Privacy policy

1) Introduction and Contact Details of the Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data includes all data that can be used to personally identify you.

1.2
The controller for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Peter Lohr, Peter H. Lohr, Lena-Christ-Str.124a, 82194 Gröbenzell, Germany, Tel.: +49 8142 3057533, E-mail: .
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

2) Data Collection When Visiting Our Website

When you use our website purely for informational purposes, i.e., if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to the server (so-called “server log files”). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:

  • Our visited website

  • Date and time of access

  • Amount of data sent in bytes

  • Source/referrer from which you accessed the page

  • Browser used

  • Operating system used

  • IP address used (if applicable: in anonymized form)

Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are specific indications of unlawful use.

This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller). You can recognize an encrypted connection by the character string “https://” and the lock symbol in your browser’s address bar.

3) Hosting & Content Delivery Network

We use a provider for hosting our website and displaying its content, who renders its services either directly or through selected subcontractors exclusively on servers located within the European Union.
All data collected on our website is processed on these servers.
We have concluded a data processing agreement with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorized disclosure to third parties.

4) Cookies

To make your visit to our website attractive and to enable the use of certain functions, we use cookies, which are small text files stored on your device. Some of these cookies are deleted automatically after you close your browser (so-called “session cookies”), while others remain on your device and allow us to save your settings (so-called “persistent cookies”). You can find the storage duration in the cookie settings of your web browser.
If personal data is also processed through individual cookies implemented by us, processing takes place in accordance with Art. 6 para. 1 lit. b GDPR either for the performance of the contract, in accordance with Art. 6 para. 1 lit. a GDPR in case of consent, or in accordance with Art. 6 para. 1 lit. f GDPR to protect our legitimate interest in the best possible functionality of the website and a customer-friendly and effective design of the visit.
You can configure your browser to notify you about the use of cookies and to decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general.
Please note that if cookies are not accepted, the functionality of our website may be limited.

5) Contact

5.1 WhatsApp Business
You have the option of contacting us via the WhatsApp messaging service provided by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. We use the so-called “Business Version” of WhatsApp.
If you contact us via WhatsApp for a specific business purpose (e.g., an order), we store and use the mobile number you used on WhatsApp as well as—if provided—your first and last name in accordance with Art. 6 para. 1 lit. b GDPR to handle and respond to your inquiry. On the same legal basis, we may ask you to provide additional information (e.g., order number, customer number, address, or email address) to associate your request with a particular transaction.
If you use our WhatsApp contact for general inquiries (e.g., about services, availability, or our website), we store and use your WhatsApp mobile number and, if provided, your name in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in efficient and timely provision of the requested information.
Your data will be used solely to respond to your inquiry via WhatsApp. It will not be shared with third parties.
Please note that WhatsApp Business has access to the address book of the mobile device we use and automatically transmits the stored phone numbers to a server of its parent company, Meta Platforms Inc., in the USA.
We use a mobile device for WhatsApp Business that only contains the WhatsApp contact data of users who have also contacted us via WhatsApp.
This ensures that every person whose contact data is stored in our address book has already consented to the transmission of their WhatsApp phone number from their contacts’ address books by accepting the WhatsApp terms of use on first use of the app, in accordance with Art. 6 para. 1 lit. a GDPR.
The transmission of data of users who do not use WhatsApp and/or have not contacted us via WhatsApp is excluded.
For more information on the purpose and scope of data collection and processing by WhatsApp, as well as your rights and privacy settings, please refer to WhatsApp’s privacy policy:
https://www.whatsapp.com/legal/?eea=1#privacy-policy
We have concluded a data processing agreement with the provider that protects the data of our website visitors and prohibits disclosure to third parties.
As part of the above processing, data may be transmitted to servers of Meta Platforms Inc. in the USA.
For data transfers to the USA, the provider is certified under the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection based on an adequacy decision by the European Commission.

5.2 In the context of contacting us (e.g., via contact form or email), personal data will be collected. The data collected through a contact form is visible on the respective form. These data are stored and used solely for the purpose of responding to your inquiry and for the associated technical administration.
The legal basis for processing this data is our legitimate interest in responding to your inquiry pursuant to Art. 6 para. 1 lit. f GDPR. If your inquiry is aimed at concluding a contract, the additional legal basis is Art. 6 para. 1 lit. b GDPR. Your data will be deleted once your inquiry has been fully processed, unless there are legal retention requirements.

