top of page

DATA PROTECTION - Berghof Almzeit

1) Introduction and contact details of the responsible party

1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about the handling of your personal data when using our website. Personal data is any data that can be used to personally identify you.

1.2 The data controller for this website within the meaning of the General Data Protection Regulation (GDPR) is sandcastle-factory GbR, Sandgasse 7, 63303 Dreieich, Germany, Tel.: +49 151 52639509, Email: info@berghof-almzeit.de. The data controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

2) Data collection when visiting our website

2.1 When you simply browse our website for informational purposes, meaning you do not register or otherwise provide us with information, we only collect data that your browser transmits to the website server (so-called "server log files"). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:

  • The website you visited

  • Date and time of access

  • Amount of data sent in bytes

  • Source/referrer from which you accessed the page

  • Browser used

  • Operating system used

  • IP address used (possibly anonymized)

This processing is carried out in accordance with Article 6 Paragraph 1 Letter f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be shared or used for any other purpose. However, we reserve the right to subsequently review the server log files should there be concrete indications of unlawful use. 2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the data controller). You can recognize an encrypted connection by the "https://" prefix and the padlock symbol in your browser's address bar.

3) Hosting & Content-Delivery-Network

3.1 Wix

We use the following provider's system to host our website and display its content: Wix HQ, 6350671, Nemal Tel Aviv St 40, Tel Aviv-Yafo, Israel Data is also transferred to: Wix Inc., 500 Terry A. Francois Boulevard, San Francisco, California 94158, USA All data collected on our website is processed on the provider's servers. We have entered into a data processing agreement with the provider, which ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties. An adequate level of data protection is guaranteed for data transfers to the provider's location by an adequacy decision of the European Commission. For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which, based on an adequacy decision by the European Commission, ensures compliance with European data protection standards. 3.2 Google Cloud CDN We use a Content Delivery Network (CDN) from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. This service allows us to deliver large media files, such as graphics, page content, or scripts, more quickly via a network of regionally distributed servers. This processing is carried out to protect our legitimate interest in improving the stability and functionality of our website, in accordance with Article 6(1)(f) GDPR. Data may also be transferred to: Google LLC, USA We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties. For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which, based on an adequacy decision by the European Commission, ensures compliance with the European level of data protection.

4) Cookies

To make your visit to our website more enjoyable and to enable the use of certain features, we use cookies, which are small text files that are stored on your device. Some of these cookies are automatically deleted after you close your browser (so-called "session cookies"), while others remain on your device for a longer period and allow us to save your website settings (so-called "persistent cookies"). In the latter case, you can find information about the storage duration in your web browser's cookie settings. If any of the cookies we use process personal data, this processing is carried out in accordance with Article 6(1)(b) GDPR for the performance of a contract, in accordance with Article 6(1)(a) GDPR if you have given your consent, or in accordance with Article 6(1)(f) GDPR to protect our legitimate interests in ensuring the best possible website functionality and a user-friendly and effective website experience. If any of the cookies we use process personal data, this processing is carried out in accordance with Article 6(1)(b) GDPR for the performance of a contract, in accordance with Article 6(1)(a) GDPR if you have given your consent, or in accordance with Article 6(1)(f) GDPR to protect our legitimate interests in ensuring the best possible website functionality and a user-friendly and effective website experience. ... You can configure your browser to notify you when cookies are being set, allowing you to decide whether to accept them individually, or to block cookies in certain cases or entirely. Please note that if you do not accept cookies, the functionality of our website may be limited.

5) Contact us

This website uses the live chat system of the following provider: Wix HQ, 6350671, Nemal Tel Aviv St 40, Tel Aviv-Yafo, Israel The processing of personal data transmitted via chat is carried out either in accordance with Article 6(1)(b) GDPR, because it is necessary for initiating or fulfilling a contract, or in accordance with Article 6(1)(f) GDPR based on our legitimate interest in effectively supporting our website visitors. Your data transmitted in this way will be deleted, subject to any conflicting statutory retention periods, once the matter in question has been fully resolved. In addition, further information may be collected and analyzed using cookies for the purpose of creating pseudonymized user profiles. However, this information is not used to personally identify you and is not combined with other data sets. If this information relates to a specific individual, it will be processed in accordance with Article 6(1)(f) GDPR based on our legitimate interest in the statistical analysis of user behavior for optimization purposes. You can prevent cookies from being set by adjusting your browser settings. However, this may limit the functionality of our website. You can object to the collection and storage of your data for the purpose of creating a pseudonymized user profile at any time with effect for the future. Data will also be transferred to: Wix Inc., 500 Terry A. Francois Boulevard, San Francisco, California 94158, USA

