We have written this data protection declaration (as of 06/2020) to explain to you in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 what information we collect, how we use data and what options you have as a visitor to this website.

Note on the responsible authority

The responsible authority for data processing on this website is:

Night Laser GbR
Robert Hankers
Hinrichsenstr. 11
20535 Hamburg Germany

Telefon: +4917697304289
E-Mail: info@nightlaser.de

The responsible authority is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).

Automatic data storage

When you visit our website, our web server automatically saves data such as

  • the address (URL) of the website
  • called up the browser and browser version
  • the operating system used
  • the address (URL) of the previously visited page (referrer URL)
  • the host name and the IP address of the device from which the access
  • date and time

in files (web server log files).

As a rule, web server log files are stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot rule out that this data will be viewed in the event of illegal behavior. According to Article 6 Paragraph 1 f GDPR (lawfulness of processing), the legal basis is that there is a legitimate interest in enabling the error-free operation of this website by collecting web server log files.

WordPress Stats

This website uses the WordPress Stats tool to statistically evaluate visitor access. The provider is Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110-4929, USA.

WordPress Stats uses cookies that are stored on your computer and that allow an analysis of the use of the website. The information generated by the cookies about the use of our website is stored on servers in the USA. Your IP address will be anonymized after processing and before storage.

WordPress stats cookies remain on your device until you delete them.

The storage of WordPress Stats cookies is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the anonymized analysis of user behavior in order to optimize both its website and its advertising.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when you close the browser. Deactivating cookies may restrict the functionality of our website.

You can object to the collection and use of your data for the future by setting an opt-out cookie in your browser by clicking on this link.

Storage of personal data

Personal data that you transmit to us electronically on this website, such as name, e-mail address, address or other personal information in the context of submitting a form or comments in the blog, are saved by us together with the time and the IP Address used only for the specified purpose and not passed on to third parties.

We therefore only use your personal data for communication with those visitors who expressly request contact and for processing the services and products offered on this website. We do not pass on your personal data without your consent, but we cannot rule out that this data will be viewed in the event of illegal behavior.

If you send us personal data by e-mail – outside of this website – we cannot guarantee secure transmission and protection of your data. We recommend that you never send confidential data unencrypted by e-mail.

According to Article 6 Paragraph 1 a GDPR (lawfulness of processing), the legal basis is that you give us your consent to process the data you have entered. You can revoke this consent at any time – an informal e-mail is sufficient, you will find the contact details in the imprint.

Data transmission when concluding a contract for online shops, dealers and dispatch of goods

We only transfer personal data to third parties if this is necessary in the context of contract processing, for example to the company entrusted with the delivery of the goods or the credit institution commissioned with the processing of payments. A further transmission of the data does not take place or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, e.g. for advertising purposes.

The basis for data processing is Art. 6 Para. 1 lit. b GDPR, which allows the processing of data for the performance of a contract or pre-contractual measures.

Rights according to the General Data Protection Regulation

According to the provisions of the GDPR, you have the following rights:

  • Right to rectification (Article 16 GDPR)
  • Right to erasure (“Right to be forgotten”) (Article 17 GDPR)
  • Right to restriction of processing (Article 18 GDPR)
  • Right to notification – obligation to notify in connection with the correction or deletion of personal data or the restriction processing (Article 19 GDPR)
  • right to data portability (Article 20 GDPR)
  • right to object (Article 21 GDPR)
  • right not to be subject to a decision based solely on automated processing – including profiling (Article 22 GDPR)

If you believe that the processing of your data violates data protection law or that your data protection claims have been violated in any other way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).

Registration on this website

You can register on our website in order to use additional functions on the site. We use the data entered for this purpose only for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be given in full. Otherwise we will reject the registration.

For important changes, for example in the scope of the offer or for technically necessary changes, we will use the e-mail address given during registration to inform you in this way.

The processing of the data entered during registration is based on your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke your consent at any time. An informal e-mail to us is sufficient. The legality of the data processing that has already taken place remains unaffected by the revocation.

The data recorded during registration will be stored by us as long as you are registered on our website and will then be deleted. Statutory retention periods remain unaffected.

Google Fonts privacy policy

We use Google Fonts from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website.

You do not have to log in or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts / fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for Cascading Style Sheets (CSS) and fonts are completely separate from all other Google services. If you have a Google account, you don’t have to worry that your Google account details will be transmitted to Google while you are using Google Fonts.

Why do we use Google Fonts on our website?

