Your privacy is important to us. By the following Privacy Policy we want to inform you about the type, purpose and extent of personal information/data (hereinafter together referred to as “Data“) we may collect from you. This includes Data we may collect through

• work or services we do for you/collaboration
• our website https://freelikemarie.com/ (hereinafter referred to as “Website”)
• external online media, such as our social media channels https://www.facebook.com/freelikemarie/, https://instagram.com/freelikemarie/,

all hereinafter together referred to as our “Online Offer“.

We collect and process your Data in compliance with current data protection regulations, especially the EU General Data Protection Regulation (GDPR; Germany: DSGVO) and ePrivacy.

Owner/Data Controller

Dr. Marion Müller
c/o Lamp
Dorfstr. 13
D-24238 Mucheln

Email address: [email protected]

Collection and Use of Data

We may collect, hold, use and disclose information for the following purposes, and your Data will not be further processed in a manner that is incompatible with these purposes:

• to enable you to access and use our Website, associated applications and associated social media platforms
• to make the Website user-friendly and enable you to customize or personalize your experience of our Website
• to monitor our servers and discern or analyze malfunctions
• to contact and communicate with you, or for you to contact us
• for internal record keeping and administrative purposes
• for security measures
• for contractual services and offers
• to create surveys and collect feedback from you in order to improve or customize our products and services
• to define interest groups in order to customize content and marketing to relevant target groups
• to run competitions and/or offer additional benefits to you
• to measure conversions and reach of our products and services
• for analytics, market research and business development, including to operate and improve our Website, associated applications and associated social media platforms
• to comply with our legal obligations and resolve any potential disputes.

Types of Data Collected/Processed

Log data

When you visit our Website, our servers may automatically log the standard data provided by your web browser. This may include your computer’s Internet Protocol (IP) address in anonymized form, your browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, and other details.

We use this log data without direct attribution to you and do not use it for profiling and statistic aims. The log data ensures the functioning, security and optimization of our Website. We also use it in order to anonymously log traffic and use of our Website and services.

Device data

We may also collect data about the device you’re using to access our Website. This data may include the device type, operating system, unique device identifiers, device settings, and geo-location data. What we collect can depend on the individual settings of your device and software. We recommend checking the policies of your device manufacturer or software provider to learn what information they make available to us.

Personal and contractual data

We may ask for personal, contact or contractual data necessary to communicate (e.g. offers, appointments), collaborate (e.g. contracts) or comply with regulations (e.g. taxation laws), such as

• name
• address/country
• email
• phone/mobile number
• social media profiles
• payment information (e.g. bank details, invoices, payment history)
• contract information (e.g. type of collaboration, customer category)

The log and usage data is collected automatically, whereas your Data is provided by you on a voluntary and active basis.

This Privacy Policy May Apply to

• Users of our Online Offer (e.g. Website, newsletters, social media profiles)
• Customers of our services and products
• Business partners (e.g. affiliates, other blog owners, partners from the travel industry)
• Interested parties
• Communication partners

Legal Bases for Processing

We will process your personal information lawfully, fairly and in a transparent manner. We collect and process information about you only where we have legal bases for doing so.

These legal bases depend on the services you use and how you use them, meaning we collect and use your information only where

• it’s necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract (e.g. when we provide a service like copywriting you request from us), legal basis: Article 6(1)(b) GDPR
• you give us consent to do so for a specific purpose (e.g. you might consent to us sending you our newsletter), legal basis: Article 6(1)(a) GDPR
• it satisfies a legitimate interest pursued by us or a third party (which is not overridden by your data protection interests or fundamental rights and freedoms), such as for research and development, to market and promote our services, and to protect our legal rights and interests, legal basis: Article 6(1)(f) GDPR.
• we may need to retain or process your Data to comply with a legal obligation or in order to protect your vital interests or the vital interests of another natural person, legal basis: Article 6(1)(c) GDPR
• the processing of Data is necessary to perform a task carried out in the public interest or in the exercise of official authority vested in us, legal basis: Article 6(1)(e) GDPR.

Where you actively consent to our use of Data for a specific purpose, you have the right to change your mind at any time (this will not affect any processing that has already taken place).

