logo

Privacy Policy

This privacy policy clarifies the kind, scope and purpose of the processing of personal data (hereafter referred as “data”) within my online presence and the related websites, features and content, as well as external online products, e.g. my Social Media Profiles (collectively referred to as the “online presence”). With regard to the terminology used, e.g. “processing” or “responsible” I refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

Responsible

Manfred Zobrist
Colmarer Strasse 10
79576 Weil am Rhein
Germany

E-Mail-Address: mail@manfredzobrist.com
Link to the imprint: https://manfredzobrist.com/en/imprint/

Types of processed data:

– Inventory data (e.g., names, addresses)
– Contact data (e.g., e-mail addresses, telephone numbers)
– Content data (e.g., text input, images, videos)
– Usage data (e.g., websites visited, interest in content, access times)
– Meta and communication data (e.g., device information, IP addresses)

Categories of data subjects

Visitors and users of the online presence (In the following, I also indicate the data subjects as “users”)

Purpose of processing

– Providing the online presence, its features and content
– Answering contact requests and communicating with users
– Activity for security
– Audience measurements

Definition of used terms

“Personal data” means any information relating to an identified or identifiable natural person (hereinafter the “data subject”); a natural person is considered as identifiable, which can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, to an identification number, to location data, to an online identifier (e.g. cookie) or to one or more special features, that express the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.

“Processing” means any process performed with or without the application of automated procedures or any such process associated with personal data. The term meaning is far and includes virtually every handling of data.

“Responsible person” means the natural or legal person, public authority, institution or other service location that alone or together with others decides on the purposes and means of processing personal data.

“Processor” names a natural or legal person, public authority, agency or other service location that processes personal data on behalf of the controller.

Relevant legal bases

In accordance with Art. 13 GDPR, I inform you of the legal basis of my data processing procedure. Unless the legal basis in the data protection declaration is mentioned, the following applies: The legal basis for obtaining consent is Art. 6 (1) lit. a and Art. 7 GDPR, the legal basis for the processing for the performance of my services and the execution of contractual measures as well as the answer to inquiries is Art. 6 para. 1 lit. b GDPR, the legal basis for processing in order to fulfill my legal obligations is Art. 6 (1) lit. c GDPR, and the legal basis for processing in order to safeguard my legitimate interests is Art. 6 (1) lit. f GDPR. In case that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) d GDPR as legal basis.

Security measures

In accordance with Art. 32 GDPR, I shall take appropriate technical measures, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different likelihood and severity of the risk to the rights and freedoms of natural persons and organizational measures to ensure a level of protection appropriate to the risk.

Measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as their access, input, disclosure, availability and separation. Furthermore, I have set up procedures that ensure the perception of data subject rights, the deletion of data and the reaction to the threat to data. Furthermore, I consider the protection of personal data already in the development, or selection of hardware, software and procedures, according to the principle of data protection by technology design and privacy-friendly default settings (Art. 25 GDPR).

Collaboration with processors and third parties

If, in the course of my processing procedure, I relay data to other persons and companies (processors or a third party), transmit them to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transmission of the data to a third party, as to payment service providers, pursuant to Art. 6 (1) b GDPR to fulfill the contract), you have consented to a legal obligation or on the basis of my legitimate interests (e.g. the use of agents, webhosters, etc.). If I entrust third parties with the processing of data on the base of a so called “order processing contract”, this is done on the basis of Art. 28 GDPR.

Transfers to third countries

If I process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or in the context of the use of third party services or disclosure, or transmission of data to third parties, this will only be done if it is to fulfill my (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of my justified interests. Subject to legal or contractual permissions, I process or let the data in a third country only in the presence of the special conditions of Art. 44 et seq. GDPR. This means, for example, processing is based on specific guarantees, such as the officially recognized level of data protection (for example, the US by the Privacy Shield) or the observance of officially recognized special contractual obligations (so called “standard contract clauses”).

