Subscribe

Cum sociis natoque penatibus et magnis
[contact-form-7 404 "Not Found"]

About Me

Vivamus elementum semper nisi. Aenean vulputate eleifend tellus. Aenean leo ligula, porttitor eu, consequat vitae, eleifend ac, enim. Aliquam lorem ante, dapibus in, viverra.

 

Data protection information

Schnaase Interior Design Consultancy GmbH

We take the protection of your personal data seriously and observe the statutory provisions regarding data protection and data security. Below, you will find information about the way we collect and process personal data when people use our website. Although, for better readability, we use the male form in the text, the information and statements apply equally to members of all sexes.

1. Controller

The controller responsible for processing your data collected via the website is

Mrs Birgit Schnaase, Managing Director,
Schnaase Interior Design Consultancy GmbH,
Goebenstraße 24, 20253 Hamburg,
Tel. +49 171 3428924, Fax 040 / 410 77 25
E-mail info@schnaase.de

 

2. Legal bases for data processing

Pursuant to the General Data Protection Regulation (GDPR, Art. 13 (1) lit. (c)), we must inform you of the legal basis for data processing on our websites and of the purposes of the corresponding data processing. Such data processing is permitted on different legal bases. In addition to express consent (Art. 6 (1) clause 1 lit. (a) GDPR) other legal bases are definitive: processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Art. 6 (1) clause 1 lit. (b) GDPR) or pursuant to § 28 (1) clause 1 no. 1 of the German Federal Data Protection Act (BDSG); processing shall also be lawful if it is necessary in order to safeguard the legitimate interests of the controller or of a third party, provided the interests or fundamental rights and fundamental freedoms of the data subject, which make the protection of personal data necessary, prevail, in particular if the data subject is a minor (Art. 6 (1) clause 1 lit. (f) GDPR); ultimately, processing shall also be lawful if it is necessary for the fulfilment of a legal obligation.

 

3. Use of our website

When you use our websites, we collect and store the IP address allocated to your computer in order to transfer the content you wish to access from our website to your computer (e.g. text, graphics and images, and to enable you to download hosted files etc.). For communication purposes, your full IP address is processed and stored only for the period that you visit our website, after which it is automatically deleted. The legal basis is Art. 6 (1) lit. (b) GDPR.

Furthermore, we collect and process information about the use of our websites, e.g. the type of browser used and the date and time our websites are visited. We process this data for the purpose of optimising our websites and for analysing the market.

 

4. Information and other messages

In the course of using our websites you can receive/request messages and information on certain subjects from us by e-mail. For this purpose, we collect your name, your e-mail address and, upon request, also your postal address. We use this data to send you the desired information by e-mail or by post. One prerequisite for sending such messages is your consent pursuant to Art. 6 (1) lit. (a) GDPR; another is the safeguarding of the legitimate interests of the controller as defined by Art. 6 (1) lit. (f).

 

5. Use of data for task fulfilment, contact form

For all types of enquiries we offer you, among other things, the option of contacting us using a contact form provided on the website. For this purpose, you must provide a valid e-mail address and your name, so that we know who has sent us the enquiry and to enable us to answer it. You may give further details voluntarily. Further options for contacting us are telephone, telefax, e-mail, website and post. The data that you provide via these channels (e.g. your name, address, telephone number, e-mail address etc.) is used for the purpose of processing the contact. The legal bases here are Art. 6 (1) lit. (a) GDPR and § 13 (2) of the German Telemedia Act (TMG).

 

6. Interaction with social networks and services

The interactions listed below that are used by us are performed on the basis of Art. 6 (1) clause 1 lit. (f) GDPR.

This website uses Google Web Fonts, provided by Google, in order to ensure the consistent display of fonts. When you open a page, your browser will download the necessary Web Fonts to your browser’s cache in order to correctly display text and fonts. For this purpose, the browser you are using needs to establish a connection with the Google servers. This means that Google will be able to find out that our website was accessed via your IP address. We use Google Web Fonts in the interest of a uniform and appealing presentation of our online services. This represents a legitimate interest as defined by Art. 6 (1) lit. (f) GDPR. If your browser does not support Web Fonts, one of the standard fonts on your computer will be used instead. You can find further information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.

This website sometimes uses the Google Maps service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. In order to use the Google Maps functions, it is necessary to store your IP address. This information is normally transferred to a Google server in the USA and stored there. As the provider of this website we have no influence on this transfer of data. We use Google Maps in the interest of an appealing presentation of our online services and to make it easier to find the places that we mention on our website. This represents a legitimate interest as defined by Art. 6 (1) lit. (f) GDPR. You can find further information about how user data is handled in Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/.

To show videos, we use the provider Vimeo, among others. Vimeo is operated by Vimeo, LLC, headquartered at 555 West 18th Street, New York, New York 10011. For this purpose, we sometimes use a plugin. When you open websites that use such a plugin, a connection is established with the Vimeo servers, which then allows the plugin to be displayed. Information about which of our websites you have visited will then be transmitted to the Vimeo server. If you are logged in at the time as a Vimeo member, Vimeo will assign this information to your personal user account. If you use the plugin, information will be assigned to your user account. You can prevent such assignment of information by logging out of your Vimeo account and deleting the corresponding Vimeo cookies before you use our website. Please visit Vimeo’s privacy policy at https://vimeo.com/privacy for information about the purpose and scope of data collection and how it is further processed and used by Vimeo, including the resulting rights and different settings available for protecting personal privacy.

