Legal Notice & Privacy Policy

Legal Notice (Impressum)

Aneta Lehotska
Wettersteinstraße 15
82467 Garmisch-Partenkirchen, Germany

Contact

Phone: +4915226702992
Email: info@anetalehotska.com

VAT ID

Value Added Tax Identification Number pursuant to § 27 a of the German VAT Act:
DE310756615

Professional Liability Insurance

Name and Address of Insurer:
NÜRNBERGER Versicherung
90334 Nürnberg, Germany

Coverage Area:
Worldwide

Editorial Responsibility

Aneta Lehotska
Wettersteinstraße 15
82467 Garmisch-Partenkirchen, Germany

EU Dispute Resolution

The European Commission provides a platform for Online Dispute Resolution (OS):
https://ec.europa.eu/consumers/odr/.
Our email address can be found above in the Legal Disclosure.

Consumer Dispute Resolution/Universal Arbitration Board

We are neither willing nor obliged to participate in dispute resolution proceedings before a consumer arbitration board.

Source: eRecht24

Privacy policy

1. Overview of Data Protection

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data includes all data that can personally identify you. For detailed information on data protection, please refer to the privacy policy below this text.

Data Collection on This Website

Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. You can find the operator’s contact details in the “Notice Regarding the Responsible Party” section of this privacy policy.

How do we collect your data?

  • Your data is collected when you provide it to us, for example, by filling out a contact form.
  • Other data is automatically collected by our IT systems when you visit the website, either automatically or upon your consent. This data includes technical information (e.g., internet browser, operating system, or the time the page was accessed). This data is collected automatically as soon as you visit this website.

Why do we use your data?

  • Part of the data is collected to ensure the error-free operation of the website.
  • Other data may be used to analyze your user behavior.
  • If contracts can be initiated or concluded via the website, the data you provide will also be processed for contract offers, orders, or other inquiries.

What are your rights regarding your data?
You have the right to:

  • Obtain free information about the origin, recipient, and purpose of your stored personal data at any time.
  • Request the correction or deletion of this data.
  • Revoke consent for data processing at any time for the future.
  • Request restriction of the processing of your personal data under certain circumstances.
  • File a complaint with the competent supervisory authority.

For these and other questions related to data protection, you can contact us anytime.

Analytics Tools and Third-Party Tools

Your surfing behavior may be statistically analyzed when you visit this website, primarily through analytics programs. Detailed information about these programs can be found in the privacy policy below.


2. Hosting

We host our website content with the following provider:

webgo
The provider is webgo GmbH, Heidenkampsweg 81, 20097 Hamburg (hereinafter referred to as “webgo”). When you visit our website, webgo collects various log files, including your IP address.

Details can be found in webgo’s privacy policy: https://www.webgo.de/datenschutz/.

The use of webgo is based on Article 6(1)(f) of the GDPR. We have a legitimate interest in the most reliable representation of our website. If appropriate consent has been obtained, the processing is carried out exclusively based on Article 6(1)(a) of the GDPR and Section 25(1) of the TTDSG, provided the consent includes storing cookies or accessing information on the user’s device (e.g., for device fingerprinting) as per the TTDSG. Consent can be revoked at any time.

Data Processing Agreement

We have concluded a data processing agreement (DPA) with the provider mentioned above. This legally required agreement ensures that the provider processes the personal data of our website visitors strictly in accordance with our instructions and in compliance with the GDPR.

3. General Information and Mandatory Disclosures

Data Protection

The operators of this website take the protection of your personal data very seriously. We handle your personal data confidentially and in accordance with legal data protection regulations as well as this privacy policy.

When you use this website, various personal data will be collected. Personal data refers to data that can personally identify you. This privacy policy explains what data we collect, how we use it, and for what purpose.

Please note that data transmission over the Internet (e.g., communication via email) can have security vulnerabilities. Complete protection of data against access by third parties is not possible.


Notice Regarding the Responsible Party

The entity responsible for data processing on this website is:

Aneta Lehotska
Wettersteinstraße 15
82467 Garmisch-Partenkirchen

Phone: +49 1522 6702992
Email: info@anetalehotska.com

The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g., names, email addresses, etc.).


