Legal - Privacy Policy

Welcome and Introduction

We are pleased about your visit to our website and assure you that we take the protection of your privacy very seriously. We process your data exclusively on the basis of the legal provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). In this privacy policy, we inform you in detail about what happens to your data when you visit our website or use our services.

1. Controller and Contact

The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:

45level GmbH
Thomas Zeutschler
Hobirkheide 23
45149 Essen
Germany

Email: info@45level.com
Website: www.45level.com

The controller responsible for the processing of personal data is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

2. General Information on Data Processing

2.1 Scope of Processing Personal Data

We generally collect and use personal data of our users only to the extent necessary to provide a functional website as well as our content and services. The collection and use of personal data of our users is regularly carried out only with the user's consent. An exception applies in cases where prior obtaining of consent is not possible for factual reasons and the processing of data is permitted by legal regulations.

2.2 Legal Basis for Processing

Where we obtain consent from the data subject for processing operations of personal data, Article 6(1)(a) GDPR serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.

Where processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Article 6(1)(c) GDPR serves as the legal basis.

If processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the aforementioned interest, Article 6(1)(f) GDPR serves as the legal basis for processing.

2.3 Data Deletion and Storage Period

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject.

2.4 SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator, this website uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

3. Data Collection When Visiting Our Website

3.1 Server Log Files

When you use our website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to our server (so-called "server log files"). When you access our website, we collect the following data:

• Our visited website (URL)
• Date and time at the time of access
• Amount of data sent in bytes
• Source/referrer from which you reached the page
• Browser used and its version
• Operating system used
• IP address used (if applicable, in anonymized form)

Processing is carried out in accordance with Article 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website and ensuring system security.

Storage period: The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of collecting data to provide the website, this is the case when the respective session has ended. The data is deleted at the latest after 7 days.

4. Cookies

4.1 General Information on Cookies

In order to make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your end device.

Some of the cookies we use are deleted after the end of the browser session (session cookies). Other cookies remain on your end device and enable us to recognize your browser on your next visit (persistent cookies).

4.2 Categories of Cookies

Technically Necessary Cookies (Essential Cookies):
These cookies are absolutely necessary for the operation of the website and cannot be deactivated.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in providing technical functionality)

4.3 Managing Cookies

You can set your browser to inform you about the setting of cookies and decide individually about their acceptance.

Please note: If you do not accept cookies, the functionality of our website may be limited.

5. Contact and Communication

5.1 Contact Form and Email Contact

When you contact us (e.g. via contact form or email), personal data is collected. This data is stored and used exclusively for the purpose of responding to your request.

Legal basis:

• Article 6(1)(f) GDPR (legitimate interest in responding to your inquiry)
• Article 6(1)(b) GDPR (if your contact is aimed at concluding a contract)

Storage period: Your data will be deleted after final processing of your inquiry (usually 6 months after completion of correspondence).

6. Newsletter and Direct Marketing

6.1 Newsletter Dispatch

If you would like to receive our newsletter, we require an email address from you as well as information that allows us to verify that you are the owner of the specified email address.

Double Opt-In Procedure: We use the so-called double opt-in procedure. This means that after you register, we will send you an email in which we ask you to confirm that you wish to receive the newsletter.

Legal basis: Article 6(1)(a) GDPR (consent)

Revocation: You can unsubscribe from the newsletter at any time via the link provided in the newsletter.

7. Analytics Tools and Tracking

7.1 Google Analytics 4

This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter "Google").

How it works:

Google Analytics allows us to analyze the use of our website. Google Analytics uses so-called "cookies", which are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.

IP Anonymization:

We have activated IP anonymization on this website. As a result, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there.

Processed Data:

Google Analytics collects the following data, among others:

• Referrer (previously visited website)
• Requested web page or file
• Browser type and browser version
• Operating system used
• Device type used
• Time of access
• IP address in shortened form (no clear identification possible)

Legal Basis:

The use of Google Analytics is based on Article 6(1)(a) GDPR (consent via cookie banner). You can withdraw your consent at any time with effect for the future by deactivating Google Analytics via our cookie consent tool.

Data Transfer to the USA:

Google is certified under the EU-US Data Privacy Framework. This means that Google is committed to complying with EU data protection standards. For more information, please visit: Data Privacy Framework

Storage Period:

The data we send and link to cookies is automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month.

Objection to Data Collection:

You can prevent collection by Google Analytics by downloading and installing the browser plugin available at the following link: Google Analytics Opt-Out

Data Processing Agreement:

We have concluded a data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Google Signals:

We use Google Signals. When you visit our website, Google Analytics collects your location, search history, YouTube history and demographic data (visitor data), among other things. This data can be used for personalized advertising with the help of Google Signals. The legal basis is Article 6(1)(a) GDPR.

Further Information: Google Privacy Policy

8. Social Media and External Content

8.1 Links to Social Media

Our website contains links to the following social media platforms:

• LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)
• Medium (A Medium Corporation, 548 Market St, PMB 42061, San Francisco, CA 94104, USA)

These are designed as simple links. No automatic transmission of user data to the operators of these platforms takes place. Data transmission only occurs when you actively click on the link and are redirected to the respective platform.

As soon as you click on one of these links, you leave our website and are redirected to the respective platform. From this point on, the privacy policies of the respective provider apply:

• LinkedIn Privacy Policy: https://www.linkedin.com/legal/privacy-policy
• Medium Privacy Policy: https://policy.medium.com/medium-privacy-policy-f03bf92035c9

We have no influence on the scope and further use of data collected by the operators of these platforms. Please contact the respective providers directly for information about their data protection practices.

9. Your Rights as a Data Subject

You have the following rights with regard to personal data concerning you:

9.1 Right of Access (Article 15 GDPR)

You have the right to obtain from us confirmation as to whether personal data concerning you is being processed.

9.2 Right to Rectification (Article 16 GDPR)

You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you.

9.3 Right to Erasure (Article 17 GDPR)

You have the right to obtain from us the erasure of personal data concerning you without undue delay.

9.4 Right to Restriction of Processing (Article 18 GDPR)

You have the right to obtain from us restriction of processing.

9.5 Right to Data Portability (Article 20 GDPR)

You have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format.

9.6 Right to Object (Article 21 GDPR)

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you.

9.7 Right to Lodge a Complaint with a Supervisory Authority (Article 77 GDPR)

You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.

Competent supervisory authority for North Rhine-Westphalia:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Kavalleriestraße 2-4
40213 Düsseldorf
Germany
Phone: +49 211 38424-0
Email: poststelle@ldi.nrw.de
Website: https://www.ldi.nrw.de

10. Data Security

We use the widespread SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser when you visit our website. This is usually 256-bit encryption.

Furthermore, we use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties.

11. Data Transfer to Third Countries

If we process data in a third country (i.e. outside the European Union or the European Economic Area), this only takes place if it is done to fulfill our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests.

12. Minors

Our offer is not directed at persons under 16 years of age. We do not knowingly collect personal data from children under 16 years of age.

13. Changes to This Privacy Policy

We reserve the right to update this privacy policy from time to time in order to adapt it to changed legal situations or in the event of changes to our services and data processing.

14. Contact for Data Protection Inquiries

For questions about data protection, to exercise your rights or for complaints, please contact us at:

45level GmbH
Attn: Data Protection
Hobirkheide 23
45149 Essen
Germany
Email: info@45level.com