Privacy Statement

Below we will inform you about how we process  your personal data when you visit our website https://www.sabine-moritz.com

I. DATA CONTROLLER 

Sabine Moritz
Bismarckstr. 50
D-50672 Köln
Telefon: +49/221/3375910
E-mail: sab.moritz@gmail.com

II. Collection and purpose of personal data when visiting our website


1. Calling up our website

When using the website for information purposes only, personal data is only processed if this is expressly stated below.

When calling up my website your browser will automatically send the following information  to our website server (see below point 2):

  • IP address, anonymised, 
  • Date and time of access, 
  • Sites accessed
  • Protocols
  • Status code
  • Amount of data transferred
  • Referrer
  • User Agent
  • Host name

The data is stored in so-called log files on the server for a period of one month. The data is processed by me or under my responsibility for the following purposes:

  • Ensuring a smooth connection setup of the website,
  • Ensuring a comfortable use of our website,
  • Evaluating system security and stability

The legal basis for data processing is Art. 6 Para. 1, sentence 1 lit. f GDPR. My legitimate interest results from the data collection purposes listed above. In this connection, I will not use the data collected for the purposes of drawing conclusions as to you as an  individual.
 

2. Hosting provider

My website is operated via a server run by the company Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. The server is located in Germany. 

I have concluded an data processing agreement with the company Hetzner Online GmbH. According to this agreement Hetzner Online GmbH as data processor, undertakes to process the data of the users of my website in accordance with the data protection regulations.
 

3.  Cookies, analysing tools, Matomo

On my website I use only cookies that are technically necessary and the analyses service of Matomo.

Other tools, in particular analysis, tracking or remarketing tools from Google Analytics or other providers are not used on my website.
 

a) Functional cookies, technically necessary

This website uses cookies to enhance your experience as you navigate through the website. These cookies categorised by need are stored in your browser as they are essential for the basic functions of the website to work. These cookies are used on the basis of Art. 6 Para. 1 sentence 1 lit. f GDPR in the legitimate interest of ensuring the functionality of my website. You can find more information about these technically necessary cookies in the cookie banner or here.
 

b) Matomo

This website uses the service Matomo (formerly Piwik), a web analysis  service 
Provided by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, NZBN 6106769, ("Matomo"). Responsible for the use within the EU is ePrivacy Holding GmbH Große Bleichen 21 20354 Hamburg, Germany, represented by Prof. Dr. Christoph Bauer. 

Matomo is configured in such a way that only your shortened IP address is transmitted to the server for which I am responsible. In this way, you as a user remain anonymous to me. Information about your use of this website is also not passed on to third parties. Matomo uses cookies for the purpose of anonymised evaluation of your user behaviour.

Matomo is initially deactivated when you visit my website. Only if you actively consent to the use of Matomo or the cookies used in this process, your usage behaviour will be recorded anonymously. The use of these cookies is then based on § 25 para. 1 TTDSG (Act to Regulate Data Protection and Privacy in Telecommunications and Telemedia. You can revoke your consent at any time here.
 

c) Browser setting

You can set your browser to inform you about the placement of cookies. You can also delete cookies at any time via the browser settings and/or prevent the setting of new cookies. Please note that my web pages may then not be displayed and some functions may no longer be technically available.
 

4. Social Media Button - Instagram

The social media button for Instagram provided on my Website is only designed as a link. Therefore, when you visit my website, no data is automatically passed on to the operator of Instagram. You will only be taken to the corresponding Instagram page when you activate the respective link. You will find information about the data processing when visiting my Instagram page below under point III.
Do not process any data myself in this context.


5. Disclosure and transfer of data

We will only transmit your personal data to third parties provided that:

  • this is necessary to comply with your request, legally permitted according to Art. 6 para. 1 sentence 1 lit. b GDPR to comply with your E-mail request,     
  • the transfer is legally permitted pursuant to Art. 6 Para 1 sentence 1 lit. f GDPR to assert, exercise or defend against legal claims and there is no reason to assume that you have an interest requiring protection in the non-transfer of your data that outweighs this,
  • there is a legal obligation for the transfer as per  Art. 6 para. 1 sentence 1 lit. c GDPR (e.g. Disclosure of  invoice data to tax authorities).