Rights of data subjects

You have the right to ask for confirmation as to whether the data in question is being processed and for information about this data as well as for further information and a copy of the data in accordance with Art. 15 GDPR. You have accordingly to Art. 16 GDPR the right to demand the completion of the data relating to you or the correction of the incorrect data relating to you. In accordance with Art. 17 GDPR, you have the right to demand that the relevant data be deleted immediately or, alternatively, to require a restriction of the processing of data in accordance with Art. 18 GDPR. You have the right to demand that the data relating to you, which you have provided to us, be obtained in accordance with Art. 20 GDPR and request their transmission to other persons responsible. You have beyond that, in accordance to Art. 77 GDPR the right to to lodge a complaint with the competent supervisory authority.

Right of withdrawal

You have the right to withdraw grant consents in accordance with. Art. 7 (3) GDPR with effect for the future.

Right to objection

You are allowed to object to the future processing of your data in accordance with Art. 21 GDPR at any time. The objection may be made in particular against processing for direct marketing purposes.

Cookies and right to objection on direct marketing

“Cookies” are small files that are stored on users computers. Different information can be stored within the cookies. A cookie is primarily used to store the information about a user (or the device on which the cookie is stored) during or after his visit to an online service. Temporary cookies, or “session cookies” or “transient cookies”, are cookies that are deleted after a user leaves an online service and closes his browser. In such a cookie, e.g. the contents of a shopping cart in an online shop or a login status are saved. The term “permanent” or “persistent” refers to cookies that remain stored even after the browser has been closed. Thus, e.g. the login status will be saved if users visit it after several days. Likewise, in such a cookie the interests of the users can be stored, which are used for range measurement or marketing purposes. A “third-party cookie” refers to cookies that are offered by providers other than the person responsible for the online service (otherwise, if it is only their cookies, this is called “first-party cookies”).

I use temporary and permanent cookies and disclose them in the context of this privacy statement with the following table:

Cookie Content Description / Validity
PHPSESSID A random unique number or sequence of letters and numbers. When you browse the pages of this website, the session cookie tells the site that you are the same person requesting the web pages and not a new visitor to each page. This cookie does not identify you personally and is not associated with any other information that I store about you.
A session cookie that will be deleted as soon as the web browser is closed.
devicePixelRatio A number. This cookie records the pixel ratio of your device. If your screen resolution is a Retina or Hi DPI screen, then the website can decide to provide higher resolution graphics.
A session cookie that will be deleted as soon as the web browser is closed.
euCookie The text ‘set’. This cookie is set by this website once you have seen and confirmed the cookie banner.
A permanent cookie expires after 6 months.
wordpress_test_cookie The text ‘WP Cookie check’. WordPress sets this cookie when navigating to the signup page. The cookie is used to check if your web browser accepts or rejects cookies.
It is a session cookie that will be deleted as soon as the web browser is closed.
wordpress_{x} Login authentication details in an encrypted form. WordPress uses these cookies to store your authentication details and their use is limited to the Admin console area.
A session cookie that will be deleted as soon as the web browser is closed.
wordpress_logged_in_{x},
wordpress_sec_{x}
Access data in encrypted form. WordPress uses these cookies for most interfaces to indicate when you are logged in and who you are.
Session cookies that will be deleted as soon as the web browser is closed.
wp-settings-{x},
wp-settings-time-{x}
Text indicating your preferred settings. WordPress uses these cookies to customize your view of the admin interface and possibly the user interface.
Persistent cookies expire a little under a year from the date of their adoption.
comment_author_{x},
comment_author_email_{x},
comment_author_url_{x}
Your name, e-mail address and website address. WordPress uses these cookies for the sake of usability in such a way that you do not need to retype all of your information if you want to leave another comment.
Persistent cookies expire a little under a year from the date of their adoption.
jetpack_blog_subscribe_{x},
jetpack_comments_subscribe_{x}
A number. This cookie will be used to save the status of checkboxes for post or comment subscriptions.
Persistent cookies expire a little under a year from the date of their adoption.

If you as a user don’t want to have cookies stored on your computer, I ask you to deactivate the corresponding option in the system settings of your browser. Saved cookies can be deleted in the system settings of a browser. The exclusion of cookies can lead to functional restrictions of this website.

A general explanation of objection to the use of cookies used for online marketing purposes can be found on the US side of many services, especially in the case of tracking http://www.aboutads.info/choices/ or the EU page http://www.youronlinechoices.com/ . Furthermore, the storage of cookies can be achieved by switching them off in the settings of the browser. Please note that you may not be able to use all features of this online offer.