We don’t keep personal information for longer than is necessary. While we retain this information, we will protect it within commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use or modification. That said, we advise that no method of electronic transmission or storage is 100 % secure and therefore cannot guarantee absolute data security.

Location specific regulations

Regarding the legal bases for Data processing, we comply with GDPR. However, please note that additionally, national data protection regulations might apply, depending on where you are/where our company is based.

As we are a German sole proprietorship, we also comply with German data protection regulations. This includes the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG). It contains, amongst others, specific regulations regarding the right to the access or deletion of Data, the right to object to the processing of Data, the right to the processing of specific categories of Data, or the right to the processing of Data for other purposes.

Furthermore, data protection laws and regulations of the German Federal State of Schleswig-Holstein may apply.

Detailed Information on the Processing of Data

Your Data is collected and processed for the following purposes:

Providing the Online Offer, Webhosting

In order to provide you with a secure and efficient Online Offer, we use the services, including servers, of one or more hosting providers. The Data that is processed in this context contains all information necessary for the use of our Online Offer and for communication. This includes the IP address which is necessary in order to deliver our Online Offer to a browser, as well as all Data actively given by you within our Online Offer/on our Website.

The webhosting we use includes sending, receiving and storing emails. To this purpose, the email addresses of sender and receiver, the content of the emails and other information about the transmission, e.g. the respective providers, are processed. This Data can also be used to detect spam. Please note that in general, emails are not encrypted. They are encrypted while being transmitted, not, however, while being on the sending and receiving servers (unless end-to-end encryption is used). Therefore we cannot take any responsibility for the transmission of emails.

Our hosting provider collects so called server log files whenever the server is accessed. These may contain, amongst others, the URL and name of the accessed websites or files, date and time of access, amount of data transmitted, browser types, referrer URLs, or the operation system of the device or IP address.

The server log files are used for security reasons, e.g. to prevent server overload (also caused by DDoS attacks) or to keep the servers stable.

Data processed: content data (e.g. text, photos, videos), usage data (e.g. websites visited, time of use), meta data/communication data (e.g. device information, IP address).

This concerns: users of our Online Offer/Website

Purpose of processing: provide a secure and efficient Online Offer

Legal basis: legitimate interest, Article 6(1)(f) GDPR.

Services used:

All-Inkl: webhosting

Address: ALL-INKL.COM – Neue Medien Münnich, Inhaber: René Münnich, Hauptstraße 68, D-02742 Friedersdorf, Germany

Website: https://all-inkl.com/

Privacy Policy: https://all-inkl.com/datenschutzinformationen/

Website Optimization and Security

We use Cloudflare to make our Website faster and more secure.

As our Website contains a lot of large media files (e. g. images), fast loading times are key for a seamless user experience no matter from where in the world the Website is looked at.

We therefore use the services of Cloudflare, a so called Content Delivery Network (CDN). A CDN is a network of globally distributed servers that are connected via internet. The CDN copies a website and places it on such servers. As soon as visitors access the website, they will be automatically connected to a server that is near them. This reduces page loading time significantly.

Furthermore, we want to protect our Website from threats such as DDoS attacks, spam, misuse of bandwith or server resources, and others. Cloudflare offers security services which make our Website considerably less vulnerable to such attacks. To detect these threats, Cloudflare uses cookies in order to collect statistical access data, for example an IP address that is converted into a hash value. As the Data is pseudonymized, it is not possible to deduct a visitor’s name or personal data from it.

Please note that within the scope of using Cloudflare, Data is or may be transferred to the US.

Data processed: meta data/communication data (e.g. device information, IP address, system configuration, traffic information, referrer URL), usage data (e.g. times and frequency of access), operational metrics (e.g. server and network activity data, service availability metrics, cache rates, request volumes, IP threat assessments, failure rates)

This concerns: users of our Online Offer, customers, guest authors, freelancers hired by us, communication partners.

Purpose of processing: maintain the security and functionality of the CDN; improve the user experience through increased website speed and reduced latency; protection against DDoS attacks. Cloudflare uses cookies to ensure that an end device is trustworthy, which is essential for security functions.

