Privacy Policy
Contents
1. Scope of application
2. Responsibility
3. Data protection officer
4 Our handling of your data
4.1 Personal data
4.2 Contact form
4.3 Usage data
4.4 Routine deletion and blocking of personal data
4.5 Cookies
4.5.1 Agreement on data processing
4.5.2 Server log files
5. Use of internet services
5.1 Data processing when using YouTube
6. Deployment and use of Google Analytics
6.1 Data protection provisions
6.2 Revocation of your consent
7. Recipients or categories of recipients
8. Your rights
8.1 Right to information
8.2 Right to rectification
8.3 Right to erasure
8.4 Right to restriction of processing
8.5 Right to data portability
8.6 Right of objection and revocation
8.7 Right to lodge a complaint
1. Scope of application
This privacy policy applies to the Barth Media GmbH website at https://www.bmg.studio/ and to the personal data collected via this website. For websites of other providers to which reference is made, e.g. via links, the data protection notices and declarations apply.
2. Responsible body
The controller responsible for the processing of personal data on this website is:
Barth Media GmbH
Nickl am Schopf 1
Gars am Inn
E-mail: email@leon-barth.com
Website: www.bmg.studio
3. Data protection officer
Data protection officer of the responsible body:
Barth Media GmbH
Nickl am Schopf 1
Gars am Inn
E-mail: email@leon-barth.com
Website: www.bmg.studio
4. Our handling of your data
4.1 Personal data:
According to Article 4 GDPR, personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
4.2 Contact form
When you contact us by e-mail or via a contact form, your e-mail address and, if you provide it, your name and telephone number will be stored by us in order to answer your questions.
The legal basis for processing this data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR.
We delete the data arising in this context after storage is no longer necessary or - in the case of statutory retention obligations - restrict processing.
4.3 Usage data
Each time an Internet file is requested, the following access data is stored by the controller for system-related reasons. Statistical evaluations of this data are always anonymized:
- the page from which the file was requested
- the name of the file accessed
- the date and time of the request
- the amount of data transferred,
- the access status (file transferred, file not found, etc.)
- the type of access (GET, POST),
- the Internet browser and operating system used
- the IP address of the requesting computer,
- the session ID generated by Barth Media GmbH when the file is accessed
- Cookies
The temporary storage of the data is necessary for the course of a website visit to enable delivery of the website. Further storage in log files takes place to ensure the functionality of the website and the security of the information technology systems. Our legitimate interest in data processing also lies in these purposes. The data is processed on the basis of Article 6(1)(f) GDPR.
4.4 Routine erasure and blocking of personal data
The controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject to. The criterion for the duration of the storage of personal data is the respective statutory retention period. After this period has expired, the corresponding data is routinely deleted, provided that it is no longer required for contract fulfillment or contract initiation.
If the storage purpose no longer applies or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data is routinely blocked or deleted in accordance with the statutory provisions.
4.5 Cookies
In order for our website to function properly, we might use cookies. In order to obtain your valid consent to the use and storage of cookies in the browser you use to access our website and to properly document this, we might use a consent management platform (further "Cookie Tool").
When you access our website, a connection might be established with the Cookie Tool server to give us the opportunity to obtain valid consent from you for the use of certain cookies. The Cookie Tool then stores a cookie in your browser in order to be able to activate only those cookies to which you have consented and to properly document this. The processed data will be stored until the specified storage period expires or you request the deletion of the data. Notwithstanding this, certain statutory retention periods may apply.
The Cookie Tool might serve to obtain the legally required consent to the use of cookies. The legal basis for this is Article 6(1)(c) of the General Data Protection Regulation (GDPR).
4.5.1 Agreement on data processing
When in use, we have entered into a data processing agreement with our Cookie Tool. This is a contract under data protection law that ensures that the data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.
4.5.2 Server log files
Our website and the Cookie Tool might automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected:
- Your consent status or the withdrawal of consent
- Your anonymized IP address
-Information about your browser
-Information about your device
-the date and time of your visit to our website
-the URL of the website on which you saved or updated your declaration of consent
-The approximate location of the user who saved their consent preferences
A universally unique identifier (UUID) of the website visitor who clicked on the banner cookie
5. Use of internet services
When you first visit our website, you might be shown a cookie banner so that you can choose whether to accept only the functionally necessary cookies or also other cookies/services for various purposes. A cookie with the name CONSENTMGR might be stored on the device you are using, which saves your choice. If you consent to the use of optional cookies/services, some relevant cookies will be loaded onto your device. The legal basis for the processing of optional cookies or comparable technologies is § 25 para. 1 TTDSG and, with regard to the processing of personal data, Art. 6 para. 1 lit. a GDPR. You can withdraw your consent at any time and consent again at any time. You can withdraw your consent by changing your browser settings, by refusing or deactivating the setting of cookies and deleting cookies that have been set or by preventing the use of the web trackers used (e.g. by opting out of cookies).
