Privacy policy according to the GDPR
Name and address of the person responsible
The responsible person within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is
Astrological Coonsulting
Ralf-Ulrich Löw
Richard-Wagner-Str. 4
65812 Bad Soden am Taunus, Germany
Tel: +49 6196 768 738
Email: ralf@astrologie-loew.de
Website: https://astrologie-loew.de
Name and address of the data protection officer
The data protection officer of the responsible person is
Astrological Consulting
Ralf-Ulrich Löw
Richard-Wagner-Str. 4
65812 Bad Soden am Taunus, Germany
Tel: +49 6196 768 738
Email: ralf@astrologie-loew.de
Website: https://astrologie-loew.de
General information on data processing
Scope of the processing of personal data
We collect and use our users’ personal data only to the extent necessary to provide a functional website and our content and services. The collection and use of our users’ personal data only takes place regularly with the user’s consent. An exception applies in cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law.
Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.
If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.
Data erasure and storage duration
The personal data of the data subject will be erased or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
Links to other websites
This website contains links to other websites. This privacy policy only applies to this website. If you visit other websites from our site, please read the privacy policy on the linked site. There you will find information about what happens to your data / information.
Provision of the website and creation of log files
Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
Legal basis for data processing
The legal basis for the temporary storage of data is Art. 6 para. 1 lit. f GDPR.
Purpose of the data processing
The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.
These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f GDPR.
Duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
Objection and removal options
The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, the user has the following rights
Legal basis for data processing
The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR if the user has given consent.
The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 para. 1 lit. f GDPR. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
Purpose of the data processing
The processing of the personal data from the input mask serves us solely to process the contact. If you contact us by email, this also constitutes the necessary legitimate interest in processing the data.
The other personal data processed during the sending process is used to prevent misuse of the contact form and to ensure the security of our information technology systems.
Duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input screen of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
Possibility of objection and removal
The user has the option to withdraw their consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.
All personal data stored in the course of contacting us will be deleted in this case.
Rights of the data subject
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller
Right to information
You can request confirmation from the controller as to whether personal data concerning you is being processed by us.
If such processing is taking place, you can request the following information from the controller
(1) the purposes for which the personal data are processed;
(2) the categories of personal data being processed
(3) the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed
(4) the envisaged period for which the personal data concerning you will be stored, or, if specific information on this is not possible, the criteria used to determine that period
(5) the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing
(6) the existence of a right to lodge a complaint with a supervisory authority
(7) all available information about the origin of the data if the personal data is not collected from the data subject
(8) the existence of automated decision-making, including profiling, referred to in Art. 22 (1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.
Right to rectification
You have a right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you is incorrect or incomplete. The controller must make the rectification without undue delay.
Right to restriction of processing
You may request the restriction of the processing of personal data concerning you under the following conditions:
(1) if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
(2) the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead
(3) the controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims; or
(4) if you have objected to processing pursuant to Art. 21 (1) GDPR pending the verification whether the legitimate grounds of the controller override your grounds.
If the processing of personal data concerning you has been restricted, this data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
Right to erasure
You have the right to obtain from the controller the erasure of personal data concerning you without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
(1) The personal data concerning you are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
(2) You revoke your consent on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR and there is no other legal basis for the processing.
(3) You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
(4) The personal data concerning you has been processed unlawfully.
(5) The deletion of personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
(6) The personal data concerning you have been collected in relation to the offer of information society services referred to in Art. 8 (1) GDPR.
b) Information to third parties
Where the controller has made the personal data concerning you public and is obliged pursuant to Art. 17 (1) GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you as the data subject have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
Exceptions
The right to erasure does not apply if the processing is necessary
(1) to exercise the right to freedom of expression and information
(2) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
(3) for reasons of public interest in the area of public health pursuant to Art. 9 para. 2 lit. h and i and Art. 9 para. 3 GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 para. 1 GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
(5) for the establishment, exercise or defense of legal claims.
Right to information
If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.
You have the right to be informed of these recipients by the controller.
6. right to data portability
You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided, where
(1) the processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR and
(2) the processing is carried out by automated means.
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. The freedoms and rights of other persons must not be affected by this.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions.
The controller will no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
You have the option of exercising your right to object in connection with the use of information society services – notwithstanding Directive 2002/58/EC – by means of automated procedures that use technical specifications.
Right to revoke the declaration of consent under data protection law
You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Automated decision-making in individual cases, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
(1) is necessary for the conclusion or performance of a contract between you and the controller
(2) is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
(3) with your express consent.
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 (1) GDPR, unless Art. 9 (2) (a) or (g) GDPR applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.
With regard to the cases referred to in (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.
Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
Data protection for minors
This website is not intended for use by children under the age of 13. BrainsWorld UG does not knowingly collect personal data from children under the age of 13. If we learn that we have collected personal information from a child under the age of 13, we will delete that information from our systems.
Real Cookie Banner
The website uses Real Cookie Banner. Real Cookie Banner asks website visitors to consent to the setting of cookies and the processing of personal data. For this purpose, each website visitor is assigned a UUID (pseudonymous identification of the user), which is valid until the cookie for storing the consent expires. Cookies are used to test whether cookies can be set, to store a reference to the documented consent, to store which services from which service groups the visitor has consented to and, if consent is obtained in accordance with the Transparency & Consent Framework (TCF), to store the consents in TCF partners, purposes, special purposes, functions and special functions. The consent obtained is fully documented as part of the duty of disclosure under the GDPR. In addition to the services and service groups to which the visitor has consented, and if consent is obtained according to the TCF standard, to which TCF partners, purposes and functions the visitor has consented, this includes all settings of the cookie banner at the time of consent as well as the technical circumstances (e.g. size of the viewing area at the time of consent) and the user interactions (e.g. clicks on buttons) that led to consent. Consent is collected once per language.
