Privacy Policy

1. DATA PROTECTION AT A GLANCE

General information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is all data with which you can be personally identified. Detailed information on the subject of data protection can be found here.

Please refer to our data protection declaration listed below this text.

Data collection on this website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. His contact details can be found in the “Notice on the responsible body” section in this data protection declaration.

How do we collect your data?

On the one hand, your data is collected when you provide it to us. This can be e.g. the data that you enter into a contact form.

Other data is collected automatically or with your consent by our IT systems when you visit the website. These are primarily technical data (e.g. internet browser, operating system or time of the page view). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Some of the data is collected to ensure that the website is provided error-free. Other data can be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right at any time to obtain information about the origin, recipient and purpose of your data, free of charge to receive stored personal data. You also have the right to request correction or to request deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time in the future. You also have the right to request the restriction of the processing of your personal data in certain circumstances. You also have the right to lodge a complaint with the responsible supervisory authority. You can contact us at any time about this or if you have any further questions about data protection.

Analytics and Third Party Tools

When you visit this website, your surfing behavior can be statistically evaluated. This happens especially with so-called analysis programs. Detailed information about these analysis programs can be found below.

2. HOSTING

We host the content of our website with the following provider:

ALL-INKL.COM – Neue Medien Münnich,

owner René Münnich,

Hauptstraße 68

02742 Friedersdorf

Germany

Details can be found in All-Inkl’s privacy policy: https://all-inkl.com/datenschutzinformation/

The use of All-Inkl is based on Art. 6 Para. 1 lit. f GDPR. We have a legitimate interest in ensuring that our website is presented as reliably as possible. Unless if the relevant consent has been requested, processing is carried out exclusively on the basis of Art.6 Para. 1 lit. a GDPR and Section 25 Para. 1 TTDSG, insofar as the consent requires the storage of cookies or the access to information on the user’s device (e.g. device fingerprinting) within the meaning of the TTDSG includes. Consent can be revoked at any time.

Order Processing

We have concluded an order processing contract (AVV) for the use of the above service. This is a contract required by data protection law ensures that the personal data of our website visitors is only processed according to our instructions and processed in compliance with the DSGVO.

3. GENERAL INFORMATION AND MANDATORY INFORMATION

Data Protection

The operators of these sites take the protection of your personal data very seriously. We’ll treat your personal data confidentially and in accordance with statutory data protection regulations and with this data protection declaration. When you use this website, various personal data is collected. Personal data is data that can be used to personally identify you. The present data protection declaration explains what data we collect and what we use it for. It also explains how and for what purpose this is done. We would like to point out that data transmission on the Internet (e.g. when communicating via email) may have security gaps. There is no complete protection of data against access by third parties possible.

Note on the responsible body

The responsible body for data processing on this website is:

Ulrich Roman Murtfeld

Anemonenweg 45

88046 Friedrichshafen

Germany

Telephone: +49.171.4874926 Email: contact@cronenbold.net

The responsible body is the natural or legal person who alone or jointly with others decides about the purposes and means of processing personal data (e.g. names, email addresses, etc.).

Storage period

Unless a specific storage period has been stated within this data protection declaration your personal data will remain with us until the purpose for data processing no longer applies. If you have asserted a legitimate request for deletion or revoked consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing it  (e.g. retention periods under tax or commercial law); in the latter case, deletion takes place after these reasons no longer apply.

General information on the legal basis for data processing on this website

If you have consented to data processing, we will process your personal data on the basis of Art. 6 Para. 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR, if special data categories are processed in accordance with Art. 9 Para. 1 GDPR. In the event of expressed consent to the transfer of personal data in third countries your data is also processed on the basis of Art.49 Para. 1 (a) GDPR. If you consent to the storage of cookies or access to information on your device (e.g. via device fingerprinting), data processing will take place additionally based on Art. 25 Paragraph 1 TTDSG. Consent can be revoked at any time. If your data is necessary to fulfill the contract or to carry out pre-contractual measures, we process your data based on Article 6 Paragraph 1 Letter b GDPR. Furthermore, we process your data if it is necessary to fulfill a legal obligation on the basis of Art. 6 Para. 1 lit. c GDPR. Data processing can also be carried out on the basis of our legitimate interest in accordance with Art. 6 Para. 1 (f) GDPR. The relevant legal bases in each individual case are discussed below in the paragraphs of this data protection declaration.

