X
  1. Malik Adams HOME
    2. /
  2. Privacy Policy
Datenschutzerklärung Deutsch

Privacy Policy

Status: 12/2025

The protection of personal data is an important concern for us. Therefore, the processing of personal data is carried out in accordance with the applicable European and national legal provisions.

You may, of course, revoke your declaration(s) of consent at any time with effect for the future. Please contact the controller for this purpose.

The following statement provides an overview of the type of data collected, how this data is used and disclosed, which security measures we take to protect your data, and how you can obtain information about the data provided to us.

Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 para. 1 sentence 1 lit. a) GDPR serves as the legal basis.

When processing personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 sentence 1 lit. b) GDPR serves as the legal basis. This also applies to processing operations necessary for the implementation of pre-contractual measures.

Insofar as processing personal data is necessary for compliance with a legal obligation to which we are subject, Art. 6 para. 1 sentence 1 lit. c) GDPR serves as the legal basis.

If processing is necessary to safeguard a legitimate interest of our company or a third party and the interests, fundamental rights, and freedoms of the data subject do not override the former interest, Art. 6 para. 1 sentence 1 lit. f) GDPR serves as the legal basis for processing.

Data deletion and storage duration

The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage no longer applies. Storage may also occur if provided for by the European or national legislator in Union regulations, laws, or other provisions to which we are subject. Blocking or deletion of the data also occurs when a storage period prescribed by the aforementioned regulations expires unless further storage of the data is necessary for contract conclusion or fulfillment.

Rented server space

We point out that we use rented server space from the provider myLoc managed IT AG, Am Gatherhof 44, 40472 Düsseldorf, www.webtropia.com. When the website is visited, the provider may automatically receive information. This information is automatically stored in so-called server log files, which your browser automatically transmits.

Controller

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the Member States as well as other data protection provisions is:

18ZEHN. GmbH
Benedikt-Schwarz-Strasse 2
76275 Ettlingen

Questions to the data protection officer

If you have questions regarding data protection, please send us an email or contact the person in our organization responsible for data protection:

18ZEHN. GmbH
Benedikt-Schwarz-Straße 2
76275 Ettlingen
Email: info@18-zehn.de
Web: www.18-zehn.de

Definitions

This privacy policy is based on the terminology used by the European legislator when adopting the General Data Protection Regulation (hereinafter referred to as “GDPR”). This privacy policy is intended to be easy to read and understand. To ensure this, the most important terms are explained below:

Personal data means any information relating to an identified or identifiable natural person (hereinafter “data subject”). A natural person is considered identifiable if they can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

Data subject is any identified or identifiable natural person whose personal data is processed by the controller.

Processing means any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

Controller or controller responsible for processing means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Processor means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

Recipient means a natural or legal person, public authority, agency, or another body to whom personal data are disclosed, whether or not it is a third party. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

Third party means a natural or legal person, public authority, agency, or other body other than the data subject, the controller, the processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

Consent means any freely given, specific, informed and unambiguous indication of the data subject’s wishes, by which the data subject signifies agreement to the processing of personal data relating to them, either by a statement or by a clear affirmative action.

Provision of the website and creation of logfiles

When using the website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we collect the following data and information automatically from the computer system of the requesting device each time the website is accessed:

The user’s IP address
Information about the browser type and version used
The user’s operating system
The user’s Internet service provider
Date and time of access
Websites accessed by the user’s system via our website
Content of the requests (specific pages)
Data volume transferred
Language and version of the browser software

The data is also stored in the logfiles of our system. Storing this data together with other personal data of the user does not take place.

The legal basis for the temporary storage of the logfiles is Art. 6 para. 1 lit. f) GDPR.

Temporary storage of the IP address by the system is necessary in order to:
– enable the delivery of the website to the user’s computer. For this, the user’s IP address must remain stored for the duration of the session.
– optimize the content of our website and advertising
– ensure the functionality of our IT systems and the technology of our website
– provide law enforcement authorities with the information necessary for prosecution in case of a cyberattack

Storage in logfiles is carried out to ensure the website’s functionality. The data also helps us optimize the website and ensure the security of our IT systems. In this context, no evaluation of the data for marketing purposes takes place.