Legal basis: legitimate interest, Article 6(1)(f) GDPR

Services used:

Cloudflare: CDN and Security

Address: Cloudflare, Inc. 101 Townsend St, San Francisco, CA 94107, USA

Website: https://www.cloudflare.com/

Privacy policy: https://www.cloudflare.com/privacypolicy/

Cloud Services

We use cloud services to store, exchange and administrate documents, emails, forms, photos, etc. If your Data is part of our communication or any other processes described in this privacy policy, they may be processed and stored on the servers of our cloud service providers. This may contain your contact and personal information, contractual data, process data, etc. The cloud service providers also process usage and meta data for security and optimization purposes.

Data processed: personal information (e.g. name, address), contact information (e.g. email, phone number), content (e.g. text, photos, videos), usage data (e.g. visited websites, times of access), meta data/communication data (e.g. device information, IP address).

This concerns: users of our Online Offer, customers, guest authors, freelancers hired by us, communication partners.

Purpose of processing: organizational processes.

Legal basis: consent, Article 6(1)(a) GDPR, contractual obligations and pre-contractual requests, Article 6(1)(b) GDPR, legitimate interest, Article 6(1)(f) GDPR

Services used:

All-Inkl: webhosting, email hosting, back-up storage

Address: ALL-INKL.COM – Neue Medien Münnich, Inhaber: René Münnich, Hauptstraße 68, D-02742 Friedersdorf, Germany

Website: https://all-inkl.com/

Privacy Policy: https://all-inkl.com/datenschutzinformationen/

Strato: back-up storage

Address: STRATO AG, Pascalstraße 10, 10587 Berlin, Germany

Website: https://www.strato.de

Privacy policy: https://www.strato.de/datenschutz/

Communication

Contact

When you contact us, e.g. via our contact form, email, phone or social media profiles, your Data will be processed for the purpose of answering or obliging to your requests. It is our legitimate interest to answer your requests. Some of these requests might be part of (pre-)contractual relations (e.g. about a cooperation or other ways of working together, such as quotes, invoices or information). Processing those serves the purpose of fulfilling our contractual obligations or answering pre-contractual requests.

If you request to exercise any rights you have as a user (see the section “Your Rights as a User” below), for example the right to the correction or deletion of your Data, we will ask you to identify yourself. This is to avoid that a third person tries to exercise these rights in your stead.

Data processed: personal information (e.g. name, address), contact data (e.g. email address, phone number), content (e.g. text, images, videos).

This concerns: users of our Online Offer, customers, business partners, communication partners.

Purpose of processing: answering contact requests, communication, fulfilling contractual obligations.

Legal basis: contractual obligations and pre-contractual requests, Article 6(1)(b) GDPR, legitimate interest, Article 6(1)(f) GDPR

Newsletter/Mailing List

When you register for our newsletter (hereinafter referred to as “Newsletter“), we will add your email address to our contact list. As a part of this list you may receive emails with informational, promotional or commercial content around free like marie!

In order to deliver these messages, we use the external platform MailerLite.

Please see the separate “Newsletter” section of this Privacy Policy below for detailed information.

Business Services

Beside products we may offer on our Website (e.g. digital products such as e-books etc.), we are also offering different possibilities to work together (e.g. copywriting, speechwriting and other services).

In this case, we will collect and process Data of our contractual and/or business partners (hereinafter referred to as “Business Partners“), for example customers or prospective buyers, within the frame of contractual or similar legal relations and all measures derived, e.g. information, negotiation, communication, requests, invoicing or service delivery.

We process this Data in order to fulfill our contractual obligations, to secure our rights or to administrate or organize the Data. We will only transfer the Data of our Business Partners to third parties when this is necessary for the above mentioned purposes or for compliance with legal obligations (e.g. compulsory periods of Data retention for fiscal matters), or when our Business Partners have given us consent. These third parties may include, amongst others, telecommunication services, cloud storage services, banks, payment service providers, tax accountants/authorities or legal advisors.

We will comply with the deletion of this Data as soon as retention or other legally binding periods are over. German tax authorities, for example, demand a mandatory retention period for business transactions (e.g. invoices) of 10 years. We will delete all Data that is not needed for such and similar legal purposes after an order is fulfilled.

Whenever we have to involve third parties as stated above in order to perform our services, the terms & conditions and privacy policies of those third parties apply.

