Imprint


Nina Steyer
"Nina Lukisa"
28790 Schwanewede
Germany

Email: nina.steyer@gmx.de

VAT is not shown (Small Business Regulation)
EU Commission’s Platform for Online Dispute Resolution: https://ec.europa.eu/odr
We are neither obligated nor willing to participate in a dispute resolution procedure before a consumer arbitration board.



Privacy Policy


1) Introduction and Contact Information of the Data Controller

1.1
Thank you for visiting our website and for your interest in our services. In this Privacy Policy, we inform you about the handling of your personal data when you use our website. Personal data refers to all data that can identify you as an individual.

1.2
The data controller for data processing on this website, within the meaning of the General Data Protection Regulation (GDPR), is Nina Steyer. The data controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.

2) Data Collection When Visiting Our Website

2.1
When you visit our website for informational purposes only (i.e., without registering or otherwise transmitting information), we collect only the data that your browser transmits to our server (known as "server log files"). When you access our website, we collect the following data necessary for technical purposes to display the website to you:

- The website visited
- Date and time of access
- Amount of data transferred (in bytes)
- Source/link from which you accessed the site
- Browser used
- Operating system used
- IP address used (if applicable, anonymized)

Processing is carried out in accordance with Art. 6(1)(f) GDPR, based on our legitimate interest in improving the stability and functionality of our website. The data will not be transmitted or otherwise used. However, we reserve the right to review server log files if there are specific indications of illegal use.

2.2
For security reasons and to protect the transmission of personal data and other confidential content (e.g., inquiries or orders), this website uses SSL or TLS encryption. A secure connection can be recognized by the "https://" prefix and the lock symbol in your browser’s address bar.

3) Hosting & Content Delivery Network

Cloudflare

We use a Content Delivery Network (CDN) provided by Cloudflare Inc., 101 Townsend St, San Francisco, CA 94107, USA. This service helps us deliver large media files (such as graphics, page content, or scripts) more quickly through a network of regionally distributed servers. Processing occurs to safeguard our legitimate interest in improving the stability and functionality of our website in accordance with Art. 6(1)(f) GDPR. We have entered into a Data Processing Agreement with this provider, ensuring the protection of our website visitors' data and prohibiting unauthorized disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, based on an adequacy decision by the European Commission to ensure compliance with European data protection standards.


4) Contact

If you contact us (e.g., via contact form or email), personal data is collected. The data collected through a contact form can be found in the respective form. Such data is stored and used solely for responding to your inquiry or for contacting you and the associated technical administration.

The legal basis for processing this data is our legitimate interest in responding to your inquiry according to Art. 6(1)(f) GDPR. Should your inquiry be aimed at concluding a contract, the additional legal basis for processing is Art. 6(1)(b) GDPR. Your data will be deleted after your inquiry has been fully processed, provided no statutory retention obligations prevent deletion.

5) Website Functionality

5.1 Facebook Plugins

Our website uses plugins from the social network provided by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. These plugins enable direct interactions with content on the social network.

To protect your data, these plugins are initially disabled and integrated via the "2-click" or "Shariff" solution. This integration ensures that no connection to the provider's servers is established when a page containing such plugins is accessed on our website. Only when you activate the plugins and thereby consent to data transmission under Art. 6(1)(a) GDPR, your browser establishes a direct connection with the provider’s servers, transmitting certain information (e.g., IP address, browser type, site history).

If logged into a user profile on the social network, interactions with the plugin may be published and visible to your contacts. You may revoke your consent at any time by deactivating the plugin, though revocation does not affect data already transferred. Data may also be transmitted to Meta Platforms Inc., USA.

We have entered into a Data Processing Agreement with the provider, ensuring the protection of our website visitors' data. For data transfers to the USA, the provider is compliant with the EU-US Data Privacy Framework.

5.2 Instagram Plugins

Our website uses plugins from Instagram, provided by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. These plugins enable direct interaction with social network content.

To protect your data, these plugins are initially disabled via a "2-click" or "Shariff" solution. No connection to the provider's servers is established when a page containing these plugins is accessed. If you activate the plugins, your browser connects directly to the provider's servers, transmitting certain data (e.g., IP address, browser type, site history) under Art. 6(1)(a) GDPR.

Data may be transmitted to Meta Platforms Inc., USA. The provider has committed to the EU-US Data Privacy Framework for data transfers.

5.3 Google Web Fonts

For uniform font display, we use Google Web Fonts, provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. Upon accessing a page, your browser loads Web Fonts to display texts and fonts correctly, establishing a connection with the provider’s servers and transmitting certain browser information, including your IP address.

Data may be transferred to Google LLC, USA. The data processing takes place only with your explicit consent (Art. 6(1)(a) GDPR), which you can revoke by deactivating this service in the "Cookie-Consent-Tool." For more on Google's Privacy Policy: https://business.safety.google/intl/de/privacy/.

6) Data Subject Rights

6.1
Applicable data protection law grants you the following rights concerning your personal data:

- Right to access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to withdraw consent (Art. 7(3) GDPR)
- Right to file a complaint (Art. 77 GDPR)

6.2 Right to Object

IF WE PROCESS YOUR PERSONAL DATA BASED ON LEGITIMATE INTERESTS (ART. 6(1)(F) GDPR), YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION.

7) Duration of Storage of Personal Data

The duration of the storage of personal data is determined based on the respective legal basis, the purpose of processing, and—where applicable—on the relevant statutory retention period (e.g., retention obligations under commercial and tax law).

When personal data is processed on the basis of an explicit consent pursuant to Art. 6(1)(a) GDPR, the data in question is stored until you withdraw your consent.

If statutory retention periods apply to data processed within the scope of legal or quasi-legal obligations under Art. 6(1)(b) GDPR, this data will be routinely deleted once the retention periods expire, provided it is no longer required for the performance of the contract or the initiation of a contract, and/or there is no legitimate interest on our part in retaining it.

For data processed under Art. 6(1)(f) GDPR, this data will be stored until you exercise your right to object pursuant to Art. 21(1) GDPR, unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms, or if the processing serves the establishment, exercise, or defense of legal claims.

For data processed for the purpose of direct marketing under Art. 6(1)(f) GDPR, this data will be stored until you exercise your right to object pursuant to Art. 21(2) GDPR.

Unless otherwise specified within the context of this privacy notice, any stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.