Our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f) GDPR also lies in these purposes.

The data is deleted as soon as it is no longer required to achieve the purpose of its collection — in this case, at the end of the usage session.

In cases where the data is stored in logfiles, this occurs no later than after seven days. Extended storage is possible. In this case, the IP addresses are deleted or anonymized so that assignment to the requesting client is no longer possible.

The collection and storage of data for the provision of the website and for logfiles is absolutely necessary for operating the website; therefore, there is no option for objection.

Type and Purpose of Processing:
When you access our website, i.e., when you do not register or otherwise transmit information, information of a general nature is automatically collected. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your internet service provider, your IP address, and similar data. This is exclusively information that does not allow any conclusions to be drawn about your person.

They are processed in particular for the following purposes:
• Ensuring a smooth connection to the website,
• Ensuring a smooth use of our website,
• Evaluation of system security and stability, and
• for further administrative purposes.

We do not use your data to draw conclusions about your person. Information of this kind may be statistically evaluated by us to optimize our online presence and the underlying technology.

Processing is carried out according to Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.

Recipients of the data may be technical service providers who act as processors for the operation and maintenance of our website.

The data will be deleted as soon as it is no longer required for the purpose for which it was collected. For data used to provide the website, this is generally the case when the respective session ends.

The provision of the aforementioned personal data is neither legally nor contractually required. However, without the IP address, the service and functionality of our website cannot be guaranteed. In addition, individual services and features may not be available or may be restricted. For this reason, objection is excluded.

Use of Cookies

This website uses so-called cookies. Cookies are small text files which, as soon as you visit a website, are sent by a web server to your browser and stored locally on your device (PC, notebook, tablet, smartphone, etc.) and placed on your computer, providing the user (i.e., us) with certain information. Cookies serve to make the website more user-friendly and secure, in particular to collect usage-related information such as frequency of use, number of users of the pages, as well as usage behavior on the site. Cookies do not cause any damage to the computer and do not contain viruses. This cookie contains a characteristic string (so-called cookie ID) that enables clear identification of the browser when the website is reopened.

The cookies used can be viewed at any time in our cookie banner.

Cookies remain stored even when the browser session ends and can be accessed again when the website is revisited. However, cookies are stored on your computer and transmitted from there to our site. Therefore, you have full control over the use of cookies. If you do not wish data to be collected via cookies, you can configure your browser in the menu under “Settings” so that you are informed about the setting of cookies, or generally exclude the setting of cookies, or delete cookies individually. However, it should be noted that deactivating cookies may limit the functionality of this website. Insofar as session cookies are concerned, these will be deleted automatically when leaving the website.

Disclosure of Personal Data to Third Parties

Note on data transfer to data-protection–unsafe third countries and transfer to US companies certified under the DPF
We use tools from companies based in data-protection–unsafe third countries as well as US tools whose providers are certified under the EU–US Data Privacy Framework (DPF).

When these tools are active, your personal data may be transferred to these countries and processed there. We point out that the USA, as a safe third country, generally offers a level of data protection comparable to that of the EU. A data transfer to the USA is therefore permissible if the recipient holds certification under the “EU–US Data Privacy Framework” (DPF) or provides appropriate additional safeguards.

Through the adequacy decision of the European Commission (Art. 45 para. 3 GDPR), the EU–US Data Privacy Framework, and through standard contractual clauses, the provider of these tools undertakes to comply with the European data protection level according to GDPR when processing your personal data, even if the data is processed in the USA.

Embedding of YouTube Videos

On this website, we link to our YouTube channel. When you click on the link, you will be redirected to the YouTube website. The privacy policies of Google apply on YouTube. Further information can be found in Google’s privacy policy at https://policies.google.com/privacy. We do not collect personal data when you visit our YouTube channel. Data processing is carried out exclusively by Google (YouTube). We have no access to the data that YouTube processes in connection with retrieving the content. Please note that YouTube (Google) collects personal data when visiting our YouTube channel. Further information on data processing by YouTube and Google can be found in Google’s privacy policy. Also note that YouTube may use cookies when retrieving content on its channel. Further information on the cookies used can be found in Google’s cookie policy at https://policies.google.com/technologies/cookies.