Data processed: personal information (e.g. name, address), contact data (e.g. email, phone number), contractual data (e.g. conditions of the cooperation or service), payment data (e.g. invoices, bank details).

This concerns: users of our Online Offer, (prospective) customers of our online products, (prospective) customers of our services, Business Partners

Purpose of processing: communication, administration, contractual services

Legal basis: contractual obligations and pre-contractual requests, Article 6(1)(b) GDPR, legal obligations, Article 6(1)(c) GDPR, legitimate interest, Article 6(1)(f) GDPR

Blog and Other Publication Media

While our blog uses the comment section, we do not collect the email or IP addresses or names of users who comment on our blog posts. You can choose a nickname which will be collected, but this is completely optional. We do not use Gravatar or any other profile picture services.

However, we store the content of all comments on our blog. If users voluntarily choose to include contact or other personal data in their comments (e.g. clear names, email addresses, URLs), they automatically consent that this data will also be stored as part of the general storage. As we do not collect any Data and only store the comments for backup and archiving, there is no possibility later on to revoke the publishing of a comment.

Newsletter

Our Website provides a newsletter service in which we send regular messages, emails or other electronic notifications to you if you have subscribed to our Newsletter via the newsletter form or via email.

Our Newsletter may contain updates, information, offers or promotions.

In order to subscribe to our Newsletter, you need to provide your email address, so we can send the Newsletter to you. Your name and last name are optional information that serves to personalize the Newsletter.

The subscription is only possible if you consent to receiving those Newsletters and complete the double opt-in (after you have filled out the form, you will receive an email that requests your confirmation of the subscription. This ensures that no one can sign up in your name).

The Newsletter subscriptions are recorded in order to comply with GDPR and other legal regulations. For this purpose, we store the time of subscription/confirmation and your IP address, as it is our legitimate interest to prove that the subscription process is executed in accordance with current legal standards.

We distribute our Newsletter on the basis of consent or, if consent is not necessary, on the basis of our legitimate interest in direct marketing in accordance with current legal standards, e.g. when it is addressed to already existing customers.

You may unsubscribe from our Newsletter (opt-out) at any time by clicking the “unsubscribe” link in every Newsletter footer or writing an email to [email protected]. In order to be able to prove a former consent, we may store unsubscribed email addresses for up to 4 years. The processing of this Data is restricted to the purpose of a potential defense against any legal claims. You may request complete deletion at any time if you confirm that there has been a consent before.

It is our legitimate interest to ensure that the Newsletter is delivered securely and efficiently. For this purpose we use the email service provider MailerLite to deliver the Newsletter.

The emails distributed by MailerLite may use Google Fonts. If you consent to receiving our Newsletter, this also includes consent to the use of Google Fonts in the Newsletter. For details regarding Google Fonts, see the separate section “Google Fonts” below in this Privacy Policy.

Data processed: personal information (e.g. name, address), contact data (e.g. email address, phone number), meta data (e.g. device information, IP address), usage data (e.g. visited websites, time of access).

This concerns: users of our Online Offer, Newsletter subscribers, communication partners

Purpose of processing: direct marketing

Legal basis: consent, Article 6(1)(a) GDPR, legitimate interest, Article 6(1)(f) GDPR.

Services used:

MailerLite: GDPR compliant email service provider

Address: UAB “MailerLite”, J. Basanavičiaus 15, LT-03108 Vilnius, Lithuania

Website: https://www.mailerlite.com/

Privacy policy: https://www.mailerlite.com/legal/privacy-policy

Online Marketing

In order to optimize and personalize our Online Offer for you, we are processing Data for online marketing purposes. This includes presenting you commercial or other content based on your potential interest. Furthermore we may measure how effective this online marketing is in order to optimize it further. This is the sole purpose of our conversion measuring.

Cookies

We use so called “cookies” to collect information about you and your activity across our Website and to help improve your experience of https://freelikemarie.com.

What is a cookie?

A cookie is a small piece of data that our Website stores on your device when you visit, and accesses each time you visit, so we can understand how you use our site. It typically contains information about the Website itself, a unique identifier that allows the site to recognize your web browser when you return, additional data that serves the purpose of the cookie, and the lifespan of the cookie itself.