We will only transfer your personal data for other purposes if you have given your explicit consent, Art. 6 Para. 1 sentence 1 lit. a GDPR.

In cases in which your personal data is forwarded to third parties, the scope of the data transmitted will, however, be kept to the necessary minimum.

None of your data shall be transmitted to non-EU/EEA Member States.

 

4. Social Media Button - Instagram

The social media button for Instagram provided on my Website is only designed as a link. Therefore, when you visit my website, no data is automatically passed on to the operator of Instagram. You will only be taken to the corresponding Instagram page when you activate the respective link. You will find information about the data processing when visiting my Instagram page below under point III.
Do not process any data myself in this context.
 

5. Disclosure and transfer of data

We will only transmit your personal data to third parties provided that:

  • this is necessary to comply with your request, legally permitted according to Art. 6 para. 1 sentence 1 lit. b GDPR to comply with your E-mail request,     
  • the transfer is legally permitted pursuant to Art. 6 Para 1 sentence 1 lit. f GDPR to assert, exercise or defend against legal claims and there is no reason to assume that you have an interest requiring protection in the non-transfer of your data that outweighs this,
  • there is a legal obligation for the transfer as per  Art. 6 para. 1 sentence 1 lit. c GDPR (e.g. Disclosure of  invoice data to tax authorities).

We will only transfer your personal data for other purposes if you have given your explicit consent, Art. 6 Para. 1 sentence 1 lit. a GDPR.

In cases in which your personal data is forwarded to third parties, the scope of the data transmitted will, however, be kept to the necessary minimum.

None of your data shall be transmitted to non-EU/EEA Member States.

III. Data processing on our Instagram page

We have set up own pages on Instagram, where I inform you about the latest news on my projects and events.
 

1. General information

We would like to point out, that you use my Instagram fan pages on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating).

Instagram  is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. Responsible for data protection in the EU is:
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.

You can find information on the data processing, the purpose, categories of recipients of the data, the legal basis for the processing of this data and the possibility of revoking any consent you have given to Facebook Ireland at https://www.facebook.com/about/privacy/

Provided you are logged in to your own Facebook account, advertising settings on Facebook can be changed at https://www.facebook.com/settings?tab=ads 


2.  Data processing by Facebook (Instagram)

When you access an Instagram page, the IP address assigned to your device is transmitted to Facebook. According to information from Facebook, this IP address is anonymised (in the case of "German" IP addresses). Facebook also stores information about the devices of its users (e.g. as part of the "login notification" function); this may enable Facebook to assign IP addresses to individual users. If, or as long as, you are logged in to Instagram when you visit our fan page, a cookie with your Facebook ID is stored on your device. This enables Facebook to track that your visit of that specific page and how you have used it. This also applies to all other Instagram pages. This data can be used to tailor content or advertising to your needs. 

If you do not want this to happen, you should log out of Instagram  or deactivate the "stay logged in" function, delete the cookies on your device and close and restart your browser. This will delete Instagram information that can be used to directly identify you what allows you to use my Instagram page without revealing your identifier. However, in order to access interactive functions of the page (Like, Comment, Share, News, etc.), you will need to log in. You will then again be recognisable to Facebook as a specific user.


