top of page
siedler

legal

PRIVACY POLICY

The protection of your personal data is important to us. Your personal data will therefore be processed in accordance with the statutory data protection regulations.

In the data protection information you will be informed about the processing of your personal data in the context of business contacts and the rights to which you are entitled under the General Data Protection Regulation ("GDPR").

You will find all relevant information on the processing of your personal data when visiting this website in the data protection notice.

Last update: 28/02/2024

Data protection information 

Below you will be informed about the processing of your personal data and the rights to which you are entitled under the GDPR in accordance with Art. 13 GDPR.

 

Responsible person

Dr Nina-Luisa Siedler
Attorney at Law

Karl-Hofer-Str. 11B
14163 Berlin, Germany

Phone: +49 (0)173 598 3343
E-mail: nina.siedler@siedler.legal

 

Processing of personal data

Personal data is processed in various contexts:

Personal data of clients and other business contacts, suppliers and service providers are processed for the completion of tasks, for invoicing and subsequent accounting as well as for administration and contact. This includes:

  • Master data (surname, first name, address, contact details, tax details, payment details, status and identification of business contacts)

  • Communication and engagement data (times and content of conversations, instructions given, order history)

  • Data on task completion (instruction date, service content, cost estimate or invoice, information on task completion, deadlines, etc.)

 

Purposes and legal bases of clients and business contacts’ data processing

Personal data is processed on the basis of the provisions of the GDPR and the German Federal Data Protection Act (BDSG).

The legal basis for the processing of your data is Art. 6 para. 1 lit. b GDPR, i.e. the data is required for the fulfilment of a contract or pre-contractual legal relationship. Insofar as special categories of personal data are required for this, your consent will be requested in advance in accordance with Art. 9 para. 2 lit. a GDPR in conjunction with Art. 7 GDPR.

Your data will also be processed if it is necessary in accordance with Art. 6 para. 1 lit. f GDPR to protect our legitimate interests or those of third parties. This may be the case in particular:

  • for advertising our own comparable services

  • to ensure the security of the systems

  • to prevent and investigate criminal offences, in particular data analyses to identify indications that could point to misuse

In addition, your personal data will be processed to fulfil legal obligations (e.g. regulatory requirements, commercial and tax retention obligations). The legal basis for this is the respective legal provision in conjunction with Art. 6 para. 1 lit. c GDPR.

If you have given your consent, for example for advertising and marketing purposes, the data will also be processed for the purposes stated in the consent. The legal basis for this data processing is Art. 6 para. 1 lit. a GDPR. You can revoke your consent to the use of your personal data for advertising and marketing purposes at any time.

If your personal data could be processed for another purpose not mentioned above, you will be informed in advance and - if necessary - your consent will be obtained.

 

Recipients of your data

If necessary for contract processing, your data will be transmitted to other service partners, e.g. to payment service providers for the purpose of collecting payments and invoicing services utilised by clients. Within the scope of certain service relationships, your data will also be forwarded, for example, to tax authorities, banks, tax consultants for the execution of financial transactions, credit agencies for obtaining information, debt collection agencies for the collection of receivables, lawyers for legal services, disposal companies for the disposal of physical files and data carriers as well as postal and parcel service providers for the execution of postal mailings.

 

Duration of storage

Your personal data will be deleted as soon as it is no longer required for the above-mentioned purposes and any existing statutory retention periods have expired.

The Federal Lawyers' Act, the Fiscal Code and the Money Laundering Act, among others, impose obligations to provide evidence and retain records. The storage periods are up to ten years.

If claims can be asserted against the controller, we will retain the data until the expiry of the relevant statutory limitation periods. We retain personal data that is relevant to an existing legal dispute until the legal dispute has been concluded.

 

Your rights

As the data subject, you have the following rights vis-à-vis us.

Information

You can request information about your data stored by us at any time using the above-mentioned contact details of the person responsible, Art. 15 GDPR.

Any transmission requires your unequivocal authentication as the data subject or can only be made to an address already stored in your data.