The cookie helps us serve you content based on preferences you have specified. Cookies are used to enable certain features (e.g. logging in, keeping shopping cart items), to track site usage (e.g. analytics), to store your user settings (e.g. time zone, notification preferences), and to personalize your content (e.g. advertising, language).

Cookies set by the website you are visiting are normally referred to as “first-party cookies”, and typically only track your activity on that particular site. Cookies set by other sites and companies (i.e. third parties) are called “third-party cookies”, and can be used to track you on other websites that use the same third-party service.

Types of cookies and how we use them

Essential cookies

Essential cookies are crucial to your experience of a website, enabling core features like user logins, account management, shopping carts and payment processing. We use essential cookies to enable certain functions on our website.

Performance cookies

Performance cookies are used in the tracking of how you use a website during your visit, without collecting personal information about you. Typically, this information is anonymous and aggregated with information tracked across all site users, to help companies understand visitor usage patterns, identify and diagnose problems or errors their users may encounter, and make better strategic decisions in improving their audience’s overall website experience. These cookies may be set by the website you’re visiting (first-party) or by third-party services. We use performance cookies on our site.

Functionality cookies

Functionality cookies are used in collecting information about your device and any settings you may configure on the website you’re visiting (like language and time zone settings). With this information, websites can provide you with customized, enhanced or optimized content and services. These cookies may be set by the website you’re visiting (first-party) or by third-party service. We use functionality cookies for selected features on our site.

Targeting/advertising cookies

Targeting/advertising cookies are used in determining what promotional content is more relevant and appropriate to you and your interests. Websites may use them to deliver targeted advertising or to limit the number of times you see an advertisement. This helps companies improve the effectiveness of their campaigns and the quality of content presented to you. These cookies may be set by the website you’re visiting (first-party) or by third-party services. Targeting/advertising cookies set by third-parties may be used to track you on other websites that use the same third-party service.

Third-party cookies on our Website

We may employ third-party companies and individuals on our websites – for example, analytics providers and content partners. We grant these third parties access to selected information to perform specific tasks on our behalf. They may also set third-party cookies in order to deliver the services they are providing. Third-party cookies can be used to track you on other websites that use the same third-party service. As we have no control over third-party cookies, they are not covered by free like marie!’s Privacy Policy.

Our third-party privacy promise

We review the privacy policies of all our third-party providers before enlisting their services to ensure their practices align with ours. We will never knowingly include third-party services that compromise or violate the privacy of our users.

How you can control or opt out of cookies

When you first visit our website, we give you the option to consent to the processing of your Data by means of cookies. This consent is the legal basis for the processing. Before you consent or if you do not consent, we only process essential cookies that cover our legitimate interest to provide and guarantee a functioning Website or to fulfill contractual obligations. If you have consented, you may opt-out of this consent at any time in our cookie settings:

As another option, if you do not wish to accept cookies from us, you can instruct your browser to refuse cookies from our website. Most browsers are configured to accept cookies by default, but you can update these settings to either refuse cookies altogether, or to notify you when a website is trying to set or update a cookie.

If you browse websites from multiple devices, you may need to update your settings on each individual device.

Although some cookies can be blocked with little impact on your experience of a website, blocking all cookies may mean you are unable to access certain features and content across the sites you visit.

You may also object to the use of cookies for interest based online marketing purposes on websites like https://youronlinechoices.com/ or http://optout.aboutads.info/?c=2&lang=EN. They allow to opt-out of each participating online marketing provider individually.

Data processed: usage data (e.g. visited websites, times of access), meta data/communication data (e.g. device information, IP addresses)

This concerns: users of our Online Offer

Legal basis: consent, Article 6(1)(a) GDPR, legitimate interest, Article 6(1)(f) GDPR.

Services used:

Google Analytics with anonymized IP address

Google Analytics is an online marketing and web analysis tool/service provided by Google Ireland Limited. It allows website owners to examine how their website is used (e.g. times of access, pages viewed, countries of origin of visitors) and use those insights to optimize their offer. Google itself may also use this Data in order to provide personalized marketing and advertisements based on those insights within its own network.

We use Google Analytics with the setting that your IP address is anonymized (via shortening) if you are living in the EU/EEA.

