Privacy Policy

In this Privacy Policy, we explain how we handle your personal data. The basis for this is the applicable data protection law, in particular the General Data Protection Regulation (GDPR). With the exception of the service providers and third-party providers named in this Privacy Policy, we do not pass on any data to third parties. If you have any questions, please do not hesitate to contact us.

Content

Controller
General Information
Website Hosting
Cookies, Tracking Pixels, and Mobile Identifiers
Contacting Us
Comments
Further Third-Party Services
Profiles in Social Networks
Rights of Data Subjects

1. Controller

The person responsible for data processing (Controller) is:

Matthias Winter c/o Block Services Stuttgarter Str. 106 70736 Fellbach Germany

Email: info@kritikpunkt.com

2. General Information

Provision of Data

For the use of our website, it is generally neither legally nor contractually required to provide personal data. Insofar as the provision of data is necessary for the conclusion of a contract or the user is obliged to provide personal data, we will inform you of this circumstance and the consequences of non-provision in this Privacy Policy.

Data Transfer to Third Countries

It is possible that we use service providers and third-party providers located in countries outside the European Union (EU) and the European Economic Area (EEA). The transfer of personal data to such third countries takes place, unless the user has consented to the data transfer, on the basis of an adequacy decision by the European Commission (Art. 45 GDPR) or we have provided suitable guarantees to ensure data protection (Art. 46 GDPR). Insofar as an adequacy decision by the European Commission exists for data transfer to a third country, we will refer to this in this Privacy Policy. Furthermore, users can obtain a copy of the suitable guarantees from us, unless these are already included in the privacy policies of the service providers or third-party providers.

Automated Decision-Making

Should we carry out automated decision-making including profiling, we will inform you about this fact, the logic involved, and the scope and intended effects of such processing in this Privacy Policy. Otherwise, automated decision-making does not take place.

Processing for Other Purposes

Data is generally only processed for the purposes for which it was collected. If, in exceptional cases, it is to be further processed for other purposes, we will inform you of these other purposes before such further processing and provide all other relevant information (Art. 13 Para. 3 GDPR).

3. Website Hosting

Every time our website is accessed, the user’s browser transmits various data. The following data is processed for the duration of the visit to the website:

Browser type and version used
Operating system
Accessed pages and files
Amount of data transferred
Date and time of access
User’s provider
IP address
Referrer URL

The processing of this data is necessary to deliver the website to the user and to optimize it for their end device. We do not store any personal data in log files.

Legal basis for the processing is Art. 6 Para. 1 Subpara. 1 Letter f) GDPR. Our legitimate interest lies in the provision of the website.

Design and operation of our website are carried out via the provider: Aut O’Mattic A8C Ireland Ltd. Business Centre, No.1 Lower Mayor Street International Financial Services Centre, Dublin 1, Ireland.

4. Cookies, Tracking Pixels, and Mobile Identifiers

We use technologies on our website to recognize the end device used. These can be cookies, tracking pixels, and/or mobile identifiers.

Recognizing an end device can basically serve different purposes. It may be necessary to provide functions of our website, for example, to provide a shopping cart. In addition, the technologies mentioned can be used to track user behavior on the site, for example for advertising purposes. Which technologies we use in detail and for what purposes are described separately in this Privacy Policy.

For a better understanding, we explain generally below how cookies, tracking pixels, and mobile identifiers work:

Cookies are small text files that contain certain information and are stored on the user’s end device. Usually, this involves an identification number assigned to an end device (Cookie ID).
A tracking pixel is a transparent graphic file that is integrated into a page and enables log file analysis.
A mobile identifier is a unique number (Mobile ID) stored on a mobile end device that can be read by a website.

Cookies may be necessary for our website to function properly. Legal basis for the use of such cookies is Art. 6 Para. 1 Subpara. 1 Letter f) GDPR. Our legitimate interest lies in the provision of the functions of our website.

