We hereby inform you about the processing of personal data in accordance with legal requirements (in particular, in accordance with BDSG n.F. and the European General Data Protection Regulation ‘GDPR’) regarding the type, scope, and purpose of data processing by our company. This privacy policy applies to our websites and social media profiles. Regarding the definition of terms such as “personal data” or “processing,” we refer to Article 4 of the GDPR.

Data Controller

The Data Controller (pursuant to Article 4(7) GDPR) is:

Andreas Schevzik
Tulpenstrasse 20
Luhe-Wildenau 92706
Germany
Fax: +49 9607 6379999
Email: info@einfach-websiten.de

Types of Data, Processing Purposes, and Categories of Data Subjects

1. Types of Data We Process

  • Usage data (access times, visited websites, etc.)
  • Account data (name, address, etc.)
  • Contact data (phone number, email, fax, etc.)
  • Payment data (bank details, account information, payment history, etc.)
  • Contract data (subject of contract, duration, etc.)
  • Content data (text entries, videos, photos, etc.)
  • Communication data (IP address, etc.)

2. Processing Purposes According to Art. 13(1)(c) GDPR

  • Contract execution, evidence purposes/preservation of evidence
  • Technical and economic website optimization
  • Fulfillment of contractual obligations
  • Contact in case of legal complaints by third parties
  • Fulfillment of legal retention obligations
  • Optimization and statistical analysis of our services
  • Support of commercial website usage
  • Improvement of user experience
  • User-friendly website design
  • Marketing/sales/advertising
  • Creation of statistics
  • Customer service and customer care
  • Processing of contact requests
  • Provision of websites with functions and content
  • Security measures
  • Uninterrupted, secure operation of our website

3. Categories of Data Subjects According to Art. 13(1)(e) GDPR

  • Website visitors/users
  • Customers
  • Interested parties

Data subjects are collectively referred to as “users.”

Legal Basis for Processing Personal Data

We process personal data on the following legal bases:

  1. When we have obtained your consent for processing personal data, Art. 6(1)(a) GDPR serves as the legal basis.
  2. For processing necessary for the performance of a contract or pre-contractual measures, Art. 6(1)(b) GDPR is the legal basis.
  3. When processing is necessary for compliance with a legal obligation, Art. 6(1)(c) GDPR serves as the legal basis.
  4. When processing is necessary to protect vital interests of the data subject or another natural person, Art. 6(1)(d) GDPR is the legal basis.
  5. If processing is necessary for the purposes of our legitimate interests or those of a third party, and these interests are not overridden by your interests or fundamental rights and freedoms, Art. 6(1)(f) GDPR serves as the legal basis.

Transfer of Personal Data to Third Parties and Processors

We do not transfer your data to third parties without your explicit consent. Data transfer may occur based on the aforementioned legal grounds, for example:

  • When transferring data to online payment providers for contract fulfillment
  • Due to court orders
  • Due to legal obligations for law enforcement purposes
  • To protect against threats
  • To enforce intellectual property rights

We use processors (external service providers, e.g., for web hosting and databases) to process your data. If data is transferred to processors as part of processing agreements, this always occurs in accordance with Art. 28 GDPR. We carefully select our processors, regularly monitor them, and have authority to issue instructions regarding the data. Additionally, processors must have implemented appropriate technical and organizational measures and comply with data protection regulations according to BDSG n.F. and GDPR.

Data Transfer to Third Countries

With the adoption of the GDPR, a uniform basis for data protection was created in Europe. Your data is primarily processed by companies to which GDPR applies. Should processing occur through third-party services outside the European Union or European Economic Area, they must meet the special requirements of Art. 44 ff. GDPR. This means processing occurs based on special guarantees, such as the officially recognized determination of a data protection level corresponding to the EU or compliance with officially recognized special contractual obligations, the so-called “Standard Contractual Clauses.”

Due to the invalidity of the “Privacy Shield,” if we need to obtain your explicit consent for data transfer to the USA under Art. 49(1)(a) GDPR, we hereby inform you about the risk of potential secret access by US authorities and the use of data for surveillance purposes, possibly without legal remedies for EU citizens.

Data Deletion and Storage Duration

Your personal data will be deleted or blocked as soon as the purpose for storage no longer applies or you withdraw your consent. However, storage may continue if required by law, such as:

  • Business letter retention obligations under § 257(1) HGB (6 years)
  • Tax document retention obligations under § 147(1) AO (10 years)

After the prescribed retention period expires, the data will be blocked or deleted unless further storage is necessary for contract conclusion or contract fulfillment.

Automated Decision-Making

We do not use automated decision-making or profiling.

