Privacy Policy

Introduction

With the following privacy policy, we would like to explain which types of your personal data (hereinafter also referred to as "data") we process, for what purposes, and to what extent. This privacy policy applies to all processing of personal data carried out by us, both in the course of providing our services and in particular on our websites, in mobile applications, and within external online presences such as our social media profiles (collectively referred to below as "online offering").

The terms used are gender-neutral.

Last updated: 22 April 2026

Table of Contents

Controller

Tim Adler
Torstr. 16b
22525 Hamburg

Email address: datenschutz@tim-adler.de

Overview of Processing Activities

The following overview summarizes the types of data processed and the purposes of processing and refers to the categories of data subjects affected.

Types of Data Processed

  • Inventory data.
  • Contact data.
  • Content data.
  • Usage data.
  • Metadata/communication data.

Categories of Data Subjects

  • Users.

Purposes of Processing

  • Provision of our online offering and user-friendliness.
  • Storing language and theme preferences in the browser.

Applicable Legal Bases

Below you will find an overview of the legal bases under the GDPR on which we process personal data. Please note that, in addition to the GDPR, national data protection provisions may apply in your or our country of residence or establishment. Should more specific legal bases apply in individual cases, we will inform you accordingly in this privacy policy.

  • Consent (Art. 6(1) sentence 1 lit. a GDPR) - The data subject has given consent to the processing of personal data concerning them for one or more specific purposes.
  • Performance of a Contract and Pre-contractual Inquiries (Art. 6(1) sentence 1 lit. b GDPR) - Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
  • Legitimate Interests (Art. 6(1) sentence 1 lit. f GDPR) - Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

In addition to the provisions of the GDPR, national data protection rules apply in Germany, in particular the Federal Data Protection Act (BDSG).

Security Measures

Taking into account legal requirements, the state of the art, implementation costs, and the nature, scope, context, and purposes of processing, as well as the varying likelihood and severity of risks to the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

These measures include, in particular, safeguarding the confidentiality, integrity, and availability of data by controlling physical and electronic access to data.

SSL encryption (https): To protect data transmitted via our online offering, we use SSL encryption.

Data Processing in Third Countries

If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)), or if processing takes place in the context of using third-party services or disclosing/transferring data to other persons, entities, or companies, this is done only in accordance with legal requirements.

Subject to explicit consent, contractual necessity, or legal obligation, we process or have data processed only in third countries with a recognized level of data protection.

Deletion of Data

Data processed by us is deleted in accordance with legal requirements as soon as consent permitting processing is withdrawn or other permissions no longer apply.

Provision of the Online Offering and Web Hosting

In order to provide our online offering securely and efficiently, we use one or more web hosting providers whose servers make the online offering available.

  • Types of data processed: Content data, usage data, metadata/communication data.
  • Data subjects: Users.
  • Purposes of processing: Provision of our online offering and user-friendliness.
  • Legal basis: Legitimate interests (Art. 6(1) sentence 1 lit. f GDPR).

Additional notes:

  • Collection of access data and log files: Server log files may include the addresses and names of retrieved pages and files, date and time of retrieval, transferred data volumes, status messages, browser type and version, user's operating system, referrer URL, and usually IP addresses.
  • render.com: Services in the field of IT infrastructure provisioning. Website: https://render.com; Privacy policy: https://render.com/privacy.

Local Storage in the Browser

We use local browser storage (localStorage) to persist your selected language (de/en) and theme (light/dark) across page views.

  • Types of data processed: Usage data, metadata/communication data.
  • Data subjects: Users.
  • Purposes of processing: User-friendliness and consistent presentation of the website.
  • Legal basis: Legitimate interests (Art. 6(1) sentence 1 lit. f GDPR).
  • Storage period: Until deleted by the user in the browser or until browser data is reset.
  • Note: No tracking cookies are set for this function.

Plugins and Embedded Functions and Content

We integrate functional and content elements into our online offering that are sourced from the servers of their respective providers.

  • Types of data processed: Usage data, metadata/communication data, inventory data, contact data, content data.
  • Data subjects: Users.
  • Purposes of processing: Provision of our online offering and user-friendliness.
  • Legal bases: Consent, performance of a contract and pre-contractual inquiries, legitimate interests.

Additional notes:

  • Adobe Fonts (Typekit): To render fonts, an external stylesheet from https://use.typekit.net is loaded. Technical connection data (e.g., IP address, browser information, request time) may be transmitted to Adobe. Privacy policy: https://www.adobe.com/privacy/policy.html.
  • YouTube embeds: Embedded YouTube videos may be displayed in individual now entries. When loading a page that contains an embedded video, a connection to YouTube/Google servers is established. Technical connection data (e.g., IP address, browser information, referrer) may be processed. Website: https://www.youtube.com; Privacy policy: https://policies.google.com/privacy.

No Web Analytics or Tracking Scripts

No web analytics or tracking scripts are currently actively integrated on this website. In particular, no audience measurement is performed using external analytics services.

Changes and Updates to the Privacy Policy

We ask you to review the content of our privacy policy regularly. We adapt the privacy policy as soon as changes in the data processing activities carried out by us make this necessary.

Rights of Data Subjects

As a data subject, you have various rights under the GDPR, in particular under Art. 15 to 21 GDPR.

  • Right to object: You have the right to object at any time to specific processing activities.
  • Right to withdraw consent: You have the right to withdraw consent at any time.
  • Right of access: You have the right to request information about personal data being processed.
  • Right to rectification: You have the right to request correction of inaccurate data.
  • Right to erasure and restriction of processing: Subject to legal requirements, you have the right to request erasure or restriction of processing.
  • Right to data portability: You have the right to receive data provided by you in a transferable format.
  • Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority.

Definitions

  • Personal data: Any information relating to an identified or identifiable natural person.
  • Controller: The natural or legal person deciding on the purposes and means of processing.
  • Processing: Any operation performed on personal data, with or without the aid of automated procedures.