Privacy Policy

Data privacy at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data are all data with which you can be personally identified. For detailed information on data privacy, please refer to our data privacy statement provided below.

Data collection on our website

Who is responsible for collecting data on this website?

Data processing on this website is done by the website operator. You will find relevant contact details in the Legal Notice provided on this website.

How do we collect your data?

On the one hand, your data are collected by you communicating it to us. This may, for example, be data you enter in a contact form.

Other data are automatically collected by our IT systems when you visit the website. This is mainly technical data (e.g., Internet browser, operating system or the time at which you open our site). These data are collected automatically as soon as you enter our website.

What do we use your data for?

Some of the data is collected to make sure that the website is provided in error-free form. Other data can be used to analyze your user behavior.

What rights do you have in connection with your data?

You have the right at any time to receive information from us free of charge about the origin, recipient and purpose of the data stored about your person. You also have to right to demand that these data be rectified, made unavailable or erased. For this purpose and for further information on data privacy, you can contact us at any time at the address given in the Publisher Information. Furthermore, you are entitled to lodge a complaint with the responsible supervisory authority.

Under certain circumstances, you also have the right to demand a restriction on the processing of your personal data. For pertinent details please refer to the data privacy statement under “Right to restriction of processing”.

General information and mandatory details

Data privacy

The operators of these pages take the privacy of your personal data very seriously. We shall treat your personal data confidentially and in compliance with the statutory data protection regulations as well as this data privacy statement.

Various personal data will be collected when you use this website. Personal data are all data with which you can be personally identified. This data privacy statement explains which data we collect and what we use them for. It also explains how this is done and for which purpose.

Please note that the transmission of data via the Internet (for example, when communicating via e-mail) may have security vulnerabilities. Data cannot be fully protected from access by third parties.

Note on the controller

The controller responsible for processing data on this website is:

Dr. Stefan Pastuszka
Berliner Ring 23
63512 Hainburg

Telephone: +49 (0) 151 10776115

The controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g., names, e-mail addresses etc.).

Revocation of your consent to data processing

Many data processing operations can only be performed with your express consent. Any consent you have given may be revoked at any time. This can be done by sending us an informal e-mail message. The lawfulness of the data processing carried out up to the time of revocation remains unaffected by the revocation.

Right to object to the collection of data in specific instances as well as for direct marketing purposes (GDPR Article 21)

If data are processed on the basis of GDPR Article 6 (1) (e) or (f), you shall have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data; this also applies to any profiling based on these provisions. The relevant legal basis on which processing is based is given in this data privacy statement. If you lodge any objection, we shall no longer process the personal data concerning you unless we can demonstrate compelling legitimate grounds for processing such which override your interests, rights and freedoms, or for establishing, exercising or defending legal claims (objection under GDPR Article 21 (1)).

If your personal data are processed for the purpose of direct marketing, you shall have the right to object at any time to the processing of personal data concerning you for such marketing; this shall include profiling to the extent that it is related to such direct marketing. If you object, your personal data shall thereafter no longer be processed for the purpose of direct marketing (objection under GDPR Article 21 (2)).

Right to lodge a complaint with the responsible supervisory authority

In the event of any infringement of the GDPR, the data subject concerned shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, workplace or place of presumed infringement. The right of appeal shall exist without prejudice to other administrative and judicial redress.

Right to data portability

You have the right to have the data that we process automatically on the basis of your consent or in fulfillment of a contract handed out to you or to third parties in a commonly used, machine-readable format. If you require the data to be transmitted directly to another controller, this will only be done to the extent technically feasible.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, e.g., orders or requests, that you send to us as a site operator, this website uses SSL or TLS encryption. An encrypted connection can be recognized by the fact that the address bar of the browser changes from “http://” to “https://” and by the lock symbol in your browser bar.

When SSL or TLS encryption is enabled, the data you submit to us cannot be read by third parties.

Information, making unavailable, erasure and rectification

You have the right at any time to request at no charge information on your stored personal data, their origin and recipients and the purpose of data processing and, if necessary, a right to these data being rectified, made unavailable or erased. For this purpose and for further information on the subject of personal data, you can contact us at any time at the address given in the Legal Information.

Right to restriction of processing

You have the right to demand that the processing of your personal data be restricted. For this purpose, you can contact us at any time at the address given in the Publisher Information. The right to restriction of processing exists in the following cases:

  • If you contest the accuracy of the personal data stored with us, we will usually need time to check this. For the duration of this check, you have the right to demand that the processing of your personal data be restricted.
  • If the processing of your personal data has taken/is taking place unlawfully and you oppose the erasure thereof, you can demand that data processing be restricted instead.
  • If we no longer need your personal data, but such are required by you for the exercise, establishment or defence of legal claims, you have the right to demand that the processing of your personal data be restricted instead of having them deleted.
  • If you have objected to processing pursuant to GDPR Article 21(1), a balance must be struck between your and our interests. Pending verification of whose interests override, you have the right to demand that the processing of your personal data be restricted.

If you have restricted the processing of your personal data, such data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

Objection to advertising emails

The use of contact information published in the context of the Legal Information obligation for sending unsolicited advertising and information materials is hereby rejected. The operators of these pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example through spam e-mails.

