Privacy policy
From Marco Pagni, Wilhelm-Busch-Straße 12, 12043 Berlin
The protection of personal data is very important to me. Whether data is collected and for what purpose it is processed is explained in the following privacy policy. I comply with all applicable legal provisions on the protection of personal data and data security.
I. Name and contact details of the responsible person
The person responsible for the processing of personal data within the meaning of Art. 4 EU-GDPR:
Marco Pagni
Wilhelm-Busch-Straße 12
12043 Berlin, Germany
II. What data is collected?
Server logfiles
I collect data, so-called server log files, about each access to the server on which the https://pagni.dev/ website is located. These access data include, for example, the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
The legal basis for data processing is Art. 6 para. 1 lit. f) EU-GDPR.
Contact form
I provide a contact form to give you the opportunity to contact me electronically. The data entered in the input mask will be transmitted to me and stored. The e-mail address is required for this purpose. Any further information is voluntary.
The legal basis for data processing is Art. 6 para. 1 lit. a), Art. 6 para. 1 lit. b) and Art. 6 para. 1 lit. f) EU-GDPR.
III. For what purposes is the data used?
Personal data will only be collected, stored and processed to the extent necessary for the provision of the service, the execution of the contract or the response to the inquiry.
I process your personal data only in strict compliance with data protection regulations. In particular, corresponding data will only be processed if legally permitted.
In detail:
Server-Logfiles
The mentioned data will be processed by me in order to establish a connection to my website. The processing is necessary to ensure the security and stability of the system.
I use the protocol data only for statistical evaluations, for the purpose of the business operation, the security of the service and the optimization of the offer.
I reserve the right to subsequently check the log data if there are concrete indications of suspected illegal use of the service provided.
Contact form
The contact form allows you to contact me in a simple way. The collection of your e-mail address is essential in order to answer your request. If data, such as name, address or similar, is also processed, it is used to individualize the respective user and to respond as best as possible to his request and to prevent any misuse of the contact form.
IV. Will data be passed on to third parties and if so, which ones?
In principle, the data you transmit will not be made available to third parties. In individual cases, however, it may be necessary to pass on your personal data to companies that I entrust with the provision of individual services in order to implement the contract. The third parties are obliged on your part to comply with the legal regulations when handling and processing this data.
A transmission to authorities and state institutions entitled to receive information will only take place within the scope of the legal obligations to provide information and in the event of a binding court decision. In these cases we can provide the information, e.g. for the assertion, exercise and defence of legal claims, enforcement of existing contracts, in the context of allegations of fraud, security measures or generally legally valid regulations.
Personal data will not be passed on outside the scope described here without express consent.
Under no circumstances will we sell or rent personal data to third parties.
IV. How long will the data be stored?
Your data will be stored as long as it is necessary to fulfil the above mentioned purposes. As soon as this is no longer the case, e.g. after complete execution of the contract, you will be deleted or blocked if required by commercial or tax law. From the point in time at which legal storage obligations no longer stand in the way, the data will be deleted unless you have expressly consented to further use.
V. Your rights as an affected person
As a data subject affected by the processing of personal data, you are entitled to the rights listed below. These rights result from the provisions of the Basic Data Protection Regulation and are reproduced here in a partially simplified form.
Right to information
Pursuant to Art. 15 EU-GDPR, you have the right to request confirmation from me as to whether personal data concerning you will be processed. If this is the case, you have the right to be informed about this personal data and the information specified in Art. 15 para. 1 Hs. 2 EU-GDPR. This includes in particular the purpose of the processing, the categories of data processed, the recipients to whom data have been disclosed or will be disclosed, the planned duration of storage as far as possible or the criteria for the duration of storage.
Right to rectification
Pursuant to Art. 16 EU-GDPR, you have the right to demand that I immediately correct any incorrect personal data concerning you. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data - also by means of a supplementary declaration.