SSL Encryption

To ensure the data security during transmission, I use state-of-the-art SSL (Secure Sockets Layer) encryption. If SSL encryption is enabled, the submitted data can hardly be seen by unauthorized persons.

Deletion of data

The data processed by me will be deleted or limited in their processing in accordance with Art. 17 and 18 GDPR. Unless explicitly stated in this privacy policy, the data stored in my account will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory storage requirements. Unless the data is deleted because it is required for other and legitimate purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example for data that must be kept for commercial or tax reasons. Furthermore, I reserve the right, based on my legitimate interests in accordance to Art. 6 (1) lit. f GDPR to process the information of users for the purpose of spam detection. The data given in the comments and contributions will be stored by me permanently until any objection by a user.

Hosting

The hosting services I use for running the website are designed to provide the following services: infrastructure and platform services, computing capacity, data storage and database services, security and technical maintenance services. They are inalienable to operate this online service.

Furthermore I use my hosting provider to process inventory data, contact information, content data, contract data, usage data, meta and communication data of customers, intruders and visitors to this online service based on my legitimate interests in providing this online service efficiently and securely in accordance to Art. 6 (1) lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of contract processing contract).

Collection of access data and log files

I, respectively my hosting provider, collects data on the basis of my legitimate interests in accordance to Art. 6 (1) f GDPR on every access to the server on which this service is located (so called server log files). The access data includes name of the retrieved web page, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.

Logfile information will be stored for a maximum of 7 days due to security reasons (e.g. for the investigation of criminal acts) and then fully deleted. Data whose further retention is required for evidential purposes shall be exempted from the cancellation until final clarification of the incident.

Comments and posts

In case that users leave comments and/or other posts on the website, their IP addresses will be saved for 7 days, based on my legitimate interests in accordance to Art. 3 (1) f GDPR. This for my protection, if someone leaves criminally relevant content (eg insults, prohibited political propaganda, etc.). In this case, I myself can be prosecuted for the comment or contribution and therefore I am interested in the identity of the author.

Comment subscriptions

The follow-up comments may be subscribed by users with their consent in accordance to Art. 6 (1) lit. a GDPR. Users will receive a confirmation email to verify that they own the email address they entered. Users can unsubscribe from running comment subscriptions at any time. The confirmation email will contain notes on the revocation options.

Profile pictures from Gravatar

I use the Gravatar service of Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110, USA, within my online service and specifically on my blog.

Gravatar is a service that allows users to log in and submit profile pictures and their email addresses. If users leave posts or comments on other online sites (especially in blogs) with their e-mail address, their profile avatar can be displayed next to the posts or comments. For this purpose, the e-mail address communicated by the users to Gravatar is transmitted with in an encrypted form in order to check whether a profile is stored for it. This is the sole purpose of sending the e-mail address and it will not be used for other purposes, but will be deleted afterwards.

The use of Gravatar is based on my legitimate interests in accordance to Art. 6 (1) lit. f GDPR. With this tool I’m offering the post and comment writers the possibility to personalize their posts with a profile picture.

By displaying the avatar, Gravatar saves the IP address of the users, as this is necessary for communication between a browser and an online service. For more information about Gravatar’s collection and use of data, see the Automattic Privacy Notice: https://automattic.com/privacy/.

If users want to avoid the avatar displayed linked to their email address on Gravatar to appear in the comments, they should use a non-Gravatar email address to comment. I also point out that it is also possible to use an anonymous or even an unreal e-mail address if the users do not want their own e-mail address to be sent to Gravatar. Users can completely prevent the transfer of data by not using the commenting system on my online offer.

Jetpack (WordPress Stats)

On the basis of my legitimate interest (i.e. interest in the analysis, optimization and economic operation of my online service in accordance to Art. 6 (1) lit. GDPR) I use the Plugin Jetpack (here the subfunction “WordPress Stats”), which Includes Visitor Access Statistical Evaluation Tool, and Automattic, Inc., 132 Hawthorne Street, San Francisco, CA 94107, USA. Jetpack uses so called cookies, text files that are stored on your computer and that allow an analysis of the use of the website by you. The operating company uses the tracking technology of Quantcast Inc., 201 Third Street, San Francisco, CA 94103, USA.

