Protecting your personal data is important to us. In this privacy policy, we inform you in accordance with Art. 13 and 14 GDPR about which personal data we process on vellinger-systems.com, for what purpose and on which legal basis, to whom we transfer it where applicable, how long we store it, and which rights you have as a data subject.
The data controller within the meaning of the GDPR and other data protection regulations is: Colin Velten Vahrenhorst Sole proprietor Akazienweg 27 33790 Halle (Westfalen) Germany Phone: +49 15679 659891 Email: v.vahrenhorst@vellinger-systems.com We have not appointed an external data protection officer in the absence of a legal obligation to do so.
We process personal data exclusively on the basis of statutory permission. The relevant legal bases are in particular Art. 6 (1) lit. a GDPR (consent), Art. 6 (1) lit. b GDPR (initiation and performance of a contract), Art. 6 (1) lit. c GDPR (legal obligation), and Art. 6 (1) lit. f GDPR (legitimate interest). The applicable legal basis is named with each individual processing activity below.
When you access our website, your browser automatically transmits information to the server, which is stored in server log files. The following data is recorded: anonymized IP address, date and time of access, amount of data transferred, browser type and version, operating system, referrer URL, and hostname. Legal basis: Art. 6 (1) lit. f GDPR. Our legitimate interest lies in the stable operation of the website, ensuring IT security (defense against attacks), and error analysis. Storage period: Logs are automatically deleted or anonymized after a maximum of 30 days.
This website generally does not set any cookies. Neither essential cookies, tracking cookies, nor third-party cookies are stored in your browser. Consent within the meaning of §§ 25 et seq. TDDDG is therefore not required. For the functionality of certain embedded third-party services (for example Cal.com when the booking interface is called up), cookies may be set by the respective provider for technical reasons. These are only set when the corresponding feature is actively used. Further information can be found in the respective sections below.
For audience measurement, we use Plausible Analytics, a privacy-friendly, EU-hosted web analytics service operated by Plausible Insights OÜ, Västriku tn 2, 50403 Tartu, Estonia. Plausible operates entirely without cookies, does not collect personal data within the meaning of the GDPR, does not create user profiles, and does not transfer data to third countries. Only aggregated statistics are recorded (page views, anonymized referrer, device category, country based on the IP address, which is not stored). Legal basis: Art. 6 (1) lit. f GDPR. Our legitimate interest lies in a privacy-friendly statistical analysis of usage behavior to optimize our offering.
This website is hosted by Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA. As part of providing the website, Vercel processes connection data (in particular IP address, request time, browser header information). For functions such as storing temporary booking states, we additionally use Vercel KV, a key-value storage service from Vercel. Legal basis: Art. 6 (1) lit. f GDPR. Legitimate interest: technically reliable and performant operation of the website. We have concluded a data processing agreement with Vercel pursuant to Art. 28 GDPR. Vercel is certified under the EU-US Data Privacy Framework (DPF); EU standard contractual clauses pursuant to Art. 46 (2) lit. c GDPR apply additionally.
When you contact us via the contact form, by email, or by telephone, we process the information you provide (in particular name, email address, company, message text, and where applicable telephone number) for the purpose of responding to your inquiry and, where applicable, for contract initiation. Legal basis: Art. 6 (1) lit. b GDPR (initiation or performance of a contract) or Art. 6 (1) lit. f GDPR (legitimate interest in answering general inquiries). Storage period: We store your data for as long as is necessary to respond to your inquiry and any follow-up questions. At the latest, we delete the data after expiration of statutory retention periods (typically six or ten years pursuant to §§ 147 AO, 257 HGB for contract-related correspondence).
For booking consulting appointments, we use the service Cal.com, operated by Cal.com, Inc., 2261 Market Street #4382, San Francisco, CA 94114, USA. When you book an appointment, the data you enter (name, email address, where applicable company and inquiry, and preferred appointment time) is transmitted to and processed by Cal.com in order to organize the appointment and send the associated confirmation and reminder emails. Legal basis: Art. 6 (1) lit. b GDPR (performance of pre-contractual measures). We have concluded a data processing agreement with Cal.com pursuant to Art. 28 GDPR. Cal.com is certified under the EU-US Data Privacy Framework (DPF); EU standard contractual clauses pursuant to Art. 46 GDPR apply additionally. Further information on data processing by Cal.com can be found at https://cal.com/privacy.
For sending transactional emails (for example confirmations after receipt of an inquiry, appointment confirmations, reminders), we use the service Resend operated by Resend, Inc., 2261 Market Street #5039, San Francisco, CA 94114, USA. As part of email delivery, your email address and the content of the respective email are transmitted to Resend and processed there for delivery. Legal basis: Art. 6 (1) lit. b GDPR (initiation and performance of a contract) or Art. 6 (1) lit. f GDPR (legitimate interest in reliable email delivery). We have concluded a data processing agreement with Resend pursuant to Art. 28 GDPR. Resend is certified under the EU-US Data Privacy Framework (DPF); EU standard contractual clauses apply additionally.
Some of the service providers we use (Vercel, Resend, Cal.com) are based in the United States of America. Data transfers to the USA therefore take place to the extent described above. The USA is considered a safe third country within the meaning of the GDPR pursuant to the European Commission's adequacy decision of 10 July 2023, provided that the respective recipients are certified under the EU-US Data Privacy Framework (DPF). All providers listed above are DPF-certified. EU standard contractual clauses pursuant to Art. 46 (2) lit. c GDPR apply additionally as a further safeguard.
We store personal data only for as long as is necessary for the respective processing purposes or as required by statutory retention periods. Once the purpose ceases to apply or the period expires, the data is routinely deleted or anonymized. Specific storage periods are named in the respective sections on the individual processing activities above.
You have the following rights against us with regard to your personal data: • Right of access (Art. 15 GDPR) • Right to rectification of inaccurate data (Art. 16 GDPR) • Right to erasure (Art. 17 GDPR) • Right to restriction of processing (Art. 18 GDPR) • Right to data portability (Art. 20 GDPR) • Right to withdraw consent given (Art. 7 (3) GDPR) with effect for the future • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR) The supervisory authority responsible for our company is: State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia, Postfach 20 04 44, 40102 Düsseldorf, Germany, https://www.ldi.nrw.de/. An informal notice to us is sufficient to exercise your rights (contact details see above under Data controller).
You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you that is based on Art. 6 (1) lit. f GDPR (legitimate interest). If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims. The objection can be made informally and sent to the contact details listed above.
We secure our website and other systems through technical and organizational measures against loss, destruction, unauthorized access, alteration, or distribution of your data. In particular, the transmission of all data between your browser and our website is secured by SSL/TLS encryption (recognizable by the lock icon and the https address).
This privacy policy is currently valid and has the editing status indicated under "As of". We reserve the right to amend it in the event of changes to our processing activities or new legal or regulatory requirements. The current version can be accessed at any time on this page.
For questions about data processing or to exercise your rights, contact us directly. We typically respond within one business day.