Right to cancellation
According to Art. 17 EU-GDPR, you have the right to demand that I delete personal data concerning you immediately. We are obliged to delete personal data immediately if one of the provisions of Art. 17 para. 1 EU-GDPR applies. These reasons include, for example, that the data is no longer necessary for the purposes for which you were collected or otherwise processed.
Right to limitation of processing
Pursuant to Art. 18 EU-GDPR, you have the right to demand that I restrict processing if one of the conditions set out in Art. 18 EU-GDPR applies. This includes, for example, that you dispute the accuracy of the personal data. Then we may only process the data to a limited extent as long as it takes to verify the accuracy of the personal data.
Right to data transferability
Pursuant to Art. 20 EU-GDPR, you have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format. You have the right to transfer this data to another data controller, i.e. another entity that processes the data, without obstruction, if the original processing was based on consent or was necessary for the execution of a contract.
Right of objection
According to Art. 21 EU-GDPR, you have the right to object to the processing of your personal data at any time if these data are processed on the basis of Art. 6 para. 1 lit. e) or f) EU-GDPR and if there are reasons arising from your personal situation. You may object to the processing of data for the purpose of direct marketing at any time. Personal data will then no longer be processed for this purpose. The right of objection can be exercised by an informal declaration. A written declaration or optionally an e-mail to the above contact address is sufficient.
Right to revoke the declaration of consent
According to Art. 7 para. 3 EU-GDPR, you have the right to revoke your consent to processing at any time. The lawfulness of the processing carried out on the basis of the consent up to the revocation is not affected. The right of withdrawal can be exercised by an informal declaration. A written declaration to the above contact address is sufficient.
Automated decision in individual cases including profiling
According to Art. 22 EU-GDPR, you have the right not to be subject to a decision based exclusively on automated processing - including profiling - which has legal effect on you or similarly significantly affects you. Art. 22 para. 1 EU-GDPR provides for exceptions to this, whereby Art. 22 para. 4 EU-GDPR in turn contains partial exceptions to withdrawal.
Right to complain to a supervisory authority
According to Art. 77 EU-GDPR you have the right, without prejudice to any other administrative or judicial remedy, to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or place of presumed infringement, if you are of the opinion that the processing of your personal data is in breach of this Regulation.
In this case, the competent supervisory authority is the competent authority:
Berlin Commissioner for Data Protection and Freedom of Information
Friedrich street 219 10969 Berlin Phone: 030/13 889-0 fax: 030/215-5050 E-mail: mailbox@datenschutz-berlin.de
http://www.datenschutz-berlin.de
VI. Third-party services
Access Logs
My hosting provider Netlify logs every access to one of my websites:
Netlify Inc. 2325 3rd Street, Suite 215 San Francisco, 94107 CA USA
Netlify Inc. stores your IP addresses for up to 30 days after visiting one of my websites. This data is used for networking analytics, and is not combined with any other identifying data. The basis for this data processing is article 6 (1) (f) of the GDPR. Netlify Inc. complies with GDPR, and I have signed a data processing agreement with them.
###Forms
Forms on my websites use Netlify Forms to collect and store data. Any data you submit will be stored by Netlify Inc., along with your IP address (for spam prevention) and a timestamp.
The data will be used to respond to your request as outlined on the website. The data is not used to track you and not shared with anyone else. The basis for this data processing is article 6 (1) (f) and article 6 (1) (a) of the GDPR. Netlify Inc. complies with GDPR, and I have signed a data processing agreement with them.
VII. Technical and organizational measures
I take technical and organisational measures to ensure that the security and protection requirements of the EU-GDPR are met and that the personal data is protected against loss, destruction, manipulation or access by unauthorised persons. The measures are always adapted to the current state of the art.
VIII. Changes to the Privacy Policy
I reserve the right to change this privacy policy at any time. I ask you to inform yourself regularly about the content of this privacy policy.
Status April 2019