Website Provision and Log Files

  1. When you use our website for informational purposes only (i.e., no registration or other data transmission), we only collect data that your browser transmits to our server:
  • IP address
  • Internet service provider
  • Date and time of access
  • Browser type
  • Language and browser version
  • Content of the request
  • Time zone
  • Access status/HTTP status code
  • Data volume
  • Websites from which the request comes
  • Operating system

This data is not stored together with other personal data about you.

  1. This data serves the purpose of user-friendly, functional, and secure delivery of our website with functions and content, as well as its optimization and statistical analysis.
  2. The legal basis is our legitimate interest in data processing according to Art. 6(1)(f) GDPR.
  3. For security reasons, we store this data in server log files for 14 days. After this period, it is automatically deleted unless we need to retain it for evidence purposes in case of attacks on the server infrastructure or other legal violations.

Hosting and Content Delivery Networks (CDN)

External Hosting

This website is hosted by an external service provider (host). Personal data collected on this website is stored on the host’s servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access, and other data generated through a website.

The host is used for the purpose of contract fulfillment with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of secure, fast, and efficient provision of our online presence by a professional provider (Art. 6(1)(f) GDPR).

Our host will only process your data to the extent necessary to fulfill its performance obligations and follow our instructions regarding this data.

We use the following host:
HOSTINGER operations, UAB
Registered office: Švitrigailos str. 34
Vilnius 03230, Lithuania
Phone: +37064503378
Email: domains@hostinger.com
Server Location: Germany

Conclusion of a Data Processing Agreement

To ensure data protection-compliant processing, we have concluded a data processing agreement with our host.

Contract Processing

  1. We process account data (e.g., company, title/academic degree, names and addresses and contact details of users, email), contract data (e.g., services used, names of contact persons), and payment data (e.g., bank details, payment history) for the purpose of fulfilling our contractual obligations (knowing who the contractual partner is; establishing, designing and processing the contract; reviewing data plausibility) and service provisions (e.g., customer service contact) according to Art. 6(1)(b) GDPR. The inputs marked as mandatory in online forms are required for contract conclusion.
  2. This data is generally not transferred to third parties unless necessary to pursue our claims (e.g., transfer to attorney for collection) or to fulfill the contract (e.g., transfer to payment provider) or there is a legal obligation pursuant to Art. 6(1)(c) GDPR.
  3. We may also process the data you provide to inform you about other interesting products from our portfolio or send you emails with technical information.
  4. Data is deleted when it is no longer necessary for achieving the purpose of its collection. For account and contract data, this occurs when the data is no longer needed for contract execution and no claims can be made from the contract because they are time-barred (warranty: two years / regular limitation period: three years). We are obligated by commercial and tax law to store your address, payment, and order data for ten years. However, after contract termination, we restrict processing after three years, meaning your data is only used to comply with legal obligations. User account data remains until deletion.

Contact via Contact Form / Email / Fax / Post

  1. When contacting us via contact form, fax, post, or email, your information is processed to handle the contact request.
  2. The legal basis for processing data is Art. 6(1)(a) GDPR if consent is given. For data transmitted during a contact request or via email, letter, or fax, Art. 6(1)(f) GDPR is the legal basis. The controller has a legitimate interest in processing and storing data to answer user inquiries, for liability evidence, and to possibly comply with legal retention obligations for business letters. If contact aims at contract conclusion, Art. 6(1)(b) GDPR is additional legal basis for processing.
  3. We may store your information and contact request in our Customer-Relationship-Management System (“CRM System”) or similar system.
  4. Data is deleted when no longer necessary for achieving the purpose of its collection. For personal data from the contact form input mask and those sent via email, this occurs when the respective conversation is finished. The conversation is finished when circumstances indicate the matter is conclusively clarified. Inquiries from users with an account or contract with us are stored until two years after contract termination. In case of legal archiving obligations, deletion occurs after their expiry: end of commercial (6 years) and tax law (10 years) retention obligation.
  5. You can withdraw consent under Art. 6(1)(a) GDPR for processing personal data at any time. If you contact us via email, you can object to storage of personal data at any time.

Contact via Telephone

  1. When contacting us by telephone, your phone number is processed to handle the contact request and temporarily stored in the RAM/cache of the telephone device/display. Storage occurs for liability and security reasons, to prove the call, and for economic reasons to enable callback. In case of unauthorized advertising calls, we block the phone numbers.
  2. Legal basis for processing the phone number is Art. 6(1)(f) GDPR. If contact aims at contract conclusion, Art. 6(1)(b) GDPR is additional legal basis for processing.
  3. The device cache stores calls for 30 days and successively overwrites/deletes old data; when disposing of the device, all data is deleted and the memory possibly destroyed. Blocked phone numbers are checked annually for blocking necessity.
  4. You can prevent phone number display by calling with suppressed number.

Discover Japanese lessons, captivating stories, and more resources tailored for Japanese learners.

Main Pages
Links
© 2025 Animelearn.com
Privacy Policy Legal Notice