Recipients of personal data

As part of our business activities, we work with various external bodies. In some cases, personal data must also be transmitted to these external bodies. We only pass on personal data to external parties if this is as part of a fulfillment of a contract necessary if we are legally obliged to do so (e.g. passing on data to tax authorities) if we have a legitimate interest in passing on data in accordance with Article 6 Paragraph 1 Letter f of the GDPR or if another legal basis allows the data to be passed on. When using processors  we provide data processors with our customers’ personal data only on the basis of a valid contract for order processing. In the case of joint processing, a contract is concluded on joint processing.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke consent that has already been given at any time. The legality of what took place until revocation remains unaffected by the revocation.

Right to object to data collection in special cases and against direct advertising (Art. 21 GDPR)

IF THE DATA PROCESSING IS BASED ON ART. 6 ABS. 1 (E) OR (F) GDPR, YOU HAVE THE RIGHT AT ALL TIMES FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION TO OBJECT AGAINST THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE TERMS. READ IN THIS PRIVACY POLICY THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED. IF YOU OBJECT,WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE MAY HAVE COMPULSORY REASONS FOR PROCESSING EVIDENCE THAT OUTWEIGHES YOUR INTERESTS; RIGHTS AND FREEDOM OR THAT PROCESSING IS FOR THE ASSERTMENT, EXERCISE OR DEFENSE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ARTICLE 21 (1) GDPR).WILL YOUR PERSONAL DATA BE PROCESSED TO OPERATE DIRECT ADVERTISING,  YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF SUCH PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT SUCH DIRECT ADVERTISING IS CONNECTED. IF YOU OBJECT, YOUR PERSONAL DATA WILL THEN BE NO LONGER USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION ART. 21 PARA. 2 GDPR).

Right to lodge a complaint with the responsible supervisory authority

In the event of violations of the GDPR, those affected have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence or place of work or the location of the alleged violation. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedies.

Right to data portability

You have the right to have data that we provide based on your consent or that we automatically provide in the performance of a contract process, handed over to yourself or to a third party, in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done to the extent that it is technically feasible.

Information, correction and deletion

You have the right to information free of charge at any time within the framework of the applicable legal provisions about your stored personal data, its origin and recipients and the purpose of data processing and, if applicable, a right to correction or deletion of this data. If you have any further questions on this as well as on the subject of personal data, you can contact us at any time.

Right to restriction of processing

You have the right to request that the processing of your personal data be restricted. You can contact us at any time about this. The right to restriction of processing exists in the following cases: If you dispute the accuracy of your personal data held by us, we usually require time to check this. For the duration of the examination, you have the right to request restriction of the processing of your personal data. If the processing of your personal data was/is occurring unlawfully, you can request restriction of data processing instead of deletion .If we no longer need your personal data, but you need it for the exercise, defense or assertion of legal claims, you have the right to object, defense or assertion of legal claims, you have the right to demand the restriction of the processing of your personal data instead of erasure. If you have lodged an objection pursuant to Art. 21 (1) GDPR, a balance must be struck between interests and our interests. As long as it is not yet clear whose interests prevail, you have the right to request the restriction of the processing of your personal data. If you have restricted the processing of your personal data, this data – apart from its storage – only with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

SSL or TLS encryption
For security reasons and for the protection of the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, SSL or TLS encryption is being used by this website. You can recognize an encrypted connection by the fact that the address line of the browser changes from
“http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

4. Data Collection on this Website
Cookies
Our Internet pages use so-called “cookies”. Cookies are small data packets and do not harm your
do no damage to your end device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. Session cookies
are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or they are automatically deleted by your web browser.
Cookies may originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies third-party companies within websites (e.g. cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies can be used to evaluate user behavior or for advertising purposes. Cookies that are required to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping basket function) or to optimize the website (e.g. cookies for  measuring the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR., unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimized provision of its services. If consent to the
storage of cookies and comparable recognition technologies has been requested, the processing  is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1
TTDSG); consent can be revoked at any time.
You can set your browser so that you are informed about the setting of cookies and
allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. Disabling of cookies may limit the functionality of this website.
You can find out which cookies and services are used on this website in this privacy policy.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
– Browser type and browser version
– Operating system used
– Referrer URL
– Host name of the accessing computer
– Time of the server request
– IP address
This data is not merged with other data sources.
This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has
a legitimate interest in the technically error-free presentation and optimization of its website
The server log files must be recorded for this purpose.

