We take the protection of your personal data very seriously. Therefore, we inform you below about all relevant questions regarding data protection on our platform. These privacy policies and any disputes concerning the execution, interpretation, and validity of this agreement are subject to the laws and jurisdiction, as well as the exclusive competence of the courts of the Federal Republic of Germany. In the event of a contradiction between the German version and a version in another language of these privacy policies, only the German version shall prevail.
The controller within the meaning of Art. 4, No. 7 of the General Data Protection Regulation ("GDPR") for the collection, processing, and use of your personal data is:
Markus Vogel Hersbruckerstr. 42 90480 Nuremberg
Via email: markus@vogelvlug.de
-hereinafter also referred to as "we" or "us"-
Personal data are all information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person (Art. 4, No. 1 GDPR).
By registering or authenticating, you enable us to identify you and give you access to specific services. For this purpose, we use services provided by third parties. This allows us to access some data stored by these third-party services for registration and identification purposes.
To learn more, please read the description of each service.
Google OAuth is a registration and authentication service provided by Google LLC or Google Ireland Limited, depending on how the data processing is managed by the owner, and is connected to the Google network.
For more information about the data processed through the use of Google OAuth, you can find in their privacy policy.
Location of processing: United States/Ireland – Privacy Policy
This type of service is designed to host data and files that enable our platform to operate and be distributed, as well as to provide a ready-made infrastructure to run specific functions or parts of our platform.
Some of the services listed below, if any, may operate over geographically distributed servers, making it difficult to determine the actual location where personal data are stored.
For our website, we use the web hosting provider STRATO. The service provider is the German company STRATO AG, Pascalstraße 10, 10587 Berlin, Germany.
For more information about the data processed through the use of Strato, you can find in their privacy policy.
Location of processing: Germany - Privacy Policy
For storing data in an organized database structure, we use the database system "Supabase" by Supabase, Inc., 970 Toa Payoh North #07-04, Singapore 318992. We use a self-hosted variant of Supabase, where no data is shared with third parties but remains exclusively on our server at STRATO.
For more information about the data processed through the use of Supabase, you can find in their Privacy Policy.
Location of processing: Germany
The OpenAI API, provided by OpenAI, L.L.C., is a service that helps us automate tasks through their artificial intelligence GPT.
For more information about the data processed through the use of OpenAI, you can find in their Privacy Policy.
Location of processing: United States – Privacy Policy.
The services included in this section enable us to generate analytics data about our platform to better understand user behavior on our platform and optimize the services for you. We use these data to tailor our website even better to your needs.
We use the web analytics tool plausible.io on our website. The service provider is the Estonian company Plausible Insights OÜ, Västriku tn 2, 50403, Tartu, Estonia. We use a self-hosted variant of Plausible, which means no user data is shared with third parties but remains exclusively available to us on our server at STRATO. We also collect user data exclusively in an anonymized form and do not use a tracking cookie.
Learn more about how Plausible processes data in their Privacy Policy.
Location of processing: Germany
This type of service allows you to view and interact with content hosted on external platforms directly from our pages. These pages may still collect data even if you do not actively use them.
YouTube is a service for the visualization of video content provided by Google LLC or Google Ireland Limited, depending on how the owner manages data processing, and it allows us to integrate such content on our pages.
For more information about the data processed through the use of the YouTube Video Widget, you can find in their Privacy Policy.
Location of processing: United States/Ireland – Privacy Policy
This type of service allows us to automatically retrieve and evaluate statistics about your social media content uploaded on external social media platforms. This enables us to make evaluations based on these statistics, create data visualizations, and give you tips on how you can optimize your social media content.
By authorizing us through the Google OAuth procedure, as described in the "Registration and Authentication" section, to access your YouTube channel, you allow us to use YouTube API services on behalf of your YouTube channel.
We use these YouTube API services for the purpose of creating evaluations, data visualizations, and tips for you. For this, we download channel and video metadata as well as statistics. These informations are updated, stored, displayed, and deleted in accordance with the section YouTube API Services - Developer Policies III.E.4.
For the purpose of providing our services, the above-mentioned information is shared with third parties listed in the "Hosting and Infrastructure" section.
You can revoke access to the above-mentioned information at any time via the Google security settings page.
For more information about the data processed through the use of the YouTube API Service, you can find in their Privacy Policy.
Location of processing: United States/Ireland – Privacy Policy
We process all payments through external payment service providers. We are not involved in the collection and processing of your data ourselves and do not have access to sensitive payment details or personal information such as credit card data. Instead, we receive only a notification from the payment service provider about whether the payment was successfully completed.
Paddle is a payment management service provided by Paddle.com Inc, Paddle.com Market Limited, or Paddle Payments Limited, depending on how the owner manages data processing, and it enables users to make online payments.
For more information about the data processed through the use of Paddle, you can find in their Privacy Policy.
Location of processing: United States/United Kingdom/Ireland – Privacy Policy
By filling out the contact form with your data, you authorize us to use these details to respond to requests for information, quotations, or any other kind of request.
