PRIVACY POLICY
1. Data Controller:
The data controller within the meaning of the General Data Protection Regulation (GDPR) responsible for the processing of personal data on this website is:
Tilia Udelhoven
Theodor-Storm-Str. 38
33378 Rheda-Wiedenbrück
Germany
Email: info@tiliaudelhoven.com
Phone: +49 177 1479022
2. General Information on Data Processing:
Personal data of users of this website is processed only to the extent necessary to ensure the proper functioning of the website and to provide our content and services. The processing of personal data is carried out in accordance with the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG-neu).
3. Server-Logfiles:
When accessing this website, the hosting provider IONOS SE automatically collects and stores information in so-called server log files that your browser transmits. This information includes: the device’s IP address, the date and time of access, the name and URL of the accessed file, the website from which the access originates (referrer URL), the browser type and version, and the device’s operating system.
IONOS processes these data on our behalf. Storage is carried out to ensure the functionality, security, and stability of the website (legal basis: Art. 6(1)(f) GDPR – legitimate interest). The log files are generally deleted automatically after 8 weeks.
The data are not merged with other data sources or disclosed to third parties. A data processing agreement in accordance with Art. 28 GDPR has been concluded with IONOS.
4. Contact Form:
If you contact us via the contact form, the data you provide (name, email address, message, and any additional information) will be processed to handle your inquiry.
The legal basis for this processing is Art. 6(1)(b) GDPR (performance of a contract or pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in effective communication).
The data will be deleted once your inquiry has been fully processed, provided that no statutory retention obligations apply.
5. Review Form:
If you submit feedback via the review form, we process and store the data provided therein (e.g. name, review text, and, if applicable, email address) for the purpose of publication or internal evaluation.
The legal basis for this processing is Art. 6(1)(a) GDPR (consent) or Art. 6(1)(f) GDPR (legitimate interest in obtaining feedback and improving the quality of our services).
The data will be deleted as soon as they are no longer required for the stated purposes or if consent given is withdrawn.
6. Fonts (local integration)
Fonts are embedded locally on this website. The font “Montserrat” is installed locally on the web server, ensuring that no connection to external servers (such as Google Fonts) is established. In this context, no personal data is transmitted to third parties.
7. Accessibility
Accessibility (Ally / Elementor): This website uses the “Ally” plugin to enhance accessibility. Ally is a product of Elementor Ltd., Tuval Street 40, Ramat Gan, Israel.
Processing is carried out on the basis of our legitimate interest pursuant to Art. 6 (1) (f) GDPR in ensuring that our website is accessible.
Elementor acts as a sub-processor in this context. Technically necessary access data (e.g., IP address, browser information) may be processed in this process. No further processing or transfer of personal data takes place. Further information on data protection at Elementor can be found at: https://elementor.com/about/privacy/.
8. Cookies, analytics tools, and external content:
This website does not use tracking, analytics, or marketing cookies. No external content (such as Google Fonts, YouTube, Google Maps, or social media plugins) is integrated.
Only functional components that are technically necessary for the operation of the website are used. These include, for example, components for displaying multilingual content (WPML) or for improving accessibility (Ally). In this context, technically necessary cookies (e.g. for storing the selected language) as well as technical access data may be processed.
Personal data is not disclosed for advertising or analytical purposes.
9. Your rights as a data subject:
Under the GDPR, you have the following rights: the right of access to your personal data (Art. 15 GDPR),
the right to rectification of inaccurate or incomplete data (Art. 16 GDPR), the right to erasure (“right to be forgotten”) (Art. 17 GDPR), the right to restriction of processing (Art. 18 GDPR), the right to object to processing (Art. 21 GDPR), and the right to data portability (Art. 20 GDPR). You also have the right to complain to a competent supervisory authority.
10. Competent supervisory authority:
The competent supervisory authority is the data protection authority of the federal state of North Rhine-Westphalia:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW)
Kavalleriestraße 2–4
40213 Düsseldorf
Germany
https://www.ldi.nrw.de
11. Security of data processing:
We implement appropriate technical and organisational security measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or unauthorised access. These security measures are reviewed regularly and adapted in line with technological developments.
12. Changes to this privacy policy:
We reserve the right to amend this Privacy Policy in order to ensure ongoing compliance with current legal requirements or to reflect changes to our services. The current version published on this website shall apply.