Contact Form
If you send us inquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the request
and in the event of follow-up questions. We will not pass on this data without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR, provided that your request is
related to the fulfillment of a contract or is required for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the
effective processing of the requests addressed to us (Art. 6 para. 1 lit. f GDPR) or on your
consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time.
The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies
(e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.

Inquiry by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your request, including all personal data (name, request) for the purpose of processing your request will be 
stored and processed by us. We will not pass on this data without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR, provided that your request is related to the fulfillment of a contract or is required for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the
effective processing of the requests addressed to us (Art. 6 para. 1 lit. f GDPR) or on your
consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; consent can be revoked at any time.
The data you send to us via contact requests will remain with us until you request us to delete it,
request deletion, revoke your consent to storage or the purpose for data storage no longer applies
(e.g. after your request has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

Comment function on this website
For the comment function on this page, in addition to your comment, information about the time when the comment was created and, if you are not posting anonymously, the user name you have chosen will be stored.
Storage duration of comments
The comments and the associated data are stored and remain on this website, until the commented content has been completely deleted or the comments must be deleted for legal reasons (e.g. offensive comments).
Legal basis
Comments are stored on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You
can revoke your consent at any time. All you need to do is send us an informal email. The legality of the data processing operations already carried out remains unaffected by the revocation.

5. Social Media
Facebook
Elements of the social network Facebook are integrated on this website. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. The data collected is according to Facebook also transferred to the USA and other third countries. You can find an overview of the Facebook social media elements here:
https://developers.facebook.com/docs/plugins/?locale=de_DE.
When the social media element is active, a direct connection is established between your device and the Facebook server. Facebook receives the information that you have visited this website with your IP address. If you click on the Facebook “Like” button while you are logged into your Facebook account, you can link the content of this website to your Facebook profile. This allows Facebook to associate your visit to this website with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook. Further information on this can be found in the privacy policy of Facebook at:
https://de-de.facebook.com/privacy/explanation.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and §
25 para. 1 TTDSG. Consent can be revoked at any time.
Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook. The processing carried out by Facebook after forwarding
is not part of the joint responsibility. The obligations incumbent on us jointly
have been set out in an agreement on joint processing. The wording of the agreement can be found at:
https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Facebook tool and for the secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. Data subject rights (e.g. requests for information) regarding the data processed by Facebook can be asserted directly with Facebook. If you assert the
data subject rights with us, we are obliged to forward them to Facebook.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
You can find details here:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://de-de.facebook.com/help/566994660333381 und
https://www.facebook.com/policy.php.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that aims to ensure compliance with European data protection standards for data processing in the USA. Every company certified under DPF-certified company undertakes to comply with these data protection standards. Further
information on this can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000GnywAAC&status=Acti

Instagram
Functions of the Instagram service are integrated on this website. These functions are offered by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. When the social media element is active, a direct connection is established between your device and the Instagram server. Instagram thereby receives information about your visit to this website.
If you are logged in to your Instagram account, you can click on the Instagram button link the content of this website to your Instagram profile. This allows Instagram to associate your visit to this website to your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data and its use by Instagram.
The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and §
25 para. 1 TTDSG. Consent can be revoked at any time.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, are jointly
Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to to the collection of data and its transfer to Facebook or Instagram. The processing that takes place after processing by Facebook or Instagram is not part of the joint responsibility.
The obligations incumbent on us jointly were set out in an agreement on joint processing.
processing agreement. You can find the wording of the agreement at
https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing data protection information when using the Facebook or Instagram tool and for the secure implementation of the tool on our website in accordance with data protection law. For the Facebook and Instagram products Facebook alone is responsible for data security. Rights of data subjects
(e.g. requests for information) regarding the data processed by Facebook or Instagram can be asserted directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
You can find details here:
https://www.facebook.com/legal/EU_data_transfer_addendum,
https://privacycenter.instagram.com/policy/ and
https://de-de.facebook.com/help/566994660333381.
Further information can be found in Instagram’s privacy policy:
https://privacycenter.instagram.com/policy/.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The
DPF is an agreement between the European Union and the USA that ensures compliance with
European data protection standards for data processing in the USA. Every company certified under DPF-certified company undertakes to comply with these data protection standards. Further
information on this can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000GnywAAC&status=Active

