Privacy Policy

Kaiser Studios is pleased that you are visiting our website and interested in our company. We take the protection of your personal data seriously and want you to feel secure when visiting our website. You can generally browse our pages anonymously. If we intend to collect, process, or use personal data during your visit, we will inform you accordingly. Our online presence is designed in accordance with the applicable data protection regulations.

Controller

Kaiser Studios GbR
Katharina & Alexander Kaiser
Amselweg 2
83229 Aschau im Chiemgau, Germany
Phone: +49 (0)8052 9573900
Mobile: +49 (0)173 7535138
Email: info@kaiser-studios.com
Web: www.kaiser-studios.com

General Information

This policy provides an overview of what happens to your personal data when you visit our website. Personal data is any information that can identify you personally. Detailed information can be found in the sections below.

Data Collection on Our Website

Who is responsible? The website operator (controller) mentioned above.

How do we collect data? Some data is provided by you (e.g., via contact forms). Other data is collected automatically by our IT systems when you visit the site (e.g., browser, operating system, time of access).

What do we use your data for? Part of the data is used to ensure error-free provision of the website; other data may be used to analyze user behavior.

Your rights: You have the right to obtain information, rectification, erasure, restriction of processing, data portability, and to lodge a complaint with the competent supervisory authority.

Types of Data Processed

• Inventory data (e.g., names, addresses)
• Contact data (e.g., email, phone numbers)
• Content data (e.g., text entries, photographs, videos)
• Usage data (e.g., pages visited, access times)
• Meta/communication data (e.g., device information, IP addresses)

Categories of Data Subjects

Visitors and users of the online offering (“users”).

Definitions

“Personal data” means any information relating to an identified or identifiable natural person.
“Processing” means any operation performed on personal data, whether or not by automated means.
“Controller” means the person or entity that determines the purposes and means of the processing.

Legal Bases

Unless otherwise stated, we process data on the following bases under Art. 6(1) GDPR: (a) consent, (b) contract performance and pre-contractual steps, (c) legal obligation, (d) vital interests, (f) legitimate interests.

Analytics and Third-Party Tools

Your browsing behavior may be statistically evaluated when visiting this website, primarily with cookies and analytics tools. Analyses are usually anonymous. You can object to this analysis or prevent it by not using certain tools. Details are provided in this policy.

Transfers to Third Countries

If data is processed outside the EU/EEA, this occurs only for contract performance, based on consent, legal obligations, or our legitimate interests, and in accordance with Arts. 44 et seq. GDPR (e.g., recognized safeguards such as adequacy decisions or standard contractual clauses).

Data Subject Rights

You have the right to request confirmation whether data is processed and to obtain access (Art. 15 GDPR), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), and to lodge a complaint with a supervisory authority (Art. 77).

Withdrawal of Consent

You can withdraw consent at any time by email to us. The lawfulness of processing prior to withdrawal remains unaffected.

Right to Lodge a Complaint

You may lodge a complaint with the competent data protection authority. An overview of German authorities and contact details is available at bfdi.bund.de.

Right to Data Portability

Data we process automatically on the basis of consent or contract may be provided to you or a third party in a commonly used, machine-readable format. Direct transfer to another controller will be carried out where technically feasible.

Deletion of Data

We delete or restrict processing of personal data according to Arts. 17 and 18 GDPR once it is no longer necessary for its purpose and statutory retention duties do not require further storage. If not deleted for legal reasons, data is blocked and not processed for other purposes. Examples of statutory retention: Germany (6 years under Sec. 257 HGB, 10 years under Sec. 147 AO); Austria (7–22 years under Sec. 132 BAO).

SSL Encryption

We use SSL encryption for secure transmission of confidential data. With SSL enabled, data cannot be read by unauthorized parties during transfer.

Hosting

We use hosting services for infrastructure, platform services, computing power, storage, databases, security, and technical maintenance. Our hosting provider processes data on the basis of our legitimate interests (Art. 6(1)(f) GDPR) and a data processing agreement (Art. 28 GDPR).

Access Data and Log Files

Our hosting provider collects server log files (e.g., page accessed, file, date/time, data volume, status, browser/version, OS, referrer URL, IP, provider) on the basis of our legitimate interests (Art. 6(1)(f) GDPR). Log files are stored for security reasons for up to 7 days and then deleted (longer only for evidence in specific cases).

Server Log Files

The provider automatically collects and stores information sent by your browser: browser type/version, operating system, referrer URL, host name, time of server request, IP address. These data are not combined with other data sources. The legal basis is Art. 6(1)(f) GDPR.

Contacting Us

When contacting us (e.g., via form, email, phone, social media), we process the user’s details to handle the request (Art. 6(1)(b) GDPR). Requests are deleted when no longer necessary; statutory archiving periods apply.

Cookies / Google Analytics

Cookies: We use session and persistent cookies to make our website more user-friendly and to enable certain functions. You can configure your browser to inform you about cookies, accept them on a case-by-case basis, or generally reject them. Disabling cookies may limit functionality.

Google Analytics: This website uses Google Analytics (with IP anonymization). Further information: Google Privacy. You can opt out via the browser add-on: tools.google.com/dlpage/gaoptout.

IP Anonymization

We have activated IP anonymization. Within EU/EEA, Google shortens the IP address before transfer to the USA; only in exceptional cases is the full IP sent to the USA and shortened there. The IP transmitted by your browser is not merged with other Google data.

Browser Plugin

You can prevent storage of cookies through your browser settings. You can also prevent collection and processing of data by Google (incl. IP) by installing the browser plugin linked above.

Opt-Out from Analytics

You can prevent data collection by Google Analytics by setting an opt-out cookie (implementation depends on your CMP/website setup).

Mouseflow

This site uses Mouseflow (Mouseflow ApS, Denmark) to randomly record anonymized visits (mouse movements/clicks) for usability improvements. Opt-out: mouseflow.com/opt-out.

Google Web Fonts

For uniform display of fonts, this site uses Google Web Fonts. When you access a page, your browser loads the required web fonts to display texts correctly. If your browser does not support web fonts, a standard font will be used. More info: Google Fonts FAQ and Google Privacy.

Google Maps

This site uses Google Maps (API). Provider: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Use is in our legitimate interest in an attractive online presentation and easy location of places (Art. 6(1)(f) GDPR).

Jetpack (WordPress Stats)

We use the Jetpack plugin (Automattic Inc., USA) for statistical analysis based on our legitimate interests (Art. 6(1)(f) GDPR). Further information: Automattic Privacy and Jetpack Cookies.

Social Media Plugins

We use plugins for Facebook, Google+, Twitter, Pinterest, YouTube and Instagram. Please see the respective privacy policies:

• Facebook
• Google / YouTube
• Twitter
• Pinterest
• Instagram

Instagram

Our website may embed Instagram content (Instagram LLC, 1601 Willow Rd, Menlo Park, CA 94025, USA). When viewing such content, data (IP, browser data, date/time, cookies) may be transmitted to Instagram and associated with your account if you are logged in. Details: Instagram Help.