Here you can change, view or revoke your settings depending on the function group:
Cookies
WordPress (essential)
WordPress is the content management system for this website and allows registered users to log in to the system. Cookies or cookie-like technologies can be stored and read. These can store a session hash, login status, user ID and user-related settings for the WordPress backend. This data can be used so that the browser can recognize you as a logged-in user.
This service is currently categorized as “Essential”. This group implies legitimate interest – with the only difference that this service cannot be revoked.
Polylang (essential)
WordPress is the content management system for this website and allows registered users to log in to the system. Cookies or cookie-like technologies can be stored and read. These can store a session hash, login status, user ID and user-related settings for the WordPress backend. This data can be used so that the browser can recognize you as a logged-in user.
This service is currently classified as “essential”. This group implies a legitimate interest – with the only difference that this service cannot be revoked.
Google Tag Manager
Google Tag Manager is a service for managing tags that are triggered by a specific event that inserts a third-party script or sends data to a third-party service. No cookies in the technical sense are set on the user’s client device, but technical and personal data such as the IP address are transmitted from the client to the service provider’s server to enable the use of the service.
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland,
+1 650 253 0000
https://policies.google.com/privacy
https://www.google.de/contact/impressum.html
We have concluded standard contractual clauses with the provider.
- The provider is self-certified under the Trans-Atlantic Data Privacy Framework for secure data processing in the USA
- The adequacy decision for secure data processing only applies if the provider is self-certified and listed in the “Data Privacy Framework List”. To find out which companies are certified -> Website of the US government.
Google Analytics
Google Analytics is a service for compiling detailed statistics on user behavior on the website. The cookies are used to distinguish users, to store campaign-related information for and from the user and to link data from multiple page views.en.
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland,
+1 650 253 0000
https://policies.google.com/privacy
https://www.google.de/contact/impressum.html
We have concluded standard contractual clauses with the provider.
- The provider is self-certified under the Trans-Atlantic Data Privacy Framework for secure data processing in the USA
- The adequacy decision for secure data processing only applies if the provider is self-certified and listed in the “Data Privacy Framework List”. To find out which companies are certified -> Website of the US government.
Google Fonts
Google Fonts enables the integration of fonts into websites in order to improve the website without having to install the fonts on your device. This requires the processing of the user’s IP address and metadata. No cookies or cookie-like technologies are set on the user’s client. The data can be used to record the websites visited and can be used to improve Google’s services. It may also be used for profiling, e.g. to offer you personalized services, such as advertising based on your interests or recommendations. Google makes personal data available to its affiliated companies and other trusted companies or persons who process this data for them on the basis of Google’s instructions and in accordance with Google’s privacy policy.
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland,
+1 650 253 0000
https://policies.google.com/privacy
https://www.google.de/contact/impressum.html
We have concluded standard contractual clauses with the provider.
- The provider is self-certified under the Trans-Atlantic Data Privacy Framework for secure data processing in the USA
- The adequacy decision for secure data processing only applies if the provider is self-certified and listed in the “Data Privacy Framework List”. To find out which companies are certified -> Website of the US government.
Calendly
Calendly enables the embedding of calendars for scheduling appointments with the user in order to improve the website. This requires the processing of the user’s IP address, name, e-mail address, date, scheduled time, metadata and other information provided by the user. Cookies or cookie-like technologies can be stored and read. These may contain personal data and technical data such as user IDs, status of a chat, user role, assignment to a group for user experiments, advertising ID, consents, security tokens, information for payments, whether a Calendly browser extension is used and the language. This data may be used to prevent or correct service errors, security or technical problems, to analyze and monitor usage, to prevent spam, fraud and abuse on the website, to compile detailed statistics on user behavior and to improve Calendly’s services. This data may be linked to the data of users registered on calendly.com. Calendly may share personal information with its affiliates, government agencies and authorized agents.
Calendly LLC, 115 E. Main Street, Suite A1B, Buford, GA 30518, USA,
+1800 9799850,
https://help.calendly.com/hc/de
https://calendly.com/de/privacy
Youtube
YouTube enables the embedding of content on websites that are published on youtube.com in order to improve the website with videos. This requires the processing of the user’s IP address and metadata. Cookies or cookie-like technologies can be stored and read. These may contain personal data and technical data such as user IDs, consents, video player settings, connected devices, interactions with the service, push notifications and the account used. This data can be used to record websites visited, to compile detailed statistics on user behavior and to improve Google’s services. It can also be used for profiling, e.g. to offer you personalized services such as advertising based on your interests or recommendations. This data may be linked by Google with the data of users logged in to Google’s websites (e.g. youtube.com and google.com). Google makes personal data available to its affiliated companies, other trusted companies or persons who may process this data on the basis of Google’s instructions and in accordance with Google’s privacy policy.
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland,
+1 650 253 0000
https://policies.google.com/privacy
https://www.google.de/contact/impressum.html
We have concluded standard contractual clauses with the provider.
- The provider is self-certified under the Trans-Atlantic Data Privacy Framework for secure data processing in the USA
The privacy policy was created with the help of Real Cookie Banner