Rectification, erasure and restriction

You also have the right to demand the correction of incorrect data or, if the legal requirements are met, the correction, deletion or restriction of the processing of your data, Art. 16, 17 and 18 GDPR.

Data portability

Upon request, your data stored by us will be sent to you in a structured, common and machine-readable format that you can use for further processing, Art. 20 GDPR.

Any transmission requires your unequivocal authentication as the data subject or can only be made to an address already stored in your data.

 

Objection

You can informally object to the use of your data for the purposes of direct advertising or market research at any time, Art. 21 GDPR.

You can revoke your consent to data processing informally using the contact details given above. This does not affect the lawfulness of the processing carried out up to the point of revocation.

In this case, we will no longer process your data unless there are compelling, legitimate reasons for further processing your data that are worthy of protection and outweigh the objection or the processing serves to pursue legal claims.

 

Right of appeal

If you have any questions or complaints about data protection, you can contact the controller at any time using the contact details provided above.

You also have the right to file a complaint with a data protection supervisory authority at any time, Art. 77 GDPR.

The data protection supervision of the person responsible is:

Berlin Commissioner for Data Protection and Information Security (https://www.datenschutz-berlin.de)

Contact via email

We would like to point out that emails sent without end-to-end encryption can be read or modified during transmission without authorisation or detection. We therefore strongly recommend that you do not send any sensitive information to us by e-mail. E-mails containing personal data should be sent with at least transport encryption. If you wish to send us sensitive information within the meaning of Art. 9 para. 1 GDPR or data that is subject to professional secrecy, end-to-end encryption should be used or another secure transmission method (e.g. by post) should be used. If you require further information regarding encryption options, you are welcome to contact us at any time using the contact details above.

Data protection notice on the use of the website

Below you will be informed about the processing of your personal data by the controller when using this website and the rights to which you are entitled under the GDPR in accordance with Art. 13 GDPR.

This data protection information clarifies the type, scope and purpose of the processing (including collection, processing and use as well as obtaining consent) of personal data when using this website, its functions and content. The data protection information applies regardless of the systems and devices used (e.g. desktop or mobile) on which the website is run.

Responsible person

Dr Nina-Luisa Siedler

Attorney at Law

 

Karl-Hofer-Str. 11B

14163 Berlin

 

Phone: +49 (0)173 598 3343

E-mail: nina.siedler@siedler.legal

Transmission security

By default, this website offers the so-called SSL security system (Secure Socket Layer) in conjunction with 128-bit encryption for data transfer in order to protect data against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. The security measures are continuously adapted in line with technological developments. You can recognise encrypted data transmission by the display of a closed key or lock symbol in the upper status bar of your browser.

Basic information on data processing

Personal data of you as a user of the website will be processed in compliance with the relevant data protection regulations in accordance with the principles of data minimisation and data avoidance. This means that your data will only be processed if there is a legal authorisation or if you have given your consent.

Organisational, contractual and technical security measures are taken in accordance with the state of the art to ensure that the provisions of data protection laws are complied with and that the data processed by us is protected against accidental or intentional manipulation, loss, destruction or access by unauthorised persons.

Recipients outside the EU

In the context of website use, it may also be necessary to transfer your personal data to a country outside the EU or the EEA (hereinafter referred to as a third country). Usage data may be transferred outside the EU if various providers of advertising services used in connection with this website, analytics services or services integrated into the website are based outside the EU and parts of the processing within the scope of these services are handled via servers outside the EU. These services are referred to below by corresponding notes. In these cases, only the data required for processing will be transmitted, but no adequate level of data protection can be guaranteed for foreign processing and by the recipient.

This is done exclusively in compliance with the measures specified in Art. 44 et seq. GDPR to ensure an appropriate level of data protection. If there is no adequacy decision by the European Commission for the recipient's country of establishment and the recipient is not subject to the Data Privacy Framework Agreement, standard contractual clauses are used. Further information can be found under the contact details of the controller.

