Privacy Policy

1) Controller

Controller within the meaning of the General Data Protection Regulation (GDPR) is:

Stephan Wühr
Ruhmannsdorf 9
94267 Prackenbach
Germany
Email: [email protected]

2) General information

This Privacy Policy explains how we process personal data when you visit and use this website. “Personal data” means any information relating to an identified or identifiable natural person.

If you have questions about data protection on this website, please contact us at the email address above.

3) Data processing when visiting the website (server log files)

When you access this website, technical data is processed automatically, in particular:

IP address (or shortened IP, depending on configuration),

date and time of access,

accessed page / file,

referrer URL,

browser type/version and operating system.

Purpose: ensuring security and stability, troubleshooting, preventing misuse.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest).
Retention: server logs are stored only as long as necessary for security and troubleshooting and are then deleted or anonymised, unless longer storage is required for evidence in security incidents.

4) Contacting us (email / contact form)

If you contact us by email or via a contact form, we process the data you provide (e.g., name, email address, message, and any other information you submit).

Purpose: handling your request and communicating with you.
Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures / communication about requested services) and/or Art. 6(1)(f) GDPR (legitimate interest in responding).
Retention: we keep the communication as long as necessary to handle your request and possible follow-up, and then delete it unless statutory retention obligations apply.

5) Notice board / listings (information platform only)

This website may contain listings, offers, or requests posted by third parties (“notice board”).

The website operator does not provide brokerage/mediation services.

Any communication and any agreement take place directly between the users and external providers.

If the website allows users to submit listings, the data entered in the submission (e.g., contact details and listing content) will be processed for publication and administration of the notice-board function.

Purpose: operating the notice board and enabling users to publish and manage postings.
Legal basis: Art. 6(1)(b) GDPR (provision of the requested platform function) and/or Art. 6(1)(f) GDPR (legitimate interest in operating the platform).
Retention: listings remain published until they are deleted by the submitter or removed by the operator (e.g., if outdated, unlawful, or upon request).

6) Cookies and similar technologies

This website may use cookies and similar technologies.

6.1 Technically necessary cookies

Technically necessary cookies may be used to ensure core website functions (e.g., page delivery, security features, form stability).

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in operating a functional and secure website).

6.2 Optional cookies (analytics/marketing) — only with consent

Analytics and marketing technologies (e.g., Google services, Meta Pixel) are not used at the moment.
If such tools are implemented in the future, they will be activated only after your consent, via a cookie/consent banner.

Legal basis: Art. 6(1)(a) GDPR (consent).
German rule for storing/accessing information on your device: consent is generally required under the TDDDG for non-essential technologies.

Withdrawal: You can withdraw or change your consent at any time via the cookie settings (if available).

Practical compliance note: when you later add Google/Meta/WhatsApp tracking, you should run them through a consent manager (CMP) so nothing loads before opt-in.

7) Use of GoHighLevel / HighLevel (website & forms)

This website is built/operated using a GoHighLevel/HighLevel website template and the website’s contact forms may be processed through HighLevel.

HighLevel acts as a service provider (“processor”) for the website operator. A Data Processing Agreement (DPA) is available from HighLevel.
HighLevel also provides GDPR/privacy information and refers to using Standard Contractual Clauses (SCCs) for lawful data transfers where applicable.

Legal basis: Art. 6(1)(b) GDPR (form communication) and/or Art. 6(1)(f) GDPR (operating the website), and Art. 28 GDPR (processor relationship).

8) International data transfers (e.g., to the USA)

Depending on the configuration of the used service providers (including HighLevel), personal data may be transferred to recipients in countries outside the European Economic Area (EEA), including the USA.

Where required, such transfers are based on:

an EU Commission adequacy decision (Art. 45 GDPR), where applicable, and/or

appropriate safeguards such as EU Standard Contractual Clauses (Art. 46 GDPR).

9) Google Maps (not active yet)

Google Maps is currently not embedded.
If we embed Google Maps in the future, it may result in data being transmitted to Google (e.g., IP address and usage data). We will implement Google Maps in a privacy-friendly way (e.g., with a click-to-load solution) and, where required, obtain your consent before loading the map.

Legal basis (future implementation): Art. 6(1)(a) GDPR (consent) and/or Art. 6(1)(f) GDPR (legitimate interest), depending on the implementation and necessity.

10) WhatsApp contact (planned)

WhatsApp is currently not integrated as a website feature.
If we add WhatsApp as a contact channel in the future (e.g., “Chat via WhatsApp”), your data will be processed by WhatsApp/Meta when you use that channel. We will provide additional information at the point of use (and obtain consent where required).

11) Recipients / categories of recipients

We may share personal data with:

hosting/platform and IT service providers (as processors),

authorities/courts if legally required,

third parties only if you request this or if it is necessary for fulfilling a request.

12) Your rights under the GDPR

You have the right to:

access (Art. 15 GDPR),

rectification (Art. 16 GDPR),

erasure (Art. 17 GDPR),

restriction (Art. 18 GDPR),

data portability (Art. 20 GDPR),

object to processing based on legitimate interests (Art. 21 GDPR),

withdraw consent at any time (Art. 7(3) GDPR), where processing is based on consent,

lodge a complaint with a supervisory authority (Art. 77 GDPR).

13) Data security

We use appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.

14) Changes to this Privacy Policy

We may update this Privacy Policy to reflect legal, technical, or operational changes. The current version is published on this website.