Schnaase Interior Design Consultancy GmbH
We take the protection of your personal data seriously and observe the statutory provisions regarding data protection and data security. Below, you will find information about the way we collect and process personal data when people use our website. Although, for better readability, we use the male form in the text, the information and statements apply equally to members of all sexes.
The controller responsible for processing your data collected via the website is
Mrs Birgit Schnaase, Managing Director,
Schnaase Interior Design Consultancy GmbH,
Hafentor 2, 20459 Hamburg,
Tel. 040 / 410 77 21, Fax 040 / 410 77 25
Pursuant to the General Data Protection Regulation (GDPR, Art. 13 (1) lit. (c)), we must inform you of the legal basis for data processing on our websites and of the purposes of the corresponding data processing. Such data processing is permitted on different legal bases. In addition to express consent (Art. 6 (1) clause 1 lit. (a) GDPR) other legal bases are definitive: processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Art. 6 (1) clause 1 lit. (b) GDPR) or pursuant to § 28 (1) clause 1 no. 1 of the German Federal Data Protection Act (BDSG); processing shall also be lawful if it is necessary in order to safeguard the legitimate interests of the controller or of a third party, provided the interests or fundamental rights and fundamental freedoms of the data subject, which make the protection of personal data necessary, prevail, in particular if the data subject is a minor (Art. 6 (1) clause 1 lit. (f) GDPR); ultimately, processing shall also be lawful if it is necessary for the fulfilment of a legal obligation.
When you use our websites, we collect and store the IP address allocated to your computer in order to transfer the content you wish to access from our website to your computer (e.g. text, graphics and images, and to enable you to download hosted files etc.). For communication purposes, your full IP address is processed and stored only for the period that you visit our website, after which it is automatically deleted. The legal basis is Art. 6 (1) lit. (b) GDPR.
Furthermore, we collect and process information about the use of our websites, e.g. the type of browser used and the date and time our websites are visited. We process this data for the purpose of optimising our websites and for analysing the market.
In the course of using our websites you can receive/request messages and information on certain subjects from us by e-mail. For this purpose, we collect your name, your e-mail address and, upon request, also your postal address. We use this data to send you the desired information by e-mail or by post. One prerequisite for sending such messages is your consent pursuant to Art. 6 (1) lit. (a) GDPR; another is the safeguarding of the legitimate interests of the controller as defined by Art. 6 (1) lit. (f).
For all types of enquiries we offer you, among other things, the option of contacting us using a contact form provided on the website. For this purpose, you must provide a valid e-mail address and your name, so that we know who has sent us the enquiry and to enable us to answer it. You may give further details voluntarily. Further options for contacting us are telephone, telefax, e-mail, website and post. The data that you provide via these channels (e.g. your name, address, telephone number, e-mail address etc.) is used for the purpose of processing the contact. The legal bases here are Art. 6 (1) lit. (a) GDPR and § 13 (2) of the German Telemedia Act (TMG).
The interactions listed below that are used by us are performed on the basis of Art. 6 (1) clause 1 lit. (f) GDPR.
Our website uses a CDN (Content Delivery Network) from Cloudflare Inc., with its registered office in the USA at 101 Townsend St., San Francisco, CA 94107 firstname.lastname@example.org. All data that is transferred to or from this website (including your IP address) is processed via the Cloudflare network. To do this, Cloudflare uses so-called “cookies”. The information generated by the cookie about your use of this website is buffered and logged both within and outside the European Union. According to information provided by Cloudflare, the buffered data is deleted within 4 hours, but at the latest after one week. You can find further information in Cloudflare’s data protection declaration at: https://www.cloudflare.com/security-policy. By using our website, you are agreeing to the processing of the data collected about you by Cloudflare, and its purpose, in the manner described above.
Our website uses Bootstrap. This is a framework for displaying our content. The information generated and used by Bootstrap is not used for other purposes and is deleted immediately. By using our website, you are agreeing to the processing of the data collected about you, and its purpose, in the manner described above.
Services that we use on our website sometimes set third-party cookies. Third party cookies are cookies from third-party service providers that are stored by websites other than those you are currently visiting. These cookies are placed on our website by third-party service providers as a result of the integration of services, images or other elements. As described above, you can change your browser’s settings such that the acceptance of third party cookies is declined.
We utilise contracted service providers in order to provide our services. For these purposes, we forward data, e.g. address data, that we collect and use in the aforementioned context, in order to facilitate the sending of post and information, for instance. Information that we collect and use as described above can therefore, where appropriate, also be processed by third parties. However this only takes place to the extent that this is necessary for the purposes stated in this data protection declaration or if the third party is acting as an accountable service provider/contract data processor.
We carefully select and review the service providers to ensure that your personal privacy is preserved. The service providers may only use the data for the purposes that we specify. Your personal data will only be shared for the purpose of fulfilling the services that we offer. The legal basis is Art. 6 (1) clause 1 lit. (a) and (b) GDPR. Our legitimate interest in sharing the data lies in the fulfilment of the services offered to you.
Further processing and use of your personal data generally only takes place if a statutory regulation permits this or if you have consented to further data processing or use. In the event of further data processing for purposes other than those for which the data was originally collected, we will inform you of such other purposes before further data processing takes place and will provide you with further relevant information.
We delete or anonymize your personal data that we have collected or used, pursuant to the aforesaid provisions, as soon as it is no longer necessary and provided there are no statutory obligations to prevent this.
You have the right, pursuant to Art. 15 GDPR, to request information about your personal data that we have processed. In particular, you can request information about the purposes of data processing, the category of the personal data, the categories of the recipients with whom your data has been or will be shared, the planned duration of storage, the existence of the right to correction, deletion, limitation of or objection to processing, the existence of a right to complain, the origin of your data, if it has not been collected by us, and the existence of automated decision-making, including profiling and, where appropriate, meaningful information on the details.
You can, pursuant to Art. 16 GDPR, request the immediate correction of incorrect data or the completion of the personal data that we store.
Pursuant to Art. 17 GDPR you can request the deletion of the personal data that we store, provided that processing is not necessary for exercising the right to freedom of expression and information, for fulfilling a legal obligation, on grounds of public interest or for asserting, exercising or defending legal rights.
Art. 18 GDPR entitles you to limit the processing of your personal data, provided you are disputing the correctness of the data, or the processing is unlawful, but you refuse to have the data deleted and we no longer require the data, but you require the data for asserting, exercising or defending legal rights or you have filed an objection against processing pursuant to Art. 21 GDPR.
Pursuant to Art. 20 GDPR, you can request delivery of your personal data that you have provided to us in a structured, common and machine-readable format or request its transfer to another controller.
Art. 7 (3) GDPR states that you may revoke the consent you have given at any time. The consequence of this is that we may in future no longer continue to process the data that is subject to this consent.
Pursuant to Art. 77 GDPR, you can complain to a supervisory authority. For this purpose, you can normally approach the supervisory authority at your usual place of residence or workplace or at the registered office of our company. In Hamburg, this is the Hamburg Commissioner for Data Protection and Freedom of Information, Kurt-Schumacher-Allee 4, 20097 Hamburg, 6th floor, Tel.: 040 / 428 54 – 4040, e-mail: email@example.com
Where technically feasible and in accordance with standard practice, we use encryption procedures for the purpose of transmitting personal data. Furthermore, we make use of suitable technical and organisational security measures in order to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction and unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.