 

The legal basis for the international transfer is your consent to this use of services in accordance with Art. 49 para. 1 lit. a GDPR. The granting of this consent is explained in the section "Tools and services". The transfer to certain third countries entails the risk that your data may be read and analysed by secret services and security authorities of the respective country without adequate legal protection or appropriate constitutional guarantees. As a result, there is a possibility that your personal profile may be created without your knowledge, the analysis of which may lead to actual restrictions by these countries or to further checks by these countries.

Transmission of browser data and settings

The following describes which usage data is collected on this site and which other services are used on this site. If you use the website purely for information purposes, i.e. if you do not provide us with any information, we only collect the personal data that your browser transmits to our hosting provider. We host our website with our processor WIX (Wix.com Ltd, Nemal St. 40, 6350671 Tel Aviv, Israel). According to the European Commission, Israel offers an adequate level of protection for personal data of residents of EU Member States, see adequacy decision.

Connection data is processed for the purpose of providing and delivering the website. The legal basis for data processing is the legitimate interest (absolute technical necessity for the provision and delivery of the "website" service expressly requested by you by calling it up), Art. 6 para. 1 lit. f GDPR. To operate the website, the connection data and other personal data are also processed as part of various other functions and services. Detailed information on this is provided in this data protection notice for the individual functions and services.​

 

Log files are recorded and stored on the server side. IP addresses are stored for up to 365 days. The legal basis for this processing is Art. 6 para. 1 lit. f GDPR, the legitimate interest in analysing and eliminating errors.

 

As part of the above-mentioned logging and for display purposes, the following data is collected, which is technically necessary to display the website to you and to ensure its stability and security. The legal basis for processing is Art. 6 para. 1 lit. f GDPR (legitimate interest):

  • IP address

  • Date and time of the enquiry

  • Content of the request (specific page)

  • Access status / https status code

  • Amount of data transferred in each case

  • Website from which the request comes

  • Browser used

  • Operating system

  • Language and version of the browser software

  • Referrer (origin page)

  • Other technical parameters, e.g.

    • JavaScript support

    • Number and type of installed plug-ins

    • Size of the browser window

    • Resolution of the screen

    • Supported languages

    • Installed fonts

WIX and its affiliates process this personal data globally after conducting a review process that includes an assessment of the data protection laws in those countries. WIX and its affiliates, including DeviantArt Inc., participate in and have certified compliance with the EU-US Data Privacy Framework. To learn more about the Data Privacy Framework, visit the US Department of Commerce's Privacy Shield List.

 

Further information on data protection at WIX can be found here.​

Contact form

It is possible to contact the person responsible directly via a contact form on the website. All mandatory information is marked with an asterisk ("*") (e-mail address, message). The data is transmitted via a secure SSL connection. The personal data entered by you will then be processed for the purpose of processing your enquiry on the basis of your consent given prior to sending in accordance with Art. 6 para. 1 lit. a GDPR.​

 

The data you provide will only be used to support you with your request. Your data will be stored for documentation purposes and for client services and supporting business contacts and will be stored for three months after completion of the process and then deleted, unless statutory retention/storage periods prevent deletion. See also the above section on "Duration of storage”.

You can informally withdraw your consent to the processing of your personal data at any time using the contact details provided for the controller. This does not affect the legality of the processing carried out up to the time of withdrawal.

Tools and services

Functionality and types of cookies

Cookies are small text files that are saved by your browser and stored on your end device. They contain various data, e.g. duration of the website visit or user input, but may also contain identification codes for recognition. They may originate both from us as the website provider (so-called first-party cookies) and, in the case of cooperation with third parties, also from them (so-called third-party cookies) and may be stored for different periods of time (e.g. for the duration of the website use up to several weeks and one year).​

 

You can set your browser so that you are notified as soon as cookies are sent. You can also delete cookies from your computer's hard drive yourself at any time. You can prevent the storage of cookies in your browser by restricting or switching off the storage and reading of cookies via the menu bar "Tools > Internet Options > Privacy" (Edge) or "Settings > Privacy" (Firefox). In this case, the full functionality of the website will no longer be available to you.

