Privacy Policy

Privacy Policy

In the following you will find the text data for your personal Privacy Policy for your website according to the information you provided. If you use a content editor for your website, you can copy the following text directly and paste it there. Alternatively, if you wish to integrate the content as HTML source code into your website, you may use the HTML code provided.

Attention: Consent Required

Numerous services may – according to prevailing opinions of data protection authorities and courts – only be used with consent. This mainly applies to analysis and marketing tools (e.g. Google Analytics or Meta Pixel). Consent is particularly required for the following tools you have selected:

  • Bing Maps
  • Google Maps

Attention: Consent Recommended
For certain services it has not been conclusively clarified whether consent is required. In view of current legal developments it is likely that data protection authorities and courts will also require consent for these tools. To avoid the legal risk of a warning or administrative proceedings/fines, we recommend obtaining consent also for the following services:

  • Google reCAPTCHA
  • Wordfence

An overview of the consent tools we recommend can be found here: https://www.e-recht24.de/mitglieder/lp-cookieeinwilligung/

For sharing content on social media platforms, eRecht24 also offers the eRecht24 Safe Sharing Tool: https://www.e-recht24.de/erecht24-safe-sharing.html

Attention: Data Transfer to Non‑Secure Third Countries

According to your input, you use services from companies based in third countries that are not considered data protection‑secure or that rely on servers in non‑secure third countries. Non‑secure third countries are all countries except those listed here:

  • Andorra, Argentina, Faroe Islands, Great Britain, Guernsey, Israel, Isle of Man, Japan, Jersey, Canada (restricted), New Zealand, Switzerland, Uruguay, Liechtenstein, Iceland, Norway

Data transfer to non‑secure third countries is only permitted if appropriate guarantees for proper data processing in the destination country are in place. Suitable guarantees include, in particular, the EU Standard Contractual Clauses (sometimes also called “Model Clauses”, “Standard Contractual Clauses” or “SCCs”); these clauses must be agreed upon between you and the provider of the tool. Binding Corporate Rules (BCRs) may also serve as a suitable guarantee if approved by an EU data protection authority. For data transfers to the USA, certification under the EU‑US Data Privacy Framework (DPF) can be used; personal data may be transferred to US companies if the company is certified under the DPF. We review certifications with every update. If a US tool appears in the list below, it means that the affected tool was not certified at the time of the last update. A current daily list of DPF‑certified companies can be found here: https://www.dataprivacyframework.gov/s/participant-search

The following service provider from your selection transfers data to non‑secure third countries without providing appropriate data protection guarantees: Wordfence

For all providers that offer Standard Contractual Clauses or have Binding Corporate Rules, we refer to these clauses in our privacy texts. Please ensure that the clauses have indeed been agreed upon between you and the provider, or that the Binding Corporate Rules apply for the tool you use. If not, you must remove the respective reference from the Privacy Policy created with our tool. In this case, the use of the tool is most likely non‑compliant with the GDPR.

Privacy Policy

1. Data Protection at a Glance

General Information

The following information provides an easy-to-understand overview of what happens to your personal data when you visit this website. “Personal data” means any data by which you can be personally identified. For detailed information on data protection, please refer to the full Privacy Policy below.

Data Collection on This Website

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find the contact details of the responsible party in the “Notice on the Data Controller” section of this Privacy Policy.

How do we collect your data?
Your data is collected partly by you providing it to us (e.g. data entered into a contact form). Other data is collected automatically or with your consent when you visit the website via our IT systems. This includes technical data (such as your browser, operating system, and the time of access) and is collected automatically as soon as you enter the website.

What do we use your data for?
Some data is collected to ensure the error‑free provision of the website. Other data may be used to analyze your user behavior. In cases where contracts are concluded or initiated via the website, the transmitted data is also processed for contract proposals, orders, or other service inquiries.

Your Rights
You have the right at any time to receive free information about the origin, recipients, and purpose of your stored personal data. You also have the right to request correction or deletion of this data. If you have given consent for data processing, you may revoke that consent for future processing at any time. Additionally, you have the right, under certain circumstances, to request a restriction of processing of your personal data. Furthermore, you have the right to file a complaint with the competent supervisory authority.

For further questions regarding data protection, please contact us at any time.

2. Hosting

Hetzner

Provider: Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen (hereinafter “Hetzner”).
Details: https://www.hetzner.com/de/legal/privacy-policy/
Legal Basis: The use of Hetzner is based on Article 6(1)(f) GDPR. We have a legitimate interest in a reliable presentation of our website. If consent has been obtained, processing is based exclusively on Article 6(1)(a) GDPR and Section 25(1) TDDDG.

IONOS

Provider: IONOS SE, Elgendorfer Str. 57, 56410 Montabaur (hereinafter “IONOS”).
Details: https://www.ionos.de/terms-gtc/terms-privacy
Legal Basis: The use of IONOS is based on Article 6(1)(f) GDPR. We have a legitimate interest in a reliable presentation of our website. If consent has been obtained, processing is based exclusively on Article 6(1)(a) GDPR and Section 25(1) TDDDG.

