Data Protection Declaration

General Information

As being responsible for this website, we take the protection of your personal data very seriously. We treat your personal data confidentiality in particular in accordance with the statutory data protection regulations. By using this website, various personal data is collected. Personal data is data that you can be personally identified with. This data protection declaration describes which data we collect and for what we use it. It also explains how and for what purpose this is done. We would like to point out that data transmission over the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.

Our website may be used without entering personal information. Different rules may apply to certain services on our site, however, and are explained separately below. We collect personal information from you (e.g. name, address, email address, telephone number, etc.) in accordance with the provisions of German data protection statutes. Information is considered personal if it can be associated exclusively to a specific natural person. The legal framework for data protection may be found in the German Federal Data Protection Act (BDSG) and the Telemedia Act (TMG). The provisions below serve to provide information as to the manner, extent and purpose for collecting, using and processing personal information by the provider.

Responsible for the website

Tilman Frick, Breitenfelder Str. 54, 20251 Hamburg, Germany

Responsible for data protection

Tilman Frick, Breitenfelder Str. 54, 20251 Hamburg, Germany
sayhello@tilman.io

Visiting our website

By visiting our website we process certain data of our visitors. What kind of data, on which legal basis, for what purpose and for how long we process, please read our subsequent data privacy policy.

Providing our website

By loading our webpage, some data is being stored in a web server protocol file:

  • Date and time of the request for the load of the web page
  • Size of the data package being transmitted within the connection
  • Type and version of the used browser as well as your IP address

Furthermore, we store the following information:

  • HTTP Method
  • Host name
  • URI of the request
  • HTTP Response Code
  • Referrer
  • User-Agent
  • Result, Edge Request-ID
  • Host Header, HTTP-Protocol, Time to first byte, x-forward header, SSL-Protocol and SSL cypher, Protocol version, FLE-Status, FLE encrypted fields.

The legal base for the processing of your IP address is Art. 6, para. 1, lit. f) GDPR. Our legitimate interest to store this data is based on the following purposes:

  • ensure a seamless connection establishment
  • ensure the smooth usage of our website / application
  • technical analysis of the system security and stability

Your IP address is generally not stored, we especially do not use it for analysing personal data. A full storage of the IP address would only happen so that we can track technical errors or hacker attacks. Our web servers are configured in a way that your IP address is deleted in a timely manner after your visit of our site.

This website is hosted by All-Inkl (Neue Medien Münnich, owner René Münnich, Hauptstraße 68, 02742 Friedersdorf). Details can be found in their privacy policy: https://all-inkl.com/datenschutzinformationen/. The legal base is Art. 6, para. 1, lit. f) GDPR.

Tracking

For web analytics, we use Pirsch Analytics. Pirsch Analytics is a cookie-free web analytics software that was developed according to the Privacy by Design principle. To analyze visitor flows, Pirsch Analytics uses a hashing algorithm to generate a 16-digit number as the visitor ID when the page request is received. The input values are the IP address, the user agent, the date and a salt.

The visitor's IP address is not persisted in whole or in part, and is anonymized completely and non-reversibly by the hash. The inclusion of the date and the use of one salt per website ensures that website visitors cannot be recognized for more than 24 hours and cannot be tracked across multiple websites. A rough localization (country/city) is performed via a locally integrated database.

Geolocation

To show you nearby places, we use your device's geolocation. This calculation happens entirely within your web browser, and we never send your location data to our servers. The legal base for the processing of your IP address is Art. 6, para. 1, lit. a) GDPR.

Rights according to legal data protection regulations

You have the right to request information, correction, deletion or blocking of your personal data. As far as you should request deletion of your personal data stored by us, we will execute your request without undue delay, unless legal duties for documentation or storage apply. You can object to the usage of your personal data for advertising or market research purposes or revoke given opt-ins at any time.

In case we process personal data of you, you are so called “affected” within the meaning of the General Data Protection Regulation (GDPR) and you have the following rights vis-à-vis the controller:

  • Right to information according to Art. 15 GDPR

You have the right to get information for free about your personal data stored by us at any time. Furthermore, you have the right to have your data provided to us transferred to yourself or a third party at any time.

  • Right to correct any information that is inaccurate or incomplete according to Art. 16 GDPR
  • Right to Deletion according to Art. 17 GDPR
  • Right to limitation of processing according to Art. 18 GDPR

At your request, we will correct, block or delete the personal data stored about you, provided that other statutory regulations (e.g. obligations to store data from the German Commercial Code) do not prevent this.

  • Right to data transferability according to Art. 20 GDPR

You have the right to get information about your personal data for free in a structured, current and readable format

  • Right of contradiction/revocation of permission according to Art. 21 GDPR

If you have given us your consent to process your personal data, you can revoke this at any time

  • Right of complaint to the national supervisory authority according to Art. 13 para. 2 lit. d) GDPR

Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State where you reside, work or suspect of infringement, if you believe that the processing of personal data concerning you is contrary to the GDPR.

The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy according to Art. 78 GDPR.

In order to process your request (please mail: sayhello@tilman.io), we are obliged to check your identity carefully. Please understand that we reserve the right - depending on the criticality of the data - to request further information or proof of identity. This serves in particular to protect your personal data from unauthorized access by third parties. We would like to point out that we reserve the right not to process requests that are received inappropriately frequently or without corresponding proof of identity. We will inform you of this in writing (via E-Mail).