The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data includes all data that can be used to personally identify you. Detailed information on data protection can be found in our privacy policy listed below this text.
Data processing on this website is carried out by the website operator. You can find their contact details in the section "Information on the Responsible Party" in this privacy policy.
Your data is collected in two ways:
Data that you provide to us directly, e.g., by entering information into a contact form.
Data that is automatically collected or recorded with your consent when you visit the website. This mainly includes technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter this website.
Some data is collected to ensure the website functions properly. Other data may be used to analyze your user behavior. If contracts can be concluded or initiated via the website, the data provided will also be processed for contract offers, orders, or other business inquiries.
You have the right to obtain, free of charge, information about the origin, recipient, and purpose of your stored personal data at any time. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time with future effect. In certain circumstances, you also have the right to request the restriction of processing your personal data. Additionally, you have the right to file a complaint with the relevant supervisory authority.
If you have further questions about data protection, you can contact us at any time.
When you visit this website, your browsing behavior may be statistically analyzed. This is primarily done using analytics programs.
Detailed information on these analytics programs can be found in the following privacy policy.
We host the content of our website with the following provider:
This website is externally hosted. The personal data collected on this website is stored on the servers of the hosting provider(s). This may include, in particular, IP addresses, contact requests, metadata and communication data, contract data, contact details, names, website access data, and other data generated via a website.
External hosting is carried out for the purpose of fulfilling contractual obligations towards our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of ensuring the secure, fast, and efficient provision of our online offering by a professional provider (Art. 6(1)(f) GDPR). If explicit consent has been requested, data processing is carried out exclusively based on Art. 6(1)(a) GDPR and § 25(1) TDDDG, provided that consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.
Our hosting provider will only process your data to the extent necessary to fulfill its service obligations and follow our instructions regarding this data.
We use the following hosting provider:
Vercel Inc., c/o EDPO, Avenue Huart Hamoir 71, 1030 Brussels, Belgium, privacy@vercel.com
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations as well as this privacy policy.
When you use this website, various personal data is collected. Personal data includes all data that can personally identify you. This privacy policy explains which data we collect and how we use it. It also explains how and for what purpose this occurs.
We would like to point out that data transmission over the Internet (e.g., when communicating via email) can have security vulnerabilities. A complete protection of data against access by third parties is not possible.
The responsible party for data processing on this website is:
Christian Fegg GmbH
Südliche Münchner Straße 8
82031 Grünwald
Germany
Phone: +49 (0) 89 24 41 47 58-0
Email: info@christianfegg.de
The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).
Unless a specific storage period is stated in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you make a legitimate request for deletion or withdraw your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in such cases, deletion will take place after these reasons no longer apply.
If you have given your consent to data processing, we process your personal data based on Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR if special categories of data under Art. 9(1) GDPR are processed. If explicit consent is given for the transfer of personal data to third countries, data processing is also carried out based on Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or access to information on your device (e.g., via device fingerprinting), data processing is additionally based on § 25(1) TDDDG. Consent can be revoked at any time.
If your data is necessary for the fulfillment of a contract or for pre-contractual measures, we process your data based on Art. 6(1)(b) GDPR. Furthermore, we process your data if it is necessary to fulfill a legal obligation under Art. 6(1)(c) GDPR. Data processing may also be carried out based on our legitimate interest under Art. 6(1)(f) GDPR. The specific legal bases applicable in each case are explained in the following sections of this privacy policy.
We use tools from companies based in third countries that do not offer an adequate level of data protection, as well as US tools whose providers are not certified under the EU-US Data Privacy Framework (DPF). When these tools are active, your personal data may be transferred to and processed in these countries. Please note that in non-secure third countries, no level of data protection comparable to that of the EU can be guaranteed.
We point out that the USA, as a secure third country, generally offers a level of data protection comparable to that of the EU. Data transfers to the USA are permissible if the recipient is certified under the EU-US Data Privacy Framework (DPF) or has appropriate additional safeguards. Information on data transfers to third countries, including the recipients of such data, can be found in this privacy policy.
As part of our business activities, we collaborate with various external entities. In some cases, the transfer of personal data to these external entities is necessary.
We only share personal data with external entities if it is required for contract fulfillment, if we are legally obligated to do so (e.g., sharing data with tax authorities), if we have a legitimate interest in the data transfer under Art. 6(1)(f) GDPR, or if another legal basis permits the data transfer. If we engage processors, we only share personal data based on a valid data processing agreement. In the case of joint processing, a joint processing agreement will be concluded.
Many data processing operations are only possible with your explicit consent. You may revoke a previously given consent at any time. The legality of the data processing carried out before the revocation remains unaffected.
IF DATA PROCESSING IS BASED ON ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION. THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS FOR PROCESSING CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR THE PROCESSING SERVES TO ASSERT, EXERCISE, OR DEFEND LEGAL CLAIMS (OBJECTION UNDER ART. 21(1) GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING AT ANY TIME; THIS ALSO APPLIES TO PROFILING IN CONNECTION WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION UNDER ART. 21(2) GDPR).
