1. Purpose of this Privacy Policy
The protection of your personal data (hereinafter: “data”) is extremely important to us. Below, you will therefore find detailed information about the data we collect, how we subsequently process or use those data and what kind of precautions we have put in place to protect your data, both technically and organisationally.

2. Name and contact details of the controller / service provider
The controller under GDPR Article 4 (7) and service provider under the German Telemedia Act (TMG), section 13, is:
Thomas Dibelius
Friedensallee 26
22765 Hamburg, Germany
Phone: +49 (0)40 39 11 72
Fax: +49 (0)40 39 11 75

3. Internet use
If you wish to use our website simply to gain information, there is generally no need to disclose any of your personal data. In such a case we only collect and use data which are automatically transmitted to us by your web browser. Those data are temporarily saved to a log file, where they may permit identification. The following information is collected without your involvement and stored until its automatic erasure:

• Referrer (the previously visited website)
• Requested website or file
• Browser type and version
• Your operating system
• Your device type
• Time of access
• IP address in anonymised form (only used to determine the place of access)

To prevent any tracking of individual site visitors, the provider does not store any of their personal data. Data are identified either through a pixel or a log file. To protect your personal data, no cookies are used. Your data are used exclusively for the purpose of statistical evaluation and to optimise our website. We do not share data with third parties.

Your anonymised IP address is saved by us for 8 weeks and only for the aforementioned purposes, whereupon those data are erased. Any evaluation for statistical purposes takes place in anonymised form. Those data are not merged with other data sources. The legal basis for the temporary storage of data and the log files is GDPR Article 6 (1) point f. Our legitimate interest is derived from the purposes (above). Moreover, we do not use cookies when you visit our website.

b) Your use of our services and our use of your data to carry out your request:
Should you wish to use any of the services we offer, it is important that you should provide us with the personal data that are needed for this purpose. Those are the data which are required for the processing and handling of your specific request. Where appropriate, you can voluntarily add further details, marked by us as optional.

We process your data for the purpose of dealing with your request and providing you with the requested services. The legal basis of our data processing is GDPR Article 6 (1) point b, concerning the preparation and possible implementation of a contract. Otherwise the legal basis is GDPR Article 6 (1) point f. Our legitimate interest is to respond to and process your request, which can only be done by storing and using your data.

Your data are generally erased as soon as they are no longer needed for the purpose for which they were collected, i.e. after processing your request or once we have finished supplying the service you requested. Over and above this, your data are only stored to the extent that this is necessary for our compliance with legal duties. Examples include, in particular, retention requirements (e.g. under tax law, such as the German Tax Code, AO, section 147) under GDPR Article 6 (1) point c. Another example would be to assert, make or defend possible legal claims in connection with our services, within the applicable periods of limitation (e.g. under the German Civil Code, BGB, sections 195 ff.), or cases where you have given us your consent under GDPR Article 6 (1) point a and Article 7.

Privacy 2

4. Use of cookies
We do not use cookies on our website.

5. Data security
We have taken technical and organisational security precautions for any personal data which are present or have been collected on our website. Such precautions have been taken, in particular, against accidental or deliberate manipulation, loss, destruction and against attacks by unauthorised persons. Our security precautions are continually enhanced to reflect technological developments.

6. Right to complain to a supervisory authority
Irrespective of other administrative and judicial legal routes, you are entitled to lodge a complaint with a supervisory authority if you believe that our processing of your personal data has breached GDPR Article 77. You may exercise this right with a supervisory authority in the member state of your place of residence, your workplace or the venue where the data breach appears to have occurred. You will find the contact details of German supervisory authorities at