YouTube Comment Function

By subscribing to or interacting with our YouTube channel, you agree to Google’s privacy policies. Further information on how Google processes your data can be found in Google’s privacy policy at https://policies.google.com/privacy.

Privacy Policy for the Use and Application of Google Ads

Our website uses the online advertising program “Google Ads” and, in this context, the conversion tracking of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). If you reach our website via a Google ad, a cookie will be placed on your device by Google Ads. These cookies expire after 30 days and are not used for personal identification. If the user visits certain pages of our website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. The information collected using the conversion cookie serves to create conversion statistics for Ads customers. We learn the total number of users who clicked on our ad and were redirected to a page marked with a conversion tracking tag. However, we do not receive information that personally identifies users. Processing is carried out based on your consent pursuant to Art. 6 para. 1 lit. a GDPR. Consent may be withdrawn at any time via our cookie banner or in the browser settings. Further information on Google’s data processing can be found in Google’s privacy policy: https://policies.google.com/privacy.

Privacy Policy for the Use and Application of Facebook Conversions API

The Facebook Conversions API is a tracking tool from a US company with a subsidiary in Ireland that allows us to directly connect your marketing data with the provider’s systems, enabling optimization of your ad targeting.

The processing company is Meta Platforms Inc.
For the European region, this is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin, Ireland, https://www.facebook.com/

Contacting the data protection officer of the processing company: https://www.facebook.com/help/contact/540977946302970

The service enables us to collect interactions of the website visitor with our website and forward them to Facebook in order to improve advertising performance on Facebook.

This includes:
• Optimization of our advertising on Facebook
• Analysis of user activities on our website
• Improvement of our marketing strategies

Type of Data
• Time of access
• Accessed website
• IP address
• Browser and device used
• User-agent
• Possibly further specific data (e.g., purchased products, shopping cart value, currency)

A complete overview of the data that can be collected can be found at:
https://developers.facebook.com/docs/marketing-api/conversions-api/parameters

Insofar as personal data is collected on our website using the tool described here and forwarded to Facebook, we and the processing company (Facebook) are jointly responsible for this data processing (Art. 26 GDPR).

Joint responsibility is limited exclusively to the collection of data and its transfer to Facebook. Processing after the transfer by Facebook is not part of the joint responsibility.

Processing location: European Union as well as the USA and possibly additional third countries.

Data transfer to the USA is based on the EU Commission’s standard contractual clauses. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum
and
https://de-de.facebook.com/help/566994660333381

Adequacy Decision // Data Privacy Framework // SCC
Through the adequacy decision of the European Commission (Art. 45 para. 3 GDPR), the EU–US Data Privacy Framework (https://www.dataprivacyframework.gov/list), and standard contractual clauses, Facebook undertakes to comply with the European data protection level according to GDPR when processing your personal data, even if the data is processed in the USA.

Personal data is stored as long as required for the purposes mentioned above or as long as statutory retention obligations exist.

The data is deleted as soon as it is no longer required for our recording purposes. In our case, this is after 18 months.

The retention periods of Meta Platforms can be found at:
https://www.facebook.com/privacy/policy?section_id=8-HowLongDoWe

Legal basis:
Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG (consent)
Art. 6 para. 1 lit. f GDPR (legitimate interest)

Privacy policy of the data processor: https://de-de.facebook.com/about/privacy/

You have the right to request information about the personal data we store about you. You also have the right to rectification, deletion, or restriction of the processing of your data as well as the right to data portability. You may withdraw your consent at any time.

