Privacy Policy

1. Data Protection at a Glace

General Information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can identify you personally. Detailed information on data protection can be found in our privacy policy listed below.

Data Collection on this Website
Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. Their contact information can be found in the section “Information on the Responsible Party” in this privacy policy.

How do we collect your data?
Your data is collected partly by you providing it to us, for example, by entering data in a contact form. Other data is automatically collected by our IT systems when you visit the website or after you give consent. This mainly includes technical data (e.g., internet browser, operating system, or time of page access). Collection of this data occurs automatically as soon as you enter this website.

For what purposes do we use your data
Some data is collected to ensure the website is provided without errors. Other data may be used to analyze your user behavior. If contracts are concluded or initiated via the website, the data transmitted will also be processed for contract offers, orders, or other requests.

What rights do you have regarding your data?
You have the right at any time to obtain free information about the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you may revoke this consent at any time for the future. Furthermore, you have the right, under certain circumstances, to request the restriction of the processing of your personal data. Additionally, you have the right to lodge a complaint with the competent supervisory authority. You can contact us at any time for this or for further questions regarding data protection.

2. Hosting

External Hosting
This website is externally hosted. The personal data collected on this website is stored on the servers of the hosting provider. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access data, and other data generated through the website. External hosting is carried out to fulfill contracts with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of a secure, fast, and efficient provision of our online services by a professional provider (Art. 6(1)(f) GDPR). If consent is obtained, processing is based exclusively on Art. 6(1)(a) GDPR and §25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) in the sense of TDDDG. Consent can be revoked at any time. Our hosting provider will process your data only to the extent necessary to fulfill their service obligations and follow our instructions regarding this data.

Our hosting provider is:

JuraDigital GmbH
Kevenhüller Str. 4
92339 Beilngries

Order Processing
We have concluded a contract on order processing (AVV) for the use of the above-mentioned service. This is a legally required contract that ensures the personal data of our website visitors is processed only according to our instructions and in compliance with the GDPR.

3. General Information and Mandatory Notices

Data Protection
The operators of these pages take the protection of your personal data very seriously. We handle your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy. When you use this website, various personal data is collected. Personal data is data that can identify you personally. This privacy policy explains which data we collect and how we use it. It also explains the purpose and method of processing. Please note that data transmission over the Internet (e.g., via email communication) may have security gaps. Complete protection of data from access by third parties is not possible.

Information in the Responsible Party
The responsible party for data processing on this website is:

Marco Riccato
Winzererstraße 132
80797 München
Telefon: +49 1523 8758555
E-Mail: marco@holistic-balancing.com

The responsible party is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Storage Duration
Unless a more specific storage period is stated in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke consent for data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial retention periods); in such cases, deletion will occur after these reasons cease to apply.

Legal Basis for Data Processing
If you have consented to data processing, we process your personal data based on Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR if special categories of data are processed. In the case of explicit consent for the transfer of personal data to third countries, processing is also based on Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or access to information on your device (e.g., via device fingerprinting), data processing also occurs based on §25(1) TDDDG. Consent can be revoked at any time.

If your data is required to fulfill a contract or to carry out pre-contractual measures, we process your data based on Art. 6(1)(b) GDPR. Furthermore, we process your data if it is necessary to fulfill a legal obligation based on Art. 6(1)(c) GDPR. Data processing may also occur based on our legitimate interests under Art. 6(1)(f) GDPR.

Recipients of Personal Data
In the course of our business, we work with various external parties. Transmission of personal data to these external parties may be necessary. We only share personal data with external parties if it is necessary to fulfill a contract, if legally required (e.g., with tax authorities), if we have a legitimate interest in sharing the data under Art. 6(1)(f) GDPR, or if another legal basis permits the transfer. When using processors, we only share personal data based on a valid contract on order processing. In cases of joint processing, a contract on joint processing is concluded.

Revocation of Consent
Many data processing operations are only possible with your express consent. You can revoke already given consent at any time. The legality of data processing carried out before the revocation remains unaffected.

Right to Object
If data processing is based on Art. 6(1)(e) or (f) GDPR, you have the right to object at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. If personal data is processed for direct marketing purposes, you have the right to object at any time to such processing, including profiling related to direct marketing.

Right to Lodge a Complaint
In case of GDPR violations, you have the right to lodge a complaint with a supervisory authority, especially in your member state of habitual residence, workplace, or place of the alleged infringement.

Right to Data Portability
You have the right to receive data we process automatically based on your consent or in fulfillment of a contract in a structured, commonly used, and machine-readable format. If you request direct transmission to another controller, this will only occur if technically feasible.

Right to Access, Rectification, and Deletion
You have the right to obtain free information about your stored personal data, its origin, recipients, and the purpose of processing, as well as the right to correction or deletion of this data.

Right to Restrict Processing
You have the right to request restriction of the processing of your personal data. This applies in the following cases:

If you dispute the accuracy of your personal data stored with us.
If processing is unlawful but you oppose deletion.
If we no longer need your data, but you require it for asserting, exercising, or defending legal claims.
If you have objected under Art. 21(1) GDPR, pending the determination of whose interests prevail.

Restricted data may only be processed with your consent or for legal claims, protection of others, or important public interest reasons.

SSL/TLS Encryption
This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries. A secure connection is indicated by “https://” and a padlock icon in your browser.

4. Data Collection on this Website

Cookies
Our website uses “cookies,” which are small data packets and do not harm your device. They may be temporary (session cookies) or permanent. Session cookies are deleted after your visit. Permanent cookies remain until you delete them or your browser does so automatically. Cookies may come from us (first-party) or third parties (third-party). Third-party cookies enable integration of services like payment processing.

Cookies serve various functions: necessary for technical functions, analytics, or advertising. Necessary cookies are stored based on Art. 6(1)(f) GDPR unless another legal basis applies. Consent-based cookies are processed under Art. 6(1)(a) GDPR and §25(1) TDDDG; consent can be revoked at any time.

5. Plugins and Tools

YouTube with Enhanced Privacy Mode
This website embeds videos from YouTube. Operator: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Visiting pages with embedded YouTube videos establishes a connection to YouTube servers. If logged into your YouTube account, YouTube can link your behavior to your profile. To prevent this, log out of your YouTube account.

We use YouTube in enhanced privacy mode, which does not use data for personalizing ads. Local storage elements may still be saved for recognition purposes. More info: YouTube Privacy.

YouTube processing occurs in our legitimate interest under Art. 6(1)(f) GDPR. If consent is obtained, processing occurs under Art. 6(1)(a) GDPR and §25(1) TDDDG. You can revoke consent at any time.

EU-US Data Privacy Framework
The company is certified under the EU-US Data Privacy Framework (DPF), ensuring compliance with EU data standards in the US. Details: DPF Participants.

Source:
https://www.e-recht24.de
(original text in from German)