Background

< Go Back

Privacy Policy

 

1) Information about the collection of personal data and contact details of the responsible person.

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data in this context is all data with which you can be personally identified.
1.2 The person responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Bennet Cerven, The Trouble Notes, Kopernikusstr 4, 10243 Berlin, Germany, Tel: 017672951459, e-mail: thetroublenotes@gmail.com. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.
1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or requests to the controller). You can recognize an encrypted connection by the string “https://” and the lock symbol in your browser line.

2) Data collection when visiting our website

During the mere informational use of our website, i.e. if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to our server (so-called “server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:
Our visited website
Date and time at the time of access
Amount of data sent in bytes
Source/reference from which you reached the page
Browser used
Operating system used
IP address used (if applicable: in anonymized form)
The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively should concrete indications point to illegal use.

3) Cookies

In order to make visiting our website more attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your terminal device. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your end device and enable us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data and IP address values to an individual extent. Persistent cookies are automatically deleted after a specified period of time, which may differ depending on the cookie. The duration of the respective cookie storage can be found in the overview of the cookie settings of your web browser.
If personal data is also processed by individual cookies implemented by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b DSGVO either for the execution of the contract or in accordance with Art. 6 para. 1 lit. f DSGVO to protect our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the page visit.
Please note that you can set your browser in such a way that you are informed about the setting of cookies and can decide individually about their acceptance or can exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find this for each browser at the following links:
Microsoft Edge: https://support.microsoft.com/en-us/microsoft-edge/temporarily-allow-cookies-and-site-data-in-microsoft-edge-597f04f2-c0ce-f08c-7c2b-541086362bd2
Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en
Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac
Opera: https://help.opera.com/de/latest/web-preferences/#cookies
Please note that if you do not accept cookies, the functionality of our website may be limited.

4) Contacting

4.1 Personal data is collected when contacting us (e.g. via contact form or e-mail). Which data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for processing the data is our legitimate interest in responding to your request pursuant to Art. 6 (1) lit. f DSGVO. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO. Your data will be deleted after final processing of your request, this is the case if it can be inferred from the circumstances that the matter concerned has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.
4.2 WhatsApp Business
We offer visitors to our website the possibility to contact us via the messaging service WhatsApp of WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. For this purpose, we use the so-called “business version” of WhatsApp.
If you contact us via WhatsApp on the occasion of a specific transaction (for example, an order placed), we store and use the mobile phone number you use on WhatsApp and – if provided – your first and last name pursuant to Art. 6 para. 1 lit. b. DSGVO to process and respond to your request. On the basis of the same legal basis, we may ask you to provide further data (order number, customer number, address or email address) via WhatsApp in order to be able to assign your request to a specific process.
If you use our WhatsApp contact for general inquiries (such as about the range of services, availability or our website), we store and use the mobile phone number you use on WhatsApp and – if provided – your first and last name in accordance with Art. 6 (1) lit. f DSGVO based on our legitimate interest in the efficient and timely provision of the requested information.
Your data will only ever be used to respond to your request via WhatsApp. It will not be passed on to third parties.
Please note that WhatsApp Business receives access to the address book of the mobile device we use for this purpose and automatically transfers phone numbers stored in the address book to a server of the parent company Facebook Inc. in the USA. For the operation of our WhatsApp Business account, we use a mobile device whose address book only stores the WhatsApp contact data of those users who have also contacted us via WhatsApp.
This ensures that each person whose WhatsApp contact data is stored in our address book has already consented to the transmission of his WhatsApp telephone number from the address books of his chat contacts pursuant to Art. 6 (1) lit. a DSGVO when using the app on his device for the first time by accepting the WhatsApp terms of use. A transmission of data of such users who do not use WhatsApp and/or have not contacted us via WhatsApp is excluded in this respect.
For the purpose and scope of the data collection and the further processing and use of the data by WhatsApp, as well as your rights in this regard and setting options for protecting your privacy, please refer to the privacy notices of WhatsApp: https://www.whatsapp.com/legal/?eea=1#privacy-policy