Our website uses a CDN (Content Delivery Network) from Cloudflare Inc., with its registered office in the USA at 101 Townsend St., San Francisco, CA 94107 privacyquestions@cloudflare.com. All data that is transferred to or from this website (including your IP address) is processed via the Cloudflare network. To do this, Cloudflare uses so-called “cookies”. The information generated by the cookie about your use of this website is buffered and logged both within and outside the European Union. According to information provided by Cloudflare, the buffered data is deleted within 4 hours, but at the latest after one week. You can find further information in Cloudflare’s data protection declaration at: https://www.cloudflare.com/security-policy. By using our website, you are agreeing to the processing of the data collected about you by Cloudflare, and its purpose, in the manner described above.

Our website uses Bootstrap. This is a framework for displaying our content. The information generated and used by Bootstrap is not used for other purposes and is deleted immediately. By using our website, you are agreeing to the processing of the data collected about you, and its purpose, in the manner described above.

 

7. Cookies

We sometimes use cookies on our website. These are small files that are automatically generated and stored on your end user device (laptop, tablet smartphone or similar) when you visit our website. The cookie stores information associated with the respective specific end user device. On the one hand, cookies are used to make it more pleasant for you to use our website. For this purpose, we use session cookies. These are automatically deleted once you leave our website. It is necessary to use the data processed by the cookies for the stated purposes for safeguarding our legitimate interests and the interests of third parties pursuant to Art. 6 (1) clause 1 lit. (f) GDPR. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or to always display a message before a new cookie is stored. Completely deactivating cookies may, however, mean that you are unable to use all of the functions provided on our website.

Services that we use on our website sometimes set  third-party cookies. Third party cookies are cookies from third-party service providers that are stored by websites other than those you are currently visiting. These cookies are placed on our website by third-party service providers as a result of the integration of services, images or other elements. As described above, you can change your browser’s settings such that the acceptance of third party cookies is declined.

 

8. Transmission of data

We utilise contracted service providers in order to provide our services. For these purposes, we forward data, e.g. address data, that we collect and use in the aforementioned context, in order to facilitate the sending of post and information, for instance. Information that we collect and use as described above can therefore, where appropriate, also be processed by third parties. However this only takes place to the extent that this is necessary for the purposes stated in this data protection declaration or if the third party is acting as an accountable service provider/contract data processor.

We carefully select and review the service providers to ensure that your personal privacy is preserved. The service providers may only use the data for the purposes that we specify. Your personal data will only be shared for the purpose of fulfilling the services that we offer. The legal basis is Art. 6 (1) clause 1 lit. (a) and (b) GDPR. Our legitimate interest in sharing the data lies in the fulfilment of the services offered to you.

 

9. Other data usage, deletion of data

Further processing and use of your personal data generally only takes place if a statutory regulation permits this or if you have consented to further data processing or use. In the event of further data processing for purposes other than those for which the data was originally collected, we will inform you of such other purposes before further data processing takes place and will provide you with further relevant information.

We delete or anonymize your personal data that we have collected or used, pursuant to the aforesaid provisions, as soon as it is no longer necessary and provided there are no statutory obligations to prevent this.

 

10. Rights of data subjects

You have the right, pursuant to Art. 15 GDPR, to request information about your personal data that we have processed. In particular, you can request information about the purposes of data processing, the category of the personal data, the categories of the recipients with whom your data has been or will be shared, the planned duration of storage, the existence of the right to correction, deletion, limitation of or objection to processing, the existence of a right to complain, the origin of your data, if it has not been collected by us, and the existence of automated decision-making, including profiling and, where appropriate, meaningful information on the details.

You can, pursuant to Art. 16 GDPR, request the immediate correction of incorrect data or the completion of the personal data that we store.

Pursuant to Art. 17 GDPR you can request the deletion of the personal data that we store, provided that processing is not necessary for exercising the right to freedom of expression and information, for fulfilling a legal obligation, on grounds of public interest or for asserting, exercising or defending legal rights.

Art. 18 GDPR entitles you to limit the processing of your personal data, provided you are disputing the correctness of the data, or the processing is unlawful, but you refuse to have the data deleted and we no longer require the data, but you require the data for asserting, exercising or defending legal rights or you have filed an objection against processing pursuant to Art. 21 GDPR.

Pursuant to Art. 20 GDPR, you can request delivery of your personal data that you have provided to us in a structured, common and machine-readable format or request its transfer to another controller.

Art. 7 (3) GDPR states that you may revoke the consent you have given at any time. The consequence of this is that we may in future no longer continue to process the data that is subject to this consent.

Pursuant to Art. 77 GDPR, you can complain to a supervisory authority. For this purpose, you can normally approach the supervisory authority at your usual place of residence or workplace or at the registered office of our company. In Hamburg, this is the Hamburg Commissioner for Data Protection and Freedom of Information, Kurt-Schumacher-Allee 4, 20097 Hamburg, 6th floor, Tel.: 040 / 428 54 – 4040, e-mail: mailbox@datenschutz.hamburg.de

 

11. Data security

Where technically feasible and in accordance with standard practice, we use encryption procedures for the purpose of transmitting personal data. Furthermore, we make use of suitable technical and organisational security measures in order to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction and unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

 

12. Up-to-dateness and changes to this privacy policy

This privacy policy is currently valid and is dated May 2018. Technical developments and the development of our products and services – in particular of our websites – or changes to statutory or regulatory requirements may make it necessary to make changes to this privacy policy.