We, the operator of this website, do not process data that can be referenced to an individual ("personal data") of you, the visitor. However, in the following cases data referring to your visit can or will be processed:
-
To the usual extent, our provider logs every http access to our server.
-
On certain pages we embed videos hosted by YouTube or Vimeo. Although we use privacy-friendly methods for embedding, we cannot exclude the possibility of third-party cookies being set on these particular pages.
-
In case you write us an e-mail, the personal data from this email will be transferred to us.
Please read this privacy statement for more details. It explains what data we process, how and for what purpose we use it.
The person responsible within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection provisions is:
Daphne Dragona
Spreeufer 1
10178 Berlin
contact@daphnedragona.net
Data Protection Officer
According to Article 37(1) GDPR, there is no need to appoint a Data Protection Officer.
General information on data processing
We collect data that can be referenced to an individual ("personal data") only to the extent necessary to provide a functional website. The collection and use of personal data takes place only with the consent of the user. An exception applies in those cases in which it is not possible to obtain prior consent for actual reasons and the processing of the data is permitted by statutory provisions.
We treat personal data confidentially and according to the legal data protection regulations as well as this privacy statement. As a visitor to this website, you have the right, within the framework of the applicable statutory provisions, to free information at any time about your stored personal data, its origin and recipients and the purpose of the data processing and, if applicable, a right to correction, blocking or deletion of this data. You can contact us at any time if you have any further questions on the subject of personal data.
Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing personal data, Art. 6 Para. 1 lit. a GDPR serves as the legal basis.
Art. 6 para. 1 lit. b GDPR serves as the legal basis for the processing of personal data required for the performance of a contract to which the data subject is a party. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.
Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
Art. 6 para. 1 lit. d GDPR serves as a legal basis in the event that vital interests of the data subject or another natural person necessitate the processing of personal data.
If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and fundamental freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.
Data erasure and storage duration
The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. In addition, the data may be stored if the European or national legislator has provided for this in Union regulations, laws or other provisions to which the person responsible is subject. The data shall also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless it is necessary for further storage of the data for the conclusion or performance of a contract.
Secure data transmission
This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as requests sent to us as the site operator. An encrypted connection can be recognized by the fact that the address line of the browser changes from "http://" to "https://" and is marked with a lock symbol. If SSL or TLS encryption is activated, the data transmitted to us cannot be read by third parties.
Provision of the website and creation of log files
Each time our website is accessed, the web server logs each individual access to an element (e.g. an HTML file or an image) of the same. Also failed or denied accesses are noted.
Our web server stores the following information in log files:
- IP address
- Date and time of the request
- Time zone difference to GMT
- Access status (HTTP status)
- Web browser
- Operating system
- Browser language and version
In the event of an error, messages from the Apache web server are saved in log files. The following data is stored:
- IP address
- Date and time of the error
- Error code
- Error message in text form
An evaluation of this data for marketing purposes does not occur, nor does storage together with other personal data of the user.
The storage in logfiles serves to ensure the functionality and optimization of our website. This is our legitimate interest in data processing pursuant to Art. 6 Para. 1 lit. f GDPR.
The data are deleted as soon as they are no longer required for the purpose of their collection. For the data stored in log files, this is the case when the respective session has ended. Error logs that log erroneous page views are deleted after 30 days.
The collection of data for the provision of the website and the storage of data in log files are mandatory for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
Use of cookies
Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when a page is changed.
Our CMS itself does not set any cookies.
On some pages, however, we include videos. Wherever possible, we use data protection-compliant methods to integrate videos. Nevertheless, it may happen that third-party services store the following cookies in your browser:
YouTube Session Cookies
Names: yt-remote-fast-check-period, yt-remote-session-app, yt-remote-session-name
Intended use: Integration of YouTube videos
Storage duration: session
Type: Third-party cookie
Vimeo Session Cookies
Names: vuid, Player
Intended use: Integration of Vimeo videos
Storage duration: session
Type: Third-party cookie
Legal basis for data processing
The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f GDPR.
Purpose of data processing
The purpose of using technically necessary cookies is to simplify the use of websites for users. The user data collected by technically necessary cookies are not used to create user profiles. Our legitimate interest in the processing of personal data pursuant to Art. 6 Para. 1 lit. f GDPR also lies in these purposes.
Duration of storage, objection and removal options
Cookies are stored on the user's computer. Therefore, you as a user have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that all functions of the website can no longer be used to their full extent.
Contact us by e-mail
You can contact us by e-mail at any time. In this case your personal data transmitted with the e-mail will be stored. The processing of your data serves us solely for communication with each other. The data will not be passed on to third parties in this context.
You have the possibility at any time to revoke and delete your consent to the processing of your personal data for communication with each other.
The legal basis is Art. 6 para. 1 lit. f GDPR. If the purpose of the e-mail contact is to conclude a contract, the additional legal basis for the processing is Art. 6 Para. 1 lit. b GDPR.
Analytics (100% privacy friendly)
To get basic visitor information, we use Simple Analytics. This analytics software gives us insight only in general, but not about individuals, as it does not track visitors and does not store any personal identifiable information. Go to their documentation to find out what Simple Analytics collects (and most importantly, what they don’t).
Your rights as a person concerned
If your personal data is processed, you are a person concerned within the meaning of the GDPR. In the following, we would like to give you an initial overview of the rights to which you are entitled.
If you wish to assert your rights against us, just send us an e-mail.
Right of disclosure
You can request information about which data we process from you (Art. 15 GDPR). In addition, you can request information on how we handle this data, where we obtained it from, if it was not collected from us, whether automated decision-making exists (including profiling) and, if applicable, what this involves.
Right of rectification
They demand that we correct incorrect or incomplete data immediately if they are stored with us (Art. 16 GDPR).
Right of erasure ("right to be forgotten")
You can request that we delete your data stored with us (Art. 17 GDPR).
Restrictions: The processing of your personal data is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest, to assert, exercise or defend legal claims.
Right of limitation of processing
You can request the restriction of the processing of your data (Art. 18 GDPR ).
Right of data transfer
You may request that we transfer your data, if it is stored by us, to you or a responsible person in a structured, machine-readable form (Art. 20 GDPR).
Right of objection
You may object to the processing of your data (Art. 21 and Art. 22 GDPR).
Right of appeal to a supervisory authority
You can complain to a supervisory authority (Art. 77 GDPR).
Right of objection
According to Art. 21 GDPR, you are entitled to object to the processing of your data which we process on the basis of legitimate interest according to Art. 6 Para. 1 S. 1 lit. f GDPR. In this case, you must submit reasons for your objection that result from your particular situation.
In the case of direct advertising, you have a general right of objection, which you do not have to justify further.
The status of this privacy statement is December 2019.