6. Newsletter
Newsletter data
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further
data is not collected or is only collected on a voluntary basis. We use this data exclusively for
for sending the requested information and do not pass it on to third parties.
The data entered in the newsletter registration form will be processed exclusively on the basis of your consent  (Art. 6 para. 1 lit. a GDPR). The consent given for the storage of the data, the e-mail address and its use for sending the newsletter can be revoked at any time via the “Unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

The data you provide us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe or after the purpose has ceased to apply. We reserve the right to delete e-mail addresses from our newsletter distribution list at our own discretion within the scope of
our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.
Data stored by us for other purposes remains unaffected by this.
After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider
in a blacklist if this is necessary to prevent future mailings.
mailings is necessary. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in compliance with the legal requirements when sending newsletters (legitimate interest within the meaning of
Art. 6 para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

7. Plugins and Tools
YouTube
This website integrates videos from the YouTube website. The operator of the website is Google Ireland Limited
(“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
When you visit one of our websites on which YouTube is integrated, a connection to the YouTube servers is established.
The YouTube server is informed which of our pages you have visited. Furthermore, YouTube can store various cookies on your end device or use comparable technologies for recognition (e.g. device fingerprinting). In this way
YouTube can obtain information about visitors to this website. Among other things, this information is used to collect video statistics, improve user-friendliness and prevent fraud attempts. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

The use of YouTube is in the interest of an appealing presentation of our online offers.
This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 (1) TTDSG, insofar as the consent permits the storage of cookies or access to
information in the user’s end device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.
Further information on the handling of user data can be found in YouTube’s privacy policy
at:
https://policies.google.com/privacy?hl=de.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The
DPF is an agreement between the European Union and the USA that aims to ensure compliance with
European data protection standards for data processing in the USA. Every company certified under DPF-certified company undertakes to comply with these data protection standards. Further
information on this can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt000000001L5AAI&s

 

 

Google Fonts (local hosting)
This site uses so-called Google Fonts, which are provided by Google, for the uniform display of fonts. Google Fonts are installed locally. There is no connection to Google servers. You can find more information about Google Fonts at
https://developers.google.com/fonts/faq and in Google’s privacy policy:
https://policies.google.com/privacy?hl=de.
Spotify
Functions of the Spotify music service are integrated on this website. The provider is Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm in Sweden. You can recognize the Spotify plugins by the green logo on this website. You can find an overview of the Spotify plugins at
https://developer.spotify.com.
This allows a direct connection to be established between your browser and the Spotify server via the plugin when you visit this website. Spotify receives the information that you have visited this website with your IP address. If you click on the Spotify button while you are logged into your Spotify account, you can link the content of this website to your Spotify profile. This allows Spotify to associate your visit to this website with your user account.

 

We would like to point out that cookies from Google Analytics are used when using Spotify,
so that your usage data can also be passed on to Google when you use Spotify.
Google Analytics is a tool of the Google Group for analyzing user behavior based in the USA.
Spotify is solely responsible for this integration. We as the website operator have no influence on this
processing.
The data is stored and analyzed on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the appealing acoustic design of its website. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent allows the storage of
of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TTDSG.  Consent can be revoked at any time. Further information on this can be found in Spotify’s privacy policy:
https://www.spotify.com/de/legal/privacy-policy/.
If you do not want Spotify to associate your visit to this website with your Spotify user account, please log out of your Spotify user account.