We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties. For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which, based on an adequacy decision by the European Commission, ensures compliance with the European level of data protection. An adequate level of data protection is guaranteed by an adequacy decision of the European Commission when data is transferred to the provider's location. 5.2 When you contact us (e.g., via contact form or email), personal data is collected. The specific data collected when using a contact form is indicated on the respective form. This data is stored and used exclusively for the purpose of responding to your inquiry, contacting you, and for the associated technical administration. The legal basis for processing this data is our legitimate interest in responding to your inquiry pursuant to Art. 6 para. 1 lit. f GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after your request has been fully processed. This is the case when it can be inferred from the circumstances that the matter in question has been conclusively resolved and provided that no statutory retention obligations exist.

6) Use of customer data for direct marketing

Email Newsletter for Existing Customers If you provided us with your email address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services from our product range via email. According to Section 7 Paragraph 3 of the German Unfair Competition Act (UWG), we do not need to obtain your separate consent for this. Data processing in this respect is based solely on our legitimate interest in personalized direct marketing pursuant to Article 6 Paragraph 1 Letter f of the GDPR. If you initially objected to the use of your email address for this purpose, we will not send you any emails. You have the right to object to the use of your email address for the aforementioned advertising purpose at any time with effect for the future by sending a message to the data controller named at the beginning of this document. You will only incur transmission costs at the basic rates for this. Upon receipt of your objection, the use of your email address for advertising purposes will be discontinued immediately.

7) Rights of the person concerned

7.1 The applicable data protection law grants you the following rights as a data subject (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the legal basis stated for the respective conditions for exercising these rights:​

  • Right of access pursuant to Article 15 GDPR;

  • Right to rectification pursuant to Article 16 GDPR;

  • Right to erasure pursuant to Article 17 GDPR;

  • Right to restriction of processing pursuant to Article 18 GDPR;

  • Right to be informed pursuant to Article 19 GDPR;

  • Right to data portability pursuant to Article 20 GDPR;

  • Right to withdraw consent pursuant to Article 7(3) GDPR;

  • Right to lodge a complaint pursuant to Article 77 GDPR.

7.2 Right to Object

If we process your personal data based on our overriding legitimate interest, you have the right to object to this processing at any time, on grounds relating to your particular situation, with effect for the future. If you exercise your right to object, we will cease processing the data in question. Further processing will only be permitted if we can demonstrate compelling legitimate grounds for the processing which override your interests, fundamental rights and freedoms, or if the processing serves the establishment, exercise or defense of legal claims. If we process your personal data for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing. You can exercise your right to object as described above. If we process your personal data for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing. If you exercise your right to object, we will cease processing the data in question for direct marketing purposes.

8) Duration of storage of personal data

The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing, and – where applicable – by the respective statutory retention period (e.g., commercial and tax law retention periods). When processing personal data based on explicit consent pursuant to Art. 6 para. 1 lit. a GDPR, the data in question will be stored until you withdraw your consent. If statutory retention periods exist for data processed in connection with contractual or quasi-contractual obligations based on Art. 6 para. 1 lit. b GDPR, this data will be routinely deleted after the retention periods have expired, unless it is still required for the performance of a contract or for taking steps prior to entering into a contract and/or we have a legitimate interest in its continued storage. When processing personal data based on Article 6(1)(f) GDPR, this data will be stored until you exercise your right to object pursuant to Article 21(1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims. When processing personal data for direct marketing purposes based on Article 6(1)(f) GDPR, this data will be stored until you exercise your right to object pursuant to Article 21(2) GDPR. Unless otherwise specified in this privacy policy regarding specific processing situations, stored personal data will be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

legal notice     data protection     general conditions

bottom of page