Privacy Policy
Privacy Policy
the website www.creepygarden.de
1. Data protection at a glance
General information
The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to personally identify you. Detailed information on data protection can be found in our privacy policy, which is linked below.
Data collection on our website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. Their contact details can be found in the legal notice of this website.
How do we collect your data?
Your data is collected, firstly, because you provide it to us. This could include, for example, data that you enter into a contact form.
Other data is automatically collected by our IT systems when you visit the website. This is primarily technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter our website.
What do we use your data for?
Some data is collected to ensure the website functions correctly. Other data may be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right to obtain information free of charge at any time regarding the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction, blocking, or deletion of this data. For this purpose, as well as for any further questions regarding data protection, you can contact us at any time at the address provided in the legal notice. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
Furthermore, you have the right, under certain circumstances, to request the restriction of the processing of your personal data. Details can be found in the privacy policy under "Right to restriction of processing".
Analytics tools and third-party tools
When you visit our website, your browsing behavior may be statistically analyzed. This is done primarily using cookies and so-called analytics programs. The analysis of your browsing behavior is generally anonymous; your browsing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy.
You can object to this analysis. We will inform you about your options for objecting in this privacy policy.
2. General information and mandatory disclosures
Data protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various personal data are collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
Please note that data transmission over the internet (e.g., when communicating via email) can have security vulnerabilities. Complete protection of data against access by third parties is not possible.
Note regarding the responsible body
The responsible body for data processing on this website is:
Martin DumpichIm Rühmt 1A 22147 Hamburg
Email: webmaster (at) creepygarden.de
The responsible entity is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).
Revocation of your consent to data processing
Many data processing operations are only possible with your explicit consent. You can revoke your consent at any time. An informal notification by email to us is sufficient. The legality of data processing carried out before the revocation remains unaffected by the revocation.
Right to object to data processing in special cases and to direct marketing (Art. 21 GDPR)
If data processing is based on Article 6(1)(e) or (f) GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, including profiling based on those provisions. The respective legal basis for processing is set out in this privacy policy. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims (objection pursuant to Article 21(1) GDPR).
If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object, your personal data will no longer be processed for direct marketing purposes (objection pursuant to Article 21(2) GDPR).
Right to lodge a complaint with the competent supervisory authority
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work, or the place of the alleged infringement. This right to lodge a complaint is without prejudice to any other administrative or judicial remedy.
Right to data portability
You have the right to receive the data that we process automatically based on your consent or in fulfillment of a contract, either for yourself or for a third party, in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done if technically feasible.
SSL or TLS encryption
This site uses SSL/TLS encryption for security reasons and to protect the transmission of confidential information, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the browser's address bar changes from "http://" to "https://" and by the lock symbol in your browser's address bar.
When SSL or TLS encryption is enabled, the data you send to us cannot be read by third parties.
Information, blocking, deletion and correction
Under applicable law, you have the right to request information, free of charge, about your stored personal data, its origin and recipients, and the purpose of data processing. You also have the right to rectification, blocking, or erasure of this data. For this purpose, and for any further questions regarding personal data, you can contact us at any time at the address provided in the legal notice.
Right to restriction of processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time at the address provided in the legal notice. The right to restrict processing exists in the following cases:
If you dispute the accuracy of your personal data stored with us, we generally need time to verify this. For the duration of the verification process, you have the right to request the restriction of the processing of your personal data. If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of deletion. If we no longer need your personal data, but you require it for the establishment, exercise or defense of legal claims, you have the right to request restriction of processing of your personal data instead of erasure. If you have objected to processing pursuant to Article 21(1) GDPR, a balancing of interests between your interests and ours must be carried out. Until it is determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data – apart from being stored – may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.
Objection to advertising emails
The use of contact details published as part of the legal notice for sending unsolicited advertising and informational materials is hereby prohibited. The operators of these pages expressly reserve the right to take legal action in the event of unsolicited advertising, such as spam emails.