Storage Duration

Unless a specific retention period is mentioned in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you request deletion of your data or revoke your consent to data processing, your data will be deleted unless we are legally required to retain it (e.g., for tax or commercial law purposes). In such cases, the data will be deleted once the retention obligation ends.


General Information on the Legal Bases for Data Processing on This Website

We process your personal data based on the following legal bases:

  • Consent (Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR): If you have explicitly consented to data processing. This includes cases involving special categories of personal data as per Art. 9(1) GDPR.
  • Contractual Necessity (Art. 6(1)(b) GDPR): If your data is required to fulfill a contract or pre-contractual obligations.
  • Legal Obligations (Art. 6(1)(c) GDPR): If data processing is necessary to comply with a legal obligation.
  • Legitimate Interests (Art. 6(1)(f) GDPR): If data processing is necessary to protect our legitimate interests, provided these are not overridden by your rights.

For cases involving data transfers to third countries or the use of tools requiring your explicit consent (e.g., cookies or device fingerprinting), we process data based on Section 25(1) TTDSG or Art. 49(1)(a) GDPR. Consent can be revoked at any time.

Specific legal bases for individual cases are detailed in the respective sections of this privacy policy.


Data Transfer to Non-Secure Third Countries and to U.S. Companies Without DPF Certification

We may use tools from companies based in third countries that do not guarantee a level of data protection comparable to the EU or U.S.-based providers not certified under the EU-U.S. Data Privacy Framework (DPF).

When these tools are active, your personal data may be transferred to these countries for processing. In third countries with insufficient data protection, your rights may not be enforceable to the same extent as within the EU.

The United States is generally considered a secure third country, provided the recipient is certified under the DPF or has additional safeguards in place. For more details about third-country transfers, including specific recipients of personal data, refer to this privacy policy.


Recipients of Personal Data

In the course of our business, we may share personal data with external parties under the following conditions:

  • Contractual Obligations: If necessary to fulfill a contract.
  • Legal Requirements: If we are legally obligated to share data (e.g., with tax authorities).
  • Legitimate Interests (Art. 6(1)(f) GDPR): When sharing data is justified to protect our legitimate interests.
  • Other Legal Grounds: When other legal provisions permit data sharing.

When engaging data processors, we only share customer data based on valid data processing agreements that comply with GDPR requirements. In cases of joint data processing, a joint processing agreement is established.

Revocation of Your Consent to Data Processing

Many data processing activities are only possible with your explicit consent. You may revoke consent at any time. The legality of data processing carried out before the revocation remains unaffected.


Right to Object to Data Collection in Special Cases and to Direct Marketing (Art. 21 GDPR)

If data processing is based on Art. 6(1)(e) or (f) GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation. This also applies to profiling based on these provisions. The specific legal basis for processing can be found in this privacy policy.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves the assertion, exercise, or defense of legal claims (objection under Art. 21(1) GDPR).

If your personal data is being processed for direct marketing purposes, you have the right to object to this processing at any time. This also applies to profiling associated with direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (objection under Art. 21(2) GDPR).


Right to Lodge a Complaint with a Supervisory Authority

If you believe your data protection rights have been violated under the GDPR, you have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or where the alleged violation occurred. This is without prejudice to any other administrative or judicial remedies.


Right to Data Portability

You have the right to receive data that we process automatically based on your consent or in fulfillment of a contract, in a commonly used, machine-readable format. You may also request that the data be transferred directly to another responsible party, provided this is technically feasible.


Right to Access, Rectification, and Deletion

Under applicable laws, you have the right to request information about your stored personal data, its origin, recipients, and the purpose of processing, at no cost. You also have the right to request the correction or deletion of your personal data. For such requests or any questions about personal data, you can contact us at any time.


Right to Restrict Processing

You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time. The right to restriction applies in the following cases:

  1. If you contest the accuracy of your personal data stored by us, we usually need time to verify it. During this verification period, you have the right to request the restriction of processing your personal data.
  2. If the processing of your personal data was or is unlawful, you may request restriction instead of deletion.
  3. If we no longer need your personal data, but you require it for establishing, exercising, or defending legal claims, you can request the restriction of processing instead of deletion.
  4. If you have objected under Art. 21(1) GDPR, a balance must be struck between your interests and ours. As long as it is not clear whose interests prevail, you have the right to request the restriction of processing your personal data.