Address Europe: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

Address US: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Website: https://analytics.google.com/analytics/web/

Privacy policy: https://policies.google.com/privacy

Google LLC is a participant of the Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Social Media

We are present as free like marie! on several social media, e.g. Facebook or Instagram. The purpose of this presence is to offer further information about us and to interact with users of our Online Offer. On this Website, we link to these social media profiles (marked by the respective icon) without using the social plugins.

You must be aware that by using Facebook and other social media and by liking business/fan pages, your Data may be transferred and processed outside of the EU. This bears the risk of not being able to exercise your user rights. Furthermore, your Data may be processed for marketing and advertising purposes. Based on your behavior and interests, the social media networks might create user profiles in order to display personalized advertisements within or outside of the social networks. For this purpose, they may install cookies on your computer that store your usage and interests. If you are logged in as a user yourself (instead of viewing a public fan page from outside of the network, for example), additional Data may be stored.

The European Court has decided on 06/05/18 that Facebook and operators of a Facebook fan page are co-responsible for data privacy and data processing. The German Data Privacy Conference (Datenschutzkonferenz) postulated in a resolution one day later that a Facebook fan page operator must inform users about the processing of their Data. As it is impossible, for the time being, to access information about how Facebook processes this Data, an operator can only point at Facebook’s general privacy policy which you can find here and which also includes Instagram and Messenger: https://www.facebook.com/privacy/explanation

Thus, for any details about data processing or information about your rights as a user and how to exercise them, please read the respective privacy policy of the social networks.

Facebook has not yet disclosed how an operator of a fan page can receive a Data Processing Agreement from Facebook. As soon as this changes we will integrate it in this Privacy Policy. Meanwhile, an agreement about the joint processing of Data on Facebook fan pages is provided: https://www.facebook.com/legal/terms/page_controller_addendum

Data processed: personal information (e.g. name, address), contact information (e.g. email, phone number), content (e.g. text, photos, videos), usage data (e.g. visited websites, times of access), meta data/communication data (e.g. device information, IP address).

This concerns: users of our Online Offer

Purpose of processing: communication, (re-)marketing, tracking (e.g. profiling, cookies), measuring (e.g. reach, statistics).

Legal basis: legitimate interest, Article 6(1)(f) GDPR.

Services used:

Facebook

Address Europe: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

Address US: Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA

Website: https://www.facebook.com

Privacy policy: https://www.facebook.com/about/privacy

Facebook is a participant of the Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

Facebook settings where you can choose your ad preferences: https://www.facebook.com/settings?tab=ads

Agreement about the joint processing of Data on Facebook fan pages:  https://www.facebook.com/legal/terms/page_controller_addendum

Privacy information for Facebook fan pages: https://www.facebook.com/legal/terms/information_about_page_insights_data.

Instagram

Address: Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA

Website: https://www.instagram.com

Privacy policy: https://help.instagram.com/519522125107875 and https://help.instagram.com/402411646841720

Xing

Address: New Work SE, Dammtorstraße 30, 20354 Hamburg

Website: https://www.xing.com/

Privacy policy: https://privacy.xing.com/de/datenschutzerklaerung

Plugins and Other Embedded Third Party Functions/Content

In our Online Offer, we may embed plugins, functions and content that is hosted on servers of the respective providers (hereinafter referred to as “Third Party Providers“). This may contain videos, content, graphics, fonts, or other functionalities.

In order to display these functions or contents, the Third Party Providers process your IP address because it is needed in order to send the content to browsers, so that content can be displayed correctly. We make an effort to limit the use of such Third Party plugins and contents to those that only use your IP address for this purpose.

Data processed: usage data (e.g. visited websites, times of access), meta data/communication data (e.g. device information, IP address)

This concerns: users of our Online Offer

Purpose of processing: optimized user experience

Legal basis: legitimate interest, Article 6(1)(f) GDPR.

Services used:

Google Fonts

In order to display texts and fonts in a homogenous and appealing way, our Website uses external fonts, so called web fonts. They are provided by Google LLC. Google Fonts are integrated into our Website via server impression, usually of a server in the United States. This server receives Data, e.g. which of our Websites and pages you have visited or your IP address, that may be stored by Google. When you view our Website, those web fonts are being loaded into your browser cache in order to guarantee the best visual display of texts and fonts. In case your browser does not support this, your computer will use a standard font from your system. By installing add-ons like NoScript or Ghostery you can avoid that your browser loads the fonts from Google’s servers.