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, particularly in the member state of their habitual residence, place of work, or the place of the alleged infringement. The right to lodge a complaint exists without prejudice to other administrative or judicial remedies.
You have the right to receive the data that we process automatically based on your consent or in the performance of a contract in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done where technically feasible.
Within the framework of applicable legal provisions, you have the right at any time to obtain free information about your stored personal data, its origin and recipients, and the purpose of the data processing. You also have the right to request the rectification or erasure of this data. For further questions on personal data, you may contact us at any time.
You have the right to request the restriction of the processing of your personal data. You can contact us at any time to exercise this right. The right to restriction of processing applies in the following cases:
If you have restricted the processing of your personal data, these data—apart from storage—may only be processed with your consent, for the establishment, exercise, or defense of legal claims, to protect the rights of another natural or legal person, or for reasons of important public interest of the European Union or a Member State.
If you submit inquiries to us via the contact form, your details from the inquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not share this data without your consent.
The processing of this data is based on Art. 6(1)(b) GDPR if your inquiry is related to the performance of a contract or is necessary for pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries directed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if requested; consent can be revoked at any time.
The data you enter in the contact form will remain with us until you request deletion, revoke your consent for storage, or the purpose for data storage no longer applies (e.g., after your inquiry has been processed). Mandatory legal provisions—especially retention periods—remain unaffected.
If you contact us by email, telephone, or fax, your inquiry, including all personal data resulting from it (name, inquiry), will be stored and processed by us for the purpose of handling your request. We do not share this data without your consent.
The processing of this data is based on Art. 6(1)(b) GDPR if your inquiry is related to the performance of a contract or is necessary for pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries directed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if requested; consent can be revoked at any time.
The data sent to us via contact inquiries will remain with us until you request deletion, revoke your consent for storage, or the purpose for data storage no longer applies (e.g., after your inquiry has been processed). Mandatory legal provisions—especially statutory retention periods—remain unaffected.
When using the comment function on this website, in addition to your comment, details such as the time of comment creation, your email address, and—if you do not post anonymously—the username you have chosen will be stored.
Comments and associated data will be stored and remain on this website until the commented content is completely deleted or the comments must be removed for legal reasons (e.g., offensive comments).
The storage of comments is based on your consent (Art. 6(1)(a) GDPR). You may revoke your consent at any time with a simple notification via email. The legality of data processing operations already carried out remains unaffected by the revocation.
This website integrates elements of the social network Facebook. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. However, according to Facebook, the collected data is also transferred to the USA and other third countries.
An overview of Facebook’s social media elements can be found here:
https://developers.facebook.com/docs/plugins/?locale=en_US.
If the social media element is active, a direct connection is established between your device and the Facebook server. This allows Facebook to receive information that you have visited this website with your IP address. If you click the Facebook "Like" button while logged into your Facebook account, you can link the contents of this website to your Facebook profile. This enables Facebook to associate your visit to this website with your user account.
We would like to point out that, as the provider of this site, we have no knowledge of the content of the transmitted data or its use by Facebook. Further information can be found in Facebook’s privacy policy:
https://www.facebook.com/privacy/explanation.
The use of this service is based on your consent in accordance with Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be revoked at any time.
If personal data is collected on our website via this tool and transmitted to Facebook, both we and Meta Platforms Ireland Limited are jointly responsible for this data processing (Art. 26 GDPR). This joint responsibility is limited exclusively to data collection and its transfer to Facebook. Any further processing by Facebook after the transfer is not part of this joint responsibility.
Our joint obligations have been outlined in an agreement on joint processing. You can view the agreement here:
https://www.facebook.com/legal/controller_addendum.
According to this agreement:
We are responsible for providing the privacy information when using the Facebook tool and for implementing the tool securely on our website.
Facebook is responsible for the data security of its products.
You can assert your data subject rights (e.g., requests for information) directly with Facebook. If you submit a request to us, we are obliged to forward it to Facebook.
Data transfer to the USA is based on the EU Commission's Standard Contractual Clauses (SCCs). More details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum
https://www.facebook.com/help/566994660333381
https://www.facebook.com/policy.php
Facebook is certified under the "EU-US Data Privacy Framework" (DPF), which ensures compliance with European data protection standards. More information is available here:
https://www.dataprivacyframework.gov/participant/4452.
This website includes functions of the Instagram service, which is provided by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.
If the social media element is active, a direct connection is established between your device and the Instagram server, allowing Instagram to receive information about your visit to this website.
If you are logged into your Instagram account, clicking the Instagram button will allow you to link the content of this website to your Instagram profile. This enables Instagram to associate your visit to this website with your user account.
We would like to point out that, as the provider of this site, we have no knowledge of the content of the transmitted data or its use by Instagram.
The use of this service is based on your consent in accordance with Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be revoked at any time.
If personal data is collected via this tool and transferred to Instagram (or Facebook), we and Meta Platforms Ireland Limited are jointly responsible for this data processing (Art. 26 GDPR). However, our joint responsibility only covers data collection and its transfer to Instagram. Any processing by Instagram after the transfer is not part of this joint responsibility.