5) Use of customer data for direct advertising

5.1 Registration for our e-mail newsletter
If you register for our e-mail newsletter, we will regularly send you information about our offers. The only mandatory data for sending the newsletter is your e-mail address. The provision of further data is voluntary and will be used to address you personally. For sending the newsletter we use the so-called double opt-in procedure. This means that we will only send you an e-mail newsletter after you have expressly confirmed that you consent to receiving newsletters. We will then send you a confirmation e-mail asking you to confirm that you wish to receive the newsletter in the future by clicking on an appropriate link.
By activating the confirmation link, you give us your consent for the use of your personal data in accordance with Art. 6 (1) lit. a DSGVO. When you register for the newsletter, we store your IP address entered by your Internet service provider (ISP) as well as the date and time of registration in order to be able to trace any possible misuse of your e-mail address at a later date. The data collected by us when you register for the newsletter will be used exclusively for the purpose of addressing you in an advertising manner by way of the newsletter. You can unsubscribe from the newsletter at any time via the link provided for this purpose in the newsletter or by sending a corresponding message to the person responsible mentioned at the beginning. After unsubscribing, your e-mail address will be deleted from our newsletter distribution list immediately, unless you have expressly consented to further use of your data or we reserve the right to use your data in a manner that goes beyond this, which is permitted by law and about which we inform you in this declaration.

– Newsletter via Seninblue
Our email newsletter is sent via the technical service provider Sendinblue SAS (55 Rue d’Amsterdam, 75008 Paris, France), to whom we pass on the data you provided when registering for the newsletter. This transfer is based on Art. 6 (1) lit. f GDPR and serves our legitimate interest in using an effective, secure and user-friendly newsletter system. The data you enter for the newsletter registration (e.g. email address) is stored on Sendinblue’s servers in the EU.
Sendinblue uses this information to send newsletters on our behalf and to evaluate them statistically. For evaluation purposes, the emails sent contain so-called web beacons or tracking pixels, which are single-pixel image files that are stored on our website. This allows us to determine whether a newsletter message was opened and which links were clicked. In addition, technical information is collected (e.g. time of access, IP address, browser type and operating system). The data is collected exclusively in pseudonymized form and is not linked to your other personal data, a direct reference to persons is excluded. This data is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients. If you wish to object to the data analysis for statistical evaluation purposes, you must unsubscribe from the newsletter.
In addition, according to Art. 6 para. 1 lit. f GDPR, this data is used in our own legitimate interest for the needs-based design and optimization of the service and for market research purposes. The data is used, for example, to determine which countries the recipients come from. However, Sendinblue does not use the data of our newsletter recipients to write to them or to pass them on to third parties.
We have concluded an order processing contract with Sendinblue, which obliges Sendinblue to protect our customers’ data and not to pass it on to third parties.
You can view Sendinblue’s privacy policy here: https://www.sendinblue.com/legal/privacypolicy/
 

6) Site functionalities

6.2 – Spotify
Plugins of the music service Spotify, an offer of Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm, Sweden (“Spotify”), are integrated on this website for the playback of music tracks. You can recognize the Spotify plugins by the green logo on our site. An overview of the Spotify plugins can be found at: https://developer.spotify.com. When visiting this page, a direct connection between your browser and the Spotify servers can be established via the plugin, even if you do not have a Spotify account or are not logged in. Spotify thereby receives the information that you have visited our site. The information collected in this process (including your IP address) is transmitted by your browser directly to a Spotify server and stored there. However, the data is not used to identify you personally and is not passed on to third parties. If you click the Spotify button while you are logged into your Spotify account, Spotify can associate your visit to our website with your user account. The data processing described above takes place on the basis of Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in an appealing acoustic design of the visit to our website. If you do not want Spotify to be able to associate your visit to our website with your Spotify user account, please log out of your Spotify user account. You can also object to the loading of the Spotify plugin and thus the data processing operations described above for the future using add-ons for your browser, e.g. the script blocker “NoScript” (http://noscript.net/). For more information, please refer to Spotify’s privacy policy at https://www.spotify.com/uk/legal/privacy-policy/.
If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is done in accordance with Art. 6 (1) (f) DSGVO on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website.
Further legal basis for the processing is Art. 6 para. 1 lit. c DSGVO. As the responsible party, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.
Further information on the operator and the setting options of the cookie consent tool can be found directly in the corresponding user interface on our website.
 

