Privacy policy

1. General

Protecting your personal data matters to us. This privacy policy explains which data are processed when you visit mein-langenfeld.de and for what purpose.

Processing is carried out in line with the GDPR, the German Federal Data Protection Act (BDSG), and the German Telecommunications Digital Services Data Protection Act (TDDDG), where applicable.

2. Controller

Controller for data processing on this website:

3. Hosting

This website is hosted on servers operated by netcup GmbH (Daimlerstraße 25, 76185 Karlsruhe, Germany). When you access the site, the host processes technically necessary data, in particular in server log files.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a secure and available website). We have a data processing agreement with netcup pursuant to Art. 28 GDPR.

4. Content delivery network (Cloudflare)

We use services of Cloudflare Germany GmbH (Rosental 7, 80331 Munich, Germany; parent: Cloudflare, Inc., USA) to deliver content via a CDN, improve availability, and mitigate attacks (e.g. DDoS).

Cloudflare may process in particular: IP address, timestamp, requested URL and HTTP headers, browser and device information. Processing may also occur in data centres outside the EU.

Legal basis: Art. 6(1)(f) GDPR. Transfers to the USA: Cloudflare is certified under the EU-U.S. Data Privacy Framework (DPF), among other mechanisms; EU standard contractual clauses may also apply.

Cloudflare privacy policy

5. Cloudflare Zaraz (tag management)

For flexible technical control of scripts (e.g. analytics or marketing tools), Cloudflare Zaraz may be used – server-side tag management on Cloudflare’s infrastructure. Requests are not necessarily sent directly from the browser to third parties; processing may occur via Cloudflare’s servers.

If we use analytics or marketing features that are not strictly necessary, this is generally only after valid consent (e.g. via a cookie/consent banner). Without consent, such non-essential tools are not activated or only in a compliant mode.

Legal basis: For consent-based tools Art. 6(1)(a) GDPR; for technically necessary components Art. 6(1)(f) GDPR.

6. Server log files

When you visit the website, the hosting or infrastructure partner automatically processes data in log files, e.g.:

• IP address (possibly truncated)
• Date and time of the request
• Requested URL and amount of data transferred
• HTTP status code
• Referrer URL
• Browser type and operating system

Storage serves security (e.g. abuse prevention) and stable operation. Log data is usually deleted automatically after a few days unless longer retention is required for IT security.

Legal basis: Art. 6(1)(f) GDPR.

7. Cookies and consent

Cookies are small text files stored on your device. Strictly necessary cookies or comparable local storage may be required to provide the website (Art. 6(1)(f) GDPR).

Where we use non-essential cookies or similar technologies (e.g. reach measurement), we obtain your consent first (Art. 6(1)(a) GDPR). You can change your choice at any time with effect for the future.

8. Contact by email

If you contact us by email, we process the data you provide (e.g. sender address, message content) to handle your request. Data is deleted once communication is complete and no statutory retention obligations apply.

Legal basis: Art. 6(1)(f) GDPR and, where applicable, Art. 6(1)(b) GDPR for pre-contractual or contractual requests.

9. External links

Our website may contain links to external offers. The respective operators are responsible for third-party content and their privacy practices.

10. SSL/TLS encryption

This website uses SSL/TLS encryption. You can recognise a secure connection by “https://” and the padlock symbol in your browser.

11. Your rights

Subject to the GDPR you have the following rights vis-à-vis us:

• Access (Art. 15 GDPR)
• Rectification (Art. 16 GDPR)
• Erasure (Art. 17 GDPR)
• Restriction of processing (Art. 18 GDPR)
• Data portability (Art. 20 GDPR)
• Objection (Art. 21 GDPR)
• Withdrawal of consent (Art. 7(3) GDPR)
• Complaint to a supervisory authority (Art. 77 GDPR)

To exercise your rights, please contact: [email protected]

12. Objection to promotional emails

We object to the use of contact data published under legal notice obligations for sending unsolicited advertising. We reserve the right to take legal action against unsolicited advertising messages.