We use services whose service providers are partly located in so-called third countries, i.e. countries whose level of data protection does not correspond to that of the EU (you can find more information on this below in the description of the respective services). If this is the case and the European Commission has not issued an adequacy decision for these countries (Art. 45 GDPR), we have taken appropriate precautions to ensure an adequate level of data protection for any data transfers. These include standard contractual clauses of the EU. Where this is not possible, we base the data transfer on exceptions under Art. 49 GDPR, in particular on your voluntary consent. If a transfer to a third country is planned and there is no adequacy decision or suitable guarantees, it is possible that authorities in the respective third country (e.g. secret services) may gain access to the transferred data and, if necessary, the enforceability of your data subject rights cannot be guaranteed.
5.1 Data processing when using YouTube
This website might include videos that are made available via the YouTube platform of the operator Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Accessing a page of this website that has an integrated video does not yet establish a connection to the YouTube servers. This only happens after a video has been selected. After selecting a video, the video can be started with a second click. By establishing a connection to YouTube, the provider receives information about the website accessed and the user.
If the user is also logged in to YouTube at the same time as accessing a video on this website, the usage information is recorded by YouTube in the user's profile. This information is collected by YouTube and Google and assigned to the respective YouTube account of the data subject. If the user does not want this information to be transmitted to YouTube and Google, they can prevent the transmission by logging out of their YouTube account before accessing a video on our website.
The data protection provisions published by YouTube, which can be accessed at https://www.google.de/intl/de/policies/privacy/, provide information about the collection, processing and use of personal data by YouTube and Google.
6 Deployment and use of Google Analytics
6.1 Data protection provisions
This website might use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website, such as
- Browser type/version,
- Operating system used,
- Referrer URL (the previously visited page),
- Host name of the accessing computer (IP address),
- Time of the server request,
are generally transmitted to a Google server in the USA and stored there. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. We have also added the code "anonymizeIP" to Google Analytics on this website. This guarantees that your IP address is masked so that all data is collected anonymously. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.
The legal basis for this is consent in accordance with Art. 6 para. 1 lit. a GDPR.
6.2 Revocation of your consent
If we process your data on the basis of consent in accordance with Art. 6 para. 1 lit. a GDPR, you can revoke your consent for the future by deleting the cookies stored in your web browser.
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
7 Recipients or categories of recipients
Within our company, those departments that need your data to fulfill the above-mentioned purposes will have access to it. This also applies to service providers and vicarious agents employed by us. We will only transfer personal data to third parties if this is necessary for the aforementioned purposes or if you have given your prior consent.
We host our website with Webflow. The provider is Webflow, Inc, 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter: Webflow). When you visit our website, Webflow collects various log files including your IP addresses.
Webflow is a tool for creating and hosting websites. Webflow stores cookies or other recognition technologies that are required to display the page, to provide certain website functions and to ensure security (necessary cookies).
Details can be found in Webflow's privacy policy: EU & Swiss Privacy Policy | Webflow.
The use of Webflow is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in displaying our website as reliably as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device within the meaning of the TTDSG. Consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: EU & Swiss Privacy Policy | Webflow.
8. Your rights
As a user of our website, you have various rights under the GDPR, which arise in particular from Art. 15 to 18, 21 GDPR:
8.1 Right to information
You have the right to obtain confirmation as to whether or not personal data concerning you is being processed.
You can request information in accordance with Art. 15 GDPR about your personal data processed by us. In your request for information, you should specify your request in order to make it easier for us to compile the necessary data. The exceptions to this right set out in Section 34 BDSG apply.
8.2 Right to rectification
If the information concerning you is not (or no longer) correct, you can request a correction in accordance with Art. 16 GDPR. If your data is incomplete, you can request that it be completed.
8.3 Right to erasure
You can request the erasure of your personal data under the conditions of Art. 17 GDPR. Your right to erasure depends, among other things, on whether we still need the data concerning you to fulfill our legal obligations.
8.4 Right to restriction of processing
Within the framework of the provisions of Art. 18 GDPR, you have the right to request that the processing of data concerning you be restricted.
8.5 Right to data portability
According to Art. 20 GDPR, the right to data portability includes the possibility for the data subject to receive the personal data concerning him/her from the controller in a commonly used, machine-readable format in order to have it forwarded to another controller.
8.6 Right of objection and revocation
If you have given your consent to the processing of your data, you can withdraw this at any time. The revocation of consent is only effective for the future and does not affect the legality of the data processed until the revocation.
In accordance with Art. 21 GDPR, you have the right to object to the processing of data concerning you at any time for reasons arising from your particular situation. The exceptions to this right set out in Section 36 BDSG apply.
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions.
The controller shall no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
8.7 Right to lodge a complaint
If you are of the opinion that we have not complied with data protection regulations when processing your data, you can lodge a complaint with the official data protection officer of the Hessian Commissioner for Data Protection and Freedom of Information (https://datenschutz.hessen.de/service/beschwerde), who will examine your complaint.