Informativa sulla privacy

Graham Miranda
Hasselfelder Str. 23
38889 Blankenburg (Harz), Germany
E-mail: [email protected]
Telefono: +49 15678 397267

Codice fiscale: 117/249/02725
D-U-N-S® Number: 316 856 052

Last Updated: November 12, 2025

1. Data Protection at a Glance

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you.

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. Their contact details can be found in the legal notice of this website.

How do we collect your data?

Your data is collected in two ways: first, when you provide it to us (for example, data you enter into a contact form). Other data is collected automatically or after your consent when you visit the website through our IT systems.

2. Data Controller

The data controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws is:

Graham Miranda
Hasselfelder Str. 23
38889 Blankenburg (Harz)
Germania

Telefono: +49 15678 397267
E-mail: [email protected]

3. Hosting and Server Locations

This website is hosted by the following hosting providers:

RackNerd LLC (USA – California)
HostKey B.V. (Netherlands and France)

Your personal data is stored on the servers of these providers. Use is based on our legitimate interest in secure, fast, and efficient provision of our online services through a professional provider (Art. 6 para. 1 lit. f GDPR).

We have concluded data processing agreements with our hosts that ensure they process the personal data of our website visitors only according to our instructions and in compliance with the GDPR.

4. Content Delivery Network (CDN) – Cloudflare

We use Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA, as a Content Delivery Network (CDN) to accelerate and secure our website.

Processed Data:

• Indirizzo IP
• Tipo e versione del browser
• Sistema operativo
• URL di riferimento
• Date and time of request

Base legale: Art. 6 para. 1 lit. f GDPR (legitimate interest in error-free and secure provision)

Data Transfer to the USA: Cloudflare is certified under the EU-U.S. Data Privacy Framework.

More information: https://www.cloudflare.com/privacypolicy/

5. Email Services

AWS Simple Email Service (SES)

We use Amazon Web Services Simple Email Service (AWS SES) for sending emails. The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855 Luxembourg.

Processed Data:

• Indirizzo e-mail
• Contenuto del messaggio
• Metadata (timestamps, IP address)

Base legale: Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. b GDPR (contract performance)

AWS is certified under the EU-U.S. Data Privacy Framework.

iCloud Custom Email Domain & Private Relay

We use Apple iCloud for our business email with a custom domain and iCloud Private Relay for email forwarding.

Fornitore: Apple Inc., One Apple Park Way, Cupertino, CA 95014, USA

Emails may be forwarded to Gmail accounts for internal processing. Google LLC is also certified under the EU-U.S. Data Privacy Framework.

Base legale: Art. 6 para. 1 lit. b GDPR (contract performance) and Art. 6 para. 1 lit. f GDPR (legitimate interest in efficient communication)

6. Cookies

This website uses cookies. Cookies are small text files stored on your device. They do not damage your computer and do not contain viruses.

Technically Necessary Cookies

These cookies are necessary to ensure website functionality. They are set without your consent based on Art. 6 para. 1 lit. f GDPR.

Examples:

• Session cookies to maintain your user session
• CSRF protection tokens
• Language settings

Non-Essential Cookies

Analytics, functional, and marketing cookies are only set with your express consent according to Art. 6 para. 1 lit. a GDPR and § 25 TDDDG.

You can manage your cookie settings at any time via our cookie banner.

7. Server Log Files

The provider of this website automatically collects information in so-called server log files, which your browser automatically transmits to us:

• Tipo e versione del browser
• Sistema operativo
• URL di riferimento
• Hostname of accessing computer
• Time of server request
• Indirizzo IP

This data is not merged with other data sources. Collection is based on Art. 6 para. 1 lit. f GDPR.

8. Contact Form

If you send us inquiries via the contact form, your data from the inquiry form, including the contact information you provide, will be stored by us for processing the inquiry.

Base legale: Art. 6 para. 1 lit. a GDPR (consenso)

You can revoke this consent at any time.

Durata della conservazione: Data will be deleted as soon as it is no longer necessary for achieving the purpose of its collection.

9. Google Maps

This website uses the Google Maps map service. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Processed Data:

• Indirizzo IP
• Location data (if released)
• Search terms

Base legale: Art. 6 para. 1 lit. a GDPR (consent), § 25 para. 1 TDDDG

Google is certified under the EU-U.S. Data Privacy Framework.

