Privacy Policy

With this Privacy Policy, we would like to inform you about the type, scope, and purpose of the personal data we collect, use, and process. Additionally, this Privacy Policy outlines the rights to which you are entitled as a data subject.
The processing of personal data—such as your name, address, email address, or telephone number—is always carried out in accordance with the General Data Protection Regulation (GDPR) of the European Union.
This Privacy Policy is based on the terminology used by the European legislator when adopting the GDPR. In line with the regulation, the policy is intended to be easily readable and understandable.
If you have any questions or would like more detailed information, please do not hesitate to contact us.

1. Name and Address of the Data Controller

The controller pursuant to Article 4 (7) of the EU General Data Protection Regulation (GDPR) is:

Gedankenflieger GmbH & Co. KG
Hans-Wichmann-Straße 4
26180 Rastede
Telefon 0151 40804443
info@gedankenflieger.com

2. Your Rights

In accordance with the GDPR, you have the following rights regarding your personal data in relation to us:

• Right of access
• Right to rectification
• Right to erasure (“right to be forgotten”)
• Right to restriction of processing
• Right to data portability
• Right to lodge a complaint
  If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a data protection supervisory authority in accordance with Article 77 GDPR. You may, for example, contact the supervisory authority of your place of residence or place of work.

3. Objection or Withdrawal of Consent to the Processing of Your Personal Data

You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data based on Article 6(1)(e) or (f) of the GDPR. This applies, for example, when the processing is not required for the performance of a contract.
If you exercise your right to object, we kindly ask you to explain the reasons for your objection. We will then review the situation and cease processing your personal data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
If you have given us consent to process your personal data, you may withdraw that consent at any time in accordance with Article 7(3) GDPR. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Regardless of this, you have the right at any time to object to the processing of your personal data for purposes of direct marketing and data analysis.
You may send your objection to the controller’s contact address listed above.

4. Collection of General Data and Information

When using our website for purely informational purposes, data and information – so-called server log files – are automatically collected and stored by the hosting provider’s server from the computer system of the accessing device. This data collection is technically necessary to ensure the stability and security of our website.
The website operator does not draw any conclusions about the identity of the user from this general data and information. The legal basis for storing this data and the log files is Article 6(1)(f) of the GDPR.
The following data may be collected

• IP-Adress
• Date and time of the page access
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (e.g. homepage and subpages you visit)
• Amount of data transferred
• Access status/HTTP status code
• Internet service provider of the accessing system
• Website from which the request originated (referrer URL)
• Browser type, browser version, and language of the browser software
• Operating system used

5. Cookies

We do not use cookies in the public areas of our website.
In the login area – which is reserved exclusively for authorized users – we use technically necessary cookies for the login process. These cookies are automatically deleted when the browser is closed.

6. Contact

If you provide us with personal data via email or a contact form, this data will be automatically stored and processed by us in order to handle your inquiry.
When submitting data via a contact form, the transmission is carried out through an encrypted SSL connection.
Your personal data will not be shared with third parties.
We will delete your submitted data as soon as it is no longer required for storage, or restrict its processing if legal retention periods apply.

7. Routine Deletion of Personal Data

We store and process your personal data only for the period necessary to fulfill the purpose of storage, or as required by the European legislator or any other applicable laws or regulations.
Once the storage purpose no longer applies or a legally prescribed retention period expires, your personal data will be routinely deleted in accordance with the applicable legal provisions.

8. Legal Basis for the Processing of Personal Data

Where we obtain the consent of the data subject for processing operations involving personal data, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
When the processing of personal data is necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations necessary for pre-contractual measures.
Where the processing of personal data is required for compliance with a legal obligation to which our company is subject, Article 6(1)(c) GDPR provides the legal basis.
In cases where the vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis.
If processing is necessary for the purposes of a legitimate interest pursued by our company or a third party, and if the interests, fundamental rights, and freedoms of the data subject do not override the former interest, Article 6(1)(f) GDPR is the legal basis for processing.