Information on data protection and the way your data is handled
The purpose of this information is to explain to you how your data is handled when you visit our website www.galerieraphael.com. We take the protection of your data very seriously and keep your data confidential under the terms of the statutory data protection regulations and this privacy notice.
Responsible for processing your data (website operator)
Owner: Raphael Petrov e. K.
60311 Frankfurt am Main
Tel.: +49 (0)69 29 13 38
Data collection on our website
One way that your data is collected is when you pass it on to us. In this context we can, for example, be talking about personal data (such as your name, address and e-mail address). Other data is gathered automatically by IT systems when you visit our websites. This is mainly technical data (such as the Internet browser you are using, your operating system and the time when you accessed the website). This data is recorded automatically as soon as you access our website.
When you visit our website
When you access the website www.galerieraphael.com the provider of these websites (ALL-INKL.COM | Hauptstraße 68 | D-02742 Friedersdorf) automatically communicates information to us in something known as a server log, which your browser in turn passes on to us automatically.
The data collected by the provider is comprised of:
• Internet browser: type, version and functionality
• operating system used and terminal device; screen resolution
• referrer URL (in the case of linking via another website)
• host name of the accessing computer
• date and time of the server inquiry
• user’s IP address
• quantity of data transmitted in bytes
The collection of this data serves to:
• provide the visitor’s computer with access to the abovementioned websites
• guarantee and optimize the websites’ functionality
• guarantee the safety of the IT infrastructure
The data stored will be permanently deleted by our provider after 14 days. If for any reason the data happens to be stored for more than 14 days any personal information such as the IP address will be made unrecognizable or deleted. This means that the relevant data cannot be traced back to you. Such scenarios may occur if security issues or unexpected technical problems arise.
The abovementioned data is collected in accordance with Art. 6 para. 1 p. 1 lit. f of GDPR on the basis of our legitimate interest in the safe and correct operation of our IT infrastructure, in combating misuse, prosecuting criminal offenses and in safeguarding, asserting and implementing claims.
On our site, we offer you the opportunity to contact us by e-mail. In this case, the information provided by the user will be stored for the purpose of processing his contact. A passing on to third does not take place. A comparison of the data collected with data, which may be collected by other components of our site, is also not.
If you would like to subscribe to the free newsletter on offer on our website we need you to provide us with an e-mail address (mandatory field marked with an *). You can also input your given name and/or surname if you so desire, thus allowing us to personalize your newsletter. In other words, we can then greet you with the name you have input. In order to make sure that you are happy for us to send you the newsletter, you will initially receive a confirmation e-mail, sent to the e-mail address you have supplied. No further data will be collected. We use the abovementioned data solely in order to send you the requested information and will not pass on your details to third parties. The only exception to this is our partner rapidmail GmbH, which sends the e-mail to you. The information on data protection issued by this service provider is available at https://www.rapidmail.de/datensicherheit.
The data you provide on the registration form for the newsletter is processed solely on the basis of your consent in accordance with Art. 6 para. 1 p. 1 lit. a of GDPR. This consent to have the newsletter sent to you can be revoked by you at any time, either by sending an e-mail to our abovenamed address or by clicking directly onto the unsubscribe link on any issue of our newsletter. This revocation shall not affect the legitimacy of any data that has already been processed.
Your data, which we have on file in order for us to be able to send you the newsletter, will be stored by us until you unsubscribe from it and will be deleted after you cancel your order. Any data stored by us for other purposes (e.g., your address for sending out invitations via mail) shall not be affected by this unless you request the data be deleted.
Our website sometimes uses something known as cookies. Cookies will not damage your computer and do not contain viruses. The purpose of cookies is to make what we offer you more user-friendly, more effective and safer. They are small text files which are placed on your computer and stored by your browser. By their nature, cookies cannot identify you as a person.
You can set your browser so that it informs you about any cookies that have been placed on your computer, so that it only allows the process in individual cases and so that it blocks cookies in certain situations or generally. You can also set it to automatically delete cookies when you close the browser. The functionality of our website can be restricted if you deactivate cookies.
