Details according to § 5 TMG:
Responsible for the content of this Website:
SCHUPPAN CREATIVE SOLUTIONS
94065 Waldkirchen, Germany
USt-IdNr. DE 235551851
Ralf Schuppan, owner
Online dispute settlement
The European Commission provides a platform for online dispute settlement at https://ec.europa.eu/consumers/odr/, which consumers can use to resolve a dispute and where further information on the subject of dispute settlement can be found.
Out-of-court dispute settlement
We are neither obligated nor prepared to take part in a dispute settlement procedure in front of a consumer arbitration body in case of a dispute with a consumer.
Name and contact of the responsible party according to article 4 sec. 7 GDPR:
SCHUPPAN CREATIVE SOLUTIONS
94065 Waldkirchen, Germany
Ralf Schuppan, owner
Liability for contents
All contents of our Internet site have been prepared with the utmost care and to the best of our knowledge. However, we cannot assume any liability for the accuracy, completeness or actuality of contents. As a service provider, we are responsible for our own contents on these pages according to general legislation in line with §7 sec. 1 TMG. In accordance with §§ 8 to 10 TMG, as a service provider we are not obliged to monitor transmitted or saved external information or to research circumstances that suggest illegal activity. Obligations regarding the removal or blockage of use of information according to general laws remain unaffected. However, liability in this regard is possible from the time of obtaining knowledge of a specific legal violation. We shall remove these contents without delay should we become aware of the above-mentioned legal violations.
The contents and works published on our website are subject to German copyright laws. Reproduction, processing, distribution and any type of utilisation of intellectual property from the non-material and material point of view of the originator, beyond the boundaries of copyright laws, require prior written permission from the respective originator. Downloads and copies of this site are only permitted for private, and not for commercial use. Third-party copyrights must be observed for contents on our website, which we have not produced. Third-party contents will be identified as such. Nevertheless, we ask that you inform us should you become aware of a violation of copyrights. We shall remove these contents without delay should we become aware of these types of legal violations.
Security and protection of your personal data
We see it as our primary task to maintain the confidentiality of the personal data you have provided and to protect it against unauthorised access. We therefore exercise extreme caution and use state-of-the-art safety standards to guarantee maximum protection of your personal data.
As a company under private law, we are subject to the terms of the European General Data Protection Regulation (GDPR) and the regulations of the Federal Data Protection Act (BDSG). We have taken technical and organisational measures, which ensure that the regulations on data protection are observed by ourselves and our external service providers.
Definition of terms
Legislation determines that personal data must be processed lawfully, fairly and in a transparent manner in relation to the data subject (“lawfulness, fairness and transparency”). In order to guarantee this, we inform you about the individual legal definitions, which are also used in this data privacy statement:
“Personal data” is any piece of information relating to an identified or identifiable natural person (hereinafter the “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, psychological, genetic, economic, cultural or social identity of this natural person.
“Processing” is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of processing
“Restriction of processing” is the marking of saved personal data with the aim of restricting its future processing.
“Profiling” is any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
“Pseudonymisation” is the processing of personal data in such a way that the personal data can no longer be assigned to a specific person without additional information, provided that this additional information is kept separately and is subject to corresponding technical and organisational measures, which guarantee that the personal data cannot be assigned to an identified or identifiable individual.
A “file system” is every structured collection of personal data, which is accessible according to certain criteria irrespective of whether this collection is kept centralised, decentralised or according to functional or geographic points of view.
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
A “contract processor” is an individual or legal entity, authority, institution or other body, which processes data on behalf of the responsible party.
A “recipient” is an individual or legal entity, authority, institution or other body to whom personal data is disclosed, irrespective of whether it is a third party or not. Authorities who possibly receive personal data within the scope of a specific investigation according to the Union law or the law of the member states do not count as recipients; processing of this data by the stated authorities takes place in accordance with the valid data protection regulations according to the purposes of processing.