3. General Information and Mandatory Information

Data Protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations as well as this Privacy Policy. Please note that data transmission over the internet (e.g. via email) can have security vulnerabilities, and complete protection against third‑party access cannot be guaranteed.

Data Controller

The data controller for data processing on this website is:
Danial Ghanbari Odivi
Hohenstaufenstr. 14
56075 Koblenz
Telephone: 017661720726
Email: info@impressioncues.com

Retention Period

Unless a specific retention period is mentioned elsewhere in this Privacy Policy, your personal data will remain with us until the purpose for processing ceases to exist. If you assert a justified request for deletion or revoke your consent, your data will be deleted unless other legally permissible reasons (e.g. tax or commercial retention periods) apply.

Legal Bases for Data Processing

If you have consented to data processing, we process your personal data on the basis of Article 6(1)(a) GDPR or Article 9(2)(a) GDPR (in case of special categories of data pursuant to Article 9(1) GDPR). In the event of explicit consent for transferring personal data to third countries, processing is additionally based on Article 49(1)(a) GDPR. If you have consented to the storage of cookies or to access information on your device (e.g. via device fingerprinting), processing is further based on Section 25(1) TDDDG. For contract fulfillment, processing is based on Article 6(1)(b) GDPR; for legal obligations, on Article 6(1)(c) GDPR; and processing may also be based on our legitimate interest pursuant to Article 6(1)(f) GDPR.

Data Transfer to Non‑Secure Third Countries and to US Companies Not DPF‑Certified

We use tools from companies in third countries that are not considered data protection‑secure as well as US tools whose providers are not certified under the EU‑US Data Privacy Framework (DPF). When these tools are active, your personal data may be transferred to and processed in these countries. Please note that in non‑secure third countries a level of data protection comparable to the EU cannot be guaranteed.

The USA is generally considered a secure third country with a level of data protection comparable to the EU. Data transfer to the USA is therefore permissible if the recipient is certified under the “EU‑US Data Privacy Framework” (DPF) or provides appropriate additional safeguards. Further information on transfers, including data recipients, is provided in this Privacy Policy.

Data Recipients

In our business operations, we cooperate with various external parties. Personal data is only transferred to these parties when necessary for contract fulfillment, to comply with legal obligations (e.g. data transfer to tax authorities), based on our legitimate interest under Article 6(1)(f) GDPR, or when another legal basis permits such transfer. In the case of using processors, a valid data processing agreement is in place.

Revocation of Consent

Many data processing operations are only possible with your explicit consent. You may revoke your consent at any time. The lawfulness of the data processing that occurred prior to the revocation remains unaffected.

Right to Object and Direct Marketing (Art. 21 GDPR)

If data processing is based on Article 6(1)(e) or (f) GDPR, you have the right at any time to object, for reasons arising from your particular situation, to the processing of your personal data – this also applies to profiling based on these provisions. If you object, we will no longer process your affected personal data, unless we can demonstrate compelling protective reasons that outweigh your interests, rights, and freedoms, or if the processing is necessary for the assertion, exercise, or defense of legal claims.

If your personal data is processed for direct marketing purposes, you have the right to object to such processing at any time. In that case, your personal data will no longer be used for direct marketing purposes.

Complaint and Data Portability

In the event of a violation of the GDPR, you have the right to file a complaint with the competent supervisory authority. You also have the right to request that data processed based on your consent or for contract fulfillment be provided to you or transferred to a third party in a commonly used, machine‑readable format.

Access, Correction, Deletion and Restriction of Processing

Under applicable legal provisions, you have the right to obtain free information about your stored personal data, its origin, recipients, and the purpose of processing, as well as the right to have this data corrected or deleted. In addition, you have the right to request a restriction of processing in certain cases – for example, if you dispute the accuracy of your data or if the processing is unlawful.

SSL/TLS Encryption

This website uses SSL/TLS encryption to protect the transmission of confidential content (e.g. orders or inquiries). When enabled, the connection is indicated by the change from “http://” to “https://” in the browser’s address bar and the display of a padlock symbol.

4. Data Collection on This Website

Cookies

Our websites use so‑called “cookies”. Cookies are small data packets and do not harm your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted at the end of your visit, while persistent cookies remain until you delete them or your browser automatically removes them.

Cookies may be provided by us (first‑party cookies) or by third‑party companies (third‑party cookies). Third‑party cookies enable the integration of certain external services (e.g. cookies for processing payment services). Many cookies are technically necessary for the proper functioning of the website (e.g. the shopping cart or video display). Other cookies may be used to analyze user behavior or for advertising purposes.

Contact Form

When you submit an inquiry via a contact form, the data you provide (including your contact details) is stored for processing your inquiry and any follow‑up questions. This data is not shared without your consent. Processing is based on Article 6(1)(b) GDPR (if related to contract fulfillment or pre‑contractual measures) or on our legitimate interest (Article 6(1)(f) GDPR) or your consent (Article 6(1)(a) GDPR).

