Data protection
I. Controller
The controller within the meaning of the GDPR is:
Ameko Projekt GmbH
63579 Somborn
Deutschland
Opening Hours:
Monday – Thursday. 9 a.m. to 6 p.m.,
Fridays 8 a.m. to 2 p.m
Contact Information:
Phone: +49 (0) 6055 / 939 69 0
Fax: +49 (0) 6055 / 907 271 9
Email: post@amekoprojekt.de
II. General Information on Data Processing
1. Scope of processing personal data
We process personal data of our users only to the extent necessary to provide a functional website as well as our content and services. The processing of personal data of our users regularly occurs only with the user's consent. An exception applies in cases where prior consent cannot be obtained for actual reasons, and the processing of the data is permitted by statutory provisions.
2. Legal basis for processing
According to Article 6 (1) of the General Data Protection Regulation (GDPR), data processing is only lawful if at least one of the following conditions is met:
- a) the data subject has given their consent to the processing of their personal data for one or more specific purposes;
- b) processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract;
- c) processing is necessary for compliance with a legal obligation to which the controller is subject;
- d) processing is necessary in order to protect the vital interests of the data subject or another natural person;
- e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, especially when the data subject is a child.
3. Place of processing
The data directly collected is processed in the office premises of the owner in Germany and, in some cases, transferred to an EU third country, as specified below in the services that automatically collect data.
III. Collection and Storage of Personal Data and the Type and Purpose of Their Use
1. Types of data directly collected
“Personal data” within the meaning of the GDPR includes any data that can be used to identify a specific person, including but not limited to:
- Name
- Address
- Payment information
If you contact us or pay for a service, we will have access to your name, email address, or phone number, depending on how you choose to contact us. We will also ask for your address in order to issue you an invoice for the services rendered. This data is necessary to meet our legal obligations under Article 6 (1) lit. c GDPR and is only used to provide the service to you.
2. When visiting the website
When you visit our website, information is automatically sent from your device to the server of our website by the browser in use. This information is temporarily stored in a so-called log file. The following information is automatically collected without any action on your part and stored until it is automatically deleted:
- IP address of the requesting computer,
- Date and time of access,
- Name and URL of the retrieved file,
- Website from which the access is made (referrer URL),
- Browser used and, if applicable, the operating system of your computer and the name of your access provider.
The mentioned data is processed by us for the following purposes:
- Ensuring a smooth connection to the website,
- Ensuring comfortable use of our website,
- Evaluation of system security and stability as well as
- For other administrative purposes.
The legal basis for data processing is Article 6 (1) S. 1 lit. f GDPR. Our legitimate interest follows from the purposes for data collection listed above. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your identity.
3. When registering for our newsletter
You may be given the opportunity to subscribe to a newsletter on our website. The personal data provided when ordering the newsletter will be taken from the input form used for this purpose.
We inform our customers and business partners regularly by means of a newsletter about our offers. The newsletter can only be received by you if you have a valid email address and have registered to receive the newsletter.
A confirmation email will be sent to the registered email address for the first time using the double-opt-in procedure. This confirmation email is used to verify whether the owner of the email address has authorized the receipt of the newsletter.
When you subscribe to the newsletter, we also store the IP address of your IT system provided by your internet service provider (ISP) at the time of registration, as well as the date and time of registration. The collection of this data is necessary to trace the possible misuse of your email address at a later date and therefore serves our legal protection.
The personal data collected as part of the newsletter subscription will only be used to send our newsletter. In addition, subscribers to the newsletter may be informed by email if this is necessary for the operation of the newsletter service or registration, as might be the case in the event of changes to the newsletter offering or technical circumstances. The personal data collected for the newsletter service will not be passed on to third parties. You can cancel your subscription to our newsletter at any time. You can revoke your consent to the storage of personal data that you have provided for the newsletter at any time. A link is provided for this purpose in each newsletter. You can also unsubscribe directly from the newsletter on our website or by notifying us in another way.
The legal basis for processing data for the purpose of sending newsletters is Article 6 (1) lit. a GDPR.
4. When using our contact forms and email contact
In the course of contacting us (e.g., via contact form or email), personal data is collected. The specific data collected via the contact form can be found in the respective contact form. This data is stored and used solely for the purpose of responding to your inquiry or for contacting you and for the associated technical administration.
