ORHAN AYNUR
DATA PROTECTION
Data Protection
The controller responsible for data processing is:
Orhan Aynur
Steinerweg 2
81241 Munich
Germany
kontakt@orhan-aynur.com
We are pleased that you are interested in our website. Protecting your privacy is very important to us. Below we inform you in detail about how we handle your data.
1. Access data and hosting
You can visit our website without providing any personal information. Each time a webpage is accessed, the web server automatically stores a server log file which contains, for example, the name of the requested file, your IP address, the date and time of access, the amount of data transferred and the requesting provider (access data), and documents the access. This access data is evaluated exclusively for the purpose of ensuring the smooth operation of the website and improving our offer. This serves to protect our overriding legitimate interests in the correct presentation of our offer in accordance with Article 6 paragraph 1 sentence 1 letter f GDPR. All access data is processed for as long as is necessary for the purposes described above.
Hosting
The services for hosting and displaying the website are partly provided by our service providers as part of processing on our behalf. Unless otherwise stated in this privacy policy, all access data as well as all data that is collected in the forms provided on this website is processed on their servers. If you have any questions about our service providers and the basis of our cooperation with them, please use the contact option described in this privacy policy.
Our service providers are based in and or use servers in the following countries for which the European Commission has determined an adequate level of data protection by decision: Israel, United Kingdom, United States of America.
The adequacy decision for the United States of America serves as the basis for the transfer of data to third countries, provided that the respective service provider is certified. Such certification exists.
Our service providers are also based in and or use servers in the following countries: Brazil, Mexico, India, Ukraine.
No adequacy decision by the European Commission exists for these countries. Our cooperation with these service providers is based on the following safeguards: standard contractual clauses of the European Union.
2. Data processing for contacting us and customer communication
Contacting us
When you contact us, we collect personal data in order to process your inquiry in accordance with Article 6 paragraph 1 sentence 1 letter b GDPR, provided that you voluntarily share this data with us when contacting us, for example via contact form, live chat tool or email. Fields that are mandatory are marked as such, since in these cases we absolutely need the data to process your contact request. The specific data collected can be seen from the respective input forms. After your inquiry has been fully processed, your data will be deleted unless you have expressly consented to further use of your data in accordance with Article 6 paragraph 1 sentence 1 letter a GDPR or we reserve the right to use your data beyond this scope in a way that is legally permitted and about which we inform you in this privacy policy.
After your customer inquiry has been fully processed, your data will be restricted from further processing and deleted after expiry of the statutory retention periods under tax and commercial law in accordance with Article 6 paragraph 1 sentence 1 letter c GDPR, unless you have expressly consented to further use of your data in accordance with Article 6 paragraph 1 sentence 1 letter a GDPR or we reserve the right to use your data beyond this scope in a way that is legally permitted and about which we inform you in this privacy policy.
Live chat tool Ascend by Wix
For the purpose of customer communication we use the live chat tool Ascend by Wix provided by Wix.com Ltd., 40 Nemal St., Tel Aviv 6350671, Israel (Wix). This serves our legitimate interests in effective and improved customer communication which, within the framework of a balancing of interests, are overriding in accordance with Article 6 paragraph 1 sentence 1 letter f GDPR. Wix acts on our behalf.
Our service providers are based in and or use servers in the following countries for which the European Commission has determined an adequate level of data protection by decision: Israel, United Kingdom, United States of America.
The adequacy decision for the United States of America serves as the basis for the transfer of data to third countries, provided that the respective service provider is certified. Such certification exists.
Our service providers are also based in and or use servers in the following countries: Brazil, Mexico, India, Ukraine.
No adequacy decision by the European Commission exists for these countries. Our cooperation with these service providers is based on the following safeguards: standard contractual clauses of the European Union.
3. Advertising by email
3.1 Email newsletter with registration, newsletter tracking with separate consent
If you register for our newsletter, we use the data required for this or data provided by you separately in order to send you our email newsletter regularly on the basis of your consent in accordance with Article 6 paragraph 1 sentence 1 letter a GDPR. You can unsubscribe from the newsletter at any time, either by sending a message to the contact option described below or via a link provided for this purpose in the newsletter. After you unsubscribe, we delete your email address from the distribution list unless you have expressly consented to further use of your data in accordance with Article 6 paragraph 1 sentence 1 letter a GDPR or we reserve the right to use data beyond this scope in a way that is legally permitted and about which we inform you in this privacy policy.
If you have additionally given us your consent in accordance with Article 6 paragraph 1 sentence 1 letter a GDPR to the analysis of our newsletters, we also analyse your interaction with our newsletter by measuring, storing and evaluating open rates and click rates for the purpose of designing future newsletter campaigns (newsletter tracking).
For this analysis the emails sent contain single pixel technologies, for example web beacons and tracking pixels, which are stored on our website. For the analysis we link in particular the following newsletter data
the page from which the page was requested (referrer URL)
the date and time of access
the description of the type of web browser used
the IP address of the requesting computer
the email address
the date and time of registration and confirmation
and the single pixel technologies with your email address or your IP address and, if applicable, an individual identifier. Links contained in the newsletter can also contain this identifier.