A “third party” is an individual or legal entity, authority, institution or other body, except the data subject, the responsible party, the contract processor and the persons authorised to process personal data under the direct responsibility of the responsible party or the contract processor.
“Consent” by the data subject is every voluntary declaration of intention for the certain case given in a clear and informed manner in the form of a declaration or another clear confirmatory action, with which the data subject makes it clear that they agree to processing of the respective personal data.
Legality of processing
Processing of personal data is only legitimate if there is a legal basis for processing. The legal basis for processing according to Article 6 sec. 1 lit. a – f GDPR could be especially:
The data subject has given their consent to processing of the personal data concerning them for one or more specific purposes; processing is required for the fulfilment of a contract with the data subject as the contractual party or to perform pre-contractual measures, which take place at the request of the data subject; processing is required for fulfilment of a legal obligation, which the data subject is subjected to; processing is required to protect essential interests of the data subject or another individual; processing is required to perform a task, which is in the public interest or in order to exercise an official authority; processing is required to maintain the legitimate interests of the responsible party or a third party as long as these do not outweigh the interests or basis rights and basic freedoms of the data subject requesting the protection of personal data, especially if the data subject is a child.
Information on the collection of personal data
(1) In the following, we shall inform you about the collection of personal data when using our website. Examples of personal data are: Name, address, email address and user behaviour.
(2) When contacting us by email or using a contact form, the data you provide (your email address, and possibly your name and telephone number) shall be saved by us in order to answer your questions. The data associated with this shall be deleted once storage is no longer required or processing shall be restricted if statutory retention duties exit.
Collection of personal data when visiting our website
For purely informative use of the website, i.e. if you do not register or otherwise transmit information to us, we shall only collect personal data transmitted by your browser to our server. If want to look at our website, we shall collect the following data, which is required for us technically to display our website to you and guarantee stability and security (the legal basis is Art. 6 sec. 1 pg. 1 lit. f GDPR):
Date and time of request
Time zone difference to Greenwich Mean Time (GMT)
Contents of the request (specific page)
Access status/HTTP status code
Respective transmitted data quantity
Website from which the request comes
Operating system and its surface
Language and version of browser software.
Other functions and services of our website
(1) Alongside the purely informational use of our website, we offer various services you can use if you are interested. For this, you generally have to provide further personal data, which we use to provide the respective service and for which the previously mentioned principles on data processing apply.
(2) We use some external service providers for processing your data. They have seen carefully selected by us and are bound to follow our instructions and are regularly checked.
(3) Furthermore, we may pass your personal data on to third parties if participation in promotions or competitions or conclusion of contracts or similar services are offered by us in conjunction with partners. You will receive further information when providing your personal data or below in the service description.
(4) If our service providers or partners are located in a state outside of the European Economic Area (EEA), we shall inform you about the consequences of this situation in the service description.
Our service is generally intended for adults. Persons under the age of 18 should not transmit personal data to us without permission from a parent or guardian.
Rights of data subjects
(1) Withdrawal of consent
If the processing of personal data is based on your consent, you have the right to revoke your given consent at any time. Consent can be withdrawn without affecting the legitimacy of the processing that was carried out based on the consent before it was withdrawn.
You are welcome to contact us at any time to exercise your right to appeal.
(2) Right to confirmation
You have the right to request a confirmation from the responsible party stating whether we process respective personal data. You can request a confirmation at any time under the above-mentioned contact data.
(3) Right of information
If personal data is processed, you can request information about your personal data at any time and request the following information: The purposes of processing; the categories of personal data being processed; the recipients or categories of recipients to whom personal data has been disclosed or will be disclosed, especially if the recipients are located in third countries or are international organisations; if possible, the planned duration for which the personal data is saved or, if this is not possible, the criteria for specification of this duration;
the existence of a right to correction or deletion of the personal data concerning you or to restriction of processing by the responsible party or a right to appeal against this processing; the existence of a right to lodge a complaint with a supervisory authority; if the personal data is not collected from the data subject, all information on the origin of data; existence of an automated decision-making including profiling as per Art. 22 sec. 1 and 4 GDPR and – and as a minimum in these instances – relevant information about the logic involved as well as the impact and the intended effects of such processing for the data subject.