Cookies required for certain electronic communication procedures or for providing certain functions that you require (e.g., newsletter registration) are stored under the terms of Art. 6 para. 1 p. 1 lit. f of GDPR. The website operator has a legitimate interest in storing cookies so that the services offered are free of technical errors and provided in the best-possible way.
Passing on data
Apart from the abovementioned instances we will only pass on your data if:
• it is necessary to pass it on in accordance with Art. 6 para. 1 p. 1 lit. f of GDPR in order to assert, execute or defend legal claims and there is no reason to suppose that you have an overriding and legitimate interest in your data not being passed on;
• a legal requirement exists in accordance with Art. 6 para. 1 p. 1 lit. c of GDPR or if passing on the data is legally permissible and necessary for entering into a contractual relationship with you in accordance with Art. 6 para. 1 p. 1 lit. b of GDPR. Data shall not be passed on to third parties for anything other than the abovementioned purposes.
Rights of the affected party
You have the right
• in accordance with Art. 15 of GDPR to demand information about any personal data of yours that is processed by us. In particular, you can demand information about the reasons why we process your data, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage duration, the existence of a right to correction, deletion, the restriction of processing or to object to this, the existence of a right to complain, the provenance of any data not collected by us and about the existence of an automated decision-making process including profiling and, if appropriate, meaningful information about the details of the latter;
• in accordance with Art. 16 of GDPR to demand the immediate correction of any incorrect data or its completion;
• in accordance with Art. 17 of GDPR to demand that any of your personal data that we have on file be deleted unless we require its processing in order to exercise our right to free speech and information, to fulfill a legal obligation, for reasons of public interest or the assertion, exercise or defense of legal claims;
• in accordance with Art. 18 of GDPR to demand restrictions to the processing of your personal data if you contest the correctness of said data, if its processing is unlawful but you refuse to have it deleted and we no longer require the data although you need it in order to assert, exercise or defend legal claims or you have objected to its processing in accordance with Art. 21 of GDPR;
• in accordance with Art. 20 of GDPR to demand to receive the personal data that you have provided to us in a structured and prevalent format that can be read by a machine or to have it transferred to another responsible party;
• in accordance with Art. 7 para. 3 of GDPR to revoke the consent you have provided to us at any time. All you need to do is tell us this informally by sending us an e-mail (email@example.com). The legality of any data processing that had already taken place before you revoked your consent shall not be affected by this revocation.
Insofar as your personal data has been processed on the basis of legitimate interests in accordance with Art. 6 para. 1 p. 1 lit. f of GDPR you have the right, in accordance with Art. 21 of GDPR, to object to your personal data being processed if the reasons for this exist as a result of special circumstances or the objection is directed against direct mail. All you need to do is tell us this informally by sending us an e-mail (firstname.lastname@example.org). In the latter case you have a general right to object and this will be implemented without you having to refer to special circumstances.
You also have the option of passing on any complaints you might have to a supervisory authority for data protection. The supervisory authority for data protection that is responsible for us is:
Der Hessische Datenschutzbeauftragte (The State of Hessen’s Data Protection Officer)
PO Box 3163
Tel.: +49 611 1408 – 0
Fax: +49 611 1408 – 611
For reasons of security and in order to protect the transfer of confidential information such as any inquiries you may send us as a website operator, these websites use SSL encryption. You will recognize that a connection is encrypted when the browser’s address line changes from “http://” to “https://” and by the padlock symbol in your browser’s address line. When SSL encryption is activated, as a matter of principle the data that you send us cannot be read by third parties. However, we should point out that data transmission via the Internet may have security flaws. The complete protection of data from access by third parties is not possible.
Validity of and changes to this privacy statement
This privacy statement is valid as at August 2, 2018.
Since new technologies and the continual development of these websites can mean that changes may be made to this privacy statement, we recommend re-reading it at regular intervals. You can access the current version of it at any time at: https://www.galerieraphael.com/datenschutzerklaerung/