Introduction

With the following data protection declaration, we would like to inform you about which types of your personal data (hereinafter also referred to as “data”) we process for which purposes and to what extent. The data protection declaration applies to all processing of personal data carried out by us, both within the framework the provision of our services and, in particular, on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as “online offer”).

The terms used are not gender specific.

As of September 16, 2021

Responsible

Annette Helle

Waterway 26

D-38315 Hornburg

Email address: annette(att)gmx.com

Imprint:https://dam-tarrafal.com/impressum/

Overview of processing

The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects.

Types of data processed

Inventory data (e.g. names, addresses).

Content data (e.g. text input, photographs, videos).

Contact information (e.g. email, telephone numbers).

Meta/communication data (e.g. device information, IP addresses).

Usage data (e.g. websites visited, interest in content, access times).

Location data (data indicating the location of an end user’s end device).

Contract data (e.g. subject of the contract, term, customer category).

Payment data (e.g. bank details, invoices, payment history).

Categories of data subjects

business and contractual partners.

Interested persons.

communication partner.

Customers.

Users (e.g. website visitors, users of online services).

purposes of processing

registration procedure.

Provision of our online offer and user-friendliness.

visit action evaluation.

office and organizational procedures.

Cross-device tracking (processing of user data across devices for marketing purposes).

Direct marketing (e.g. by email or post).

Feedback (e.g. collecting feedback via online form).

Interest-Based and Behavioral Marketing.

Contact Requests and Communication.

Conversion measurement (measurement of the effectiveness of marketing measures).

Profiling (creating user profiles).

remarketing.

Range measurement (e.g. access statistics, recognition of returning visitors).

Safety measures.

Tracking (e.g. interest/behavioral profiling, use of cookies).

Contractual Benefits and Service.

Management and response to inquiries.

Target group formation (determination of target groups relevant for marketing purposes or other output of content).

Relevant legal bases

In the following we inform you about the legal basis of the General Data Protection Regulation (GDPR), on the basis of which we process the personal data. Please note that in addition to the regulations of the GDPR, the national data protection regulations in your or our country of residence and domicile may apply.

Consent (Art. 6 Para. 1 S. 1 lit. a GDPR) – The data subject has given their consent to the processing of their personal data for a specific purpose or several specific purposes.

Fulfillment of contract and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b. GDPR) – The processing is necessary for the fulfillment of a contract to which the data subject is party, or for the implementation of pre-contractual measures that are required at the request of the data subject take place.

Legal obligation (Art. 6 Para. 1 S. 1 lit. c. GDPR) – The processing is necessary to fulfill a legal obligation to which the person responsible is subject.

Protection of vital interests (Art. 6 Para. 1 S. 1 lit. d. GDPR) – Processing is necessary to protect vital interests of the data subject or another natural person.

Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR) – Processing is necessary to safeguard the legitimate interests of the person responsible or a third party, unless the interests or fundamental rights and freedoms of the data subject, which protect personal Data require prevail.

National data protection regulations in Germany: In addition to the data protection regulations of the General Data Protection Regulation, national data protection regulations apply in Germany. This includes in particular the law on the protection against misuse of personal data in data processing (Federal Data Protection Act – BDSG). In particular, the BDSG contains special regulations on the right to information, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes and transmission as well as automated decision-making in individual cases including profiling. It also regulates data processing