Privacy Policy
1. General
We are pleased that you are visiting our website. Below we would like to inform you about how we handle your data in accordance with Article 13 of the General Data Protection Regulation (GDPR).
Controller
The party responsible for the data collection and processing described below is the entity named in the imprint:
Claudia Paproth Communications Consulting, Zentnerstrasse 7a, 80798 Munich, Germany.
Email: info@paproth-communication.com
Storage of the IP address
We store the IP address transmitted by your web browser strictly for a limited purpose and for a period of seven days, in the interest of detecting, limiting and eliminating attacks on our website. After this period, we delete the IP address. The legal basis is Article 6 (1) (f) GDPR.
Usage data
When you visit our web pages, so-called usage data is temporarily stored on our web server as a log for statistical purposes, in order to improve the quality of our web pages. This record consists of:
the page from which the file was requested,
the name of the file,
the date and time of the request,
the amount of data transferred,
the access status (file transferred, file not found),
a description of the type of web browser used, and the IP address of the requesting computer, which is deleted after seven days so that a personal reference can no longer be established.
The log data mentioned is stored anonymously only.
2. Hosting and service providers
Our website is hosted by an external service provider (processor) who stores the data described above on our behalf. We have concluded a data processing agreement pursuant to Article 28 GDPR with this provider, who is strictly bound by our instructions.
Hosting provider: Squarespace Ireland Limited, Squarespace House, Ship Street Great, Dublin 8, Ireland
3. Data transfers to third countries
Where we use service providers based outside the EU or the European Economic Area, in particular in the United States, personal data may be transferred to a third country. For such cases we ensure an appropriate level of data protection.
For data transfers to the USA, an adequate level of protection is in place on the basis of an adequacy decision of the European Commission (EU-US Data Privacy Framework) pursuant to Article 45 (3) GDPR, provided that the relevant provider is certified under that framework. Where a provider is not certified under the framework, transfers to the USA are safeguarded by the conclusion of European standard contractual clauses (SCC) together with further technical and organisational measures.
4. Cookies
Our website may use cookies and similar technologies. Cookies that are technically necessary to operate the website are used on the basis of Article 6 (1) (f) GDPR. Cookies and technologies that are not technically necessary are only used with your consent in accordance with Section 25 (1) TDDDG and Article 6 (1) (a) GDPR. You can withdraw your consent at any time with effect for the future.
[Please confirm which cookies and tools your Squarespace site actually sets, and whether a cookie banner or consent tool is in use, so this section can be completed accurately.]
5. Security measures
In order to protect your data against unwanted access as comprehensively as possible, we take technical and organisational measures. We use an encryption method on our website. Your information is transferred from your computer to our server and back via the internet using TLS encryption. You can recognise this by the closed lock symbol in your browser status bar and by the address bar beginning with https://.
6. Your rights as a user
When we process your personal data, the GDPR grants you certain rights as a website user:
Right to information (Article 15 GDPR). You have the right to request confirmation as to whether your personal data is being processed and, if so, to be informed about that data and the further information listed in Article 15 GDPR.
Right to rectification and erasure (Articles 16 and 17 GDPR). You have the right to request the immediate correction of inaccurate personal data and, where appropriate, the completion of incomplete personal data. You also have the right to request that personal data relating to you be deleted without delay, provided one of the reasons set out in Article 17 GDPR applies, for example where the data is no longer required for the purposes pursued.
Right to restriction of processing (Article 18 GDPR). You have the right to request the restriction of processing if one of the conditions set out in Article 18 GDPR is met, for example if you have objected to processing, for the duration of any examination.
Right to data portability (Article 20 GDPR). In certain cases, set out in detail in Article 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format, or to request its transmission to a third party.
Right to object (Article 21 GDPR). Where data is processed on the basis of Article 6 (1) (f) GDPR (processing to protect legitimate interests), you have the right to object to the processing at any time on grounds relating to your particular situation. We will then no longer process the personal data unless there are compelling legitimate grounds for processing that override your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.
Right to lodge a complaint with a supervisory authority. In accordance with Article 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your data infringes data protection law. The right of complaint may be exercised in particular before a supervisory authority in the member state of your residence, your place of work or the place of the alleged infringement.
7. Contact
You have the opportunity to contact us via a web form or by email. To use our contact form we need your name and your email address. You may provide further information, but you are not obliged to do so. By sending your message to us, you agree that we may process your personal data in order to handle your request. Your request is transmitted to our server in encrypted form via https.
The legal basis for the processing is Article 6 (1) (b) GDPR. Your data is processed only to answer your request and is then deleted. It is not passed on to third parties.
8. Data protection officer
We are not legally required to appoint a data protection officer. If you have any questions or suggestions concerning data protection, please contact the controller named above.