Privacy Policy - GDPR - Für Ihr Kind

Privacy Policy – GDPR

The following privacy policy applies to the use of our online offering www.private-kindererziehung.de and www.erziehungsberatung.private-kindererziehung.de (hereinafter referred to as „Website“).

We place great importance on data protection. The collection and processing of your personal data comply with applicable data protection regulations, particularly the General Data Protection Regulation (GDPR). We collect and process your personal data to provide the aforementioned portal. This statement explains how and for what purposes your data is collected and used, as well as the choices you have regarding your personal data.

By using this website, you consent to the collection, use, and transfer of your data in accordance with this privacy policy.

Controller

The controller responsible for the collection, processing, and use of your personal data within the meaning of Art. 4 No. 7 GDPR is:

Dr. Ulf Heimbach & Friederike Rosenberger
Leibnizstraße 30
10625 Berlin
Germany

Phone: +49 162 61 31 977
Email: info (at) private-kindererziehung.de

If you wish to object to the collection, processing, or use of your data by us in accordance with these data protection provisions, either in whole or for individual measures, you can send your objection to the controller.

You can save and print this privacy policy at any time.

General Use of the Website

Hosting
The hosting services we use provide the following services: infrastructure and platform services, computing capacity, storage space and database services, security services, and technical maintenance services required for the operation of the website.

In this context, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, metadata, and communication data from customers, interested parties, and visitors of this online offering on the basis of our legitimate interest in providing this online offering efficiently and securely in accordance with Art. 6 para. 1 sentence 1 (f) GDPR in conjunction with Art. 28 GDPR.

Access Data
We collect information about you when you use this website. We automatically collect information about your usage behavior and your interaction with us, and we record data about your computer or mobile device. We collect, store, and use data about each access to our online offering (so-called server log files). Access data includes:

Name and URL of the retrieved file
Date and time of retrieval
Transferred data volume
Notification of successful retrieval (HTTP response code)
Browser type and browser version
Operating system
Referrer URL (i.e., the previously visited page)
Websites accessed by the user’s system via our website
Internet service provider of the user
IP address and requesting provider

We use this log data without assigning it to your person or otherwise profiling for statistical evaluations for the purpose of operation, security, and optimization of our online offering. We also use it to anonymously record the number of visitors to our website (traffic), as well as the scope and type of use of our website and services. Additionally, we use it for billing purposes to measure the number of clicks received from cooperation partners. Based on this information, we can provide personalized and location-based content, analyze traffic, troubleshoot errors, and improve our services.

This is also our legitimate interest in accordance with Art. 6 para. 1 sentence 1 (f) GDPR.

We reserve the right to check log data retrospectively if there are concrete indications of unlawful use. IP addresses are stored in log files for a limited period if necessary for security purposes or to provide services or bill a service, e.g., if you use one of our offers. After completion of the order process or after payment, we delete the IP address if it is no longer required for security purposes. IP addresses are also stored if there is a specific suspicion of a criminal offense in connection with the use of our website. Furthermore, we store the date of your last visit (e.g., during registration, login, clicking on links, etc.) as part of your account.

Cookies
We use so-called session cookies to optimize our online offering. A session cookie is a small text file sent by the respective servers when you visit a website and temporarily stored on your hard drive. This file contains a session ID, allowing various requests from your browser to be assigned to a shared session. This enables your computer to be recognized when you return to the website. These cookies are deleted after you close your browser. For example, they allow you to use the shopping cart function across multiple pages.

We also use persistent cookies (small text files stored on your device) to a limited extent, which remain on your device and allow us to recognize your browser on your next visit. These cookies are stored on your hard drive and delete themselves after a specified period. Their lifespan ranges from 1 month to 10 years. They enable us to present our offer more user-friendly, effective, and secure and to display information tailored to your interests.

Our legitimate interest in the use of cookies in accordance with Art. 6 para. 1 sentence 1 (f) GDPR lies in making our website more user-friendly, effective, and secure.

Cookies store the following data and information:

Login information
Language settings
Entered search terms
Information about the number of visits to our website and the use of individual functions of our internet presence

When activating the cookie, it is assigned an identification number, but no assignment of your personal data to this identification number takes place. Your name, IP address, or similar data that would allow the cookie to be assigned to you are not stored in the cookie. Based on the cookie technology, we only receive pseudonymized information, such as which pages of our shop were visited, which products were viewed, etc.

You can configure your browser to inform you in advance about the setting of cookies and decide in individual cases whether to exclude the acceptance of cookies for certain cases or in general or to completely prevent cookies. This may limit the functionality of the website.

To manage the cookies and similar technologies (tracking pixels, web beacons, etc.) and the associated consents, we use the consent tool „Real Cookie Banner“. Details on the functionality of „Real Cookie Banner“ can be found at https://devowl.io/de/rcb/datenverarbeitung.