First-party cookies

Our website uses first-party cookies, so-called "session cookies". They are used to store data relevant to your visit to the website or to recognise your computer during your visit (e.g. to make it easier to enter your password). These cookies do not require consent and guarantee the full technical functionality of the website. The legal basis for the processing is § 25 para. 2 sentence 2 no. 2 of the Telecommunications Telemedia Data Protection Act (TTDSG).

Third-party cookies

If we work with third parties, you will be informed individually and separately about the use of such cookies and the scope of the information collected in each case within the following paragraphs on the respective third-party service providers. The legal basis for the processing is your consent, § 25 para. 2 sentence 1 TTDSG, or Art. 6 para. 1 lit. a GDPR.​

 

Use of the WIX tool for cookie consent

This website uses the cookie tool from WIX (provider) to obtain the consent required for the use of certain cookies. To fulfil the consent requirements under the GDPR for the use of cookies and similar technologies, a banner with corresponding information is displayed at the beginning of the website use. For this purpose, you can either consent to the setting of all cookies provided on this website, select an individual setting based on certain cookie categories or not give your consent, so that only cookies that do not require consent are used (first-party cookies).

The selected setting is stored on your computer for one year by means of a cookie from the provider, unless you clear the cache of the browser you are using. This cookie is necessary for the operation of the website and does not require consent. Its use is justified by the legitimate interest in operating the website in compliance with the law and taking into account settings once selected on subsequent website visits without having to make them again (Art. 6 para. 1 lit. f GDPR).

Further information on the use of the data transmitted during use can be found here. In addition to this consent relating to our website, many service providers offer their own links for cross-website data protection objections, which we refer to in our data protection information for the sake of completeness. Consent on our website using the WIX tool does not have the effect of cancelling such existing or future objections to individual providers.

Further information about the types of cookies and their respective storage periods can be found here.

Usage data may be transferred outside the EU if various providers of advertising services, analytics services or services integrated into this website are based outside the EU and parts of the processing within the scope of these services are handled via servers outside the EU. The admissibility under data protection law with regard to the transfer abroad therefore only arises here through your consent to this use of services, Art. 49 para. 1 lit. a GDPR. The risks associated with a transfer in this regard are described under "Transfers to recipients outside the EU".

Allocation of responsibility for external services

All services of third-party providers (third-party services) include transmission to the service providers and, if applicable, the service providers' own processing. We conclude the necessary contractual provisions with the third-party service providers. If services are operated under joint responsibility in accordance with Art. 26 GDPR, both we and the corresponding service provider are jointly responsible for the purposes and means of processing the data. Which processing is carried out by whom must be contractually regulated with the service provider. The service provider (joint controller) is then regularly responsible for aggregations and personal analyses of usage data, naming and justifying the legal basis for its own processing and, if applicable, providing anonymised analysis results for our website.​

 

As joint controllers, we are responsible for setting the respective cookies and transmitting the usage data from our website. Current transmissions on our part are fully based on the consent obtained with the WIX cookie banner.

Use of social media services and own websites

Our website contains links to the social media services listed below. On the one hand, social media services can act like conventional marketing services towards non-members, but towards members they have the special feature that data collected via this website can be linked to the existing member account.

A basic distinction must be made between different services and functions of social media services. On the one hand, social media services offer to place user-customised advertising on their platforms or to display advertising on linked pages, taking their user profiles into account. In addition, they can be used via social plug-ins (e.g. like-me or share-me buttons) to distribute and promote page content by users. In addition to this website, there are also separate pages for external presentation on social media platforms.

You can find us on the following platforms:

LinkedIn 

 

X (Twitter) 

The purpose and scope of the data collection, the further processing and use of the data by the respective provider of the social media platform as well as your rights in this regard and setting options to protect your privacy can be found in the data protection information of the respective service provider, which is described in detail below.

We have no influence on the data and its processing, which is carried out by the social network on its own responsibility in accordance with the terms of use. We would like to point out that when you visit the respective social media platform, data on your usage behaviour may be transmitted to the service provider. The service providers of the social media platforms may process personal data in order to compile detailed statistics and for their own market research and advertising purposes, over which we have no influence. For this purpose, cookies and other identifiers are stored on the computers of the data subjects. Based on these usage profiles, adverts are then displayed within the social network and on third-party websites, for example. You can find more information on this in the respective data protection notices of the service providers.