Our joint obligations have been outlined in an agreement on joint processing, which you can read here:
https://www.facebook.com/legal/controller_addendum.
According to this agreement:
We are responsible for providing privacy information when using the Instagram tool and for implementing it securely on our website.
Instagram (Meta) is responsible for the data security of its products.
You can assert your data subject rights (e.g., requests for information) directly with Instagram. If you submit a request to us, we are obliged to forward it to Instagram.
Data transfer to the USA is based on the EU Commission's Standard Contractual Clauses (SCCs). More details can be found here:
https://www.facebook.com/legal/EU_data_transfer_addendum
https://privacycenter.instagram.com/policy/
https://www.facebook.com/help/566994660333381
More information is available in Instagram’s privacy policy:
https://privacycenter.instagram.com/policy/.
Instagram is certified under the "EU-US Data Privacy Framework" (DPF), which ensures compliance with European data protection standards. More information is available here:
https://www.dataprivacyframework.gov/participant/4452.
This website uses elements of the Pinterest social network, operated by Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.
When you visit a page containing such an element, your browser establishes a direct connection to Pinterest’s servers. This social media element transmits log data to Pinterest’s server in the USA. These log data may include:
The use of this service is based on your consent in accordance with Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be revoked at any time.
For more information about the purpose, scope, further processing, and use of your data by Pinterest, as well as your rights and privacy settings, please refer to Pinterest’s privacy policy:
https://policy.pinterest.com/en/privacy-policy.
If you would like to receive the newsletter offered on this website, we require an email address from you, as well as information that allows us to verify that you are the owner of the provided email address and that you agree to receive the newsletter. No further data is collected or only on a voluntary basis. We use this data exclusively for sending the requested information and do not share it with third parties.
The processing of the data entered into the newsletter signup form is based solely on your consent (Art. 6(1)(a) GDPR). You can revoke your consent to store the data, the email address, and its use for sending the newsletter at any time, for example, via the "unsubscribe" link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter or until the purpose for which it was collected no longer applies. After unsubscribing, your data will be deleted from the newsletter distribution list. We reserve the right to delete or block email addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest under Art. 6(1)(f) GDPR.
Data stored by us for other purposes remains unaffected.
After unsubscribing from the newsletter distribution list, your email address may be stored in a blacklist by us or the newsletter service provider if necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with legal requirements for sending newsletters (legitimate interest within the meaning of Art. 6(1)(f) GDPR). The storage in the blacklist is not time-limited. You can object to the storage if your interests outweigh our legitimate interest.
If you purchase goods or services from us and provide your email address in the process, we may subsequently use this email address to send newsletters, provided that we inform you about this in advance. In such a case, the newsletter will only contain direct advertising for similar goods or services. You can unsubscribe from this newsletter at any time. A corresponding link is included in every newsletter.
The legal basis for sending the newsletter in this case is Art. 6(1)(f) GDPR in conjunction with § 7(3) UWG (German Unfair Competition Act).
After you unsubscribe from the newsletter distribution list, your email address may be stored in a blacklist by us to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with legal requirements for sending newsletters (legitimate interest within the meaning of Art. 6(1)(f) GDPR). The storage in the blacklist is not time-limited. You can object to the storage if your interests outweigh our legitimate interest.
This website embeds videos from YouTube. The operator of YouTube is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
When you visit one of our web pages that includes a YouTube video, a connection to YouTube's servers is established. In this process, YouTube is informed about which of our pages you have visited.
Furthermore, YouTube may store various cookies on your device or use comparable recognition technologies (e.g., device fingerprinting). This allows YouTube to collect information about visitors to this website. This information is used, among other things, to compile video statistics, improve user experience, and prevent fraudulent activities. Additionally, the collected data is processed within the Google advertising network.
If you are logged into your YouTube account, YouTube can directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your YouTube account.
The use of YouTube is in the interest of presenting our online content in an appealing manner.
This constitutes a legitimate interest pursuant to Art. 6(1)(f) GDPR. If consent has been requested, processing is carried out exclusively based on Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.
For more information on how YouTube handles user data, please refer to YouTube’s privacy policy:
https://policies.google.com/privacy?hl=en.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that ensures compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to adhering to these data protection standards. More information can be found at:
https://www.dataprivacyframework.gov/participant/5780.
We have integrated OneDrive into this website. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland (hereinafter referred to as "OneDrive").
OneDrive allows us to embed an upload area on our website where you can upload content. When you upload content, it is stored on OneDrive's servers. Additionally, when you visit our website, a connection to OneDrive is established, enabling OneDrive to detect that you have visited our website.
The use of OneDrive is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in providing a reliable upload area on the website. If consent has been requested, processing is carried out exclusively based on Art. 6(1)(a) GDPR. Consent can be revoked at any time.
The company is certified under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that ensures compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to adhering to these data protection standards. More information can be found at:
https://www.dataprivacyframework.gov/participant/6474.
We have entered into a Data Processing Agreement (DPA) for the use of the aforementioned service. This is a legally required contract that ensures that the service provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.