Data collection on our website


Some of the Internet pages use cookies. Cookies do not harm your computer and do not contain viruses. Cookies help to make our website more user-friendly, more effective and more secure. Cookies are small text files that are saved on your computer by your browser.

Most of the cookies which we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your terminal device until you erase them. These cookies let us identify your browser the next time you visit our website.

You can set your browser to inform you that cookies are being set and only permit cookies in a particular instance, to accept cookies for specific instances or always exclude them as well as activate the automatic erasure of cookies on closing the browser. Deactivating cookies can restrict the functionality of our website.

Cookies that are required for performing the electronic communication process or for providing specific functions to wish to use (e.g. shopping basket function) will be stored on the basis of GDPR Article 6 (1) (f). The website operator has a legitimate interest in storing cookies for ensuring the technically flawless and optimized provision of its services. Insofar as other cookies (e.g. cookies for analyzing your surfing behavior) are stored, such are treated separately in this data privacy statement.

Server log files

The provider of these pages automatically collects and stores information in so-called server log files which your browser automatically communicates to us. This information covers:

  • browser type and browser version
  • operating system used
  • referrer URL
  • host name of the accessing computer
  • time of server request
  • IP address

These data will not be merged with other data sources.

These data will be collected on the basis of GDPR Article 6 (1) (f). The website operator has a legitimate interest in ensuring the technically flawless display and optimization of its website – this makes it necessary to collect the server log files.

Inquiries by e-mail, phone or fax

If you contact us by e-mail, telephone or fax, your request, including all of the personal data provided therein (name, request) will be stored and processed by us for the purpose of dealing with your concern. We will not share these data without your consent.

These data will be processed on the basis of GDPR Article 6 (1) (b) if your request is connected with fulfilling a contract or needs to be made for implementing pre-contractual measures. In all other instances, processing shall be based on your consent (GDPR Article 6 (1) (a)) and / or on our legitimate interests (GDPR Article 6 (1) (f)) since we have a legitimate interest in effectively processing requests submitted to us.

The data you send us by contact requests will remain with us until such time as you ask us to erase them, revoke your consent to store them or the purpose for which they are stored ceases to exist (e.g. after we have finished dealing with your concern). This shall not affect any mandatory statutory provisions – in particular statutory retention periods.

Comment function on this website

For the comment function on this page, in addition to your comment, information about the time the comment was created, your e-mail address and, if you do not post anonymously, the username you have chosen will be saved.

Storage of the IP address

Our comment function saves the IP addresses of the users who write comments. Since we do not check comments on our site before they are activated, we need this data in order to be able to take action against the author in the event of legal violations such as insults or propaganda.

Storage duration of the comments

The comments and the associated data (e.g. IP address) are stored and remain on our website until the commented content has been completely deleted or the comments have to be deleted for legal reasons (e.g. offensive comments).

Legal basis

The comments are saved on the basis of your consent (GDPR Article 6 (1) (a)). You can revoke your consent at any time. An informal e-mail to us is sufficient. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

Social media

Sharing buttons

We use data protection-safe “Shariff” buttons on the website. With Shariff you can use social media without unnecessarily jeopardizing your privacy. The c’t project Shariff replaces the usual share buttons on social networks and protects your surfing behavior from prying eyes. Nevertheless, a single click on the button is enough to share information with others.

The usual social media buttons transmit the user data to Facebook & Co. every time a page is called up and provide the social networks with precise information about your surfing behavior (user tracking). You do not have to be logged in or be a member of the network. In contrast, a Shariff button only establishes direct contact between the social network and the visitor when the latter actively clicks on the share button. In this way, Shariff prevents you from leaving a digital trace on every page you visit.

Only when you activate the sharing function by clicking the associated button will a direct connection to the provider’s server be established (consent). In this case, the respective provider receives the information that you have visited our site with your IP address. If you are logged into your respective social media account (e.g. Facebook) at the same time, the respective provider can assign your visit to our website to your user account.

Activating the buttons represents consent within the meaning of Article 6 (1) (a) GDPR. You can revoke this consent at any time with effect for the future.

You can find more information about the Shariff project here:


Newsletter data

If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or is only collected on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties. The newsletter also contains information on our range of services, for example upcoming webinars or workshops.

The processing of the data entered in the newsletter registration form takes place exclusively on the basis of your consent (GDPR Article 6 (1) (a)). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “Unsubscribe” link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

The data you have stored with us for the purpose of subscribing to the newsletter will be stored until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. This does not affect data that we have saved for other purposes.

Sendinblue GmbH is used as newsletter software. Your data is transmitted to Sendinblue GmbH. The Sendinblue GmbH is prohibited from selling your data and from using it for purposes other than sending newsletters. The Sendinblue GmbH is a certified German newsletter software provider, working in accordance with the European directive 95/46, as well as the German Federal Data Protection Act (BDSG).

Further information can be found here:

Automated decision making

We do not use automatic decision-making or profiling.

Data processors

The following organizations, companies or persons have been commissioned by us to process data:

  • STRATO AG, Pascalstrasse 10, 10587 Berlin, Germany
  • Sendinblue GmbH (formerly Newsletter2Go GmbH), Köpenicker Str. 126, 10179 Berlin, Germany

Change of our privacy policy

We reserve the right to adapt this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g., when introducing new services. The new privacy policy will then apply to your next visit.

Source: eRecht24, translated and supplemented by Dr. Stefan Pastuszka.