The legal basis for processing personal data in this context is Article 6(1)(c) GDPR and Article 6(1)(f) GDPR. Our legitimate interest lies in managing the deployed cookies and similar technologies, along with the corresponding consents.

Providing personal data is neither legally nor contractually required and is not necessary to conclude a contract. You are not obligated to provide personal data. However, if you do not provide the personal data, we will be unable to manage your consents.

Email Contact

When you contact us (e.g., via a contact form or email), we save your information to process your request and in case of follow-up questions.

This constitutes our legitimate interest under Art. 6 (1) Sentence 1 (f) GDPR.

We do not share this data without your consent.

We store and use additional personal data only if you consent to this or if it is legally permissible without special consent.

Google Analytics

We use Google Analytics, a web analysis service provided by Google Inc. („Google“). Google is certified under the Privacy Shield agreement between the European Union and the USA, committing to comply with EU data protection standards and regulations. For more information, please refer to the following link: Privacy Shield Certification.

Google Analytics uses „cookies,“ which are text files stored on your computer, to analyze your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

This constitutes our legitimate interest under Art. 6 (1) Sentence 1 (f) GDPR.

If IP anonymization is activated on this website, Google will truncate your IP address within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. IP anonymization is active on this website. On our behalf, Google will use this information to evaluate your use of the website, compile reports on website activities, and provide other services related to website and internet usage.

The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by adjusting your browser settings; however, we would like to point out that in this case, you may not be able to use all the features of this website to their full extent.

Additionally, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: Browser Plugin.

Alternatively to the browser plugin or within browsers on mobile devices, you can click on the following link to set an opt-out cookie, which prevents future data collection by Google Analytics within this website (this opt-out cookie only works in this browser and for this domain. If you delete your cookies in this browser, you must click this link again): Disable Google Analytics

Storage Duration

Unless specifically stated, we store personal data only as long as necessary to fulfill the purposes pursued.

Processing of Master Data

We also process master data as described below:

Online Shop
To place an order in our online shop, we need your personal, communication, and payment data so that we can confirm your order, communicate with you, and process the order.

Customer Account
For new registration, we collect personal data (e.g., name, address), communication data (e.g., email address), payment data (e.g., bank details), and access data (username and password).

To ensure proper registration and prevent unauthorized access by third parties, you will receive an activation link via email after registration to activate your account. Only after registration will the data you provide be stored permanently in our system.

You can delete a customer account at any time without incurring any costs other than the transmission costs according to the basic rates. A message in text form to the contact details mentioned in Section 1 (e.g., email, fax, letter) is sufficient for this. We will then delete your stored personal data unless we need to retain it to process orders or due to legal retention obligations.

Newsletter

To send you our newsletter, we use the so-called double opt-in procedure. This means we will only send you a newsletter if you have explicitly confirmed beforehand that you agree to receive it.

You can revoke your consent to the newsletter at any time without incurring any costs other than the transmission costs according to the basic rates. A message in text form to the contact details mentioned in Section 1 (e.g., email, fax, letter) is sufficient for this. You will also find an unsubscribe link in every newsletter.

Product Recommendations

We regularly send you product recommendations by email, independent of the newsletter. In this way, we provide you with information about products from our range that you might be interested in based on your recent purchases with us. We strictly adhere to legal requirements for this.

You can object to receiving product recommendations at any time without incurring any costs other than the transmission costs according to the basic rates. A message in text form to the contact details mentioned in Section 1 (e.g., email, fax, letter) is sufficient for this. You will also find an unsubscribe link in every email.

Legal Basis and Storage Duration

The legal basis for data processing under the above sections is Art. 6 (1) Sentence 1 (a), (b), and (f) GDPR. Our interests in data processing include initiating, concluding, and fulfilling contracts as well as direct advertising and product information.

Unless specifically stated, we store personal data only as long as necessary to fulfill the purposes pursued or as legally required.

Your Rights as a Data Subject

Under applicable laws, you have various rights regarding your personal data. If you wish to exercise these rights, please send your request via email or post to the address specified in Section 1, ensuring clear identification of your person.

Below is an overview of your rights:
Right to Confirmation and Access

You have the right to obtain confirmation from us at any time as to whether personal data concerning you is being processed. If this is the case, you have the right to receive information about the personal data stored about you, free of charge, along with a copy of this data. Additionally, you are entitled to the following information:

The purposes of processing.
The categories of personal data being processed.
The recipients or categories of recipients to whom personal data has been or will be disclosed, especially in third countries or international organizations.
If possible, the planned duration of storage or, if not possible, the criteria used to determine this duration.
The existence of a right to rectification, erasure, restriction of processing, or objection to processing.
The existence of a right to lodge a complaint with a supervisory authority.
If the data was not collected from you, all available information about its source.
The existence of automated decision-making, including profiling, as per Article 22 paragraphs 1 and 4 of the GDPR, and, at least in these cases, meaningful information about the logic involved and the potential consequences for you.