You can unsubscribe from newsletter tracking at any time, either by sending a message to the contact option described below or via a link provided for this purpose in the newsletter.
The information is stored for as long as you are subscribed to the newsletter.
3.2 Newsletter dispatch
The newsletter and the newsletter tracking described above may also be sent by our service providers as part of processing on our behalf. If you have any questions about our service providers and the basis of our cooperation with them, please use the contact option described in this privacy policy.
Our service providers are based in and or use servers in the following countries for which the European Commission has determined an adequate level of data protection by decision: Israel, United Kingdom, United States of America.
The adequacy decision for the United States of America serves as the basis for the transfer of data to third countries, provided that the respective service provider is certified. Such certification exists.
Our service providers are also based in and or use servers in the following countries: Brazil, Mexico, India, Ukraine.
No adequacy decision by the European Commission exists for these countries. Our cooperation with these service providers is based on the following safeguards: standard contractual clauses of the European Union.
4. Cookies and other technologies
4.1 General information
To make visiting our website attractive and to enable the use of certain functions, we use technologies on various pages including so called cookies. Cookies are small text files that are automatically stored on your device. Some of the cookies we use are deleted again after the end of the browser session, that is after you close your browser, these are session cookies. Other cookies remain on your device and enable us to recognise your browser the next time you visit (persistent cookies).
Protection of privacy on devices
When you use our online offer, we use technologies that are absolutely necessary in order to provide the telemedia service expressly requested by you. In this respect, the storage of information in your device or access to information already stored in your device does not require your consent.
For functions that are not absolutely necessary, the storage of information in your device or access to information already stored in your device requires your consent. We would like to point out that if you do not give your consent, parts of the website may not be fully usable. Any consent you give remains valid until you adjust or reset the relevant settings on your device.
Subsequent data processing through cookies and other technologies
We use technologies that are strictly necessary to use certain functions of our website, for example website preference settings. These technologies collect and process IP address, time of the visit, device and browser information and information about your use of our website, for example information about your preferences. This serves our legitimate interests in an optimised presentation of our offer which, within the framework of a balancing of interests, are overriding in accordance with Article 6 paragraph 1 sentence 1 letter f GDPR.
We also use technologies to fulfil legal obligations to which we are subject, for example to be able to prove consents to the processing of your personal data, and for web analysis and online marketing. Further information about this, including the respective legal basis for data processing, can be found in the following sections of this privacy policy.
Where you have consented to the use of technologies in accordance with Article 6 paragraph 1 sentence 1 letter a GDPR, you can withdraw your consent at any time by sending a message to the contact option described in this privacy policy.
4.2 Use of the Wix Consent Manager Tool to manage consents
We use the Wix Consent Manager Tool on our website in order to inform you about the cookies and other technologies we use on our website and to obtain, manage and document any consent that may be required for the processing of your personal data by these technologies. This is necessary in accordance with Article 6 paragraph 1 sentence 1 letter c GDPR to fulfil our legal obligation under Article 7 paragraph 1 GDPR to be able to prove your consent to the processing of your personal data. The Wix Consent Manager Tool is a service offered by Wix.com Ltd., 40 Nemal St., Tel Aviv 6350671, Israel (Wix). After you have given your cookie declaration on our website, the web server of Wix stores your IP address, the date and time of your declaration, browser information, language and the URL from which the declaration was sent, as well as information about your consent behaviour. A cookie is also set that contains the information about your consent behaviour. Your data is deleted after 365 days unless you have expressly consented to further use of your data in accordance with Article 6 paragraph 1 sentence 1 letter a GDPR or we reserve the right to use data beyond this scope in a way that is legally permitted and about which we inform you in this privacy policy.
Our service providers are based in and or use servers in the following countries for which the European Commission has determined an adequate level of data protection by decision: Israel, United Kingdom, United States of America.
The adequacy decision for the United States of America serves as the basis for the transfer of data to third countries, provided that the respective service provider is certified. Such certification exists.
Our service providers are also based in and or use servers in the following countries: Brazil, Mexico, India, Ukraine.
No adequacy decision by the European Commission exists for these countries. Our cooperation with these service providers is based on the following safeguards: standard contractual clauses of the European Union.
5. Use of cookies and other technologies for web analysis and advertising purposes
We use the cookies and other technologies of third party providers listed below on our website. Unless stated otherwise for the individual technologies, this is done on the basis of your consent in accordance with Article 6 paragraph 1 sentence 1 letter a GDPR. After the purpose has ceased to exist and the use of the respective technology by us has ended, the data collected in connection with it will be deleted. You can withdraw your consent at any time with effect for the future. Further information about your options for withdrawal can be found in the section Cookies and other technologies. Further information, including the basis of our cooperation with the individual providers, can be found with the individual technologies. If you have any questions about the providers and the basis of our cooperation with them, please use the contact option described in this privacy policy.