LinkedIn

LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) is a global networking platform for professionals and executives. Registered users can interact with each other to increase business and career opportunities. On our website, you have the option of being forwarded directly to our LinkedIn profile.

Our LinkedIn profile

When you visit our LinkedIn profile, you are on the LinkedIn platform. The evaluation data of the site provider is only made available to us in anonymised form (statistical values). The joint responsibility described above exists for the data processing required for this purpose.

Our legal basis for data processing here is the legitimate interest in staying in contact with interested parties and informing them, Art. 6 para. 1 lit. b GDPR, as well as counting the users of our LinkedIn profile, Art. 6 para. 1 lit. f GDPR. This relates to our interest in measuring and analysing the effectiveness of our website. 

Further information on LinkedIn's data protection can be found here. The joint controller agreement and the respective responsibilities can be found here. The opt-out option (cookie) for rejecting advertising can be found here.

X (Twitter)

We also maintain a presence on the X/Twitter service: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland, parent company: Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; https://twitter.com.

 

When you visit our Twitter profile, you are on the Twitter platform. We would like to point out that you use our presence there and the use of interactive functions on your own responsibility. The evaluation data of the site provider is only made available to us in anonymised form (statistical values).

 

Our legal basis for data processing here is the legitimate interest in staying in contact with interested parties and informing them, Art. 6 para. 1 lit. b GDPR, as well as counting the users of our X/Twitter profile, Art. 6 para. 1 lit. f GDPR. This relates to our interest in measuring and analysing the effectiveness of our website. 

Further information on X/Twitter’s data protection can be found here and on individualisation/personalisation can be found hereThe data processing addendum provided by X/Twitter can be found here.


YouTube

We use the YouTube platform to post our own videos and make them available to the public. YouTube is a service provided by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). The service therefore originates from a third party not affiliated with us.

 

In the event that you follow a link to YouTube, we would like to point out that YouTube stores the data of its users (e.g. personal information, IP address) in accordance with its own terms of use and data usage guidelines and uses it for business purposes.

 

The purpose and scope of the data collection, the further processing and use of the data by the service provider as well as your rights in this regard and setting options to protect your privacy can be found in the privacy policy and in the terms of use here.

 

Your rights

As the data subject, you have the following rights vis-à-vis us.

Information

You can request information about your data stored by us at any time using the above-mentioned contact details of the person responsible, Art. 15 GDPR. [hier fehlt Abs.zeichen auf Website]

Any transmission requires your unequivocal authentication as the data subject or can only be made to an address already stored in your data.

Rectification, erasure and restriction

You also have the right to demand the correction of incorrect data or, if the legal requirements are met, the correction, deletion or restriction of the processing of your data, Art. 16, 17 and 18 GDPR.

Data portability

Upon request, your data stored by us will be sent to you in a structured, common and machine-readable format that you can use for further processing, Art. 20 GDPR. [hier fehlt Abs.zeichen auf Website]

Any transmission requires your unequivocal authentication as the data subject or can only be made to an address already stored in your data.

 

Objection

You can informally object to the use of your data for the purposes of direct advertising or market research at any time, Art. 21 GDPR.

You can revoke your consent to data processing informally using the contact details given above. This does not affect the lawfulness of the processing carried out up to the point of revocation.

In this case, we will no longer process your data unless there are compelling, legitimate reasons for further processing your data that are worthy of protection and outweigh the objection or the processing serves to pursue legal claims.

 

Right of appeal

If you have any questions or complaints about data protection, you can contact the controller at any time using the contact details provided above.

 

The data protection supervisory authority at any time, Art. 77 GDPR. [hier fehlt Abs.zeichen auf Website]

The data protection supervision of the person responsible is:

Berlin Commissioner for Data Protection and Information Security (https://www.datenschutz-berlin.de)

 

Supplementary notes

Changes to security and data protection measures may result in an amendment to this privacy policy. Please refer to the current version on the website.

bottom of page