Privacy Policy

1. Controller

Silvio Wilop
Gefahrgutbüro Bruchköbel
Saalburgring 22a
63486 Bruchköbel
Germany
Phone: +49 174 9299723
Email: gefahrgut.bruchkoebel@gmx.de

2. Overview of data processing

The following overview summarises the types of personal data processed and the purposes of their processing.

• Master data (e.g. names)
• Contact data (e.g. email addresses, phone numbers)
• Content data (e.g. text entries in the contact form)
• Usage data (e.g. pages visited, access time)
• Meta/communication data (e.g. IP addresses, browser information)

3. Legal bases

Below is an overview of the legal bases of the GDPR on which we process personal data:

• Contractual services and pre-contractual enquiries (Art. 6(1)(b) GDPR) – Processing is necessary for the performance of a contract or for pre-contractual measures.
• Legitimate interests(Art. 6(1)(f) GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller, except where such interests are overridden by the interests or fundamental rights of the data subject.

4. Hosting

This website is hosted on a dedicated server operated by IONOS SE (Elgendorfer Str. 57, 56410 Montabaur, Germany). A data processing agreement pursuant to Art. 28 GDPR is in place with IONOS. Processing takes place exclusively in data centres located within the European Union. No transfer to third countries occurs as part of the hosting.

Legal basis: Legitimate interest in the secure and efficient provision of our online services (Art. 6(1)(f) GDPR).

Further information can be found in the IONOS privacy policy.

5. Server log files

When you visit our website, our reverse proxy and application automatically record information in server log files that your browser transmits:

• IP address of the requesting device
• Date and time of the request
• URL accessed
• Referrer URL (the previously visited page)
• Browser and operating system (user agent)
• Amount of data transferred

This data is used for technical operation, ensuring system security, error analysis and the prevention of misuse. The data is not merged with other data sources and is not used for advertising or analytics purposes.

Legal basis: Legitimate interest in the secure and stable operation of the website (Art. 6(1)(f) GDPR).

Storage period: Log files are automatically deleted after no later than 14 days, unless security-relevant incidents require longer storage in individual cases.

6. SSL/TLS encryption

This website uses SSL/TLS encryption for security reasons and to protect the transmission of personal data. You can recognise an encrypted connection by the lock symbol in the browser bar and the address bar changing from "http://" to "https://".

7. Contact form

When you contact us via the contact form, the following data is collected:

• Your name
• Your email address
• Your message

This data is used exclusively to process your enquiry. Technical delivery of the message is performed via the service provider Resend listed under section 8.

Legal basis: Performance of pre-contractual measures or contract (Art. 6(1)(b) GDPR) and our legitimate interest in responding to enquiries (Art. 6(1)(f) GDPR).

Storage period: Your data will be deleted after your enquiry has been fully processed, unless statutory retention obligations (e.g. commercial or tax law retention periods) apply.

8. Email delivery via Resend

We use the service Resend (Resend, Inc., 2261 Market Street #5039, San Francisco, CA 94114, USA) to deliver messages submitted via the contact form. Resend processes the data you enter (name, email address, message) on our behalf in order to deliver the email. A data processing agreement pursuant to Art. 28 GDPR is in place with Resend.

Legal basis: Performance of pre-contractual measures or contract (Art. 6(1)(b) GDPR) and legitimate interest in reliable email delivery (Art. 6(1)(f) GDPR).

Resend also processes data in the USA. Resend is certified under the EU-U.S. Data Privacy Framework, for which the European Commission has issued an adequacy decision. In addition, Standard Contractual Clauses serve as safeguards pursuant to Art. 46 GDPR. Further information can be found in Resend's privacy policy.

9. Email reception

Incoming messages from the contact form as well as direct enquiries to gefahrgut.bruchkoebel@gmx.de are delivered and stored in our mailbox via our email provider 1&1 Mail & Media GmbH(Brauerstraße 48, 76135 Karlsruhe, Germany – GMX brand). Processing takes place exclusively in data centres located within the European Union.

Legal basis: Performance of pre-contractual measures or contract (Art. 6(1)(b) GDPR) and legitimate interest in reliable business communication (Art. 6(1)(f) GDPR).

Storage period: Your information will be deleted as soon as it is no longer required for the purpose for which it was collected and no statutory retention obligations apply.

10. Fonts

This website uses the "Geist Sans" font. The font files are downloaded once at build time and are then served exclusively from our own server. No connection to Google servers is made by your browser when visiting this website; in particular, no IP address or other personal data is transmitted to Google.

11. External links

This website contains links to external services (in particular LinkedIn). Clicking on such a link redirects you to the respective provider's website. No external content (plug-ins, iframes) is embedded, so data is only transmitted to the providers once you actively click on the link. We have no influence on what data the respective provider subsequently collects; please refer to the privacy policies of the providers for further information.

12. Cookies

This website does not set any cookies and does not use local storage or session storage for tracking, analytics or marketing purposes. No web analytics services, tracking pixels or advertising technologies are used.

13. Your rights as a data subject

You have the following rights with regard to your personal data:

• Right of access(Art. 15 GDPR) – You may request information about your personal data processed by us.
• Right to rectification(Art. 16 GDPR) – You may request the correction of inaccurate data.
• Right to erasure(Art. 17 GDPR) – You may request the deletion of your data, provided no statutory retention obligations apply.
• Right to restriction of processing(Art. 18 GDPR) – You may request the restriction of processing of your data.
• Right to data portability(Art. 20 GDPR) – You may request that we provide your data in a structured, commonly used and machine-readable format.
• Right to object(Art. 21 GDPR) – You may object to the processing of your data at any time, provided the processing is based on Art. 6(1)(f) GDPR.

To exercise your rights, please contact us using the details stated above.

14. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes the GDPR (Art. 77 GDPR).

The supervisory authority responsible for us is:

Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Gustav-Stresemann-Ring 1
65189 Wiesbaden, Germany
Phone: +49 611 1408-0
Email: poststelle@datenschutz.hessen.de

15. Automated decision-making

No automated decision-making including profiling pursuant to Art. 22(1) and (4) GDPR takes place.

16. Changes to this privacy policy

We reserve the right to adapt this privacy policy to ensure it always complies with current legal requirements or to implement changes to our services. The new privacy policy will then apply to your next visit.