With Google Fonts we can use fonts on our own website and do not have to upload them to our own server. All Google fonts are automatically optimized for the web. This saves data volume and is a great advantage, especially for use with mobile devices. Google Fonts supports all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems.

So we use Google Fonts so that we can present our entire online service as beautifully and uniformly as possible. According to Art. 6 Para. 1 f lit. F GDPR, this already represents a “legitimate interest” in the processing of personal data. In this case, “legitimate interest” is understood to mean both legal and economic or non-material interests that are recognized by the legal system.

Which data is saved by Google?

When you visit our website, the fonts are downloaded from a Google server. This external call transmits data to the Google server. In this way, Google also recognizes that you or your IP address are visiting our website. The Google Fonts API was developed to reduce the collection, storage and use of end-user data to what is necessary for the efficient provision of fonts.

Google Fonts securely stores CSS and font requests with Google and is therefore protected. Google can determine the popularity of the fonts through the collected usage figures. Google publishes the results on internal analysis sites such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in Google Fonts’ BigQuery database. BigQuery is a web service from Google for companies that move and analyze large amounts of data.

It should be noted, however, that information such as the IP address, language settings, screen resolution of the browser, version of the browser and the name of the browser are automatically transmitted to the Google server with every Google Font request. It is not clear whether this data is saved or not clearly communicated by Google.

How long and where is the data stored?

Google stores requests for CSS assets for one day on your servers, which are mainly located outside the EU. This enables us to use the fonts with the help of a Google stylesheet. A stylesheet is a format template that can be used to change the design or font of a website quickly and easily.

The font files are stored by Google for one year. Google’s goal is to fundamentally improve the loading time of websites. If millions of websites refer to the same fonts, they are cached after the first visit and immediately reappear on all other websites visited later. Sometimes Google updates font files to reduce file size, increase language coverage, and improve design.

How can I delete my data or prevent data storage?

The data that Google stores for a day or a year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. To be able to delete this data prematurely, you must contact Google support at https://support.google.com/. In this case, you only prevent data storage if you are not visiting our site.

You can also read which data is generally recorded by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/.

Embedded social media elements data protection declaration

We integrate elements of social media services on our website in order to display images, videos and texts. When you visit pages that display these elements, data is transferred from your browser to the respective social media service and stored there. We have no access to this data. The following links take you to the pages of the respective social media services where it is explained how they handle your data:

Facebook privacy policy

On this website we use functions from Facebook, a social media network operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2 Ireland. You can find out which functions (social plug-ins) Facebook provides at https://developers.facebook.com/docs/plugins/. When you visit our website, information can be transmitted to Facebook. If you have a Facebook account, Facebook can assign this data to your personal account. If you do not want this, please log out of Facebook. You can find the data protection guidelines, which information Facebook collects and how they use it, at https://www.facebook.com/policy.php.

Subscribe to comments

As a user of the site you can subscribe to comments after registering. You will receive a confirmation email to check whether you are the owner of the email address provided. You can unsubscribe from this function at any time via a link in the info emails. In this case, the data entered when subscribing to comments will be deleted; However, if you have transmitted this data to us for other purposes and elsewhere (e.g. newsletter subscription), they will remain with us.

Storage duration of the comments

The comments and the associated data (e.g. IP address) are stored and remain on our website until the commented content has been completely deleted or the comments have to be deleted for legal reasons (e.g. offensive comments)

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the website operator, this site uses an SSL or. TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from http: // to https: // and by the lock symbol in your browser line.

If the SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

Encrypted payment transactions on this website

Payment transactions using common means of payment (PayPal, bank transfer) are made exclusively via an encrypted SSL connection.

With encrypted communication, your payment data that you transmit to us cannot be read by third parties.

PayPal

On our website we offer payment via PayPal, among other things. The provider of this payment service is PayPal (Europe) S.à.rl et Cie, SCA, 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”).

If you choose to pay via PayPal, the payment details you have entered will be transmitted to PayPal.

Your data is transmitted to PayPal on the basis of Art. 6 Para. 1 lit. a GDPR (consent) and Art. 6 Para. 1 lit. b GDPR (processing to fulfill a contract). You have the option of withdrawing your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations in the past.

Newsletter data

If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or is only collected on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.

The processing of the data entered in the newsletter registration form takes place exclusively on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “Unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted after you unsubscribe from the newsletter. This does not affect data that we have saved for other purposes (e.g. email addresses for the member area).