We use cookies that are not necessary for the operation of our website to make our offer more user-friendly or to be able to trace the use of our website. The legal basis here depends on whether the user’s consent is to be obtained or whether we can rely on a legitimate interest. Consent granted can be revoked by the user at any time, among other things, through the settings in their browser.

The user can prevent the processing of data using cookies by means of appropriate settings in their browser and object to it. In the event of an objection, it may be that not all functions of our website are available. We inform you separately in this Privacy Policy about further possibilities of objecting to the processing of personal data by cookies. Where applicable, we provide links with which an objection can be declared. These are labeled “Opt-Out”.

5. Contacting Us

In the event of contact, we process the user’s details, date, and time for the purpose of processing the inquiry, including any follow-up questions.

Legal basis for data processing is Art. 6 Para. 1 Subpara. 1 Letter f) GDPR. Our legitimate interest lies in answering the inquiries of our users. Additional legal basis is Art. 6 Para. 1 Subpara. 1 Letter b) GDPR if the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures.

The data will be deleted as soon as the inquiry, including any follow-up questions, has been answered. We check at regular intervals, at least every two years, whether data accrued in connection with inquiries needs to be deleted.

6. Comments

On our website, we give users the opportunity to leave their own comments. When a comment is submitted to us, we process the user’s details. To protect against misuse of the comment function (e.g., through spam or criminal content), we additionally process the date, time, and IP address of the user.

Legal basis for the processing is Art. 6 Para. 1 Subpara. 1 Letter f) GDPR. Our legitimate interest lies in being able to offer the comment function and protecting ourselves against misuse.

7. Further Third-Party Services

Google Fonts

We use Google Fonts on our website. Provider: Google Ireland Ltd., Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. Fonts are loaded from the Google server. To establish a connection to the server, it is technically necessary to transmit the user’s IP address.

Legal basis for the processing is Art. 6 Para. 1 Subpara. 1 Letter f) GDPR. Our legitimate interest lies in shortening loading times and a uniform presentation on different end devices.

8. Profiles in Social Networks

We are present in one or more social networks. Specifically, this concerns: Instagram. When contacting us, we process personal data as described above under “Contacting Us”.

The providers of social networks process data according to their privacy policies, which can be accessed here:

Instagram Privacy Policy

If a user is logged in with their account, activities on our profile in the respective social network may be assigned to them. This can happen across devices and possibly even without login, for example, using cookies or mobile identifiers. The providers of social networks create pseudonymized user profiles based on the collected data, with which they can, in particular, display personalized advertising.

9. Rights of Data Subjects

If personal data of the user is processed, they are a “data subject” within the meaning of the GDPR. Data subjects have the following rights:

Right of access: The data subject has the right to obtain confirmation as to whether or not personal data concerning them is being processed. If personal data is being processed, the data subject has a right to free information as well as a copy of the personal data that is the subject of the processing.
Right to rectification: The data subject has the right to obtain the immediate rectification of inaccurate or completion of incomplete personal data.
Right to erasure: The data subject has the right to obtain the immediate erasure of personal data concerning them in accordance with the legal provisions.
Right to restriction of processing: The data subject has the right to obtain the restriction of processing of personal data concerning them in accordance with the legal provisions.
Right to data portability: The data subject has the right to receive the personal data concerning them in a structured, commonly used, and machine-readable format or to request transmission to another controller.
Right to object: The data subject has the right to object at any time, on grounds relating to their particular situation, to the processing of personal data concerning them which is based on Art. 6 Para. 1 Subpara. 1 Letter e) or f) GDPR; this also applies to profiling based on these provisions. If personal data is processed for direct marketing purposes, the data subject has the right to object at any time to processing of personal data concerning them for such marketing; this includes profiling to the extent that it is related to such direct marketing.
Right to withdraw consent: The data subject has the right to withdraw their consent at any time.
Right to lodge a complaint: The data subject has the right to lodge a complaint with a supervisory authority.

Status of the Privacy Policy: March 5, 2025