abstract-background-with-white-bokeh-lights-2025-02-10-00-03-32-utc-2.jpg

DATA PROTECTION

1) Introduction and Contact Information of the Data Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. Below we inform you about how we handle your personal data when using our website. Personal data refers to all data that can personally identify you.

1.2 The data controller responsible for data processing on this website under the General Data Protection Regulation (GDPR) and applicable US state privacy laws is Robin Stute, nexantera AI, Schöne Aussicht 6, 34414 Warburg, Germany, Tel.: +4915204744432, Email: rstute@nexantera.de. The data controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data.

2) Data Collection When Visiting Our Website

2.1 When you use our website purely for informational purposes, i.e., when you do not register or otherwise provide us with information, we only collect data that your browser transmits to the page server (so-called "server log files"). When you visit our website, we collect the following data that is technically necessary for us to display the website to you:

- Our visited website

- Date and time at the time of access

- Amount of data sent in bytes

- Source/referrer from which you reached the page

- Browser used

- Operating system used

- IP address used (if applicable: in anonymized form)

Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR and applicable US state privacy laws based on our legitimate interest in improving the stability and functionality of our website. The data is not shared or otherwise used. However, we reserve the right to review the server log files retroactively should concrete indications of unlawful use arise.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the character string "https://" and the lock symbol in your browser bar.

3) Hosting & Content Delivery Network

3.1 For hosting our website and displaying page content, we use a provider that delivers its services either directly or through selected sub-contractors exclusively on servers within the European Union.

All data collected on our website is processed on these servers.

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

3.2 AWS CloudFront

We use a Content Delivery Network from the following provider: Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109, USA

This service enables us to deliver large media files such as graphics, page content, or scripts more quickly via a network of regionally distributed servers. Processing is carried out to protect our legitimate interest in improving the stability and functionality of our website in accordance with Art. 6 para. 1 lit. f GDPR and applicable US state privacy laws. We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with European data protection standards based on an adequacy decision by the European Commission.

3.3 Fastly

We use a Content Delivery Network from the following provider: Fastly Inc., 475 Brannan St. #300, San Francisco, CA 94107, USA

3.4 Google Cloud CDN

We use a Content Delivery Network from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data may also be transferred to: Google LLC, USA

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

4) Cookies

To make visiting our website attractive and enable the use of certain functions, we use cookies, which are small text files stored on your device. Some of these cookies are automatically deleted after closing the browser (so-called "session cookies"), while others remain on your device longer and enable the storage of page settings (so-called "persistent cookies"). In the latter case, you can see the storage duration in your web browser's cookie settings overview.

Where personal data is also processed by individual cookies we use, processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR and applicable US state privacy laws either for contract performance, in accordance with Art. 6 para. 1 lit. a GDPR and applicable consent requirements under US state privacy laws in case of granted consent, or in accordance with Art. 6 para. 1 lit. f GDPR and legitimate interest provisions under US state privacy laws to protect our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit.

Your Rights and Choices: You can configure your browser to be informed about the setting of cookies and decide individually about their acceptance, or exclude the acceptance of cookies for certain cases or in general. Under applicable US state privacy laws, you may also have the right to opt-out of the sale or sharing of personal information collected through cookies.

Please note that if you do not accept cookies, the functionality of our website may be limited.

5) Contact

5.1 Google Calendar

For providing an online appointment booking function, we use the services of the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data may also be transferred to: Google LLC, USA

For the purpose of appointment scheduling, first and last names as well as email addresses (and possibly telephone numbers, if a telephone appointment is desired) are collected in accordance with Art. 6 para. 1 lit. b GDPR and applicable US state privacy laws, and transmitted to the provider based on our legitimate interest in effective customer management and efficient appointment administration in accordance with Art. 6 para. 1 lit. f GDPR and legitimate interest provisions under US state privacy laws, where they are stored for appointment organization.

After the appointment has been held or after the agreed appointment period has expired, your data will be deleted by the provider.

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

5.2 In the context of contacting us (e.g., via contact form or email), personal data is collected. Which data is collected when using a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for contact and the associated technical administration.

The legal basis for processing this data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR and legitimate interest provisions under applicable US state privacy laws. If your contact aims at concluding a contract, an additional legal basis for processing is Art. 6 para. 1 lit. b GDPR and applicable contract processing provisions under US state privacy laws. Your data will be deleted after final processing of your request. This is the case when it can be inferred from the circumstances that the relevant matter has been conclusively clarified and provided no legal retention obligations oppose this.

6) Web Analytics Services

Wix Analytics

This website uses the web analytics service of the following provider: Wix HQ, 6350671, Nemal Tel Aviv St 40, Tel Aviv-Yafo, Israel

Using cookies and/or comparable technologies (tracking pixels, web beacons, algorithms for reading device and browser information), the service collects and stores pseudonymized visitor data, including information from the device used such as IP address and browser information, to evaluate it for statistical analyses of usage behavior on our website and create pseudonymized usage profiles. Among other things, this enables the evaluation of movement patterns (so-called heatmaps), which show the duration of page visits as well as interactions with page content (e.g., text entries, scrolling, clicks, and mouse-overs). Pseudonymization generally excludes direct personal relatability. No merging with clear data about your person collected in other ways takes place.