Among other things, Jetpack allows the website operator an overview of the visitors to the site. By displaying related posts and publications, or sharing content on the page, it’s also possible to increase visitor numbers. In addition, security features are integrated into Jetpack so that a Jetpack-using website is better protected against various attacks. Jetpack also optimizes and speeds up the loading of images built into the website.

Automattic is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European data protection law. (https://www.privacyshield.gov/participant?id=a2zt0000000CbqcAAC&status=Active).

The information generated by the cookie about your use of this online service will be stored on a server in the USA. On their servers, user profiles can be created from the processed data, wihich will being used only for analysis and not for advertising purposes. For more information, see the Automattic Privacy Policy: https://automattic.com/privacy/ und Hinweisen zu Jetpack-Cookies: https://jetpack.com/support/cookies/.

Furthermore, the data subject has the option to withdraw the generation of data by Automattic / Quantcast releated to the use of this website by the Jetpack-Cookie and to prevent any data collection. To achieve this, the data subject has to press the opt-out button at https://www.quantcast.com/opt-out/ to set an opt-out cookie. The opt-out cookie set against the opt-out will be deleted on the affected person’s system after an appeal, the subject data must revisit the link and set a new opt-out cookie.

Social Media services

I maintain online profiles within different social networks and platforms in order to communicate with those who are interested and to inform them about my services. When loggin in in these social networks and platforms, the terms and conditions and the data processing guidelines of the neworks and platforms apply. Unless otherwise stated in this Privacy Policy, I will process user data, in case of writing comments into my social media profiles or send me messages.

Shariff-Sharing task

I offer the use of data-safe “Shariff” buttons on my website. “Sharif” was designed to enable more privacy on the web and to replace the usual “share” buttons on social networks. When using these buttons the user’s browser doesn’t connect the server of the social media platform but the server itself and asks for number of likes, etc. The user remains anonymous here. More information about the Shariff project can be found at the developers of the magazine c’t: www.ct.de.

Contact

When contacting me (e.g. by contact form, e-mail, telephone or via social media) the information by and about the data subject will be used to process the request in accordance to Art. 6 (1) lit. b GDPR. If you transmit a message via the contact form, your details, your data, the contact details you provided me with will be saved and stored to process the request. I will not share this information without your consent. The processing of the data entered into the contact form is therefore exclusively based on your consent. You have the option to withdraw this consent at any time by via informal e-mail.

Google Web Fonts

This website uses so called web fonts provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, hereafter referred to as “Google” for consistent presentation of my texts. Google, based in the United States, is certified for “Privacy Shield”, the US European Data Protection Convention, which aims to ensure compliance with the data protection standards in the European Union (EU). More relevant information can be found in Google’s Privacy Policy: https://www.google.com/policies/privacy/.

When you visit one of my pages, your web browser loads the required web fonts into its browser cache to display text and fonts quickly and as you like. To do this, your internet browser must connect to Google’s servers. Through this process, Google learns that the IP address assigned to you has accessed my website. The use of Google Web Fonts occurs in the interest of the best possible readabiltiy and website presentation of my texts and based on my legitimate interest in accordance with Art. 6 para. 1 lit. f DSGVO.

Integration of services and contents of third parties

Based on my legitimate interests (i.e. interest in the analysis, optimization and economic operation of my online service in accordance to Art. 6 (1) lit. GDPR), I make use of third-party content or services, such as include videos or fonts (collectively referred to as “content”). This always presupposes that the third party providers of this content perceive the IP address of the users, since without them the content couldn’t send to their browser. The IP address is therefore required for the presentation of this content. I strive to use only those content whose respective providers use the IP address only to deliver the content. Third parties may also use so called pixel tags (invisible graphics, also referred to as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain technical informations about browser, operating system, referring web pages, visit time and more details regarding the visit of our online service and furthermore be linked with such information by other sources.

Created with Datenschutz-Generator.de by Esq. Dr. jur. Thomas Schwenke. Note: Adapted by the website operator.

In order to optimize our website for you and be able to continuously improve it, we use cookies. By continuing to use the website, you agree to the use of cookies. More Information

The cookie settings on this website are "allow cookies" to set in order to allow the best user browsing experience . If you use this website without changing cookie settings or clicking "Accept", you declare your agreement .

Close