3. Data processing by me

Facebook provides me with so-called page insights about the use of our fan pages by their visitors. The collected data is anonymised. It is not possible for me to draw conclusions about individual visitors or assign them to visitor profiles. Further information on this processing can be found at:
https://www.facebook.com/legal/terms/information_about_page_insights_data 


4. Joint responsibility—assertion of data subject rights—disclosure of personal data by Facebook

Any other processing of personal data is carried out by Facebook and me as so called joint controllers. I have entered into a joint controller agreement with Facebook which sets out the allocation of data protection obligations between me and Facebook. Details of this agreement can be found at 
https://www.facebook.com/legal/terms/page_controller_addendum

You can exercise your data protection rights (see "Data subject rights" below IV.) in relation to these data processing operations, against Facebook. For more information on this, please see Facebook's privacy policy at https://www.facebook.com/privacy/explanation

I expressly point out that according to the Facebook data protection regulations your user data will also be processed in non-EU countries. However, according to Facebook, it only transfers user data to countries for which the European Commission has issued an adequacy decision in accordance with Article 45 of the GDPR, or otherwise - if such decision does not exist - on the basis of appropriate guarantees in accordance with Article 46 of the GDPR. 


5. Legal basis for the data processing carried out by me

The processing of data by means of my fan page serves my legitimate interest in an optimal and up-to-date promotion of my person and art; this also includes the (anonymised) evaluation of the use of our fan pages. The legal basis for this processing is Art. 6 Para. 1 sentence 1 lit. f GDPR.

IV. Data subjects rights

As a data subject, you have the following rights, subject to the specific information above under point III.4:


1. General Rights (information, correction, deletion, restriction, data portability)

You have the right:

  • as per Art. 15 GDPR to demand to be informed free of charge about your personal data that we process. In particular, you can demand to be informed about the purposes of processing, the category of personal data, the categories of recipients that disclosures of your data are or were made to, the planned storage period, the right to rectification, erasure, restriction of processing or objection, the right to complain, the origin of your data if we did not collect this and any automatic decision-making including profiling and, if necessary meaningful information about the details of these;
  • as per Art. 16 GDPR to demand the rectification of incorrect data or completion of your personal data that we store;
  • as per Art. 17 GDPR to demand the erasure of your personal data that we store if the processing is not required to exercise the right of freedom of speech and information, to meet a legal obligation, for reasons of public interest or to assert, exercise or defend against legal claims;
  • as per Art. 18 GDPR to demand the restriction of processing of your personal data if you dispute the accuracy of the data, processing is illegal, but you reject erasure and we no longer require the data, however, you require this to assert, exercise or defend against legal claims or as per Art. 21 GDPR you have objected to processing;
  • as per Art. 20 GDPR to demand receipt of your personal data that you have provided to us in a structured, common and machine-readable format or transmission to another controller;
  • as per Art. 7 Para 3 GDPR to revoke any consent you have given in accordance with Art. 7 Para. 3 GDPR with effect for the future. Please note that the objection only takes effect for the future, 
  • as per Art. 77 GFPR to complain to the supervisory authority responsible for us. In principle, the supervisory authority of your usual place of residence or workplace or our company headquarters is responsible for your complaint. A list of the supervisory authorities (in Germany) can be found at: https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html


2. Right of objection

Insofar as your personal data is processed on the basis of legitimate interests pursuant to Art. 6  Para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, insofar as there are grounds for doing so that arise from your particular situation or if the objection is directed against direct marketing. In the latter case, affected users have a general right of objection, which is implemented by me without the need to specify a particular situation.

If affected users would like to make use of  their right of revocation or their right of objection, it is sufficient to send an e-mail to: sab.moritz@gmail.com

V. Data security

As part of your visit to the website we use the common SSL procedure (Secure Socket Layer) in combination with the respectively highest level of encryption that is supported by your browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. 

You can recognise an encrypted connection in that the address line of the browser will change from “http://” to “https://” and from the lock symbol in your browser line. When SSL encryption is activated, the data you transmit to us cannot be read by third parties.

Otherwise, we use suitable technical and organisational security measures to protect your data against accidental or deliberate manipulations, partial or complete loss, destruction or against unauthorised third-party access. Our security measures will be continuously improved in accordance with technological development.

VII. Actuality and amendment of this data protection declaration

This data protection declaration is currently valid and has the status March 2022. Due to the further development of our website and its functions or due to changed legal or official requirements, it may become necessary to change this data protection declaration.

The current version of my data protection declaration can be downloaded and printed out at any time.