Consent and Your Rights: All processing described above, particularly reading or storing information on the device used, will only be carried out if you have given us your explicit consent in accordance with Art. 6 para. 1 lit. a GDPR and applicable consent requirements under US state privacy laws. You can revoke your granted consent at any time with effect for the future by deactivating this service in the "Cookie Consent Tool" provided on the website. **Under applicable US state privacy laws, you may also have additional rights to opt-out of the sale or sharing of personal information and to request deletion of your personal information.**

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

For data transmission to the provider location, an adequate level of data protection is ensured by an adequacy decision of the European Commission.

7) Tools and Other Services

Cookie Consent Tool

This website uses a so-called "Cookie Consent Tool" to obtain effective user consent for cookies requiring consent and cookie-based applications. The "Cookie Consent Tool" is displayed to users when they visit the site in the form of an interactive user interface, on which consent can be granted for specific cookies and/or cookie-based applications by checking boxes. Through the use of the tool, all cookies/services requiring consent are only loaded if the respective user grants corresponding consent by checking boxes. This ensures that such cookies are only set on the respective user's device in case of granted consent.

The tool sets technically necessary cookies to store your cookie preferences. Personal user data is generally not processed in this context.

If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning, or logging cookie settings, this is carried out in accordance with Art. 6 para. 1 lit. f GDPR and legitimate interest provisions under applicable US state privacy laws based on our legitimate interest in legally compliant, user-specific, and user-friendly consent management for cookies and thus in a legally compliant design of our website.

An additional legal basis for processing is Art. 6 para. 1 lit. c GDPR and applicable legal compliance requirements under US state privacy laws. As data controllers, we are under the legal obligation to make the use of technically non-necessary cookies dependent on respective user consent.

Where necessary, we have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

Further information about the operator and setting options of the Cookie Consent Tool can be found directly in the corresponding user interface on our website.

8) Data Subject Rights

8.1 Applicable data protection law grants you the following data subject rights (information and intervention rights) vis-à-vis the data controller regarding the processing of your personal data, whereby reference is made to the cited legal basis for the respective exercise requirements:

Under GDPR and EU Law:

- Right of access according to Art. 15 GDPR

- Right to rectification according to Art. 16 GDPR

- Right to erasure according to Art. 17 GDPR

- Right to restriction of processing according to Art. 18 GDPR

- Right to notification according to Art. 19 GDPR

- Right to data portability according to Art. 20 GDPR

- Right to withdraw granted consent according to Art. 7 para. 3 GDPR

- Right to lodge a complaint according to Art. 77 GDPR

Additional Rights Under US State Privacy Laws:

- Right to Know: Request information about the categories and specific pieces of personal information we collect, use, disclose, or sell

- Right to Delete: Request deletion of personal information we have collected about you

- Right to Opt-Out: Opt-out of the sale or sharing of your personal information

- Right to Correct: Request correction of inaccurate personal information

- Right to Non-Discrimination: You will not be discriminated against for exercising your privacy rights

- Right to Limit Use of Sensitive Personal Information: Request to limit the use of sensitive personal information

8.2 RIGHT TO OBJECT

UNDER GDPR: IF WE PROCESS YOUR PERSONAL DATA BASED ON OUR OVERRIDING LEGITIMATE INTEREST WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL END THE PROCESSING OF THE AFFECTED DATA. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES THE ASSERTION, EXERCISE OR DEFENSE OF LEGAL CLAIMS.

IF YOUR PERSONAL DATA IS PROCESSED BY US FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL END THE PROCESSING OF THE AFFECTED DATA FOR DIRECT MARKETING PURPOSES.

To exercise your rights, please contact us at: rstute@nexantera.de or use the contact information provided in Section 1.2.

9) Duration of Storage of Personal Data

The duration of storage of personal data is determined by the respective legal basis, the processing purpose and – where applicable – additionally by the respective statutory retention period (e.g., commercial and tax law retention periods).

When processing personal data based on explicit consent according to Art. 6 para. 1 lit. a GDPR and applicable consent requirements under US state privacy laws, the affected data is stored until you withdraw your consent.

If statutory retention periods exist for data processed within the framework of contractual or contract-like obligations based on Art. 6 para. 1 lit. b GDPR and applicable contract processing provisions under US state privacy laws, this data is routinely deleted after expiration of the retention periods, provided it is no longer required for contract fulfillment or contract initiation and/or we no longer have a legitimate interest in continued storage.

When processing personal data based on Art. 6 para. 1 lit. f GDPR and legitimate interest provisions under US state privacy laws, this data is stored until you exercise your right to object according to Art. 21 para. 1 GDPR or applicable objection rights under US state privacy laws, unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms, or the processing serves the assertion, exercise or defense of legal claims.

When processing personal data for direct marketing purposes based on Art. 6 para. 1 lit. f GDPR and legitimate interest provisions under US state privacy laws, this data is stored until you exercise your right to object according to Art. 21 para. 2 GDPR or applicable opt-out rights under US state privacy laws.

Unless otherwise stated in the other information in this declaration about specific processing situations, stored personal data is otherwise deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

Copyright Notice: This privacy policy was created by the specialized lawyers of IT-Recht Kanzlei and is protected by copyright (https://www.it-recht-kanzlei.de)