Privacy Policy for the Use and Application of the META Pixel (formerly Facebook Pixel)

This website uses the visitor action pixel from Facebook/Meta for conversion measurement. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

According to Facebook, the collected data is also transferred to the USA and other third countries. This makes it possible to track the behavior of site visitors after they have been redirected to the provider’s website by clicking on a Facebook ad. This allows the effectiveness of Facebook advertising to be evaluated for statistical and market research purposes and future advertising measures to be optimized.

The data collected is anonymous to us as the operator of this website; we cannot draw conclusions about the identity of users. However, Facebook stores and processes the data so that a connection to the respective user profile is possible, and Facebook can use the data for its own advertising purposes in accordance with the Facebook data use policy (https://de-de.facebook.com/about/privacy/). This allows Facebook to place ads on and outside of Facebook. This use of data cannot be influenced by us as the site operator.

The use of this service is based on your consent under Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent may be withdrawn at any time.

We use the function of the advanced matching within the Meta Pixel.

The advanced matching allows us to transmit various types of data (such as your address, postal code, hashed email addresses, names, gender, date of birth, or phone number) of our customers and interested parties that we collect via our website to Meta (Facebook). By activating this, we can tailor our advertising campaigns on Facebook even more precisely to people who are interested in our offers. Furthermore, advanced matching improves the attribution of website conversions and expands custom audiences.

Insofar as personal data is collected on our website using the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). Joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook. Processing after the transfer by Facebook is not part of the joint responsibility. The obligations jointly incumbent on us are set forth in an agreement on joint processing.

The wording of the agreement can be found at:
https://www.facebook.com/legal/controller_addendum

According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-compliant implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. Data subject rights (e.g., access requests) concerning the data processed by Facebook may be asserted directly with Facebook. If you assert data subject rights with us, we are obliged to forward them to Facebook.

Data transfer to the USA is based on the EU Commission’s standard contractual clauses. Details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum
and
https://de-de.facebook.com/help/566994660333381

Further information on protecting your privacy can be found in the Facebook privacy notices:
https://de-de.facebook.com/about/privacy/

You can also deactivate the “Custom Audiences” remarketing function in the ad settings section at:
https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
To do this, you must be logged in to Facebook.

If you do not have a Facebook account, you can deactivate usage-based advertising by Facebook on the website of the European Interactive Digital Advertising Alliance:
http://www.youronlinechoices.com/de/praferenzmanagement/

Data Transmission upon Contract Conclusion for Services and Digital Content

We transmit personal data to third parties only when this is necessary within the scope of contract processing, for example to the credit institution commissioned with processing the payment.

No further transmission of the data takes place, or only if you have expressly agreed to the transmission. Your data will not be passed on to third parties without your explicit consent, for example for advertising purposes.

The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.

Links to External Websites

This website contains links to external sites. We are responsible for our own content. We have no influence over the content of external links and are therefore not responsible for them, in particular we do not adopt their content as our own. If you are redirected to an external page, the privacy policy provided there applies. If you notice unlawful activities or content on that page, you may inform us. In this case, we will review the content and respond accordingly (notice and take down procedure).

Linking and Integration of Third-Party Providers

Spotify, Amazon Music, iTunes, Apple Music, LinkTree

Our pages include functions and links to external services, including Spotify, Amazon Music, iTunes, Apple Music, and LinkTree. These services are provided by third-party providers that may process personal data if you use their functions or interact with their links. Below you will find detailed information regarding the processing of data by the respective providers.

Spotify

Functions of the music service Spotify are integrated on our website. The provider is Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm, Sweden. You can recognize the Spotify plugins by the green logo on our site. By visiting our website, a direct connection between your browser and Spotify’s servers can be established via the plugin. Spotify thereby receives the information that you have visited our site with your IP address. If you are logged into your Spotify account during your visit and click on the Spotify button, Spotify may assign the visit to your user account. The integration of the Spotify plugin is carried out in order to provide you with the opportunity to discover music in connection with our website. Spotify processes and transfers data to servers located in various countries. Further information on data processing by Spotify can be found in Spotify’s privacy policy. The legal basis is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in improving the user experience by providing music services.

