Personal data (hereinafter referred to as "data") is processed by us only to the extent necessary and for the purpose of providing a functional and user-friendly website, including its content and the services offered there.

According to Art. 4 No. 1 of Regulation (EU) 2016/679, i.e., the General Data Protection Regulation (hereinafter referred to as "GDPR"), "processing" means any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

With this Privacy Policy, we inform you particularly about the type, scope, purpose, duration, and legal basis of the processing of personal data, insofar as we decide either alone or jointly with others on the purposes and means of processing. Additionally, we inform you below about third-party components used for optimization purposes and to enhance the quality of use, insofar as third parties process data under their own responsibility.

Our Privacy Policy is structured as follows:

I. Information about us as the data controller
II. Rights of users and data subjects
III. Information about data processing

I. Information about us as the data controller

The responsible provider of this website in terms of data protection law is:

Griebler-Consulting
Traminerweg 6
D-76887 Bad Bergzabern

+49 176 55 21 04 34
E-Mail: manfred@griebler-consulting.de

II. Rights of users and data subjects

Regarding the data processing described in more detail below, users and data subjects have the right

• to obtain confirmation of whether data concerning them is being processed, information about the data processed, further details about the data processing, and copies of the data (cf. Art. 15 GDPR).
• to have incorrect or incomplete data corrected or completed (cf. Art. 16 GDPR).
• to have their data promptly deleted (cf. Art. 17 GDPR), or alternatively, if further processing is necessary pursuant to Art. 17(3) GDPR, to have processing restricted in accordance with Art. 18 GDPR.
• to receive the data concerning them and provided by them, and to have such data transmitted to other providers/controllers (cf. Art. 20 GDPR).
• to lodge a complaint with the supervisory authority if they believe that the data concerning them is being processed by the provider in violation of data protection regulations (cf. Art. 77 GDPR).

In addition, the provider is obliged to notify all recipients to whom data has been disclosed by the provider of any correction, deletion, or restriction of processing that occurs based on Articles 16, 17(1), 18 GDPR. However, this obligation does not exist if the notification is impossible or involves disproportionate effort. Notwithstanding this, users have the right to receive information about these recipients.

Likewise, under Art. 21 GDPR, users and data subjects have the right to object to the future processing of their data, provided the data is processed by the provider in accordance with Art. 6(1)(f) GDPR. In particular, an objection to data processing for the purpose of direct advertising is permissible.

III. Information about data processing

SSL or TLS Encryption

This site uses SSL or TLS encryption for security purposes and to protect the transmission of confidential content, such as data submitted via the contact form. You can recognize an encrypted connection by the browser address bar changing from "http://" to "https://" and the lock symbol displayed in your browser bar. When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Server Log Files

When visiting our website, information is automatically collected by the hosting provider and stored in so-called server log files. This information includes:

• Browser type and version
• Operating system
• Referrer URL (the previously visited page)
• Hostname of the accessing device
• IP address (shortened or anonymized where technically possible)
• Date and time of access

This data collection is based on Art. 6(1)(f) GDPR (legitimate interest). Our legitimate interest lies in ensuring the smooth operation and optimization of our website.

Contact Form

If you contact us via the contact form, the data you enter in the form will be stored for the purpose of processing your request. We do not share your data without your consent.

The processing of data entered into the contact form is based exclusively on your consent (Art. 6(1)(a) GDPR). You may revoke your consent at any time. A simple email notification is sufficient. The lawfulness of the data processing carried out until the revocation remains unaffected.

Your data will be deleted if you request its deletion, revoke your consent for storage, or if the purpose for storing the data no longer applies (e.g., once your inquiry has been processed). Mandatory legal provisions, such as retention periods, remain unaffected.

Website Login

To protect our website and monitor security-related user activity, we use the plugin WP Activity Log. It is used to detect unauthorized login attempts and to log important actions carried out by logged-in users. For specific activities (e.g. login, changes to content or system settings), the following data is recorded:

• Username and WordPress role
• IP address
• Type of action performed

• Date and time

The data is processed exclusively for security purposes, is not shared with third parties, and is automatically deleted after a maximum of 6 months.

The legal basis for this processing is Art. 6(1)(f) GDPR. Our legitimate interest lies in protecting the website from misuse and ensuring its integrity, technical security, and administrative stability.

Cookies

We do not use cookies on this website. Should there be any changes in the future, this privacy policy will be adapted accordingly.

Source: Adapted sample privacy policy from the law firm Weiß & Partner