Location of processing: Germany
By registering on the mailing list or for the newsletter, your email address is added to our contact list. This authorizes us to send you information of a commercial or promotional nature about our platform. Your email address might also be added to this list as a result of registering with us or after making a purchase. You can object to receiving emails of a commercial or promotional nature at any time without affecting your ability to use our services.
Location of processing: Germany
We process and use your data to perform the contract and provide our services, to improve and customize our services and websites, to provide updates and upgrades, to send you service-related notifications, and to issue invoices and collect payments.
Art. 6 I lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract, the processing is based on Art. 6 I lit. b GDPR. The same applies to processing operations that are necessary for carrying out pre-contractual measures, such as in cases of inquiries about our products or services. If we are subject to a legal obligation by which processing of personal data becomes necessary, such as for the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c GDPR. Finally, processing operations could be based on Art. 6 I lit. f GDPR. This legal basis covers processing operations that are not covered by any of the aforementioned legal bases if the processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, unless the interests, fundamental rights, and freedoms of the data subject prevail. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. A legitimate interest is usually assumed if the data subject is a client of the controller.
If the processing of personal data is based on Article 6 I lit. f GDPR, our legitimate interest is the conduct of our business activities. This includes data analysis to improve our products and services, as well as fulfilling legal obligations, as far as the processing does not fall under Art. 6 I lit. c GDPR.
European users must be aware that by using our platform, some personal data they provide may be transferred to and processed by third parties in countries outside the European Union. This transfer is in accordance with the European Commission's Decision 2010/87/EU, which provides "Standard Contractual Clauses" for the transfer of data to data processors outside the European territory. This guarantees users that their data will be processed in a manner that meets the protection standards set within the European Union.
We take appropriate security measures to prevent unauthorized access, disclosure, alteration, or unauthorized destruction of data. The data processing is carried out using computers and/or IT-enabled tools, following organizational procedures and modes strictly related to the purposes mentioned. In addition to the owner, in some cases, certain types of responsible persons involved in the operation of our platform (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed by the owner, if necessary, as data processors, may have access to the data.
Cookies are small files that allow storing specific device-related information on the user's access device (PC, smartphone, etc.). They serve to make websites more user-friendly and thus benefit the users (e.g., storing login details). On the other hand, they can be used to collect statistical data on website usage and analyze it for the purpose of improving the offer. We do not use such tracking cookies and use cookies exclusively for technically necessary purposes. You can generally prevent the use of cookies since most browsers have an option that restricts the setting and saving of cookies or completely prevents it. However, we point out that the use and especially the comfort of use of our offer may be limited without cookies.
Unless otherwise specified, personal data will be processed and stored as long as necessary for the purposes for which they were collected, and may be retained longer due to legal obligations or based on user consent.
Personal data collected for purposes related to the performance of a contract between the owner and the user shall be retained until the complete performance of that contract. Personal data collected for the purposes of the owner's legitimate interests shall be retained as long as necessary to fulfill these purposes. Users may find specific information regarding the legitimate interests pursued by the owner in the relevant sections of this document or by contacting the owner. The owner may be allowed to retain personal data for a longer period whenever the user has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the owner may be obliged to retain personal data for a longer period whenever required to fulfill a legal obligation or upon order of an authority.
Once the retention period expires, personal data shall be deleted. Therefore, the right of access, the right to deletion, the right to correction, and the right to data portability cannot be enforced after the expiration of the retention period.
You have the right to obtain from us, at any time, information about your personal data stored, and a copy of this information at no cost.
You have the right to demand immediate rectification of inaccurate personal data concerning you. Furthermore, considering the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
You have the right to obtain the erasure of personal data concerning you without undue delay where one of the following grounds applies and processing is not necessary:
The personal data have been collected or otherwise processed for such purposes for which they are no longer necessary. You withdraw consent on which the processing is based, and there is no other legal ground for the processing. You object to the processing pursuant to Article 21(1) GDPR, and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) GDPR. The personal data have been unlawfully processed. The erasure of personal data is necessary for compliance with a legal obligation under Union or Member State law to which we are subject. The personal data have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.
You have the right to obtain restriction of processing where one of the following applies:
The accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data. The processing is unlawful, you oppose the erasure of the personal data and request instead the restriction of their use. We no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise, or defense of legal claims. You have objected to processing pursuant to Article 21(1) GDPR pending the verification whether the legitimate grounds of our side override yours.
You have the right to object, on grounds relating to your particular situation, at any time, to processing of personal data concerning you, which is based on Article 6(1) letters e or f GDPR.
We shall no longer process the personal data in the event of the objection unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims.
You have the right to object at any time to processing of personal data concerning you for direct marketing purposes.
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. You also have the right to transmit those data to another controller without hindrance from us, where the processing is based on consent pursuant to Article 6(1) letter a GDPR or Article 9(2) letter a GDPR, or on a contract pursuant to Article 6(1) letter b GDPR, and the processing is carried out by automated means, as long as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
Moreover, in exercising your right to data portability pursuant to Article 20(1) GDPR, you have the right to have personal data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.
You have the right to withdraw consent to the processing of personal data at any time.
You have the right to lodge a complaint with a supervisory authority in the Member State of your residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.