If you do not want Spotify to associate the visit to our website with your user account, you must log out of your Spotify account before visiting our website or before clicking on the plugin.

Amazon Music

Our website may also contain links to Amazon Music. When you click such a link, you are redirected to Amazon Music services. Amazon Music processes and stores data in accordance with the Amazon privacy policy: https://www.amazon.de/gp/help/customer/display.html?nodeId=202006650. We have no influence on the data processing by Amazon Music and recommend that you familiarize yourself with the Amazon privacy policy.

iTunes / Apple Music

Through our website, you have the option of using links to iTunes and Apple Music. The provider of these services is Apple Inc., 1 Infinite Loop, Cupertino, CA 95014, USA. Use of these services is subject to Apple’s privacy policy https://www.apple.com/de/legal/privacy/, which contains information on the processing of personal data by Apple.

LinkTree

Our website may contain links to LinkTree, a service that allows multiple links to be presented on a single landing page. The provider of the service is Linktree PTY LTD, based in Melbourne, Australia. When you click on a LinkTree link, you will be redirected to the corresponding page of this third-party provider. LinkTree may process personal data, including but not limited to your IP address and information about which links you click on their platform.

The use of the LinkTree service is subject to LinkTree’s privacy policy https://linktr.ee/s/privacy, which you can view on their website. Please note that we have no influence on the processing of personal data by LinkTree and recommend familiarizing yourself with their privacy policy before using the service. The legal basis is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in providing users with a convenient way to find multiple relevant links in one place.

If you do not want LinkTree to process your data, you should refrain from using LinkTree link pages or take appropriate measures in your browser settings, such as blocking cookies or disabling scripts.

Please note that we have no control over the processing of your data by these third-party providers. For more information on the data protection practices of the respective providers, particularly regarding data storage and processing, please consult the linked privacy policies.

If you wish to prevent data processing by these external services, you should log out accordingly or limit the use of the features on our site.

Privacy Policy on the Use and Application of Brevo

As part of our services, we use Brevo (formerly Sendinblue) to offer you an optimal user experience. Brevo is a SaaS solution for relationship marketing, which we use for sending newsletters, organizing, and analyzing them.

Processing company:
Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany
https://www.brevo.com/de/, privacy@brevo.com

Email of the data protection officer:
dpo@brevo.com

Brevo is a service that can be used to organize and analyze the sending of newsletters.

With the help of Brevo, it is possible for us to analyze our campaigns.
For example, we can see whether a message has been opened and which links have been clicked, if applicable. This allows us to determine which links are clicked particularly often.

We can also determine whether certain previously defined actions were carried out after opening/clicking. Brevo also enables us to divide recipients into different categories. In this way, messages can be better tailored to the respective target groups.

We use Brevo to manage and send newsletters as well as analyze the use of our email communication. Your data is processed to:

• provide you with relevant information and offers.
• analyze and optimize the effectiveness of our communication measures.

Types of data:
• Email address
• First and last name (if provided)
• IP address
• Information on user behavior (e.g., open rates, click behavior)

Your data is transferred to Brevo, which acts as a data processor on our behalf.

Brevo is committed to protecting your data according to applicable data protection laws. Your data is transferred to third countries only if an adequate level of data protection is ensured.

The data you provide for newsletter subscription is stored on the servers of Sendinblue GmbH in Germany.

Through the adequacy decision of the European Commission (Art. 45 para. 3 GDPR), the EU–US Data Privacy Framework (https://www.dataprivacyframework.gov/list), and standard contractual clauses, Facebook undertakes to comply with the European data protection level according to GDPR when processing your personal data, even if the data is processed in the USA.

Personal data is stored as long as it is required for the purposes mentioned above or until you withdraw your consent or legal retention obligations exist.

Legal basis:
Art. 6 para. 1 lit. a GDPR (consent)
Art. 6 para. 1 lit. b GDPR (fulfillment of a contract)

Privacy policies of the data processor:
https://www.brevo.com/de/datenschutz-uebersicht/
https://www.brevo.com/de/legal/privacypolicy/

You have the right to request information about the personal data stored by us about you. Furthermore, you have the right to correction, deletion, or restriction of processing as well as the right to data portability. You may withdraw your consent at any time.

