Bow Frog and Head

KLANG
GESTALTEN
MASTERPIECES OF CONTEMPORARY VIOLIN & BOW MAKING

Privacy Policy

KlangGestalten GbR is a German company, so legally relevant is our German privacy policy text in German language, which you can find HERE. For convenience reasons we also provide an English translation for you which you can find below:

Privacy Policy in accordance with GDPR

Name and Address of the Controller

The controller in the sense of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

KlangGestalten GbR
c/o Andreas Hampel (Managing Director)
Kronprinzenstr. 26
22587 Hamburg
Germany
Tel.: 040-391277
E-Mail: klanggestalten@hampel-geigenbau.de
Website: www.klanggestalten.de

Name and Address of the Data Protection Officer

The data protection officer of the controller is:

Andreas Hampel
KlangGestalten GbR
Kronprinzenstr. 26
22587 Hamburg
Germany
Tel.: 040-391277
E-Mail: klanggestalten@hampel-geigenbau.de
Website: www.klanggestalten.de

General Information on Data Processing

1. Scope of Processing of Personal Data

We process personal data of our users only to the extent necessary to provide a functional website and our content and services. Processing of personal data of our users generally takes place only after consent by the user. An exception applies in cases where prior consent cannot be obtained for factual reasons, and processing of the data is permitted by legal regulations.

2. Legal Basis for the Processing of Personal Data

Where we obtain consent from the data subject for processing operations involving personal data, Art. 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.

For the processing of personal data necessary for the performance of a contract to which the data subject is a party, Art. 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations necessary to carry out pre-contractual measures.

Where processing of personal data is necessary to comply with a legal obligation to which our company is subject, Art. 6(1)(c) GDPR serves as the legal basis.

If the processing is necessary to protect the vital interests of the data subject or another natural person, Art. 6(1)(d) GDPR serves as the legal basis.

If the processing is necessary to safeguard a legitimate interest of our company or a third party and this interest is not overridden by the interests, fundamental rights, and freedoms of the data subject, Art. 6(1)(f) GDPR serves as the legal basis for the processing.

3. Data Deletion and Storage Duration

Personal data of the data subject are deleted or blocked as soon as the purpose of storage ceases to apply. Further storage can take place if this has been provided for by European or national legislators in EU regulations, laws, or other provisions to which the controller is subject. Blocking or deletion of the data also occurs when a storage period prescribed by the aforementioned regulations expires unless there is a necessity for further storage of the data for the conclusion or performance of a contract.

Provision of the Website and Creation of Log Files/External Hosting

1. Description and Scope of Data Processing

We host the content of our website with the following provider:

MSISP
Blasewitzer Str. 41
01307 Dresden

External hosting is carried out to fulfill our contractual obligations to our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of providing our online offer securely, quickly, and efficiently by a professional provider (Art. 6(1)(f) GDPR).

The following data, which are automatically collected on this website upon each access, are stored on the host’s servers:

  • Date
  • Time
  • IP address (anonymized, the last three digits are replaced with x)
  • Target URL

Our host will process your data only to the extent necessary to fulfill its service obligations and follow our instructions regarding these data.

2. Order Processing

We have concluded a data processing agreement (DPA) for the use of the aforementioned service. This is a data protection agreement required by law to ensure that the provider processes personal data of our website visitors only according to our instructions and in compliance with the GDPR.

The data are also stored in the log files of our system. Not affected by this are the user’s IP addresses or other data that would allow the data to be associated with a user. Storage of these data together with other personal data of the user does not take place.

3. Legal Basis for Data Processing

The legal basis for the temporary storage of the data is Art. 6(1)(f) GDPR.

4. Purpose of Data Processing

Log files are essential for the security of the web server. They help to identify the source of an attack if the website is hacked.

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

5. Storage Duration

The data are deleted as soon as they are no longer necessary for the purpose for which they were collected. In the case of data collection for the provision of the website, this is the case when the respective session is ended.

In the case of data storage in log files and on the server of the host, this is the case after no more than seven days.

6. Possibility of Objection and Removal

The collection of data for the provision of the website and storage of data in log files is mandatory for the operation of the website. Therefore, there is no possibility for the user to object.

Use of Cookies

1. Description and Scope of Data Processing

Our website does not use cookies.

Newsletter

1. Description and Scope of Data Processing

On our website, you have the option to subscribe to a free newsletter. When registering for the newsletter, the data entered into the input form are transmitted to us.

Brevo

This website uses Brevo for sending newsletters. The provider is Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany.

Brevo is a service that organizes and analyzes newsletter distribution. The data you enter for newsletter subscription are stored on Sendinblue GmbH’s servers in Germany.

If you do not want Brevo to analyze your data, you must unsubscribe from the newsletter. We provide a corresponding link in each newsletter message.

Data Analysis by Brevo

Brevo allows us to analyze our newsletter campaigns. For example, we can see whether a newsletter message was opened and whether links were clicked.

If you do not want Brevo to analyze your data, you must unsubscribe from the newsletter. We provide a corresponding link in each newsletter message. Detailed information about Brevo’s features can be found at: https://www.brevo.com/de/.

1. Legal Basis for Data Processing

Data processing is based on your consent (Art. 6(1)(a) GDPR). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.

2. Storage Duration

The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you unsubscribe. Data stored by us for other purposes remain unaffected.

3. Possibility of Objection and Removal

After you unsubscribe from the newsletter distribution list, your email address may be stored in a blacklist by us or the newsletter service provider to prevent future mailings. Data from the blacklist will only be used for this purpose and not combined with other data. This serves both your interest and our interest in complying with legal requirements for newsletter distribution (legitimate interest under Art. 6(1)(f) GDPR). The storage in the blacklist is not time-limited. You can object to the storage if your interests outweigh our legitimate interest.

For more details, see Brevo’s privacy policy at: https://www.brevo.com/de/legal/privacypolicy/.

4. Order Processing

We have concluded a data processing agreement (DPA) with the aforementioned provider. This is a data protection agreement required by law to ensure that the provider processes personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Email Contact

1. Description and Scope of Data Processing

Contacting us via the provided email address is possible. In this case, the user’s personal data transmitted with the email will be stored.

In this context, no data will be passed on to third parties. The data will only be used for processing the conversation.

2. Legal Basis for Data Processing

The legal basis for the processing of data transmitted in the course of sending an email is Art. 6(1)(f) GDPR. If the email contact aims at concluding a contract, the additional legal basis for the processing is Art. 6(1)(b) GDPR.

3. Purpose of Data Processing

The processing of personal data transmitted by email serves us solely to handle the contact.

4. Storage Duration

The data will be deleted as soon as they are no longer necessary for achieving the purpose for which they were collected. This is the case when the respective conversation with the user has ended. The conversation is considered ended when it can be inferred from the circumstances that the matter has been conclusively resolved.

5. Possibility of Objection and Removal

The user has the option at any time to revoke their consent to the processing of personal data. If the user contacts us via email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

All personal data stored in the course of contacting us will be deleted in this case.