Menu
I place great importance on protecting your personal data. On my websites, I process only data that is technically necessary and consciously refrain from using analytics and tracking tools. Additionally, no third-party providers are integrated to ensure the confidentiality of your data. My websites are based on open-source software to enable transparency, security, and control. Below, I inform you about how I handle your data on andreherling.de (WordPress) and cloud.andreherling.de (NextCloud).
André Herling
André Herling (Freelancer)
Ursula-von-Reibnitz-Str. 2
42287 Wuppertal, Germany
Email: kontakt@andreherling.de
Phone: +49 202 29993910
Strato AG
Pascalstraße 10
10587 Berlin, Germany
I host my websites on servers provided by Strato AG. A Data Processing Agreement (DPA) in accordance with Article 28 GDPR exists with Strato, ensuring that your data is processed in compliance with applicable data protection regulations. Strato acts not as a third party but as a data processor on my behalf.
To protect the security of your data during transmission, both websites use SSL/TLS encryption. You can recognise an encrypted connection by the prefix “https://” in your browser’s address bar.
Both websites use technically necessary cookies required for the operation of the websites. These cookies do not store personal data for marketing or tracking purposes. They primarily serve session management and authentication.
For the purpose of monitoring technical functionality and increasing operational security, connection data is stored in server log files on both websites. This data includes:
The server log files are stored for 42 days and then deleted or anonymised. Longer storage occurs only if necessary to fulfil legal obligations or to safeguard legitimate interests, such as investigating security incidents.
Both websites do not use any analytics or tracking tools. The pages are optimised without processing personal data.
You have the right to:
To exercise your rights, you can contact me at any time:
Email: kontakt@andreherling.de
Phone: +49 202 29993910
On andreherling.de, only technically necessary data is processed to provide the website securely and functionally. This data includes:
The legal basis for this data processing is my legitimate interest pursuant to Article 6(1)(f) GDPR, as this data is technically required to display the website.
The website is based on the open-source software WordPress. WordPress may set technically necessary cookies and process data required for the operation of the website. No additional plugins are used that process personal data for marketing or analysis purposes. Should this change in the future, relevant information will be provided here.
If a contact form is available on andreherling.de, the data you enter will be used solely to process your enquiry. The legal basis for this is Article 6(1)(b) GDPR (contract initiation) and Article 6(1)(f) GDPR (legitimate interest in processing enquiries).
cloud.andreherling.de is based on the open-source software NextCloud and serves secure communication and file exchange with my clients. By operating the cloud solution independently, I have complete control over data security and confidentiality.
In the course of using the cloud, I process the following data:
The processing of this data is based on contractual obligations pursuant to Article 6(1)(b) GDPR and my legitimate interest in secure and smooth communication with clients pursuant to Article 6(1)(f) GDPR.
The cloud at cloud.andreherling.de can also be used for private purposes. This private use does not affect the processing of your personal data.
To ensure the confidentiality and security of your data, I employ modern encryption and security procedures. Access to the data is protected by strict access restrictions. All data is stored on servers in Germany that meet high security standards.
Your data is stored in compliance with statutory retention periods, such as those specified in Section 257 of the German Commercial Code (HGB) and Section 147 of the German Fiscal Code (AO), which require retention for up to 10 years. The legal basis for this is the fulfilment of legal obligations pursuant to Article 6(1)(c) GDPR.
I consciously rely on open-source software like WordPress and NextCloud to ensure transparency and security. Open-source solutions allow me to review the source code at any time and ensure that there are no hidden mechanisms for collecting or processing personal data. This approach enables me to maintain control over core aspects of data processing.
For the functionality of the websites, certain additional plugins are used. These plugins are configured to process only technically necessary data and do not transmit any personal data to third parties.
This software does not constitute a third-party solution, as I host it myself and no personal data is passed on to third parties. Processing by my hosting provider Strato occurs solely within the framework of a Data Processing Agreement pursuant to Article 28 GDPR.
If you contact me via email or phone, your transmitted personal data will be automatically stored to process your enquiry and any follow-up questions. I will not pass on this data without your consent.
The legal basis for processing the data is the fulfilment of a contract or pre-contractual measures pursuant to Article 6(1)(b) GDPR, as well as my legitimate interest in communicating with interested parties and clients pursuant to Article 6(1)(f) GDPR.
If you believe that the processing of your personal data is not lawful, you have the right to lodge a complaint with the competent data protection supervisory authority.
I reserve the right to update this privacy policy in the event of changes to the websites, the technologies used, or adjustments to the legal framework. The current version is always available on my websites.
Effective Date: 1 November 2024
Data protection is an important concern for me. If you have any questions or concerns about data protection, please feel free to contact me.
© All Rights Reserved 2023