Marketing Emails

If you purchase goods or services from us and provide your email address in the process, we may subsequently use it for sending a newsletter. In such a case, newsletters will only contain direct advertising for our own similar goods or services. The legal basis for sending the newsletter is Art. 7 para. 3 UWG.

To avoid abusive or incorrect email information, we use the so-called double opt-in procedure. This means that we will send you an email to the provided address in which we ask you to confirm that the email address is correct. If you do not confirm your information within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we store the IP addresses and times of registration and confirmation.

The collection of the user’s email address serves to deliver the newsletter. The collection of other personal data during the confirmation process pursuant to para. 2 serves to prevent misuse of services or the email address used.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. The user’s email address is therefore stored as long as you do not withdraw your subscription to the newsletter.

You may unsubscribe from receiving our emails at any time by clicking the “unsubscribe newsletter” link in our newsletter footer or by sending us a text communication (email, letter, or fax) to the contact details provided in the imprint, indicating that you no longer wish to receive our marketing emails.

Contact Form and Email Contact

The data you enter is stored for the purpose of individual communication with you. For this purpose, providing a valid email address and your name is required. This serves to assign the inquiry and to subsequently respond to it. Providing further data is optional.

The processing of the data entered into the contact form is based on a legitimate interest (Art. 6 para. 1 lit. f GDPR). By providing the contact form, we want to enable you to contact us easily. The information you provide will be stored for the purpose of handling the inquiry and for possible follow-up questions. If you contact us to request an offer, the processing of the data entered in the contact form is carried out to take pre-contractual measures (Art. 6 para. 1 lit. b GDPR).

Recipients of the data may be processors.

Data will be deleted no later than 6 months after handling the inquiry. If a contractual relationship arises, we are subject to the statutory retention periods under the HGB and will delete your data after these periods have expired.

The provision of your personal data is voluntary. However, we can only process your inquiry if you provide us with your name, email address, and the reason for the inquiry.

SSL Encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the inquiries you send to us as the website operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. When SSL encryption is activated, data that you transmit to us cannot be read by third parties.

Rights of the Data Subject

If personal data concerning you is processed, you are the data subject within the meaning of the GDPR, and you have the following rights regarding the controller:

Right of Access

You may request confirmation from the controller as to whether personal data concerning you is being processed by us. If such processing exists, you may request at any time free information from the controller about the personal data stored regarding you, as well as the following information:

a) the purposes for which the personal data is processed;
b) the categories of personal data that are processed;
c) the recipients or categories of recipients to whom the personal data concerning you has been disclosed or will be disclosed;
d) the planned duration of the storage of the personal data concerning you or, if specific information is not possible, criteria for determining the storage period;
e) the existence of a right to rectification or deletion of the personal data concerning you, a right to restriction of processing by the controller, or a right to object to such processing;
f) the existence of a right to lodge a complaint with a supervisory authority;
g) all available information about the origin of the data if the personal data was not collected from the data subject;
h) the existence of automated decision-making including profiling pursuant to Art. 22 para. 1 and 4 GDPR and – at least in these cases – meaningful information about the logic involved as well as the significance and the envisaged consequences of such processing for the data subject.

You have the right to request information on whether the personal data concerning you is transferred to a third country or an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

Right to Rectification

You have the right to immediate rectification and/or completion by the controller if the personal data processed concerning you is incorrect or incomplete.

Right to Restriction of Processing

Under the following conditions, you may request the immediate restriction of processing of the personal data concerning you:

a) if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
b) the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;
c) the controller no longer needs the personal data for processing purposes, but you need it for the establishment, exercise, or defense of legal claims; or
d) if you object to processing pursuant to Art. 21 para. 1 GDPR and it has not yet been established whether the legitimate grounds of the controller override your grounds.