If personal data is transmitted to a third country or an international organisation, you have the right to be informed about suitable guarantees in accordance with Article 46 GDPR in association with transmission. We make a copy of personal data available, which is the subject of processing. We are entitled to charge an appropriate fee on the basis of administration costs for all further copies you apply for. If you make the application electronically, the information must be provided in a standard electronic format unless stated otherwise. The right to receipt of a copy according to paragraph 3 may not impair the rights and freedoms of other persons.
(4) Right to correction
You have the right to obtain from us the rectification of inaccurate personal data concerning you without undue delay. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
(5) Right to deletion ("right to be forgotten")
You have the right to ask the responsible party to delete the personal data concerned immediately and we are obliged to delete this personal data immediately, provided one of the following reasons apply:
The personal data is no longer required for the purposes it was collected for or processed otherwise.
The data subject revokes their consent, upon which processing as per Article 6 sec. 1 lit. a or Art. 9 sec. 2 lit. a GDPR was based, and there is no other legal basis for processing. The data subject lodges an appeal as per Art. 21 sec. 1 GDPR against processing and there are no overriding legitimate reasons for processing, or the data subject lodges an appeal as per Art. 21 sec. 2 GDPR against processing. The personal data was processed unlawfully. The deletion of personal data is required to fulfil a legal obligation according to Union law or the law of member states the responsible party is subject to. The personal data was collected with regards to services offered by the information company as per Art. 8 sec. 1 GDPR.
If the responsible party has published the personal data and is obligated as per sec. 1 GDPR to delete it, then it shall take appropriate measures, including technical support – whilst taking into consideration the available technology and costs of implementation – to inform parties responsible for processing this data that you, as the person concerned, have asked that all links to this personal data or copies or replications of this personal data are deleted.
The right to deletion does not apply when processing is required:
if processing is necessary to exercise the right to free expression of opinion and information or to fulfil a legal obligation, which takes place for processing according to Union law or the law of the member states the responsible party is subject to, or to perform a task that is in the interest of the public or to exercise a public authority, which has been transferred to the responsible party due to public interest reasons in the area of public health according to Article 9 sec. 2 lit. h and i as well as Article 9 sec. 3 GDPR; for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes according to Article 89 section 1 GDPR if the right stated in section 1 is expected to make the achievement of the goals of processing impossible or seriously impair them, or to enforce, exercise or defend legal claims.
(6) Right to restriction of processing
You have the right to request restriction of the processing of your personal data if one of the following conditions exists:
The accuracy of personal data is disputed by the data subject and for a period that allows the responsible party to check the accuracy of personal data, processing is illegal and the data subject rejects the deletion of personal data and, instead, requests restriction of the use of personal data; the responsible party no longer requests the personal data for the purposes of processing but the data subject requires it to enforce, exercise or defend legal claims or if the data subject has lodged an appeal against processing according to Article 21 sec. 1 GDPR, as long as it is not yet certain whether the justified reasons of the responsible party outweigh those of the data subject.
If the processing of the personal data has been restricted, then this data may be processed – apart from storing it – only with your consent or to assert, exercise or defend legal claims or to protect the rights of another individual or legal person or for reasons of important public interest to the Union or a member state.
In order to enforce the right to restriction of processing, the data subject can contact us at any time under the above-mentioned contact data.
(7) Right to data portability
You have the right to receive the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and the right to transmit that data to another controller without hindrance by the responsible party to whom the personal data was provided, if:
Processing is based on consent as per Art. 6 sec. 1 lit. a GDPR or Art. 9 sec. 2 lit. a GDPR or a contract as per Art. 6 sec. 1 lit. d GDPR and processing is carried out using automated procedures.
