Data Privacy

Status: December 16, 2024

Table of Contents

Controller

Ruslan Julbarissow
Sömmeringstr. 71

Email Address: ruslan@zerofy.de

Overview of Processing Activities

The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects.

Types of Data Processed

  • Inventory data.
  • Contact data.
  • Content data.
  • Usage data.
  • Meta, communication, and procedural data.
  • Log data.

Categories of Affected Individuals

  • Users.

Purposes of Processing

  • Security measures.
  • Organizational and administrative procedures.
  • Feedback.
  • Provision of our online offering and user-friendliness.
  • Information technology infrastructure.

Relevant Legal Bases

Relevant legal bases under the GDPR: Below, you will find an overview of the legal bases of the GDPR on which we process personal data. Please note that, in addition to the regulations of the GDPR, national data protection requirements may apply in your or our country of residence or seat. If, in individual cases, more specific legal bases are relevant, we will inform you of these in the data protection declaration.

  • Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR) – processing is necessary to safeguard the legitimate interests of the controller or a third party, provided that the interests, fundamental rights, and freedoms of the data subject which require the protection of personal data do not outweigh those interests.

National data protection regulations in Germany: In addition to the data protection regulations of the GDPR, national regulations on data protection apply in Germany. This includes in particular the Act on the Protection Against Misuse of Personal Data in Data Processing (Bundesdatenschutzgesetz – BDSG). The BDSG contains in particular special regulations on the right to information, the right to erasure, the right to object, the processing of special categories of personal data, the processing for other purposes, and the transfer as well as automated individual decision-making including profiling. Furthermore, state data protection laws of the individual federal states may apply.

Note on the application of the GDPR and the Swiss DPA: These data protection notices serve both to provide information in accordance with the Swiss DPA and the General Data Protection Regulation (GDPR). For this reason, please note that the terms of the GDPR are used due to the broader spatial application and comprehensibility. In particular, instead of the terms “processing” of “personal data,” “overriding interest,” and “particularly sensitive personal data” used in the Swiss DPA, the terms “processing” of “personal data,” “legitimate interest,” and “special categories of data” used in the GDPR are used. However, the legal meaning of the terms within the scope of the Swiss DPA continues to be determined by the Swiss DPA.

Provision of the Online Offering and Web Hosting

We process the data of users in order to be able to provide them with our online services. For this purpose, we process the user’s IP address, which is necessary in order to transmit the content and functions of our online services to the user’s browser or end device.

  • Types of Data Processed: Usage data (e.g., page views and time spent, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions); Meta, communication, and procedural data (e.g., IP addresses, time data, identification numbers, involved persons). Log data (e.g., log files regarding logins or the retrieval of data or access times.).
  • Affected Individuals: Users (e.g., website visitors, users of online services).
  • Purposes of Processing: Provision of our online offering and user-friendliness; Information technology infrastructure (operation and provision of information systems and technical equipment (computers, servers, etc.)). Security measures.
  • Storage and Erasure: Erasure in accordance with the information in the section “General Information on Data Storage and Erasure”.
  • Legal Bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Further information on processing activities, procedures and services:

  • Provision of the Online Offering on Own/Dedicated Server Hardware: We use server hardware operated by us as well as the associated storage space, computing capacity, and software for the provision of our online offering; Legal Bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).
  • Collection of Access Data and Log Files: Access to our online offering is logged in the form of so-called “server log files.” The server log files may include the address and name of the web pages and files accessed, the date and time of access, data volumes transmitted, a message about successful access, the browser type and version, the user’s operating system, the referrer URL (the previously visited page), and usually IP addresses and the requesting provider. The server log files can be used on the one hand for security purposes, e.g., to avoid overloading the servers (especially in the case of abusive attacks, so-called DDoS attacks), and on the other hand to ensure the utilization of the servers and their stability; Legal Bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Erasure of Data: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data whose further storage is necessary for evidentiary purposes is excluded from deletion until the final clarification of the respective incident.

Blogs and Publication Media

We use blogs or comparable means of online communication and publication (hereinafter “publication medium”). The data of the readers are processed for the purposes of the publication medium only insofar as it is necessary for its presentation and communication between authors and readers or for reasons of security. Otherwise, we refer to the information on the processing of visitors to our publication medium in the context of these data protection notices.