Data processed: usage data (e.g. websites visited, IP address), other data as specified in Google’s privacy policy

This concerns: users of our Online Offer

Purpose of processing: display the website texts and fonts coherently and appealingly

Legal basis: legitimate interest, Article 6(1)(f) GDPR

Address: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Website: https://google.com/

Privacy policy: https://www.google.com/policies/privacy; for a dedicated section “What does using the Google Fonts API mean for the privacy of my users?” see https://developers.google.com/fonts/faq?hl=de-DE&csw=1#what_does_using_the_google_fonts_api_mean_for_the_privacy_of_my_users

Google LLC is a participant of the Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Deletion of Data

We will delete your Data according to legal requirements as soon as you withdraw your consent or as consent is obsolete, for example if the intended purpose of the Data processing no longer exists.

If Data is not deleted because other legal regulations require a certain retention period (e.g. trade or taxation laws) or because their storage is obligatory for legal matters, its processing is limited to that purpose.

Your Rights as a User

As a user of our Online Offer, you may exercise certain rights regarding the processing of your Data (GDPR articles 15-18 and 21). You can direct any request to exercise these rights to the contact provided above. Requests will be free of charge and answered as soon as it is possible for us.

Your rights include the following:

Choice and consent: By providing your personal information to us, you consent to us collecting, holding, using and disclosing your personal information in accordance with this privacy policy. If you are under 16 years of age, you must have, and warrant to the extent permitted by law to us, that you have your parent or legal guardian’s permission to access and use the website and they (your parents or guardian) have consented to you providing us with your personal information. You do not have to provide personal information to us; however, if you do not, it may affect your use of this website or the products and/or services offered on or through it.

Information from third parties: If we receive personal information about you from a third party, we will protect it as set out in this Privacy Policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person’s consent to provide the personal information to us.

Objection to the processing of your Data: If your Data is being processed on a legal basis other than consent, you may object to the processing. If your Data is processed for direct marketing purposes, you may object to that processing at any time without justification. If your Data is processed for public interest, for our legitimate interests or when an official authority is vested in us, you may object to that processing by providing justification as to why your particular situation provides grounds for your objection.

Withdrawal of consent: You may withdraw your former consent to the processing of your Data at any time.

Access: In accordance with Article 15 GDPR you may request whether we are processing your Data, as well as request details of the personal information that we hold about you (e.g. purposes of processing, types of data processed, storage period), in written form to [email protected]. Exceptions to this right as stated in Section 34 BDSG (Bundesdatenschutzgesetz) apply. You may request a copy of the personal information we hold about you. Where possible, we will provide this information in CSV format or other easily readable machine format.

Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us at [email protected]. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading or out of date.

Restriction: You may choose to restrict the collection or use of your Data in the following cases:

• if you controvert the correctness of your Data, giving us due time to check their correctness
• if the processing is illegitimate and you refused the deletion of your Data and instead requested the restriction of the use of your Data
• if we no longer need your Data but you need it for exercising or defending legal claims
• if you have objected against the processing of your Data and there is no final decision yet whether our legal interests outweigh yours.

If you have previously agreed to us using your Data for direct marketing purposes, you may change your mind at any time by contacting us at [email protected]. If you ask us to restrict or limit how we process your Data, we will let you know how the restriction affects your use of our Website or products and services.

Deletion: You may request that we erase the Data we hold about you at any time.

Data portability: You have the right to receive your Data in a structured, easily machine readable format and to transfer it to another third party without any hindrance if

• the processing is based on consent in accordance with GDPR Article 6(1)(a)/Article 9(2)(a) or based on a contract in accordance with GDPR Article 6(1)(b)
• the Data is processed by automated means.

You may also request that we transfer your Data to a third party if it is technically feasible for us.

Notification of data breaches: We will comply with laws applicable to us in respect of any data breach.

Complaint: If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority in relation to your complaint, usually in the Member State of your main residence.

Unsubscribe: To unsubscribe from our email database or opt-out of communications (including marketing communications), please contact us at [email protected] or opt out using the opt-out facilities provided in the communication.

