Privacy Policy
1. Data Protection at a Glance
General Information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data refers to all data that can be used to identify you personally. Detailed information on the subject of data protection can be found in the privacy policy listed below this text.
Data Collection on This Website
Who is responsible for data collection on this website? Data processing on this website is carried out by the website operator. The operator’s contact details can be found in the section “Information about the responsible party” in this privacy policy.
How do we collect your data? Your data is collected partly when you provide it to us. This may include data you enter into a contact form.
Other data is collected automatically or after your consent when you visit the website through our IT systems. These are primarily technical data (e.g. internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter the website.
What do we use your data for? Some of the data is collected to ensure the website is provided without errors. Other data may be used to analyse your user behaviour. If contracts can be concluded or initiated via the website, the transmitted data will also be processed for contract offers, orders, or other service requests.
What rights do you have regarding your data? You have the right at any time to receive information free of charge about the origin, recipient and purpose of your stored personal data. You also have the right to request correction or deletion of this data.
If you have given consent for data processing, you may withdraw this consent at any time for the future. You also have the right, under certain circumstances, to request the restriction of processing of your personal data.
You also have the right to lodge a complaint with the competent supervisory authority.
You may contact us at any time if you have further questions about data protection.
2. Hosting
We host the content of our website with the following provider:
Squarespace
The provider is Squarespace Ireland Ltd., Le Pole House, Ship Street Great, Dublin 8, Ireland.
Squarespace is a tool for building and hosting websites. When you visit our website, your data is processed on Squarespace servers. Personal data may also be transmitted to the parent company Squarespace Inc., 8 Clarkson St, New York, NY 10014, USA.
Squarespace also stores cookies necessary for displaying the site and ensuring security.
The use of Squarespace is based on Art. 6 (1)(f) GDPR, as we have a legitimate interest in presenting our website as reliably as possible. If consent has been requested, processing occurs solely on the basis of Art. 6 (1)(a) GDPR and Section 25 TDDDG.
Data transfers to the USA rely on EU Commission standard contractual clauses.
Squarespace is also certified under the EU-US Data Privacy Framework (DPF), which ensures compliance with European data protection standards.
Data Processing Agreement
We have concluded a data processing agreement with Squarespace to ensure that personal data is processed only according to our instructions and in compliance with GDPR.
3. General Information and Mandatory Disclosures
Data Protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.
When you use this website, various personal data are collected. Personal data refers to data that can personally identify you.
This privacy policy explains:
what data we collect
what we use it for
how and for what purpose this happens
Please note that data transmission on the internet (for example via email communication) may have security gaps. Complete protection of data from third-party access is not possible.
Information About the Responsible Party
The responsible party for data processing on this website is:
Stefanie Sycholt Dachauer Strasse 114 80636 Munich Germany
Telephone: +49 (0)171 3410413 Email: stefanie@sycholt.com
The responsible party is the natural or legal person who decides on the purposes and means of processing personal data.
Data Retention
Unless a more specific storage period is stated in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies.
If you request deletion or withdraw consent, your data will be deleted unless legal retention obligations apply (e.g., tax or commercial law retention periods).
Legal Basis for Data Processing
If you have given consent, your data will be processed on the basis of:
Art. 6 (1)(a) GDPR (consent)
Art. 9 (2)(a) GDPR (special categories of data)
If data is transferred to third countries, this may also rely on Art. 49 (1)(a) GDPR.
If cookies or device information are stored, processing may also be based on Section 25 TDDDG.
Data may also be processed if necessary:
to fulfil a contract (Art. 6 (1)(b) GDPR)
to comply with legal obligations (Art. 6 (1)(c) GDPR)
due to legitimate interests (Art. 6 (1)(f) GDPR)
Recipients of Personal Data
As part of our business activities, we work with various external parties. Personal data may sometimes be transferred to these parties.
We only share personal data when:
it is necessary for fulfilling a contract
we are legally obligated to do so
we have a legitimate interest
another legal basis permits it
When processors are used, data is shared only under a valid data processing agreement.
Withdrawal of Consent
Many data processing operations are only possible with your explicit consent. You can withdraw previously granted consent at any time. The legality of processing carried out before the withdrawal remains unaffected.
Right to Object (Art. 21 GDPR)
If data processing is based on legitimate interests or public interest, you have the right to object at any time for reasons related to your particular situation.
If personal data is processed for direct marketing, you have the right to object at any time. After objection, your personal data will no longer be used for marketing purposes.
Right to Lodge a Complaint
If there are violations of GDPR, affected individuals have the right to lodge a complaint with a supervisory authority, particularly in the EU country of their residence or workplace.
Right to Data Portability
You have the right to receive data processed based on your consent or contract in a machine-readable format or have it transferred to another controller where technically feasible.
Right to Information, Correction and Deletion
You have the right at any time to receive information about:
your stored personal data
its origin
its recipients
the purpose of processing
You may also request correction or deletion.
Right to Restrict Processing
You have the right to request restriction of processing if:
you dispute the accuracy of the data
the processing is unlawful
the data is no longer needed but required for legal claims
you have objected to processing and a balancing of interests is pending
If processing is restricted, the data may only be stored or processed with your consent or for legal claims or public interest reasons.
4. Plugins and Tools
YouTube with Enhanced Privacy
This website embeds videos from YouTube, operated by Google Ireland Limited, Dublin.
When visiting a page with a YouTube video:
a connection to YouTube servers is established
YouTube learns which pages you visited
If logged into YouTube, browsing behaviour may be linked to your profile. Logging out prevents this.
We use YouTube’s enhanced privacy mode, which means:
videos are not used to personalise browsing
ads are not personalised
cookies are not set
However, local storage elements may be stored in your browser for recognition purposes.
YouTube is used in the interest of presenting our online content attractively (Art. 6 (1)(f) GDPR).
Further information: https://policies.google.com/privacy
Google is also certified under the EU-US Data Privacy Framework.