1.1) Introduction and contact details of the controller
1.1 We are pleased that you are visiting our website and thank you for your interest. Below we inform you about the handling of your personal data when using our website. Personal data is any data with which you can be personally identified.
1.2 The controller for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is OP Media Services UG (haftungsbeschränkt), Sudbrackstr. 17, 33611 Bielefeld, Germany, Tel.: +49 521 – 759 850 31, Email: info@opmedia.services. The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.
2) Data collection when visiting our website
2.1 When using our website purely for informational purposes, i.e., if you do not register or otherwise provide us with information, we only collect data that your browser transmits to the server (so-called “server log files”). When you access our website, we collect the following data, which is technically necessary to display the website:
- Our visited website
- Date and time at the moment of access
- Amount of data sent in bytes
- Source/reference from which you came to the page
- Browser used
- Operating system used
- IP address used (if applicable, in anonymised form)
Processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of unlawful use.
2.2 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller). You can recognise an encrypted connection by the string “https://” and the lock icon in your browser bar.
3) Hosting & Content Delivery Network
For hosting our website and displaying its content, we use a provider who performs its services either directly or through selected subcontractors exclusively on servers located within the European Union.
All data collected on our website is processed on these servers.
We have concluded a data processing agreement with the provider that ensures the protection of our website visitors’ data and prohibits unauthorised disclosure to third parties.
4) Cookies
To make visiting our website attractive and to enable the use of certain functions, we use cookies—small text files that are stored on your device. Some of these cookies are automatically deleted after you close the browser (so-called “session cookies”), while others remain on your device for a longer period and allow your preferences to be saved (“persistent cookies”). The storage period can be found in your browser’s cookie settings overview.
If cookies we use process personal data, processing is carried out either in accordance with Art. 6(1)(b) GDPR for contract performance, Art. 6(1)(a) GDPR if consent was given, or Art. 6(1)(f) GDPR to safeguard our legitimate interests in optimal website functionality and a user-friendly website experience.
You can configure your browser to inform you about the setting of cookies and decide individually whether to accept them, or to exclude the acceptance of cookies for specific cases or in general.
Please note that disabling cookies may limit the functionality of our website.
5) Contact
When you contact us (e.g., via contact form or email), personal data is collected. The data collected when using a contact form is visible in the respective form. This data is stored and used solely for the purpose of responding to your inquiry and for the technical administration involved.
The legal basis for processing this data is our legitimate interest in responding to your inquiry in accordance with Art. 6(1)(f) GDPR. If the contact aims to conclude a contract, the legal basis is additionally Art. 6(1)(b) GDPR. Your data will be deleted after final processing of your request, unless legal retention obligations prevent this.
6) Website functionalities
Google reCAPTCHA
This website uses the CAPTCHA service of the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
Data may also be transferred to: Google LLC, USA. For visual display of the CAPTCHA window, the provider uses “Google Fonts”, fonts loaded from the internet by Google. No further information is processed beyond what is already transferred through the reCAPTCHA functionality.
The service checks whether data entry is made by a human or by automated processing. It prevents spam, DDoS attacks and similar automated misuse. To verify that an action is performed by a person and not a bot, the provider collects the device’s IP address, browser and OS type, visit duration and time, and sends it to their servers. Cookies may be used in the process.
Where such processing is based on cookies, it occurs only with your express consent under Art. 6(1)(a) GDPR. You can revoke your consent at any time by deactivating the service in the website’s “cookie consent tool.”
Where the processing occurs without cookies, it is based on our legitimate interest under Art. 6(1)(f) GDPR to ensure responsible internet use and prevent abuse and spam.
We have concluded a data processing agreement with the provider, ensuring protection of visitor data and preventing unauthorised disclosure.
For data transfers to the USA, the provider is certified under the EU-US Data Privacy Framework, ensuring adequate protection as per the European Commission.
More on Google’s data protection policies:
https://business.safety.google/intl/de/privacy/
7) Tools and other services
7.1 Cookie Consent Tool
This website uses a cookie consent tool to obtain effective user consent for cookies that require it. The tool is displayed as an interactive interface when visiting the site, allowing users to opt-in by checking boxes.
All cookies requiring consent will only be set if the user has provided consent. Technically necessary cookies are used to store these preferences. No personal data is processed unless necessary for storage or logging of cookie settings (e.g., IP address), in which case processing is done under Art. 6(1)(f) GDPR for lawful and user-friendly consent management.
Art. 6(1)(c) GDPR also applies, as we are legally obligated to obtain consent before setting non-essential cookies.
Where necessary, we have concluded a data processing agreement with the tool provider.
More information about the tool operator and settings can be found in the consent interface on our website.
7.2 Wordfence
This website uses the following security provider: Defiant Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA
The provider protects the website and IT infrastructure against unauthorised access, cyberattacks, viruses, and malware. It logs users’ IP addresses and possibly additional behaviour data (e.g., accessed URLs, header information) to detect and block illegitimate access. If identified as a threat, access may be blocked. The data is sent to and stored on the provider’s servers.
Processing is based on our legitimate interest under Art. 6(1)(f) GDPR in protecting the website and data integrity.
For users with login rights, cookies may be set to determine device/location info and verify that access is legitimate. These cookies also manage access rights and notify admins of suspicious access attempts. These cookies are only used for logged-in users.
Where cookies process personal data, this is also based on Art. 6(1)(f) GDPR to prevent unauthorised admin access.
We have concluded a data processing agreement with the provider.
For data transfers to the USA, the provider uses the European Commission’s standard contractual clauses to ensure GDPR compliance.
8) Data subject rights
8.1 Under applicable data protection laws, you have the following rights regarding your personal data:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to notification (Art. 19 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to withdraw consent (Art. 7(3) GDPR)
- Right to lodge a complaint (Art. 77 GDPR)
8.2 Right to object
IF WE PROCESS YOUR PERSONAL DATA BASED ON OUR LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS THAT OVERRIDE YOUR INTERESTS OR FOR THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS.
IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR DATA FOR THIS PURPOSE.
9) Duration of storage of personal data
The duration of storage depends on the legal basis, purpose, and applicable legal retention period (e.g., commercial or tax laws).
If processing is based on consent (Art. 6(1)(a) GDPR), data is stored until consent is withdrawn.
If legal retention periods apply to data processed under Art. 6(1)(b) GDPR, the data will be deleted after expiry unless it’s still required for contract purposes or there is a legitimate interest in its retention.
If processed under Art. 6(1)(f) GDPR, data is stored until you exercise your right to object under Art. 21(1) GDPR, unless we can show overriding legitimate grounds.
For direct marketing under Art. 6(1)(f) GDPR, data is stored until you object under Art. 21(2) GDPR.
Unless otherwise stated, data will be deleted when it is no longer necessary for its original purpose.