Security of Processing

We strive to ensure the safety of your Data in compliance with current data protection laws and within the scope of our technical possibilities.

In order to protect your Data that is being transferred in our Online Offer, we use Secure Socker Layer (SSL) encryption, recognizable by the https:// prefix in the URL of our Website. Please bear in mind that data transfer on the internet can never be one hundred percent safe.

We are doing our utmost to keep your Data safe by complying as extensively as possible with the Technical and Organizational Measures (Article 32 GDPR), which we continuously adapt to the technical state of the art. These measures include, for example, physical and electronical precautions to exclude third persons from accessing your or our own Data.

Please note that we do not guarantee that our Online Offer is available at all times, as we cannot rule out malfunction or technical breakdown.

We make every effort to establish a secure environment for our Online Offer. In spite of these efforts, please be aware that no information is completely secure on the internet. Therefore we kindly ask you to always take the necessary safeguards on your own devices and software.

When you visit our Website, your IP address is anonymized by shortening. This means that the last digits of your IP address are deleted, and thus your IP address cannot be tracked/you cannot be identified.

Transfer and Disclosure of Data to Third Parties

We are making every effort to use your Data only in our company. In order to provide some services of our Online Offer, however, we may disclose Data to:

• third party service providers for the purpose of enabling them to provide their services, including (without limitation) IT service providers, data storage, web-hosting and server providers, debt collectors, maintenance or problem-solving providers, marketing or advertising providers, professional advisors and payment systems operators
• our employees, contractors and/or related entities
• sponsors or promoters of any competition we run
• credit reporting agencies, courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have provided to you
• courts, tribunals, regulatory authorities and law enforcement officers, as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights
• third parties, including agents or sub-contractors, who assist us in providing information, products, services or direct marketing to you, and
• third parties to collect and process data.

If we do so, we make sure these third parties receive and process only the Data necessary to provide the respective service. We comply with legal standards and conclude contracts with the Data Processors (Data Processing Agreements (DPA)) that ensure the protection of your Data in compliance with GDPR.

 Transfer of Data to Third Countries

The personal information we collect is stored and processed where we or our partners, affiliates and third-party providers maintain facilities. By providing us with your Data, you consent to the disclosure to these overseas third parties.

We will ensure that any transfer of personal information from countries in the European Union (EU)/European Economic Area (EEA) to countries outside the EU/EEA will be protected by appropriate safeguards, for example by using standard data protection clauses approved by the European Commission, by transferring Data to processors in the US who are “Privacy-Shield”-certified, or by the use of binding corporate rules or other legally accepted means (for reference, please see the website of the European Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/rules-international-data-transfers).

Where we transfer personal information from a non-EU/EEA country to another country, you acknowledge that third parties in other jurisdictions may not be subject to similar data protection laws to the ones in our jurisdiction. There are risks if any such third party engages in any act or practice that would contravene the data privacy laws in our jurisdiction and this might mean that you will not be able to seek redress under our jurisdiction’s privacy laws.

Business Transfers

If we or our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, we would include Data among the assets transferred to any parties who acquire us. You acknowledge that such transfers may occur, and that any parties who acquire us may continue to use your Data according to this policy.

Limits of Our Privacy Policy

Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites, and cannot accept responsibility or liability for their respective privacy practices.

Changes to this Privacy Policy

We kindly ask you to regularly make yourself familiar with our Privacy Policy. At our discretion, we may change our Privacy Policy to reflect current acceptable practices, or to add privacy regulations for new services or products we may offer. We will take reasonable steps to let users know about changes via our website. Your continued use of this site after any changes to this policy will be regarded as acceptance of our practices around privacy and personal information.

If we make a significant change to this Privacy Policy, for example changing a lawful basis on which we process your Data, we will ask you to re-consent to the amended privacy policy.

free like marie! Data Protection Commissioner

free like marie! is a sole proprietorship (Einzelunternehmen). If you have any questions or concerns about privacy, kindly contact the Data Protection Commissioner (Datenschutzbeauftragter des Landes Schleswig-Holstein): https://www.datenschutzzentrum.de/ueber-uns/

This policy is effective as of May 23, 2018.

Last updated on April 30, 2020.