3. Data collection on our website
Cookies
These websites sometimes use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our website more user-friendly, effective, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called "session cookies." They are automatically deleted after your visit ends. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser on your next visit.
You can configure your browser to notify you when cookies are set and to allow cookies only in individual cases, to accept cookies in certain cases or to generally reject them, and to automatically delete cookies when you close your browser. Disabling cookies may limit the functionality of this website.
Cookies that are necessary for carrying out electronic communication or for providing certain functions you have requested (e.g., the shopping cart function) are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in storing cookies to ensure the technically flawless and optimized provision of its services. Any other cookies (e.g., cookies for analyzing your browsing behavior) are addressed separately in this privacy policy.
Server log files
The website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This information includes:
Browser type and browser version Operating system used Referrer URL Hostname of the accessing computer Time of server request IP address
This data will not be combined with other data sources.
This data is collected on the basis of Article 6(1)(f) GDPR. The website operator has a legitimate interest in the technically flawless presentation and optimization of its website – for this purpose, the server log files must be recorded.
Contact form
If you send us inquiries via the contact form, your information from the inquiry form, including the contact details you provided, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We will not share this data without your consent.
The processing of the data entered into the contact form is therefore based solely on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. An informal notification by email to us is sufficient. The lawfulness of the data processing operations carried out until the revocation remains unaffected by the revocation.
The data you enter in the contact form will remain with us until you request its deletion, revoke your consent to its storage, or the purpose for data storage no longer applies (e.g., after your inquiry has been processed). Mandatory legal provisions – in particular, retention periods – remain unaffected.
Inquiries via email, telephone or fax
When you contact us by email, telephone, or fax, your inquiry, including all resulting personal data (name, inquiry), will be stored and processed by us for the purpose of handling your request. We will not share this data without your consent.
The processing of this data is based on Article 6(1)(b) GDPR if your request is related to the performance of a contract or is necessary for taking steps prior to entering into a contract. In all other cases, the processing is based on your consent (Article 6(1)(a) GDPR) and/or on our legitimate interests (Article 6(1)(f) GDPR), as we have a legitimate interest in the efficient processing of inquiries addressed to us.
The data you send us via contact requests will remain with us until you request its deletion, revoke your consent to its storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions – in particular, statutory retention periods – remain unaffected.
Comment function on this website
For the comment function on this page, in addition to your comment, information about the time of creation of the comment, your e-mail address and, if you do not post anonymously, your chosen username will be stored.
Storage of the IP address
Our comment function stores the IP addresses of users who post comments. Since we do not review comments on our site before they are published, we need this data to take action against the author in the event of legal violations such as insults or propaganda.
Storage period of comments
The comments and associated data (e.g. IP address) are stored and remain on our website until the commented content has been completely deleted or the comments must be deleted for legal reasons (e.g. offensive comments).
Legal basis
The storage of comments is based on your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw your consent at any time. An informal notification by email to us is sufficient. The lawfulness of the data processing operations already carried out remains unaffected by the withdrawal.
4. Social Media
Social media plugins with Shariff
Our website uses plugins from social media (e.g. Facebook, Twitter, Google , Instagram, Pinterest, XING, LinkedIn, Tumblr).
You can usually recognize the plugins by their respective social media logos. To ensure data protection on our website, we only use these plugins in conjunction with the so-called "Shariff" solution. This application prevents the plugins integrated into our website from transmitting data to the respective provider as soon as you visit the page.
Only when you activate the respective plugin by clicking the corresponding button will a direct connection to the provider's server be established (consent). Once you activate the plugin, the respective provider receives the information that you have visited our site with your IP address. If you are simultaneously logged into your respective social media account (e.g., Facebook), the provider can associate your visit to our site with your user account.
Activating the plugin constitutes consent within the meaning of Article 6(1)(a) GDPR. You can withdraw this consent at any time with effect for the future.
Facebook plugins (Like & Share button)
Our website uses plugins from the social network Facebook, provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. You can recognize the Facebook plugins by the Facebook logo or the "Like" button on our site. An overview of the Facebook plugins can be found here: https://developers.facebook.com/docs/plugins/?locale=de_DE.
