PRIVACY POLICY



Person in Charge
Stefanie Sandberg Langenfelder Str.75
22769 Hamburg, Germany
e. stefanie@korukoru.de

Personal Information
Personal data is not collected.

Cookies
This website does not use cookies.

Cooperation with order processors and third parties / access data
The website operator or page provider collects data about access to the page and saves it
as "server log files". The following visitor data is recorded and stored:
date and time of access
URL of the referring web page
retrieved file
the amount of data sent, browser type and version
Operating system
and IP address
Storage time: 7 days
Logs are anonymized after 7 days.
The data collected is used solely for statistical evaluations and to improve the website.
However, the website operator reserves the right to subsequently check the server log files if
there are concrete indications of illegal use.
This is done on the basis of Art. 28 DSGVO.

Applicable legal bases
In accordance with Art. 13 DSGVO, we inform you of the legal basis of our data processing.
If the legal basis is not mentioned in the data protection declaration, the following applies:
The legal basis for obtaining consents is Art. 6 para. 1 lit. a and Art. 7 DSGVO, the legal basis
for processing for the performance of our services and performance of contractual
measures as well as for answering inquiries is Art. 6 para. 1 lit. b DSGVO, the legal basis for
processing to fulfil our legal obligations is Art. 6 para. 1 lit. c DSGVO, and the legal basis for
processing to protect our legitimate interests is Art. 6 para. 1 lit. f DSGVO. In the event that
the vital interests of the data subject or another natural person require the processing of
personal data, Article 6(1)(d) DSGVO serves as the legal basis.

Transfers to third countries
No data is transmitted.

Rights of data subjects
You have the right to request confirmation as to whether the data concerned are being
processed and to request information about these data as well as further information and a
copy of the data in accordance with Art. 15 DSGVO.
They have correspondingly. In accordance with Article 16 of the DSBER, you have the right to
request the completion of data concerning you or the correction of inaccurate data
concerning you.
In accordance with Art. 17 DSGVO, you have the right to demand that relevant data be
deleted immediately or, alternatively, to demand a restriction on the processing of the data
in accordance with Art. 18 DSGVO.
You have the right to request that the data concerning you that you have provided to us be
received in accordance with Art. 20 DSGVO and to request its transmission to other persons
responsible.
In accordance with Art. 77 DSGVO, they also have the right to file a complaint with the
competent supervisory authority.

Right of revocation
You have the right to revoke consents granted pursuant to Art. 7 para. 3 DSGVO with future
effect.

Right of objection
You can object to the future processing of the data concerning you in accordance with Art.
21 DSGVO at any time. The objection may be lodged in particular against processing for
direct marketing purposes.

Deletion of data
The data processed by us will be deleted or their processing restricted in accordance with
Articles 17 and 18 DSGVO. Unless expressly stated in this data protection declaration, the
data stored by us will be deleted as soon as it is no longer required for its intended purpose
and the deletion does not conflict with any statutory storage obligations. If the data are not
deleted because they are necessary for other and legally permissible purposes, their
processing is restricted. This means that the data is blocked and not processed for other
purposes. This applies, for example, to data that must be retained for commercial or tax
reasons.
In accordance with statutory requirements in Germany, the records are kept in particular for
6 years in accordance with § 257 (1) HGB (trading books, inventories, opening balance
sheets, annual financial statements, commercial letters, accounting documents, etc.) and
for 10 years in accordance with § 147 (1) AO (books, records, management reports,
accounting documents, commercial and business letters, documents relevant for taxation,
etc.).

Hosting
The hosting services we use serve to provide the following services: Infrastructure and
platform services, computing capacity, storage space and database services, security
services and technical maintenance services that we use for the purpose of operating this
online offering.
We or our hosting provider process inventory data, contact data, content data, contract
data, usage data, meta- and communication data of customers, interested parties and
visitors of this online offer on the basis of our legitimate interests in an efficient and secure
provision of this online offer according to Art. 6 Para. 1 lit. f DSGVO in conjunction with. Art. 28
DSGVO (conclusion of order processing contract).

Collection of access data and log files
We, or our hosting provider, collect the following data on the basis of our legitimate interests
within the meaning of Art. 6 para. 1 lit. f. DSGVO data on each access to the server on
which this service is located (so-called server log files). Access data includes the name of
the accessed website, file, date and time of access, transferred data volume, notification of
successful access, browser type and version, the user's operating system, referrer URL (the
previously visited page), IP address and the requesting provider.
Log file information is stored for a maximum of 7 days for security reasons (e.g. to investigate
misuse or fraud) and then deleted. Data whose further storage is required for evidentiary
purposes are excluded from deletion until the respective incident has been finally clarified.

Contacting
When contacting us (e.g. by e-mail or telephone), the user's details may be processed for
processing the contact request and its processing in accordance with Art. 6 Para. 1 lit. b)
DSGVO. User information can be stored in a customer relationship management system
("CRM system") or comparable request organization. Please note that the use of e-mail
communication is not secure.
We delete the requests if they are no longer necessary. We review this requirement every two
years; the statutory archiving obligations also apply.