6) Tools and Miscellaneous

6.1 – weclapp
We use the cloud-based accounting software provided by:
weclapp GmbH, Friedrich-Ebert-Straße 28, 97318 Kitzingen
The provider processes incoming and outgoing invoices and possibly also our company’s banking transactions to automatically capture invoices, match them to transactions, and partially automate financial accounting.
If personal data is processed in this context, it is based on our legitimate interest in efficient organization and documentation of business transactions pursuant to Art. 6 para. 1 lit. f GDPR.

6.2 – Adobe Acrobat Sign
For the digital signing of documents, we use the following provider:
Adobe Systems Software Ireland Limited, 4–6 Riverwalk, City West Business Campus, Dublin 24, Ireland
This service enables the legally valid signing of documents electronically from any device.
The service collects, stores, and transmits, along with the electronic signature, usage data of the device (especially the IP address) and certain transaction data for verification and proof of signature.
The processing is based on our legitimate interest in efficient and timely business operations and user-friendly document management in accordance with Art. 6 para. 1 lit. f GDPR.
We have concluded a data processing agreement with the provider, which protects the data of our website visitors and prohibits disclosure to third parties.

7) Rights of the Data Subject

7.1 The applicable data protection law grants you the following data subject rights with respect to the controller regarding the processing of your personal data (rights of access and intervention), with reference to the respective legal basis for the conditions of exercise:

  • Right of access pursuant to Art. 15 GDPR;

  • Right to rectification pursuant to Art. 16 GDPR;

  • Right to erasure pursuant to Art. 17 GDPR;

  • Right to restriction of processing pursuant to Art. 18 GDPR;

  • Right to notification pursuant to Art. 19 GDPR;

  • Right to data portability pursuant to Art. 20 GDPR;

  • Right to withdraw consent pursuant to Art. 7 para. 3 GDPR;

  • Right to lodge a complaint pursuant to Art. 77 GDPR.

7.2 RIGHT TO OBJECT
IF WE PROCESS YOUR PERSONAL DATA BASED ON OUR OVERRIDING LEGITIMATE INTEREST AFTER CONDUCTING A BALANCING OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, WITH FUTURE EFFECT.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE AFFECTED DATA.
FURTHER PROCESSING IS RESERVED, HOWEVER, IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OUTWEIGH YOUR INTERESTS, FUNDAMENTAL RIGHTS, AND FREEDOMS, OR IF THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS.
IF YOUR PERSONAL DATA IS PROCESSED BY US FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT TO SUCH PROCESSING AT ANY TIME.
IF YOU EXERCISE THIS RIGHT, WE WILL STOP PROCESSING YOUR PERSONAL DATA FOR DIRECT MARKETING PURPOSES.

8) Duration of Storage of Personal Data

The duration of storage of personal data depends on the respective legal basis, the purpose of processing, and—if applicable—statutory retention periods (e.g., commercial and tax retention periods).
If personal data is processed based on explicit consent pursuant to Art. 6 para. 1 lit. a GDPR, it will be stored until the consent is withdrawn.
If there are statutory retention periods for data that is processed under contractual or pre-contractual obligations under Art. 6 para. 1 lit. b GDPR, this data will be routinely deleted after the retention period has expired, provided it is no longer necessary for contract performance or initiation and there is no legitimate interest in further storage.
If personal data is processed based on Art. 6 para. 1 lit. f GDPR, it will be stored until you exercise your right to object under Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.
If personal data is processed for direct marketing based on Art. 6 para. 1 lit. f GDPR, it will be stored until you exercise your right to object under Art. 21 para. 2 GDPR.
Unless otherwise stated in this declaration about specific processing situations, stored personal data will be deleted when it is no longer required for the purposes for which it was collected or otherwise processed.

Copyright Notice: This privacy policy was created by the specialist lawyers of the IT-Recht Kanzlei and is protected by copyright
(https://www.it-recht-kanzlei.de)

Status: 07 July 2025, 15:51:29