When you visit our website, the plugin establishes a direct connection between your browser and the Facebook server. Facebook then receives the information that you have visited our site with your IP address. If you click the Facebook "Like" button while logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to associate your visit to our site with your user account. Please note that as the provider of this website, we have no knowledge of the content of the transmitted data or its use by Facebook. You can find further information in Facebook's privacy policy at: https://de-de.facebook.com/privacy/explanation.
If you do not want Facebook to be able to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.
The use of Facebook plugins is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in achieving the broadest possible visibility on social media.
5. Plugins and Tools
YouTube with enhanced privacy
Our website uses plugins from the YouTube website. The operator of the pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
We use YouTube in enhanced privacy mode. According to YouTube, this mode prevents YouTube from storing information about visitors to this website before they watch the video. However, enhanced privacy mode does not necessarily prevent data from being shared with YouTube partners. For example, YouTube establishes a connection to the Google DoubleClick network regardless of whether you watch a video.
As soon as you start a YouTube video on our website, a connection is established to YouTube's servers. This informs the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you allow YouTube to directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, YouTube may store various cookies on your device after you start playing a video. These cookies allow YouTube to collect information about visitors to our website. This information is used, among other things, to compile video statistics, improve user experience, and prevent fraud. The cookies remain on your device until you delete them.
Additional data processing operations may be triggered after a YouTube video starts, over which we have no control.
The use of YouTube is in the interest of presenting our online content in an appealing way. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Further information about data protection at YouTube can be found in their privacy policy at: https://policies.google.com/privacy?hl=de.
Google Maps (with consent)
This website uses the Google Maps service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To ensure data privacy on our website, Google Maps is deactivated when you first visit our site. A direct connection to Google's servers is only established when you actively enable Google Maps (consent according to Art. 6 para. 1 lit. a GDPR). This prevents your data from being transmitted to Google the moment you access the page.
Once activated, Google Maps will store your IP address. This will then typically be transmitted to and stored on a Google server in the USA. The provider of this website has no control over this data transfer after Google Maps has been activated.
More information on how user data is handled can be found in Google's privacy policy: https://www.google.de/intl/de/policies/privacy/.
OpenStreetMap
We use the map service from OpenStreetMap (OSM). The provider is the OpenStreetMap Foundation (OSMF), 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom.
When you visit a website that integrates OpenStreetMap, your IP address and other information about your activity on that website are transmitted to the OSMF. OpenStreetMap may store cookies in your browser for this purpose. These are text files that are stored on your computer and enable an analysis of your website usage. You can prevent the storage of cookies by adjusting your browser settings; however, please note that in this case you may not be able to fully utilize all the functions of this website.
Furthermore, your location may be recorded if you have allowed this in your device settings – for example, on your mobile phone. The provider of this website has no influence on this data transmission. For details, please refer to the OpenStreetMap privacy policy at the following link: https://wiki.openstreetmap.org/wiki/Privacy_Policy.
The use of OpenStreetMap is in our legitimate interest in presenting our online services in an appealing manner and ensuring that the locations we specify on the website are easy to find. This constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR.
Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
reCAPTCHA is used to verify whether data entry on our websites (e.g., in a contact form) is done by a human or an automated program. To do this, reCAPTCHA analyzes the website visitor's behavior based on various characteristics. This analysis begins automatically as soon as the visitor enters the website. For the analysis, reCAPTCHA evaluates various pieces of information (e.g., IP address, the visitor's time spent on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analysis runs entirely in the background. Website visitors are not notified that an analysis is taking place.
Data processing is carried out on the basis of Article 6(1)(f) GDPR. The website operator has a legitimate interest in protecting its web services from abusive automated data scraping and spam.
For more information about Google reCAPTCHA and Google's privacy policy, please see the following links: https://policies.google.com/privacy?hl=de and https://www.google.com/recaptcha/intro/android.html. Source: https://www.e-recht24.de
