Data Protection

This privacy policy clarifies the nature, scope and purpose of the processing of personal data (hereafter "data") within our online offer and the associated web pages, features and content, as well as external online presence, e.g. our Social Media Profile (collectively referred to as the "Online Offering"). in the With regard to the terms used, such as "Processing" or "Responsible" we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).


Dirk Grappendorf
Feldherrnstr. 61
44147 Dortmund

Types of processed data:

- Inventory data (e.g., names, addresses).
- Contact information (e.g., e-mail, phone numbers).
- Content data (e.g., text input, photographs, videos).
- Usage data (e.g., visited web pages, interest in content, access times).
- Meta / communication data (e.g., device information, IP addresses).

Categories of affected persons

Visitors and users of the online offer (hereinafter we refer to the persons concerned in summary, as a "user").

Purpose of processing

- Provision of the online offer, its functions and contents.
- Answering contact requests and communicating with users.
- Safety measures.
- Audience measurement / Marketing

Used terms

"Personal information" is any information that relates to an identified or Identifiable natural person (hereinafter referred to as "affected person"); as identifiable is considered a natural person, directly or indirectly, in particular by assignment to an identifier such as a name, to an identification number, to location data, to an online identifier (e.g., cookie) or one or more particular features can be identified, the expression of the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person are.

"Processing" is any process performed with or without the aid of automated procedures or any such series relating to personal data. The term is enough far and includes virtually every deal with data.

"Pseudonymization" means the processing of personal data in a way that the Personal data without the use of additional information is no longer one specific affected person can be assigned, provided these additional Information should be kept separate and technical and organizational measures ensure that the personal data are not identified or identifiable natural person.

"Profiling" any type of automated processing of personal data contained therein that this personal information is used to make certain personal information Assess aspects that relate to a natural person, especially aspects regarding work performance, economic situation, health, personal preferences, Interests, reliability, behavior, location or change of location of this natural Person to analyze or predict.

The "person responsible" is the natural or legal person, authority, institution or another body, alone or shared with others about the purposes and means of Processing of personal data.

"Processor" means a natural or legal person, public authority, body or organization another body that processes personal data on behalf of the controller.

Relevant legal bases

In accordance with Art. 13 GDPR, we will inform you of the legal basis of our Data processing with. Unless the legal basis specified in the privacy policy The legal basis for obtaining consent is Article 6 para. 1 lit. a and Art. 7 GDPR, the legal basis for processing in order to fulfill our requirements Performance and execution of contractual measures and answering inquiries is Art. 6 Para. 1 lit. b GDPR, the legal basis for processing to fulfill our requirements legal obligations is Art. 6 para. 1 lit. c GDPR, and the legal basis for the Processing for the protection of our legitimate interests is Art. 6 para. 1 lit. f GDPR. For the case that vital interests of the person concerned or another natural The person requiring the processing of personal data, Art. 6 (1) lit. d GDPR as legal basis.

Safety measures

We meet in accordance with the Art. 32 GDPR, taking into account the state of the art, the Implementation costs and the nature, scope, circumstances and purposes of the processing and the different likelihood and severity of the risk for the rights and liberties of natural persons, appropriate technical and organizational measures ensure a level of protection appropriate to the risk.

The measures include in particular the safeguarding of confidentiality, integrity and Availability of data by controlling the physical access to the data, as well as theirs access, disclosure, disclosure, availability, and their availability Separation. Furthermore, we have set up procedures that have a perception of Ensure data subject rights, data erosion and data vulnerability. We also take into account the protection of personal data already during development, or selection of hardware, software and methods, according to the principle of Data protection through technology design and privacy-friendly default settings (Art. 25 GDPR).

Collaboration with processors and third parties

Unless we provide data to other individuals and companies as part of our processing (Order processors or third parties), forward them to them or otherwise Grant access to the data, this is done only on the basis of a legal permit (For example, if a transmission of the data to third parties, such as payment service providers, in accordance with Art Para. 1 lit. b GDPR is required to fulfill the contract), you have consented to one legal obligation or based on our legitimate interests (e.g., when using agents, web hosts, etc.).

Provided that we third parties with the processing of data on the basis of a so-called. Contract processing contract, this is done on the basis of Art. 28 GDPR.

Transfers to third countries

If we have data in a third country (ie outside the European Union (EU) or the European Economic Area (EEA)) or in the context of the mobilization of Services of third parties or disclosure, or transmission of data to third parties happens this only if it is to fulfill our (pre) contractual obligations, based on your Consent, due to a legal obligation or based on our legitimate Interests happens. Subject to legal or contractual permissions, process or we leave the data in a third country only in the presence of special conditions of Art. 44 et seq. GDPR. That the processing is e.g. based on special Guarantees, such as the officially recognized statement of an EU equivalent Privacy levels (e.g., for the US through the Privacy Shield) or official attention recognized special contractual obligations (so-called "standard contractual clauses").