Inquiry via Email, Telephone or Fax

If you contact us by email, telephone, or fax, your inquiry – including all resulting personal data (e.g. name, inquiry) – is stored and processed for handling your request. This processing is based on Article 6(1)(b) GDPR (if linked to contract fulfillment or pre‑contractual measures) or on our legitimate interest (Article 6(1)(f) GDPR) or your consent (Article 6(1)(a) GDPR).

5. Analysis Tools and Advertising

WP Statistics

This website uses the analysis tool WP Statistics to statistically evaluate visitor accesses.
Provider: Veronalabs, Tatari 64, 10134 Tallinn, Estonia (https://veronalabs.com).
The tool collects log files (IP address, referrer, browser details, etc.) and visitor actions (e.g. clicks and views). The data is stored exclusively on our own server. Processing is based on Article 6(1)(f) GDPR and, if consent has been obtained, on Article 6(1)(a) GDPR and Section 25(1) TDDDG.

IP Anonymization

WP Statistics is configured to use IP anonymization. Your IP address is truncated so that it can no longer be directly associated with you.

6. Newsletter

If you wish to subscribe to our newsletter, we require your email address and additional information to verify that you are the owner of the email address and to confirm your consent to receive the newsletter. Processing of the newsletter data is carried out exclusively on the basis of your consent (Article 6(1)(a) GDPR). You may unsubscribe at any time. The data you provide for the newsletter will be stored until you unsubscribe or the purpose for its storage ceases to exist. We reserve the right to delete or block email addresses from our newsletter distribution list based on our legitimate interest under Article 6(1)(f) GDPR.

7. Plugins and Tools

Google Fonts (Local Hosting)

This site uses Google Fonts for a uniform display of fonts provided by Google. The fonts are hosted locally, so no connection to Google servers is made. More information can be found at Google Fonts FAQ and in Google’s Privacy Policy.

Google Maps

This site uses the Google Maps service to embed maps on the website.
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
To use Google Maps, your IP address is stored and typically transferred to a server in the USA. Processing is based on our legitimate interest (Article 6(1)(f) GDPR) and, if consent is provided, on Article 6(1)(a) GDPR and Section 25(1) TDDDG. Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. More details can be found at: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

Bing Maps

We have integrated Bing Maps on this website.
Provider: Microsoft Corporation, One Microsoft Way, Redmond, WA 98052‑6399, USA.
To use Bing Maps, your IP address is stored and generally transferred to a Microsoft server in the USA. Processing is based on our legitimate interest (Article 6(1)(f) GDPR) and, if consent is provided, on Article 6(1)(a) GDPR and Section 25(1) TDDDG. Data transfer is based on the EU Commission’s Standard Contractual Clauses. More information is available at: https://learn.microsoft.com/de-de/compliance/regulatory/offering-eu-model-clauses.

Google reCAPTCHA

We use Google reCAPTCHA on this website.
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
reCAPTCHA is used to verify whether data entered on this website (e.g. via a contact form) is submitted by a human or an automated program. It analyzes various parameters such as IP address, duration of visit, and mouse movements. The collected data is forwarded to Google. Processing is based on Article 6(1)(f) GDPR and, if consent is provided, on Article 6(1)(a) GDPR and Section 25(1) TDDDG. Further details can be found at: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de.

hCaptcha

We use hCaptcha on this website.
Provider: Intuition Machines, Inc., 2211 Selig Drive, Los Angeles, CA 90026, USA.
hCaptcha is used to verify whether data entered on this website (e.g. via a contact form) is submitted by a human or an automated program. It analyzes parameters such as IP address, duration of visit, and mouse movements. The collected data is forwarded to IMI. When used in invisible mode, the analysis runs completely in the background. Processing is based on Article 6(1)(f) GDPR and, if consent is provided, on Article 6(1)(a) GDPR and Section 25(1) TDDDG. More details can be found at: https://www.hcaptcha.com/privacy and https://hcaptcha.com/terms.

Cloudflare Turnstile

We use Cloudflare Turnstile on this website.
Provider: Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA.
Turnstile is used to verify whether data entered on this website is submitted by a human or an automated program. It analyzes parameters such as IP address, duration of visit, and mouse movements, and forwards the data to Cloudflare. Processing is based on Article 6(1)(f) GDPR and, if consent is provided, on Article 6(1)(a) GDPR and Section 25(1) TDDDG. Data processing is based on Standard Contractual Clauses, available at https://www.cloudflare.com/cloudflare-customer-scc/, and further details are provided at https://www.cloudflare.com/cloudflare-customer-dpa/.

Wordfence

We have integrated Wordfence on this website.
Provider: Defiant Inc., Defiant, Inc., 800 5th Ave, Ste 4100, Seattle, WA 98104, USA.
Wordfence protects our website from unauthorized access or malicious cyberattacks by maintaining a continuous connection to its servers. Processing is based on Article 6(1)(f) GDPR and, if consent is provided, on Article 6(1)(a) GDPR and Section 25(1) TDDDG. Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses, details available at: https://www.wordfence.com/help/general-data-protection-regulation/.

Source: https://www.e-recht24.de