Privacy Policy

Person responsible for data processing

Insofar as personal data are involved, the person responsible for their processing within the meaning of Art. 4 (7) of the General Data Protection Regulation [GDPR] is:

Nina Hegendörfer
Herbststr. 39
D-82194 Gröbenzell

You can contact me at the above address with all questions relating to data protection concerning my activities and my online presence.

General information

The protection of your personal data and privacy is of particular concern to me. Personal data collected when visiting my website is processed confidentially and in accordance with the provisions of the EU General Data Protection Regulation [GDPR].

When using this website, personal data may be collected. Personal data is data by means of which you can be personally identified.

In general, I will delete data when further storage is no longer necessary and if there are no statutory retention requirements to the contrary.

Your data will not be transferred to third parties unless I am legally obliged to do so or this is necessary for processing your enquiry or order. As far as external service providers come into contact with your personal data, I have taken legal and technical measures to ensure that they comply with the provisions of the data protection legislation.

Statutory basis

Insofar as I obtain the consent of the data subject for processing operations of personal data, Art. 6 (1) lit. a GDPR shall serve as legal basis. 

If an interested party contacts me, e.g. in the context of a business enquiry, the data provided (e.g. name, email address, telephone number, etc.) will be processed in order to respond to the enquiry. The legal basis for this processing is the fulfilment of a contract or the implementation of pre-contractual measures, Art. 6 para. 1 lit. b GDPR.

Insofar as the processing of personal data is necessary for the compliance with a legal obligation to which I am subject, Art. 6 para. 1 lit. c GDPR shall serve as the legal basis.

If the processing is necessary to protect my legitimate interest or that of a third party and the interests, fundamental rights and freedoms of the data subject do not supersede the first-mentioned interest, Art. 6 (1) lit. f DSGVO serves as the legal basis for the processing.

Your rights

I would like to point out the rights of information and other rights of the data subjects, which are regulated by the GDPR in Art. 12 – 23. In short, you have the following rights:

  • Right of access
  • Right to rectification
  • Right of erasure (or ‘right to be forgotten’)
  • Right to restriction of processing
  • Right to data portability
  • Right to object the processing of your personal data
  • Right to withdraw consent

I would like to point out that data subjects may lodge a complaint with the responsible supervisory authority in accordance with Art. 77 of the GDPR. The responsible authority in Bavaria is the Bavarian State Office for Data Protection Supervision (BayLDA).

Access data / server log files

Each time a file is accessed from the server on which this website is physically stored, access data is stored in the server’s log files. Each data record consists of:

  • the page from which the file was requested
  • the name of the file
  • the date and time of the request
  • the amount of data transferred
  • the access status (file transferred, file not found, etc.)
  • a description of the type of web browser used (user agent)
  • requesting domain
  • requesting IP address, anonymised

The stored data is evaluated by the hoster exclusively for statistical purposes and, if necessary, for troubleshooting or security purposes.

Secure e-mail transmission with digital S/MIME certificates

I use S/MIME technology for the electronic transmission of data by e-mail in order to digitally sign and encrypt my messages. Digitally signing an e-mail proves authenticity and prevents manipulation. This assures the recipient of the e-mail that the e-mail originates from me and not from a third party, and that the content of the e-mail was not changed during transmission. Encrypting an e-mail ensures the privacy of the message and prevents sensitive data from getting into the wrong hands.

Encryption / HTTPS

The transmission of data between your computer and my website and vice versa is always encrypted via SSL / TLS. The same applies to the transmission of data between your computer and my upload portal.
I would like to point out that data transmission on the Internet can, in principle, be subject to security gaps.

Complete protection of data against access by third parties is not possible.

Cookies / user tracking / use of analytical tools

This website does not use cookies; user tracking or analysis does not take place.

User profiles / upload portal

I do not create user profiles of any users of this website.

However, customers who need to transfer larger amounts of data to me as part of a contractual relationship can obtain and use an account on my upload portal within the scope of our cooperation. In this case, the processing of personal data is limited to the storage of the user’s e-mail address.


This website uses a map section of the open source tool “OpenStreetMap” (OSM). OSM does not store any user data. You can find further details at under the section ‘Legal_FAQ’.

Changes to my privacy policy

I reserve the right to occasionally adapt this Privacy Policy to ensure that it always complies with the current legal requirements. If sections or individual terms of this Policy do not comply, no longer comply or do not fully comply with applicable law, the content and validity of the other parts of the policy remain unaffected by this.