Privacy Policy

Data Protection at a Glance

General Information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data refers to any data that can personally identify you. Detailed information on data protection can be found in the privacy policy listed below this text.

Data Collection on This Website

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find the operator’s contact details in the section “Note on the Responsible Party” in this privacy policy.

How do we collect your data?
Your data is collected when you provide it to us. This can include data you enter in a contact form, for example. Other data is collected automatically or with your consent when you visit the website through our IT systems. These are primarily technical data (e.g., internet browser, operating system, or time of the page visit). This data is collected automatically as soon as you access this website.

What do we use your data for?
Some of the data is collected to ensure the error-free provision of the website. Other data may be used to analyze your user behavior. If contracts are concluded or initiated via the website, the transmitted data will also be processed for contract offers, orders, or other business inquiries.

What rights do you have regarding your data?
You have the right to receive information about the origin, recipient, and purpose of your stored personal data at any time free of charge. You also have the right to request the correction or deletion of this data. If you have given consent for data processing, you can revoke this consent at any time for the future. Additionally, you have the right to request the restriction of the processing of your personal data under certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

For this and other questions regarding data protection, you can contact us at any time.

Analytics Tools and Third-Party Tools
When visiting this website, your browsing behavior may be statistically analyzed. This is primarily done with analytics programs. Detailed information about these analytics programs can be found in the following privacy policy.

2. Hosting

We host the content of our website with the following provider:

WIX
The provider is Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel (hereinafter referred to as “WIX”).

WIX is a tool for creating and hosting websites. When you visit our website, WIX helps analyze user behavior, visitor sources, the region of website visitors, and visitor numbers. WIX stores cookies in your browser that are required for displaying the website and ensuring security (necessary cookies).

The data collected by WIX may be stored on various servers worldwide. WIX servers are located, among other places, in the USA. You can find details in WIX's privacy policy:
https://de.wix.com/about/privacy.

According to WIX, data transfer to the USA and other third countries is based on the EU Commission's standard contractual clauses or comparable guarantees pursuant to Art. 46 GDPR. Details can be found here:
https://de.wix.com/about/privacy-dpa-users.

The use of WIX is based on Art. 6(1)(f) GDPR. We have a legitimate interest in a reliable presentation of our website. If consent has been requested, processing is based solely on Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as consent covers the storage of cookies or access to information on the user's device (e.g., device fingerprinting) under the TDDDG. Consent can be revoked at any time.

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA intended to ensure compliance with European data protection standards in the USA. Each company certified under the DPF is committed to complying with these data protection standards. Further information is available at:
https://www.dataprivacyframework.gov/participant/5626.

Data Processing Agreement
We have concluded a data processing agreement (DPA) for using the above-mentioned service. This is a contract required by data protection law to ensure that WIX processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.

3. General Information and Mandatory Disclosures

Data Protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations as well as this privacy policy.

When you use this website, various personal data are collected. Personal data refers to data that can personally identify you. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose this happens.

Please note that data transmission over the Internet (e.g., communication via email) may have security gaps. Complete protection of data from access by third parties is not possible.

Note on the Responsible Party
The responsible party for data processing on this website is:

Johanna Wegner
Raiffeisenweg 4
97520 Röthlein
Phone: 015117629533
Email: info@johannawegner.de

The responsible party is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Storage Duration
Unless a specific storage duration is mentioned in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you make a legitimate request for deletion or withdraw your consent to data processing, your data will be deleted unless there are other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer apply.

General Information on the Legal Bases of Data Processing on This Website

If you have given consent to data processing, we process your personal data based on Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR if special categories of data are processed according to Art. 9(1) GDPR. In the case of explicit consent to the transfer of personal data to third countries, data processing is also based on Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or access to information on your device (e.g., via device fingerprinting), data processing is additionally based on § 25(1) TDDDG. Consent can be revoked at any time.

If your data is necessary for contract fulfillment or pre-contractual measures, we process your data based on Art. 6(1)(b) GDPR. Additionally, we process your data if it is necessary to fulfill a legal obligation based on Art. 6(1)(c) GDPR.

Data processing may also occur based on our legitimate interest according to Art. 6(1)(f) GDPR. The relevant legal basis for each individual case is specified in the following paragraphs of this privacy policy.

SSL and TLS Encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the browser's address bar changes from “http://” to “https://” and by the lock symbol in your browser’s address bar.

When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Encrypted Payment Transactions on This Website

If, after concluding a paid contract, you are obliged to send us your payment data (e.g., account number for direct debit), this data is required for payment processing.

Payment transactions using the common payment methods (Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the browser’s address bar changes from “http://” to “https://” and by the lock symbol in your browser’s address bar.

When communication is encrypted, your payment data that you transmit to us cannot be read by third parties.

Objection to Promotional Emails

The use of contact data published as part of the legal notice obligation for sending unsolicited advertising and informational materials is hereby rejected. The operators of these pages expressly reserve the right to take legal action in the event of unsolicited advertising information, such as spam emails.