If processing has been restricted, your data may only be processed (apart from storage) with your consent, for the establishment, exercise, or defense of legal claims, for protecting the rights of another natural or legal person, or for reasons of important public interest of the European Union or a Member State.


SSL and TLS Encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of sensitive content, such as orders or inquiries you send to us as the website operator. You can recognize an encrypted connection by the browser’s address bar changing from “http://” to “https://” and a lock icon appearing in your browser bar.

When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.


Objection to Promotional Emails

The use of contact data published as part of the legal notice obligation for sending unsolicited advertisements and informational materials is hereby prohibited. The operators of this site reserve the right to take legal action in the event of unsolicited promotional information, such as spam emails.

4. Data Collection on This Website

Cookies

Our website uses “cookies.” Cookies are small data packets that do not harm your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit ends. Persistent cookies remain on your device until you delete them or your web browser automatically removes them.

Cookies may be first-party cookies (set by us) or third-party cookies (set by external providers). Third-party cookies enable the integration of services provided by third parties on websites (e.g., payment processing services).

Cookies serve various purposes. Many are technically essential for website functionality (e.g., shopping cart or video display features). Others are used for user behavior analysis or advertising.

Cookies necessary for electronic communication, specific functions you request (e.g., shopping cart), or website optimization (e.g., measuring web traffic) are stored based on Art. 6(1)(f) GDPR unless another legal basis is specified. The website operator has a legitimate interest in storing essential cookies for error-free and optimized service delivery. If cookie consent is requested, processing occurs exclusively based on Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent can be revoked at any time.

You can configure your browser to inform you about cookie settings, allow cookies only on a case-by-case basis, block cookies in specific cases or altogether, and enable automatic cookie deletion when closing the browser. Note that disabling cookies may limit the functionality of this website.

Details about cookies and services used on this website can be found in this privacy policy.


Contact Form

If you send us inquiries via the contact form, the information provided, including your contact details, will be stored to process your inquiry and for follow-up questions. These details will not be shared without your consent.

The processing of this data is based on Art. 6(1)(b) GDPR if your inquiry relates to fulfilling a contract or pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling inquiries (Art. 6(1)(f) GDPR) or your consent (Art. 6(1)(a) GDPR), which can be revoked at any time.

Data provided in the contact form will be retained until you request its deletion, revoke your consent, or the purpose for data storage ceases (e.g., after processing your inquiry). Legal retention obligations remain unaffected.


Inquiries via Email, Phone, or Fax

If you contact us via email, phone, or fax, your inquiry, including all resulting personal data (e.g., name, inquiry details), will be stored and processed for the purpose of addressing your request. These details will not be shared without your consent.

The processing of this data is based on Art. 6(1)(b) GDPR if the inquiry is related to fulfilling a contract or pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling inquiries (Art. 6(1)(f) GDPR) or your consent (Art. 6(1)(a) GDPR), which can be revoked at any time.

Data received through contact inquiries will be retained until you request deletion, revoke your consent, or the purpose for data storage ceases (e.g., after fulfilling your request). Legal retention obligations remain unaffected.


5. Social Media

Instagram

This website integrates features from Instagram, provided by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, Ireland.

When a social media element is active, a direct connection between your device and Instagram’s server is established. Instagram receives information about your visit to this website.

If you are logged into your Instagram account, clicking the Instagram button links the content of this website to your profile, allowing Instagram to associate your visit with your user account. We note that, as the site provider, we have no knowledge of the content or use of the data transmitted to Instagram.

Use of this service is based on your consent under Art. 6(1)(a) GDPR and § 25(1) TTDSG, which can be revoked at any time.

Where personal data is collected and transmitted to Facebook or Instagram through this tool, Meta Platforms Ireland Limited and we are jointly responsible for the processing (Art. 26 GDPR). This shared responsibility is limited to data collection and transmission. Processing by Facebook or Instagram after data transmission is not part of our joint responsibility. The obligations under this shared responsibility agreement can be reviewed here: Facebook Controller Addendum.