The legal basis for processing the data is the user's consent, in accordance with Article 6 (1) lit. a GDPR.
The legal basis for processing the data transmitted in the course of sending an email is Article 6 (1) lit. f GDPR. If the email contact aims at concluding a contract, an additional legal basis for processing is Article 6 (1) lit. b GDPR.
Your data will be deleted after your inquiry has been fully processed, provided that no legal retention obligations prevent this.
IV. Disclosure of Data
Your personal data will not be transferred to third parties for any purposes other than those listed below.
We will only disclose your personal data to third parties if:
- You have given your explicit consent in accordance with Article 6 (1) S. 1 lit. a GDPR,
- The disclosure is necessary in accordance with Article 6 (1) S. 1 lit. f GDPR to assert, exercise, or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not having your data disclosed,
- In the event that the disclosure is required by law according to Article 6 (1) S. 1 lit. c GDPR, and
- This is legally permissible and necessary for the execution of contractual relationships with you in accordance with Article 6 (1) S. 1 lit. b GDPR.
The data will only be disclosed to the following service providers and under the following conditions with whom we collaborate for the performance of contracts:
1. Brevo – Service provider for sending our newsletters and transactional emails
This website uses Brevo to send newsletters. The provider is Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany.
Brevo is a service that organizes and analyzes the sending of newsletters. The data you enter to subscribe to the newsletter will be stored on Brevo’s servers in Germany.
If you do not want Brevo to analyze your use of the newsletter, you will have to unsubscribe. We provide a link to do so in each newsletter message. You can also unsubscribe directly on the website.
You may withdraw your consent at any time. You can also prevent processing at any time by unsubscribing from the newsletter.
Brevo allows us to analyze our newsletter campaigns. We can see if a newsletter message was opened and which links were clicked, among other things. This allows us to determine which links were particularly popular.
Brevo also enables us to segment the newsletter recipients into different categories (e.g., by age, gender, or location). This allows us to tailor the newsletters to better suit the respective target groups.
The data processing is based on your consent (Article 6 (1) lit. a GDPR). You can revoke this consent at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
The data you provide to receive the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from both our servers and Brevo’s servers after you unsubscribe. Data stored for other purposes (e.g., email addresses for the members' area) will remain unaffected.
We also use Brevo to send our transactional emails (e.g., confirmation of registration or contact form submissions).
Sendinblue GmbH is prohibited from using your data for any purposes other than sending transactional emails. The data is not transferred or sold to third parties.
Sendinblue GmbH is a certified German newsletter software provider selected according to GDPR and BDSG requirements.
For more information, please refer to Brevo's privacy policy: brevo.com/de/legal/privacypolicy
2. Altcha
We use "Altcha - An Open-Source Captcha Alternative," a service from BAU Software s.r.o., Lidicka 700/19 Brno 602 00 Czechia. Altcha only stores and processes information for the purpose of processing your request when you use our (contact) forms on our website.
Altcha does not use marketing or tracking cookies, nor does it employ fingerprinting techniques, according to its own statements. Altcha uses Cloudflare as a service provider, which may set temporary security cookies to authenticate users and prevent fraudulent activities. These cookies are essential for the functioning of Altcha and its API services and do not collect personal data.
For more information, please refer to Altcha's privacy policy: altcha.org/privacy-policy
3. Pirsch.io
Our website uses the Pirsch.io analytics service, provided by Emvi Software GmbH, Nickelstraße 1b, 33378 Rheda-Wiedenbrück, Germany. We use it to create anonymous statistics about the usage of our pages. Pirsch.io does not collect personal data such as IP addresses, names, or other identifying information. Instead, the service uses anonymized data that cannot be traced back to individual users.
The data collected is used solely to understand user behavior on our website and to optimize our content accordingly. No cookies are used, and all data is processed in accordance with the GDPR.
For more information, please refer to Pirsch.io's privacy policy: pirsch.io/privacy
4. Hosting by Hetzner Online GmbH
Our website is hosted by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. Hetzner stores the data on servers located exclusively in Germany and is subject to strict German and European data protection regulations. Your data is only processed to the extent necessary for the operation and maintenance of the website.