  • Types of Data Processed: Inventory data (e.g., full name, residential address, contact information, customer number, etc.); Contact data (e.g., postal and email addresses or telephone numbers); Content data (e.g., textual or visual messages and posts as well as the information concerning them, such as information on authorship or time of creation); Usage data (e.g., page views and time spent, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions). Meta, communication, and procedural data (e.g., IP addresses, time data, identification numbers, involved persons).
  • Affected Individuals: Users (e.g., website visitors, users of online services).
  • Purposes of Processing: Feedback (e.g., collection of feedback via online form); Provision of our online offering and user-friendliness; Security measures. Organizational and administrative procedures.
  • Storage and Erasure: Erasure in accordance with the information in the section “General Information on Data Storage and Erasure”.
  • Legal Bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Further information on processing activities, procedures and services:

  • Comments and Posts: If users leave comments or other posts, their IP addresses may be stored based on our legitimate interests. This is for our safety in case someone leaves illegal content in comments and posts (insults, prohibited political propaganda, etc.). In this case, we ourselves can be held responsible for the comment or post and are therefore interested in the identity of the author.

    Furthermore, we reserve the right, based on our legitimate interests, to process the users’ information for spam detection purposes.

    On the same legal basis, we reserve the right, in the case of surveys, to store the IP addresses of the users for the duration of the survey and to use cookies in order to avoid multiple votes.

    The information on the person communicated in the context of the comments and posts, any contact and website information as well as the content-related information will be stored by us permanently until the user objects; Legal Bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).
  • Retrieval of WordPress Emojis and Smilies: Retrieval of WordPress emojis and smilies – Within our WordPress blog, graphic emojis (or smilies), i.e., small graphic files that express feelings, are used for the purpose of efficiently integrating content elements, obtained from external servers. The providers of the servers collect the IP addresses of the users. This is necessary so that the emoji files can be transmitted to the browsers of the users; Service Provider: Aut O’Mattic A8C Ireland Ltd., Grand Canal Dock, 25 Herbert Pl, Dublin, D02 AY86, Ireland; Legal Bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://automattic.com; Privacy Policy: https://automattic.com/privacy. Basis for Third Country Transfers: Data Privacy Framework (DPF).
  • Profile Pictures from Gravatar: Profile Pictures – We use the Gravatar service within our online offering and in particular in the blog.

    Gravatar is a service where users can register and store profile pictures and their email addresses. If users leave posts or comments with the respective email address on other online presences (especially in blogs), their profile pictures can be displayed next to the posts or comments. For this purpose, the email address communicated by the users is transmitted to Gravatar in encrypted form for the purpose of checking whether a profile is stored for it. This is the only purpose of transmitting the email address. It is not used for other purposes, but is deleted afterwards.

    The use of Gravatar is based on our legitimate interests, as with the help of Gravatar we offer the authors of posts and comments the opportunity to personalize their posts with a profile picture.

    By displaying the pictures, Gravatar learns the IP address of the users, as this is necessary for communication between a browser and an online service.

    If users do not want a user picture associated with their email address on Gravatar to appear in the comments, they should use an email address that is not stored on Gravatar to comment. We would also like to point out that it is also possible to use an anonymous or no email address at all if users do not want their own email address to be sent to Gravatar. Users can completely prevent the transfer of data by not using our comment system; Service Provider: Aut O’Mattic A8C Ireland Ltd., Grand Canal Dock, 25 Herbert Pl, Dublin, D02 AY86, Ireland; Legal Bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://automattic.com; Privacy Policy: https://automattic.com/privacy. Basis for Third Country Transfers: Data Privacy Framework (DPF).

Changes and Updates

We ask you to inform yourself regularly about the content of our data protection declaration. We will adapt the data protection declaration as soon as the changes in the data processing we carry out make this necessary. We will inform you as soon as the changes require action on your part (e.g., consent) or any other individual notification.

If we provide addresses and contact information of companies and organizations in this data protection declaration, please note that the addresses may change over time and please check the information before contacting them.

Back To Top