Rights of data subjects

You have the right to ask for confirmation as to whether the data in question is being processed and information about this data and for further information and copy of the data according to Art. 15 GDPR.

You have accordingly. Art. 16 GDPR the right to the completion of you Data or correction of incorrect data concerning you.

In accordance with Art. 17 GDPR, they have the right to request that data in question be deleted immediately, or alternatively in accordance with Art. 18 GDPR To restrict the processing of the data.

You have the right to demand that the data concerning you be provided to us have to receive according to Art. 20 GDPR and their transmission to others Responsible ones to demand.

You have gem. Art. 77 GDPR the right to file a complaint with the competent To submit to the supervisory authority.


You have the right to grant consent in accordance with. Art. 7 para. 3 GDPR with effect for the To revoke the future

Right to

You may, in accordance with Art. 21, consider the future processing of your data GDPR contradict at any time. The opposition may in particular against the processing for Purposes of direct mailing.

Cookies and right to object in direct mail

"Cookies" are small files stored on users' computers become. Different information can be stored within the cookies. A cookie is primarily used to provide information about a user (or the device on which the cookie is stored is) during or even after his visit to save an online offer. As Temporary cookies, or "session cookies" or "transient cookies", become cookies which are deleted after a user leaves an online offer and his Browser closes. In such a cookie, e.g. the contents of a shopping cart in one Online shop or a login status will be saved. Being "permanent" or "persistent" Cookies, which remain stored even after closing the browser. Thus, e.g. the login status will be saved if users visit it after several days. Likewise, in such a cookie, the interests of the users can be stored for Range measurement or marketing purposes are used. Become a third-party cookie Cookies are referred to by providers other than the person responsible for the online offering (otherwise, if it's just their cookies, it's called "First-party cookies").

We can use temporary and permanent cookies and clarify this in the context of our Privacy Policy on.

If users do not want cookies stored on their machine, they will asked to deactivate the corresponding option in the system settings of your browser. Saved cookies can be deleted in the system settings of the browser. Of the Exclusion of cookies can lead to functional restrictions of this online offer.

A general contradiction to the use of those used for the purpose of online marketing Cookies can be used in a variety of services, especially in the case of tracking over the US side or the EU side be explained. Furthermore, the storage of cookies by means of their shutdown in the Settings of the browser can be achieved. Please note that then may not be all functions of this online offer can be used.

Deletion of data

The data processed by us are deleted in accordance with Art. 17 and 18 GDPR, or in limited to their processing. Unless under this Privacy Policy expressly stated, the data stored with us are deleted, as soon as they are for their Purpose are no longer required and the deletion no legal Dispose of storage obligations. Unless the data is deleted because it is for other and legally permissible purposes are required, their processing limited. That The data is blocked and not processed for other purposes. The applies e.g. for data that must be kept for commercial or tax reasons.

According to legal requirements in Germany, the storage takes place in particular for 10 years according to §§ 147 Abs. 1 AO, 257 Abs. 1 Nr. 1 and 4, Abs. 4 HGB (books, records, Management reports, accounting documents, trading books, documents relevant to taxation, etc.) and 6 years according to § 257 Abs. 1 Nr. 2 and 3, Abs. 4 HGB (commercial letters).

According to legal regulations in Austria the storage takes place especially for 7 J according to § 132 para. 1 BAO (accounting documents, receipts / invoices, accounts, receipts, business papers, Statement of income and expenditure, etc.), for 22 years in connection with land and for 10 years for documents related to electronically provided services, Telecommunications, broadcasting and television broadcasting services to non-contractors in EU Member States and for which the Mini-One-Stop-Shop (MOSS) is taken.

Hosting and e-mailing

The hosting services we use are for the purpose of providing the following services: infrastructure and platform services, computing capacity, Storage and database services, e-mail, security and technical Maintenance services that we use for the purpose of operating this online offer.

Here we, or our hosting provider, process inventory data, contact data, Content data, contract data, usage data, meta and communication data of customers, Interested parties and visitors to this online offer based on our authorized users Interests in an efficient and secure provision of this online offer gem. Art. 6 para. 1 lit. f GDPR i.V.m. Art. 28 GDPR (degree Job processing contract).

Created with by RA Dr. med. Thomas Schwenke