If personal data is transferred to a third country or international organization, you also have the right to be informed about the appropriate safeguards as per Article 46 of the GDPR regarding the transfer.
Right to Rectification

You have the right to request the immediate correction of inaccurate personal data concerning you. Considering the purposes of the processing, you also have the right to request the completion of incomplete personal data, including by providing a supplementary statement.
Right to Erasure (“Right to be Forgotten”)

Under Article 17(1) GDPR, you have the right to request that we erase personal data concerning you without undue delay, and we are obliged to erase personal data if one of the following reasons applies:

The personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
You withdraw consent on which the processing was based under Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, and there is no other legal ground for the processing.
You object to the processing under Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing under Article 21(2) GDPR.
The personal data was processed unlawfully.
The erasure of the personal data is necessary for compliance with a legal obligation under Union or Member State law to which we are subject.
The personal data was collected in relation to the offer of information society services under Article 8(1) GDPR.

If we have made the personal data public and are obliged to erase it under Article 17(1) GDPR, we will take reasonable steps, including technical measures, to inform data processors that you have requested the deletion of any links to, or copies or replications of, that personal data.
Right to Restriction of Processing

You have the right to request the restriction of processing if one of the following conditions applies:

You contest the accuracy of the personal data, for a period enabling us to verify its accuracy.
The processing is unlawful, and you oppose the erasure of the personal data and request the restriction of its use instead.
We no longer need the personal data for processing purposes, but you require it for the establishment, exercise, or defense of legal claims.
You have objected to processing under Article 21(1) GDPR, pending verification of whether our legitimate grounds override yours.

Right to Data Portability

You have the right to receive personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, and the right to transmit that data to another controller without hindrance, provided:

The processing is based on consent under Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract under Article 6(1)(b) GDPR.
The processing is carried out by automated means.

You also have the right to have the personal data transferred directly from us to another controller, where technically feasible.
Right to Object

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you based on Article 6(1)(e) or (f) GDPR, including profiling based on these provisions. We will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is for the establishment, exercise, or defense of legal claims.

If your personal data is processed for direct marketing purposes, you have the right to object at any time to such processing, including profiling related to direct marketing.

You also have the right to object to the processing of your data for scientific or historical research purposes or statistical purposes under Article 89(1) GDPR, unless the processing is necessary for performing a task carried out for reasons of public interest.

Your Rights as a Data Subject

Below is an overview of your rights:
Right to Confirmation and Access

You have the right to request the restriction of processing if one of the following conditions applies:

Right to Data Portability

The processing is based on consent under Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract under Article 6(1)(b) GDPR.
The processing is carried out by automated means.

You also have the right to have the personal data transferred directly from us to another controller, where technically feasible.
Right to Object

If your personal data is processed for direct marketing purposes, you have the right to object at any time to such processing, including profiling related to direct marketing.

Automated Decisions Including Profiling

You have the right not to be subject to a decision based solely on automated processing – including profiling – that has legal effects on you or significantly affects you in a similar way.

Automated decision-making based on the collected personal data does not take place.
Right to Withdraw Consent for Data Processing

You have the right to withdraw your consent for the processing of personal data at any time.
Right to Lodge a Complaint with a Supervisory Authority

You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your residence, workplace, or the location of the alleged violation, if you believe that the processing of your personal data violates the law.
Data Security

We strive to ensure the security of your data in compliance with applicable data protection laws and technical possibilities.

Your personal data is transmitted to us in encrypted form. This applies to your orders as well as your customer login. We use the SSL (Secure Socket Layer) encryption system. However, we point out that data transmission over the internet (e.g., communication via email) can have security gaps. Complete protection of data against access by third parties is not possible.

To secure your data, we maintain technical and organizational security measures in accordance with Article 32 of the GDPR, which we regularly adapt to the latest technological standards.

We also do not guarantee that our services will be available at all times; disruptions, interruptions, or failures cannot be ruled out. The servers we use are regularly and carefully secured.
Disclosure of Data to Third Parties, No Data Transfer Outside the EU

As a general rule, we use your personal data only within our company.

If and to the extent that we involve third parties in fulfilling contracts (e.g., logistics service providers), these third parties will only receive personal data to the extent necessary for providing the relevant service.

In cases where we outsource parts of data processing (“data processing agreements”), we contractually obligate processors to use personal data only in accordance with data protection regulations and to ensure the protection of the rights of the data subjects.

Data transfers to entities or individuals outside the EU, beyond the cases specified in Section 2 of this declaration, do not occur and are not planned.