4. Data Collection on This Website

Our web pages use “cookies.” Cookies are small data packets that do no harm to your device. They are either temporarily stored for the duration of a session (session cookies) or permanently (persistent cookies) stored on your device. Session cookies are automatically deleted at the end of your visit. Persistent cookies remain on your device until you delete them or your web browser performs an automatic deletion.

Cookies can be set by us (first-party cookies) or by third-party companies (third-party cookies). Third-party cookies enable certain services provided by third-party companies to be embedded within web pages (e.g., cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g., the shopping cart function or video display). Other cookies may be used to analyze user behavior or for advertising purposes.

Cookies that are required to carry out the electronic communication process, provide specific functions you desire (e.g., the shopping cart function), or optimize the website (e.g., cookies for measuring web traffic) are stored based on Art. 6(1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies to ensure the technically error-free and optimized provision of its services. If consent to store cookies and similar recognition technologies has been requested, processing is based solely on this consent (Art. 6(1)(a) GDPR and § 25(1) TDDDG); consent can be revoked at any time.

You can configure your browser to inform you about the setting of cookies, to allow cookies only in specific cases, to exclude cookies for certain cases or in general, and to enable the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.

You can find out which cookies and services are used on this website in this privacy policy.

Comment Function on This Website

For the comment function on this site, details such as the time the comment was created and the username you chose (if you are not posting anonymously) are stored alongside your comment.

Storage Duration of Comments
Comments and the associated data are stored and remain on this website until the content being commented on is completely deleted, or the comments must be deleted for legal reasons (e.g., offensive comments).

Legal Basis
The storage of comments is based on your consent (Art. 6(1)(a) GDPR). You can revoke your consent at any time by sending an informal email to us. The legality of data processing operations that have already occurred remains unaffected by the revocation.

Contact Form

If you send us inquiries via the contact form, the information you provide, including your contact details, will be stored for the purpose of processing the inquiry and any follow-up questions. This data will not be shared without your consent.

The processing of this data is based on Art. 6(1)(b) GDPR if your inquiry is related to fulfilling a contract or carrying out pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries (Art. 6(1)(f) GDPR) or your consent (Art. 6(1)(a) GDPR), if requested. Consent can be revoked at any time.

The data you enter in the contact form remains with us until you request its deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after completing your request). Mandatory legal provisions, especially retention periods, remain unaffected.

Inquiry by Email, Telephone, or Fax

If you contact us by email, telephone, or fax, your inquiry, including all personal data resulting from it (name, inquiry), will be stored and processed for the purpose of handling your request. This data will not be shared without your consent.

The data you send to us via contact inquiries remains with us until you request its deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions, especially retention periods, remain unaffected.

5. Analytics Tools and Advertising

Google Analytics

This website uses features of the Google Analytics web analytics service. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics allows the website operator to analyze the behavior of website visitors. The website operator receives various usage data, such as page views, time spent on the site, operating systems used, and the origin of users. This data may be compiled by Google into a profile that is associated with the respective user or their device.

Google Analytics uses technologies that enable user recognition for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). The information collected by Google about the use of this website is generally transmitted to a Google server in the USA and stored there.

The use of this analysis tool is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising. If appropriate consent has been requested (e.g., consent to store cookies), processing is based solely on Art. 6(1)(a) GDPR; consent can be revoked at any time.

Data transfer to the USA is based on the EU Commission’s standard contractual clauses. Details can be found here:
https://privacy.google.com/businesses/controllerterms/mccs/.

IP Anonymization

We have activated the IP anonymization function on this website. This means that Google will shorten your IP address within the member states of the European Union or other states party to the Agreement on the European Economic Area before transmitting it to the USA. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activities, and provide other services related to website and internet usage for the website operator. The IP address transmitted by your browser within Google Analytics will not be combined with other data held by Google.

Browser Plugin

You can prevent Google from collecting and processing your data by downloading and installing the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=en.

More information on how Google Analytics handles user data can be found in Google’s privacy policy:
https://support.google.com/analytics/answer/6004245?hl=en.

Data Processing Agreement

We have entered into a data processing agreement (DPA) with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Google Analytics E-Commerce Tracking

This website uses the “E-Commerce Tracking” feature of Google Analytics. E-Commerce Tracking allows the website operator to analyze the purchasing behavior of website visitors to improve online marketing campaigns. Information such as completed orders, average order values, shipping costs, and the time from viewing a product to purchase is collected. This data may be compiled by Google under a transaction ID, which is associated with the respective user or their device.

Storage Duration

User-level and event-level data stored by Google and linked to cookies, user IDs (e.g., User ID), or advertising IDs (e.g., DoubleClick cookies, Android advertising ID) are anonymized or deleted after 14 months. Details can be found at the following link:
https://support.google.com/analytics/answer/7667196?hl=en

6. Social Media

Social Media Elements with Shariff

This website uses elements from social media platforms (e.g., Facebook, X, Instagram, Pinterest, XING, LinkedIn, Tumblr). You can generally recognize these social media elements by their respective logos. To ensure data protection on this website, we use the so-called “Shariff” solution. This application prevents social media elements integrated into this website from transferring your personal data to the respective provider when you first visit the site.