X is a service provided by Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland (X). The information that X automatically collects about your use of our online presence on X is usually transferred to a server of X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, United States of America and stored there.
Our service providers are based in and or use servers in countries outside the European Union and the European Economic Area for which the European Commission has determined an adequate level of data protection by decision.
Our service providers are based in and or use servers in countries outside the European Union and the European Economic Area. No adequacy decision by the European Commission exists for these countries. Our cooperation with these service providers is based on standard contractual clauses of the European Commission.
6. Social media
6.1 Social buttons from Facebook by Meta, X formerly Twitter, Instagram by Meta, Whatsapp
We use social buttons from social networks on our website. These are only embedded in the page as HTML links, so that when you access our website, no connection is yet established with the servers of the respective provider. If you click one of the buttons, the website of the respective social network opens in a new browser window. There you can for example click the like or share button.
6.2 Our online presence on Facebook by Meta, X formerly Twitter, Instagram by Meta
If you have given your consent to the respective social media operator in accordance with Article 6 paragraph 1 sentence 1 letter a GDPR, your data will be automatically collected and stored for market research and advertising purposes when you visit our online presences on the social networks mentioned above, and usage profiles will be created using pseudonyms. These profiles can be used to place advertisements within and outside the platforms that presumably correspond to your interests. Cookies are usually used for this. Detailed information on the processing and use of the data by the respective social media operator, as well as a contact option and your rights and settings to protect your privacy, can be found in the data protection information of the providers linked below. If you still need help with this, you can contact us.
Facebook by Meta is a service offered by Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland (Meta Platforms Ireland). The information that Meta Platforms Ireland automatically collects about your use of our online presence on Facebook by Meta is usually transferred to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, United States of America and stored there. Data processing in connection with visits to a Facebook by Meta fan page is based on an agreement between joint controllers in accordance with Article 26 GDPR. Further information about this especially about insights data can be found there.
Our service providers are based in and or use servers in the following countries for which the European Commission has determined an adequate level of data protection by decision: United States of America, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.
The adequacy decision for the United States of America serves as the basis for the transfer of data to third countries, provided that the respective service provider is certified. Such certification exists.
Our service providers are also based in and or use servers in the following countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.
No adequacy decision by the European Commission exists for these countries. Our cooperation with these service providers is based on the following safeguards: standard contractual clauses of the European Commission.
Instagram by Meta is a service offered by Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland (Meta Platforms Ireland). The information that Meta Platforms Ireland automatically collects about your use of our online presence on Instagram is usually transferred to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, United States of America and stored there. Data processing in connection with visits to an Instagram by Meta fan page is based on an agreement between joint controllers in accordance with Article 26 GDPR. Further information about this especially about insights data can be found there.
Our service providers are based in and or use servers in the following countries for which the European Commission has determined an adequate level of data protection by decision: United States of America, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.
The adequacy decision for the United States of America serves as the basis for the transfer of data to third countries, provided that the respective service provider is certified. Such certification exists.
Our service providers are also based in and or use servers in the following countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.
No adequacy decision by the European Commission exists for these countries. Our cooperation with these service providers is based on the following safeguards: standard contractual clauses of the European Commission.
7. Contact options and your rights
7.1 Your rights
As a data subject you have the following rights:
in accordance with Article 15 GDPR, the right to request information about your personal data processed by us to the extent specified there
in accordance with Article 16 GDPR, the right to request the immediate correction of inaccurate or completion of your personal data stored by us
in accordance with Article 17 GDPR, the right to request the deletion of your personal data stored by us, unless further processing is required
for exercising the right to freedom of expression and information
for the fulfilment of a legal obligation
for reasons of public interest or
for the establishment, exercise or defence of legal claims
in accordance with Article 18 GDPR, the right to request the restriction of processing of your personal data where
the accuracy of the data is contested by you
the processing is unlawful, but you oppose the deletion of the data
we no longer need the data, but you require it for the establishment, exercise or defence of legal claims or
you have objected to processing in accordance with Article 21 GDPR
in accordance with Article 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machine readable format or to request that it be transmitted to another controller
in accordance with Article 77 GDPR, the right to lodge a complaint with a supervisory authority. You can usually contact the supervisory authority at your habitual place of residence or workplace or at the place where our company is based.
Right to object
Where we process personal data as explained above in order to protect our legitimate interests which, within the framework of a balancing of interests, are overriding, you can object to this processing with effect for the future. If processing is carried out for direct marketing purposes, you can exercise this right at any time as described above. Where processing is carried out for other purposes, you only have a right to object if there are reasons arising from your particular situation.
After you have exercised your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defence of legal claims.
This does not apply where processing is carried out for direct marketing purposes. In that case we will no longer process your personal data for this purpose.
7.2 Contact options
If you have any questions about the collection, processing or use of your personal data, or if you wish to request information, correction, restriction or deletion of data, or withdraw consent given or object to a particular use of data, please contact us directly using the contact details given in our legal notice.