Privacy Policy

Information about data processing on open23.de

General Information

This privacy policy provides detailed information on what happens to your personal data when you visit our website open23.de. Personal data is any data with which you can be personally identified. We strictly adhere to legal regulations, in particular the General Data Protection Regulation (GDPR), and place great importance on ensuring that your visit to our website is absolutely secure.

Responsible Entities (Data Controllers)

The parties responsible for the collection and processing of personal data on this website are jointly:

First Name, Last Name: Rafael Sadowski

  • Street, House Number: Hintere Ledergasse 36
  • Zip Code, City: 90403 Nuremberg
  • Country: Germany
  • Email: contact@open23.de
  • Signal Messenger: Signal-Link

First Name, Last Name: Sabina Sadowski

  • Street, House Number: Hintere Ledergasse 36
  • Zip Code, City: 90403 Nuremberg
  • Country: Germany
  • Email: contact@open23.de
  • Signal Messenger: Signal-Link

In this privacy policy, we are jointly referred to as “we”, “us”, or “our”. We have determined in an agreement on joint controllership (pursuant to Art. 26 GDPR) which party fulfills which data protection obligations. The essential contents of this agreement are available to data subjects upon request.

Provision of the Website and Server Log Files

Our website is operated on our own server. No data is passed on to external hosting service providers.

Each time our website is accessed, the system automatically collects data and information from the computer system of the calling computer. The following data is collected:

  • Browser type and version
  • Operating system used
  • Referrer URL (the previously visited page)
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

The legal basis for the temporary storage of this data is Art. 6 (1) (f) GDPR. Our legitimate interest is to ensure the functionality of the website, maintain the security of the information technology systems, and optimize the website. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected (usually after 7 days at the latest).

No Cookies and No External Services (Privacy by Design)

  • No Cookies: We do not use cookies on this website. Therefore, no consent banner (cookie banner) is required.
  • No Analysis Tools: We do not use trackers or analysis tools (such as Google Analytics).
  • No External Resources: We do not embed external web fonts (e.g., Google Fonts), scripts, or libraries from third-party providers. All content (including fonts) is loaded locally from our own server. This ensures that no data flows to third-party servers.

Contact Form / Email Contact

If you contact us via email or a contact form, the data transmitted, including your contact details, will be stored to process your inquiry or to be available for follow-up questions. This data will not be passed on without your consent.

The processing of data entered into the contact form is based exclusively on your consent (Art. 6 (1) (a) GDPR). You can revoke your consent at any time. A simple notification by email is sufficient.

Communication via Signal Messenger

If you choose to contact us via the Signal Messenger service, we will process your Signal username (or phone number) and the content of your message for the purpose of handling and responding to your inquiry.

The legal basis for this processing is Art. 6 (1) (b) GDPR, provided your inquiry is related to the performance of a contract or the initiation of a contract. In all other cases, the legal basis is our legitimate interest in providing a fast and secure communication channel (Art. 6 (1) (f) GDPR).

Please note that the data processing is subject to the privacy policy of Signal Messenger, LLC. Signal provides end-to-end encryption for your messages, which means that the content of the communication cannot be read by the service provider itself. However, metadata (such as the time of the message) may be processed by the provider.

Data Security (SSL/TLS Encryption)

For security reasons and to protect the transmission of confidential content, such as inquiries you send to us, our website uses SSL or TLS encryption. You can recognize an encrypted connection by the “https://” in the browser’s address bar and the lock symbol.

Your Rights (Data Subject Rights)

Regarding your personal data, you have the following rights under the GDPR:

  • Right to Withdraw Consent (Art. 7 (3) GDPR): Withdraw your consent for future processing.
  • Right of Access (Art. 15 GDPR): Obtain information about your processed data.
  • Right to Rectification (Art. 16 GDPR): Correct inaccurate data.
  • Right to Erasure (Art. 17 GDPR): Request the deletion of your data.
  • Right to Restriction of Processing (Art. 18 GDPR): “Block” your data under certain conditions.
  • Right to Data Portability (Art. 20 GDPR): Receive your data in a machine-readable format.
  • Right to Object (Art. 21 GDPR): Object to processing based on legitimate interests.
  • Right to Lodge a Complaint (Art. 77 GDPR): Complain to a supervisory authority.

The competent authority for us is: Bayerisches Landesamt für Datenschutzaufsicht (BayLDA) Promenade 18, 91522 Ansbach, Germany Web: https://www.lda.bayern.de