many are technically essential, as certain website functions would not work without them (such as the shopping cart function or video display). Other cookies may be used to analyze user behavior or for advertising purposes.

Cookies necessary for electronic communication, specific website functions you requested (e.g., shopping cart), or to optimize the website (e.g., audience measurement cookies) are stored based on Art. 6 Para. 1(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing essential cookies to ensure technically error-free and optimized service provision. If consent to store cookies and similar recognition technologies has been requested, processing is based solely on this consent (Art. 6 Para. 1(a) GDPR and Sec. 25 Para. 1 TDDDG); consent can be revoked at any time.

You can set your browser to notify you about cookies, allow cookies only on a case-by-case basis, block cookies for specific situations or entirely, and enable automatic deletion of cookies when the browser is closed. Disabling cookies may limit the functionality of this website.

The types of cookies and services used on this website are detailed in this privacy policy.

Server Log Files

The website’s hosting provider automatically collects and stores information in server log files, which your browser automatically sends to us. This includes:

  • Browser type and version

  • Operating system used

  • Referrer URL

  • Host name of the accessing device

  • Time of server request

  • IP address

This data is not merged with other data sources.

The collection of this data is based on Art. 6 Para. 1(f) GDPR. The website operator has a legitimate interest in ensuring the technical, error-free display and optimization of its website; for this, server log files must be recorded.

Use of Squarespace Analytics

Our website uses Squarespace Analytics, an internal analytics tool that helps us understand website usage and performance. Squarespace Analytics collects anonymous data, including visitor count, page views, time spent on the website, visited pages, and users' geographic locations.

This data helps us optimize the website and improve the user experience. No personal data is collected or stored. Squarespace Analytics processes data per Squarespace's privacy policy.

For more information about the processing and protection of your data, please see Squarespace's privacy policy: https://www.squarespace.com/privacy.

Contact Form

If you use our contact form to reach out, the information provided in the inquiry form, including the contact details you provide, will be stored for the purpose of processing your inquiry and any follow-up questions. We do not share this data without your consent.

The processing of this data is based on Art. 6 Para. 1(b) GDPR if your request is related to fulfilling a contract or necessary for pre-contractual measures. In all other cases, processing is based on our legitimate interest in the efficient processing of inquiries addressed to us (Art. 6 Para. 1(f) GDPR) or on your consent (Art. 6 Para. 1(a) GDPR) if requested; consent can be revoked at any time.

Data you provide in the contact form will remain with us until you request its deletion, revoke your consent for storage, or the purpose for storing the data no longer applies (e.g., after completing your inquiry). Mandatory statutory provisions, particularly retention periods, remain unaffected.

Inquiries via Email, Phone, or Fax

If you contact us via email, phone, or fax, your inquiry, including any personal data provided (name, inquiry), will be stored and processed by us to address your request. We do not share this data without your consent.

The processing of this data is based on Art. 6 Para. 1(b) GDPR if your request is related to fulfilling a contract or necessary for pre-contractual measures. In all other cases, processing is based on our legitimate interest in efficiently handling inquiries addressed to us (Art. 6 Para. 1(f) GDPR) or on your consent (Art. 6 Para. 1(a) GDPR) if requested; consent can be revoked at any time.

The data you send to us via inquiries remains with us until you request its deletion, revoke your consent for storage, or the purpose for storing the data no longer applies (e.g., after your inquiry is fully processed). Mandatory statutory provisions, particularly statutory retention periods, remain unaffected.

Gravatar

We have integrated Gravatar on this website. The provider is Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA (hereinafter Gravatar).

Gravatar is a tool that enables users of our website to display personalized images (avatars). Avatars serve as visual representations of users and appear wherever a user interacts with the platform (e.g., in forums or chats). When a user interacts on the platform, their avatar, based on their email address, is displayed. This adds a personal touch to users' online presence and facilitates identification, as the chosen image is associated with them when they are active online.

If you comment or interact on our website with Gravatar enabled, Gravatar processes the hashed version of the user’s email address (used as an ID).

The use of Gravatar is based on Art. 6 Para. 1(f) GDPR. The website operator has a legitimate interest in a visually engaging presentation of its forums. If consent has been requested, processing is based solely on Art. 6 Para. 1(a) GDPR and Sec. 25 Para. 1 TDDDG. Consent can be revoked at any time.

For further details, please refer to the provider's privacy policy: https://automattic.com/privacy/.

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the United States intended to ensure that European data protection standards are met in data processing in the USA. Each DPF-certified company agrees to adhere to these standards. Further information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/4709.

Source: https://www.e-recht24.de