More information: https://policies.google.com/privacy

10. Data Transfers to Third Countries

United States

We transfer personal data to the USA to the following service providers certified under the EU-U.S. Data Privacy Framework:

• Amazon Web Services (AWS SES)
• Cloudflare Inc.
• Apple Inc.
• Google LLC
• RackNerd LLC

Base legale: Art. 45 GDPR (adequacy decision) and Art. 46 para. 2 lit. c GDPR (EU Standard Contractual Clauses)

France and Netherlands

HostKey servers are located in France and the Netherlands. As both countries are EU member states, the GDPR applies directly.

11. Data Retention and Deletion Periods

Legal Retention Requirements

We are required to retain certain data for specific periods due to commercial and tax law requirements:

According to § 147 German Tax Code (AO) – 10 years:

• Invoices and accounting vouchers
• Customer contracts and orders
• Tax-relevant documents
• Books and records

According to § 257 German Commercial Code (HGB) – 6 years:

• Business correspondence
• Business letters

Deletion of Personal Data

Personal data not subject to legal retention obligations will be deleted as soon as:

• The purpose of processing no longer exists
• You have revoked your consent
• You have objected to the processing
• The data was processed unlawfully

Standard Deletion Periods:

• Contact inquiries: 2 years after completion of correspondence
• Newsletter subscriptions: Immediate deletion after unsubscribing
• Server log files: 7 days
• Cookie data: According to cookie policy

12. Your Rights as a Data Subject

Under the GDPR, you have the following rights:

Right of Access (Art. 15 GDPR)

You have the right to request information about your personal data processed by us.

Right to Rectification (Art. 16 GDPR)

You have the right to request immediate correction of inaccurate personal data concerning you.

Right to Erasure (Art. 17 GDPR)

You have the right to request deletion of your personal data, unless legal retention obligations apply.

Right to Restrict Processing (Art. 18 GDPR)

You have the right to request restriction of processing of your personal data.

Right to Data Portability (Art. 20 GDPR)

You have the right to receive your data in a structured, commonly used, and machine-readable format.

Right to Object (Art. 21 GDPR)

You have the right to object at any time to the processing of your personal data.

Right to Withdraw Consent (Art. 7 para. 3 GDPR)

You have the right to withdraw your consent at any time.

Right to Lodge a Complaint (Art. 77 GDPR)

You have the right to lodge a complaint with a data protection supervisory authority.

Competent Supervisory Authority:

State Commissioner for Data Protection Saxony-Anhalt
Leiterstraße 9
39104 Magdeburg
Germania
Phone: +49 391 81803-0
E-mail: [email protected]
Website: https://datenschutz.sachsen-anhalt.de

13. Security of Data Processing

We use the common SSL (Secure Socket Layer) procedure in conjunction with the highest level of encryption supported by your browser.

Security Measures:

• SSL/TLS encryption
• Firewall systems
• Aggiornamenti regolari della sicurezza
• Access restrictions
• Encrypted data transmission
• IT liability insurance (Markel Insurance SE, Policy: ON.MPI.64092)

14. Data Sharing

We generally do not share your personal data with third parties, unless:

• You have given your express consent (Art. 6 para. 1 lit. a GDPR)
• Disclosure is necessary for contract fulfillment (Art. 6 para. 1 lit. b GDPR)
• There is a legal obligation (Art. 6 para. 1 lit. c GDPR)

Important: Your data will never be sold or shared with third parties for advertising purposes.

15. No Automated Decision-Making

We do not use automated decision-making including profiling according to Art. 22 GDPR.

16. Changes to This Privacy Policy

We reserve the right to occasionally update this privacy policy to ensure it always complies with current legal requirements or to implement changes to our services.

Current Version: November 12, 2025

17. Contact

If you have questions about the collection, processing, or use of your personal data, please contact us:

Graham Miranda
Hasselfelder Str. 23
38889 Blankenburg (Harz)
Germania

E-mail: [email protected]
Telefono: +49 15678 397267

This privacy policy was created in consideration of the GDPR, BDSG, TDDDG, and other applicable data protection laws.