7) Tools and miscellaneous

This website uses a so-called “cookie consent tool” to obtain effective user consent for cookies and cookie-based applications requiring consent. The “Cookie Consent Tool” is displayed to users when they access the site in the form of an interactive user interface, on which consent for certain cookies and/or cookie-based applications can be given by ticking the appropriate box. By using the tool, all cookies/services requiring consent are only loaded if the respective user gives the corresponding consent by setting a check mark. This ensures that such cookies are only set on the respective user’s end device if consent has been granted.
 

8) Rights of the data subject

8.1 The applicable data protection law grants you comprehensive data subject rights (rights of information and intervention) vis-à-vis the controller with regard to the processing of your personal data, which we inform you about below:
Right to information pursuant to Art. 15 DSGVO: In particular, you have a right to information about your personal data processed by us, the processing purposes, the categories of personal data processed, the recipients or categories of recipients to whom your data have been or will be disclosed, the planned storage period and/or the criteria for determining the storage period, the existence of a right to rectification, erasure, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if it has not been collected from you by us, the existence of automated decision-making, including profiling, and, if applicable, meaningful information about the logic involved and the scope and intended effects of such processing that concern you, as well as your right to be informed about what guarantees exist in accordance with Art. 46 of the GDPR if your data is transferred to third countries;
Right to rectification pursuant to Art. 16 DSGVO: You have the right to have any inaccurate data relating to you corrected without delay and/or to have any incomplete data stored by us completed;
Right to deletion pursuant to Art. 17 DSGVO: You have the right to demand the deletion of your personal data if the requirements of Art. 17 (1) DSGVO are met. However, this right does not exist in particular if the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims;
Right to restriction of processing pursuant to Art. 18 GDPR: You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data, which you dispute, is being verified; if you refuse the erasure of your data due to unlawful data processing and instead request the restriction of the processing of your data; if you require your data for the assertion, exercise or defense of legal claims after we no longer need this data after the purpose has been achieved; or if you have lodged an objection for reasons relating to your particular situation as long as it has not yet been determined whether our legitimate grounds prevail;
Right to information in accordance with Art. 19 DSGVO: If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients.
Right to data portability pursuant to Art. 20 DSGVO: You have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller, insofar as this is technically feasible;
Right to revoke consent granted in accordance with Art. 7 (3) DSGVO: You have the right to revoke consent to the processing of data once granted at any time with effect for the future. In the event of revocation, we will immediately delete the data concerned, unless further processing can be based on a legal basis for processing without consent. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation;
Right to lodge a complaint pursuant to Art. 77 GDPR: If you consider that the processing of personal data concerning you infringes the GDPR, you have – without prejudice to any other administrative or judicial remedy – the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement.
8.2 RIGHT OF OBJECTION
IF WE PROCESS YOUR PERSONAL DATA WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.
IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSES OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSES OF SUCH MARKETING. YOU MAY EXERCISE THE OBJECTION AS DESCRIBED ABOVE.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.
 

9) Duration of storage of personal data

The duration of the storage of personal data is measured on the basis of the respective legal basis, the purpose of processing and – if relevant – additionally on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).
When processing personal data on the basis of explicit consent pursuant to Art. 6 (1) a DSGVO, this data is stored until the data subject revokes his or her consent.
If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 (1) (b) DSGVO, this data will be routinely deleted after the retention periods have expired, provided that it is no longer required for the fulfillment of the contract or the initiation of the contract and/or there is no legitimate interest on our part in continuing to store it.
When processing personal data on the basis of Art. 6(1)(f) DSGVO, this data is stored until the data subject exercises his or her right to object pursuant to Art. 21(1) DSGVO, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
When processing personal data for the purpose of direct marketing on the basis of Article 6 (1) (f) DSGVO, this data is stored until the data subject exercises his or her right to object pursuant to Article 21 (2) DSGVO.
Unless otherwise stated in the other information in this statement about specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.
 
© 2005-2023 · IT-Recht Kanzlei Keller-Stoltenhoff, Keller
 

< Go Back