A direct connection to the provider's server is only established when you activate the respective social media element by clicking on the associated button (consent). Once you activate the social media element, the respective provider receives the information that you visited this website with your IP address. If you are logged into your social media account (e.g., Facebook) at the same time, the provider can link your visit to your user account.

Activating the plugin constitutes consent within the meaning of Art. 6(1)(a) GDPR and § 25(1) TDDDG. You can revoke this consent at any time with future effect. The service is used to obtain legally required consents for the use of certain technologies. The legal basis for this is Art. 6(1)(c) GDPR.

7. Newsletter

Newsletter Data

If you would like to receive the newsletter offered on the website, we require your email address and information that allows us to verify that you are the owner of the provided email address and agree to receive the newsletter. No further data is collected, or only on a voluntary basis. This data is used exclusively for sending the requested information and is not shared with third parties.

The processing of data entered in the newsletter registration form is based solely on your consent (Art. 6(1)(a) GDPR). You can revoke your consent to the storage of data, email address, and its use for sending the newsletter at any time, for example via the “Unsubscribe” link in the newsletter. The legality of data processing operations already carried out remains unaffected by the revocation.

The data you provide for the purpose of receiving the newsletter will be stored until you unsubscribe from the newsletter, at which point it will be deleted from our servers or the servers of the newsletter service provider. We reserve the right to delete or block email addresses from our newsletter distribution list at our discretion, based on our legitimate interest (Art. 6(1)(f) GDPR).

Data stored for other purposes with us remains unaffected.

After you unsubscribe from the newsletter distribution list, your email address may be stored in a blacklist to prevent future mailings. The data in the blacklist will only be used for this purpose and will not be combined with other data. This serves both your interest and our interest in complying with legal requirements for sending newsletters (legitimate interest pursuant to Art. 6(1)(f) GDPR). Storage in the blacklist is indefinite. You can object to the storage if your interests outweigh our legitimate interest.

8. Plugins and Tools

Google Web Fonts

This website uses web fonts provided by Google for consistent font display. When you load a page, your browser loads the required web fonts into its cache to correctly display text and fonts.

To do this, the browser you are using must connect to Google’s servers. This informs Google that your IP address was used to access this website. The use of Google Web Fonts is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the consistent presentation of the fonts on their website. If consent has been requested (e.g., consent to store cookies), processing is based solely on Art. 6(1)(a) GDPR; consent can be revoked at any time.

If your browser does not support web fonts, a standard font from your computer will be used.

Further information about Google Web Fonts can be found here:
https://developers.google.com/fonts/faq
Google’s privacy policy:
https://policies.google.com/privacy?hl=en

9. Audio and Video Conferencing

Data Processing

We use online conferencing tools to communicate with our customers. The specific tools we use are listed below. When you communicate with us via video or audio conference over the internet, your personal data is collected and processed by us and the provider of the respective conferencing tool.

The conferencing tools collect all the data you provide to use the tools (e.g., email address and/or phone number). The conferencing tools also process the duration of the conference, the start and end times of participation, the number of participants, and other “context information” related to the communication process (metadata).

Additionally, the provider of the tool processes all technical data necessary for conducting online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.

If content is shared, uploaded, or otherwise provided within the tool, this content is also stored on the servers of the tool provider. Such content includes cloud recordings, chat or instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared during the use of the service.

Please note that we have limited influence over the data processing procedures of the tools we use. Our options are largely determined by the policies of the respective provider. For more information on data processing by the conferencing tools, please refer to the privacy policies of the respective tools listed below.

Purpose and Legal Basis

The conferencing tools are used to communicate with prospective or existing contractual partners or to offer specific services to our customers (Art. 6(1)(b) GDPR). Furthermore, using these tools helps simplify and expedite communication with us or our company (legitimate interest pursuant to Art. 6(1)(f) GDPR). If consent has been requested, the tools are used based on this consent; consent can be revoked at any time with future effect.

Storage Duration

The data collected directly by us via video and conferencing tools will be deleted from our systems as soon as you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies. Cookies stored on your device remain until you delete them. Mandatory statutory retention periods remain unaffected.

We have no control over the storage duration of your data by the operators of the conferencing tools for their own purposes. For details, please refer directly to the privacy policies of the respective tool providers.

Conferencing Tools Used

Zoom
We use Zoom. The provider of this service is Zoom Communications Inc., 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. You can find details on data processing in Zoom's privacy policy:
https://explore.zoom.us/en/privacy/

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here:
https://explore.zoom.us/en/privacy/

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that ensures compliance with European data protection standards for data processing in the USA. Each company certified under the DPF is committed to adhering to these data protection standards. Further information is available at the following link:
https://www.dataprivacyframework.gov/participant/5728

Data Processing Agreement

We have concluded a Data Processing Agreement (DPA) for using the above-mentioned service. This is a contract required by data protection law to ensure that Zoom processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.

This privacy policy was created with the help of the privacy policy generator from e-recht24.de. Individual sections and passages have been modified in wording and phrasing, german version was translated into english.

Back to Home

Privacy Policy

Join my mailing list