If the processing of the personal data concerning you has been restricted, such data – apart from storage – may only be processed with your consent, or for the establishment, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the Union or a Member State. If the restriction of processing has been restricted according to the above conditions, you will be informed by the controller before the restriction is lifted.

Right to Erasure

You may request the controller to immediately delete the personal data concerning you if one of the following reasons applies:

a) The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.
b) You withdraw your consent on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR, and there is no other legal basis for the processing.
c) You object to processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate grounds for the processing, or you object to processing pursuant to Art. 21 para. 2 GDPR.
d) The personal data concerning you has been unlawfully processed.
e) The deletion of the personal data concerning you is necessary to fulfill a legal obligation under Union or Member State law to which the controller is subject.
f) The personal data concerning you has been collected in relation to the offer of information society services pursuant to Art. 8 para. 1 GDPR.

If the controller has made the personal data concerning you public and is obliged pursuant to Art. 17 para. 1 GDPR to delete it, he shall take appropriate measures, including technical ones, considering the available technology and implementation costs, to inform controllers who process the personal data that you, as the data subject, have requested them to delete all links to these personal data or copies or replications of these personal data.

The right to erasure does not exist insofar as processing is necessary:

a) for exercising the right to freedom of expression and information;
b) for compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
c) for reasons of public interest in the area of public health pursuant to Art. 9 para. 2 lit. h and i as well as Art. 9 para. 3 GDPR;
d) for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes pursuant to Art. 89 para. 1 GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of such processing; or
e) for the establishment, exercise, or defense of legal claims.

Right to Notification

If you have asserted the right to rectification, erasure, or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you has been disclosed of this rectification/erasure/restriction unless this proves impossible or involves disproportionate effort. You have the right to be informed of these recipients by the controller.

Right to Data Portability

You have the right to receive the personal data concerning you that you have provided to the controller in a structured, commonly used, and machine-readable format. You also have the right to transmit these data to another controller without hindrance from the controller to whom the personal data was provided, provided that:

a) the processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR, and
b) the processing is carried out using automated means.

In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. This must not adversely affect the rights and freedoms of others.

The right to data portability does not apply to processing personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

The data subject may contact the controller at any time to exercise the right to data portability.

Right to Object

You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you carried out on the basis of Art. 6 para. 1 lit. e or f GDPR; this also applies to profiling based on these provisions.

The controller will no longer process the personal data concerning you unless he demonstrates compelling legitimate grounds for processing which override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.

If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such advertising; this also applies to profiling insofar as it is associated with such direct marketing. If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

You have the option, in connection with the use of information society services – notwithstanding Directive 2002/58/EC – to exercise your right to object by automated means using technical specifications.

The data subject may contact the controller directly at any time to exercise the right to object.

Right to Withdraw Consent under Data Protection Law

You have the right to withdraw your consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing carried out based on consent before its withdrawal. You may contact the controller for this purpose.

Automated Decision-Making in Individual Cases Including Profiling

You have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision:

a) is necessary for entering into or fulfilling a contract between you and the controller,
b) is permissible under Union or Member State law to which the controller is subject and such law contains appropriate measures to safeguard your rights and freedoms and legitimate interests, or
c) is based on your explicit consent.

However, such decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR unless Art. 9 para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.

In respect of the cases mentioned in (1) and (3), the controller shall take appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject, including at least the right to obtain human intervention on the part of the controller, to express his or her point of view, and to contest the decision.

If the data subject wishes to assert rights relating to automated decisions, he or she may contact the controller at any time.

Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, your workplace, or the place of the alleged infringement, if you believe that the processing of personal data concerning you violates the GDPR. The supervisory authority with which the complaint was lodged shall inform the complainant of the status and the results of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

Changes to the Privacy Policy

We reserve the right to amend our privacy practices and this policy in order to adapt them to changes in relevant laws or regulations, or to better meet your needs. Any changes to our privacy practices will be announced here. Please refer to the current version date of the privacy policy.

Watch Video
View gallery
click & Drag
Close Video
View product
View event
View work
View video
Discover artist
View more
Read post
Purchase
Click & Play
View Stores
Scroll