Privacy Policy

Controller

The controller within the meaning of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:

Dipl. Wirtsch.-Ing. Dirk Gamboa Tautkus
Tel.: +49 (0) 163 178 2455
Email: privacy@dirkgamboa.com

Short information in plain language

The following paragraph does not replace the legally required information but summarizes it in plain language. The legally binding texts are those that follow below.

Data processing without cookies

Our website does not use cookies that require user consent. This means we do not use analytics, tracking, or marketing cookies. We do not process personal data beyond what is technically necessary to operate the website.

  • We do not use analytics tools .
  • We do not integrate external services that set cookies (e.g. social media buttons, embedded videos, comment systems).
  • We do not use marketing or advertising cookies.
  • We only use technically necessary cookies that are essential for the basic functionality of the website (e.g. to store language settings or to ensure website security).

End of short information.

 

Your data subject rights

Using the contact details provided, you may exercise the following rights at any time under the EU General Data Protection Regulation (GDPR):

  • Access to your data stored by us and information about its processing (Art. 15 GDPR),
  • Correction of inaccurate personal data (Art. 16 GDPR),
  • Deletion of your data stored by us (Art. 17 GDPR),
  • Restriction of data processing if we are not yet permitted to delete your data due to legal obligations (Art. 18 GDPR),
  • Objection to the processing of your data by us (Art. 21 GDPR), and
  • Data portability if you have consented to data processing or concluded a contract with us (Art. 20 GDPR).

If you have given us consent, you may revoke it at any time with effect for the future.

You may file a complaint with a supervisory authority at any time — for example, with the authority responsible for your place of residence or the competent authority for us as the controller.

A list of supervisory authorities (for the non-public sector) with contact details can be found at:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Processing activities

Collection of general information when visiting our website

Type and purpose of processing

When you access our website, meaning without registration or otherwise transmitting information, information of a general nature is automatically collected. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your internet service provider, your IP address, and similar data.

It is processed for the following purposes:

  • Ensuring a smooth connection to the website
  • Ensuring smooth use of the website
  • Ensuring and evaluating system security and stability, in particular to detect misuse
  • Technical error-free presentation and optimization of the website

We do not use your data to identify you personally. However, we reserve the right to review the server log files retrospectively if there are concrete indications of unlawful use.

Legal basis and legitimate interest

Processing is carried out in accordance with Art. 6 (1) (f) GDPR based on our legitimate interest in improving the stability and functionality of our website and ensuring system security and misuse detection.

Recipients

Recipients of the data may be technical service providers acting as processors for the operation and maintenance of our website.

Storage period

Data in server log files that could enable identification of the data subjects are stored for a maximum of 7 days unless a security-relevant incident occurs (e.g. a DDoS attack).

In such cases, the server log files are stored until the security-relevant incident is resolved and fully clarified.

Third-country transfer

Collected data may be transferred to the following third countries:

DreamHost Inc., PMB #257, 417 Associated Rd., Brea, CA 92821, USA
Customer Data Processing Addendum (DPA) with Standard Contractual Clauses (SCC)

The following data protection safeguards are in place:

EU Standard Contractual Clauses (SCC)

Provision prescribed or required

Providing the above personal data is neither legally nor contractually required. However, without the IP address, the service and functionality of our website cannot be guaranteed. In addition, certain services may be unavailable or limited.

Objection

Please refer to the information about your right to object under Art. 21 GDPR below.

Audience measurement

Type and purpose of processing

Audience measurement serves to analyze visitor flows on our online offering and may include behavioral, interest-based, or demographic information about visitors, such as age or gender, as pseudonymous values. Using reach analysis, we can understand, for instance, when our online offering or its functions are most frequently used or invite reuse. We can also see which areas require adaptation.

You can find which tools we use for audience measurement below.

Legal basis

Processing is carried out in accordance with Art. 6 (1) (f) GDPR based on our legitimate interest. Measuring reach and the resulting insights help tailor our web offering appropriately.

Recipients

We use technical service providers for operation and maintenance of our website who act as our processors.

Storage period

Information about storage periods can be found in the details below regarding the tools used.

Third-country transfer

Collected data may be transferred to the following third countries:

DreamHost Inc., PMB #257, 417 Associated Rd., Brea, CA 92821, USA
Customer Data Processing Addendum (DPA) with Standard Contractual Clauses (SCC)

The following data protection safeguards are in place:

EU Standard Contractual Clauses (SCC)

Provision prescribed or required

The provision of data is neither legally nor contractually required.

Objection

Please refer to the information about your right to object under Art. 21 GDPR below.

Tools used for audience measurement

Information about your right to object under Art. 21 GDPR

Right to object on a case-by-case basis

You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you that is carried out pursuant to Art. 6 (1) (f) GDPR (data processing based on a balancing of interests). This also applies to profiling based on this provision under Art. 4 No. 4 GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.

Recipient of an objection

Dipl. Wirtsch.-Ing. Dirk Gamboa Tautkus
Tel.: +49 (0) 163 178 2455
Email: privacy@dirkgamboa.com

Changes to our privacy policy

We reserve the right to adapt this privacy policy to ensure that it always complies with current legal requirements or to reflect changes to our services, e.g. when introducing new services. The new privacy policy applies to your next visit.

Questions about data protection

If you have any questions about data protection, please send us an email to the controller listed above.

Copyright notice

This privacy notice was created with the help of activeMind AG – experts for external data protection officers (Version #2024-10-25).

Last Updated: 2025-12-06