When exercising the right to data portability according to sec. 1, you have a further right to insist that the personal data concerned is transmitted directly from one responsible party to another responsible party, provided this is technically possible. Exercising the right to data portability does not affect the right to deletion ("right to be forgotten"). The right to data portability does not apply to the processing of personal data, which is needed to perform a task, which is in the public interest or which was transferred to the responsible party in order to exercise an official authority.
(8) Right to object
You also have the right, at any time with future effect and for reasons relating to your particular situation, to object to the processing of personal data concerning you which is based on Art. 6, sec. 1 e) or f), GDPR, including profiling based on these provisions. The responsible party shall no longer process the personal data concerning you, unless it can prove urgent compelling reasons for processing, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If we process your personal data for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing with future effect, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for the purposes of direct advertising the personal data will no longer be processed for these purposes.
You have the option to exercise your right to object in connection to use of the services of the information company – irrespective of directive 2002/58/EC – by means of automated procedures, which use technical specifications.
You have the right, for reasons relating to your particular situation, to object to the processing of personal data concerning you, which takes place for scientific or historical research purposes or for statistical purposes according to Article 89 section 1, unless processing is required to fulfil a task in the public interest.
You can exercise your right to appeal by contacting the respective responsible party.
(9) Automated decision-making in individual cases, including profiling
You have the right to not be subjected to exclusively automated processing, including profiling, which has a legal impact on you or impairs you considerably in a similar way. This shall not apply if the decision is required for the conclusion of fulfilment of a contract between you and the responsible party, is permitted based on legal regulations of the Union or member states, which the responsible party is subject to and if these legal regulations contain appropriate measures to protect your rights and freedoms as well as the legitimate interests of the data subject or with the explicit consent of the data subject.
The responsible party shall take appropriate measures to protect the rights and freedoms of the data subject as well as the legitimate interests of the data subject, which, as a minimum, includes the right to obtain intervention of a person by the responsible party, present a personal point of view and defend the decision.
The data subject can exercise this right at any time by contacting the respective responsible party.
(10) Right to complain to a regulatory authority
Irrespective of another regulatory or legislative remedy, you have the right to complain to a regulatory authority, in particular in the member state of your residence, workplace or the place of the alleged breach, if you are of the opinion that the processing of personal data is in breach of the GDPR.
(11) Right to an effective legal remedy
Irrespective of an available administration law or extrajudicial legal remedy including the right to lodge a complaint with a supervisory authority according to Article 77 GDPR, you have the right to an effective legal remedy if the supervisory authority is of the opinion that your rights on the basis of this directive have been violated by the processing of your personal data, which is not in accordance with this directive.
Integration of Google Maps
(1) We use the Google Maps service on this website. This allows us to display interactive maps to you directly in the website and enables convenient use of the map function.
(2) By visiting the website, Google receives the information that you have retrieved the corresponding sub-page of our website. Furthermore, the data specified under § 3 of this declaration is transmitted. This takes place irrespective of whether Google provides a user account where you are logged in or whether no user account exists. If you are logged in with Google, your data shall be directly assigned to your account. You must log out before activating the button if you do not want assignment to your profile with YouTube. YouTube saves your data as user profiles and uses it for the purposes of advertising, market research and/or needs-based design of its website. Such an analysis takes place especially (even for users not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have a right to appeal against the formation of these user profiles, whereby you must direct the appeal to YouTube to exercise your right.
(3) Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider’s data protection declaration. This is where you will also find further information about your respective rights and setting options to protect your private sphere: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has subjected itself to the EU-US-Privacy-Shield, https://www.privacyshield.gov/EU-US-Framework.
We use external service providers (contract processors) e.g. for dispatch of goods, newsletter or payment transactions. Separate order data processing has been concluded with the service provider to guarantee protection of your personal data.
We work together with the following service providers (server):
1&1 Internet SE
Eigendorfer Straße 57