For more information, please refer to Hetzner's privacy policy: hetzner.com/de/legal/privacy-policy
5. Relaunch24 UG – Technical support
The technical maintenance of this website, including hosting, email services management, and analytics, is provided by Relaunch24 UG, Haselstr.30, 63619 Bad Orb, Germany. In the course of technical maintenance, we process personal data only to the extent necessary to fulfill our contractual obligations and ensure the smooth operation of the website. The disclosure of your data is based on legitimate interest under Article 6 (1) lit. f GDPR.
For more information, please refer to Relaunch24's privacy policy: https://www.relaunch24.de
V. Social Media Presence
We maintain profiles on social media platforms to organically increase the visibility of our services and to communicate with potential customers and other users of these networks. None of the social media content is displayed on this website, but you can visit all of our profiles by clicking on the icons in the footer of any page on this website.
Please note that data collected by social networks may be processed outside the European Union, making it more difficult for you to assert your rights under the GDPR if these networks do not comply with EU data protection standards.
VI. Cookies
This website does not use any cookies that are not necessary for the regular operation of the website.
When you use our contact form, a technically necessary cookie from Cloudflare is set to ensure the security and stability of the service. This cookie is used by our spam filter service Altcha.org during the form submission process and is only temporarily active.
No cookies are set for tracking, marketing, or user analytics.
VII. Data Subject Rights
You have the right:
- In accordance with Article 15 GDPR, to request information about your personal data processed by us. In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned retention period, the existence of a right to rectification, erasure, restriction of processing, or objection, the existence of a right to lodge a complaint, the origin of your data, if it was not collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about the details of this;
- In accordance with Article 16 GDPR, to demand the immediate rectification of inaccurate or completion of your personal data stored by us;
- In accordance with Article 17 GDPR, to request the deletion of your personal data stored by us, unless the processing is necessary for exercising the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;
- In accordance with Article 18 GDPR, to request the restriction of processing of your personal data if the accuracy of the data is contested by you, the processing is unlawful, but you oppose its deletion, and we no longer need the data, but you require it for the establishment, exercise, or defense of legal claims, or you have objected to processing in accordance with Article 21 GDPR;
- In accordance with Article 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request its transmission to another controller;
- In accordance with Article 7 (3) GDPR, to revoke your consent at any time. As a result, we may no longer continue data processing based on this consent for the future;
- In accordance with Article 77 GDPR, to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence, workplace, or our registered office for this purpose.
VIII. Right to Object
If your personal data is processed based on legitimate interests in accordance with Article 6 (1) S. 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR, provided that there are grounds arising from your particular situation, or the objection is directed against direct marketing. In the latter case, you have a general right to object, which we will implement without the need to specify a particular situation.
If you wish to exercise your right of revocation or objection, simply send an email to post@amekoprojekt.de
IX. How to Exercise Your Rights
If you have any questions or concerns or wish to exercise any of your rights, please contact us using the contact information provided at the beginning of this document. All your requests regarding your rights will be processed free of charge and within one month.
X. Retention Period
The retention period for personal data depends on the respective legal basis, the processing purpose, and the applicable statutory retention periods.
If you have expressly consented to the processing of personal data pursuant to Article 6 (1) S.1 lit. a GDPR, these data will be stored until the data subject revokes their consent.
Insofar as we are subject to legal obligations to retain data (such as tax or commercial law retention periods), the storage of the data will continue exclusively for the purpose of fulfilling these obligations after it is no longer necessary for the processing purpose. The data will be restricted from access.
In the case of the processing of personal data for direct marketing purposes based on Article 6 (1) lit. f GDPR, these data will be stored until the data subject exercises their right to object in accordance with Article 21 (2) GDPR.
XI. Data Security
We use the widely used SSL (Secure Socket Layer) procedure during your website visit in conjunction with the highest encryption level supported by your browser. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we will instead use 128-bit v3 technology. You can tell whether a particular page of our website is encrypted by looking for the closed padlock symbol in the lower status bar of your browser.
We also take appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
XII. Liability Disclaimer for Links to Third-Party Websites
Our website may contain links to third-party websites. If you follow a link to any of these websites, we point out that these websites have their own privacy policies, and we do not assume any responsibility for these. We ask that you review these privacy policies before submitting personal data to these websites.
XIII. Validity and Changes to this Privacy Policy
This privacy policy is currently valid and has the status of June 2024.
Due to the further development of our website and offers or due to changed legal or official requirements, it may become necessary to change this privacy policy. The current privacy policy can be viewed and printed at any time on the website under https://amekoprojekt.de/en/privacy-policy.