For data protection regarding Facebook or Instagram products, Facebook is responsible. You may assert rights (e.g., access requests) directly with Facebook or Instagram. If such requests are submitted to us, we are obligated to forward them to Facebook.

Data transfers to the USA are based on the EU Commission’s standard contractual clauses. Details are available at:

More information is available in Instagram’s privacy policy: Instagram Privacy Policy.

The company is certified under the EU-US Data Privacy Framework (DPF), which ensures compliance with European data protection standards for data processing in the USA. More details are available here: Data Privacy Framework.


Pinterest

This website includes elements of the Pinterest social network, operated by Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland.

When you access a page containing a Pinterest element, your browser establishes a direct connection with Pinterest’s servers, transmitting log data (e.g., IP address, visited website addresses, browser type, date, and time).

Use of this service is based on your consent under Art. 6(1)(a) GDPR and § 25(1) TTDSG, which can be revoked at any time.

For more details about the purpose, scope, and further data processing by Pinterest, refer to Pinterest’s privacy policy: Pinterest Privacy Policy.

6. Newsletter

Newsletter Data

If you wish to receive the newsletter offered on this website, we require your email address and information that allows us to verify that you are the owner of the email address provided and consent to receiving the newsletter. Additional data will only be collected on a voluntary basis. This data is used exclusively for sending the requested information and is not shared with third parties.

The processing of data entered into the newsletter subscription form is based solely on your consent (Art. 6(1)(a) GDPR). You can revoke your consent to the storage of your data, email address, and its use for sending the newsletter at any time, for example, via the “unsubscribe” link in the newsletter. The legality of data processing already carried out remains unaffected by the revocation.

The data you provide for the purpose of receiving the newsletter will be stored until you unsubscribe from the newsletter and deleted after you opt out of the newsletter or the purpose for data retention ceases. We reserve the right to delete or block email addresses from our mailing list at our discretion as part of our legitimate interest under Art. 6(1)(f) GDPR.

Data stored for other purposes remains unaffected by this.

After you unsubscribe from the newsletter, your email address may be stored in a blacklist to prevent future mailings if required. Blacklist data will only be used for this purpose and will not be merged with other data. This serves both your and our interest in complying with legal requirements for newsletter distribution (legitimate interest as per Art. 6(1)(f) GDPR). Blacklist storage is not time-limited. You may object to storage if your interests outweigh our legitimate interest.


7. Plugins and Tools

Google Fonts (Local Hosting)

This website uses Google Fonts for uniform font representation. The Google Fonts are installed locally. No connection to Google servers is established.

For more information about Google Fonts, visit:


MyFonts

This website uses MyFonts, a font service to ensure uniform typography on the website. The provider is Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, Massachusetts 01801, USA.

To verify license compliance and track page views, MyFonts transfers your IP address along with the website URL and our contract details to its servers in the USA. According to Monotype, your IP address is anonymized immediately after transmission, preventing personal identification.

Details are available in Monotype’s privacy policy: Monotype Privacy Policy.

The company is certified under the EU-US Data Privacy Framework (DPF), ensuring compliance with European data protection standards. More details can be found here: Data Privacy Framework.


Google reCAPTCHA

We use “Google reCAPTCHA” (referred to as “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

reCAPTCHA is used to verify whether data entered on this website (e.g., in a contact form) is submitted by a human or automated program. This analysis begins automatically when a visitor accesses the website. reCAPTCHA evaluates various data points (e.g., IP address, time spent on the site, and mouse movements). The data collected during analysis is transmitted to Google.

The reCAPTCHA analysis operates entirely in the background without notifying visitors.

Data processing is based on Art. 6(1)(f) GDPR, as the website operator has a legitimate interest in protecting its website from abusive automated data scraping and spam. If consent is requested, processing is based solely on Art. 6(1)(a) GDPR and § 25(1) TTDSG, provided the consent includes cookie storage or device access (e.g., device fingerprinting). Consent can be revoked at any time.

For more details, refer to:

  • Google Privacy Policy
  • Google Terms of Service

The company is certified under the EU-US Data Privacy Framework (DPF), ensuring compliance with European data protection standards. More details can be found here: Data Privacy Framework.

Source: e-recht24.de