1. Introduction
The protection of your personal data is of the utmost importance. This privacy policy explains the nature, scope, and purpose of the processing of personal data (hereinafter referred to as “data”) in connection with this online offering. This includes the associated website, functions and content, as well as external online presences such as social media profiles (collectively referred to as the “online offering”). Your personal data is treated confidentially and in strict accordance with legal data protection regulations and the provisions of this privacy policy.
General Information
This privacy policy provides a comprehensive overview of what happens to your personal data when you visit this website. Personal data is all information that can be used to personally identify you. Please refer to this complete privacy policy for detailed information about data protection.
Responsible Party
The data processing on this website is carried out by the website operator. Contact details of the responsible party can be found in the “Controller” section of this privacy policy.
Collection of Your Data
Personal data is collected either when you actively provide it, for example, by filling out a contact form, or automatically – with or without your consent – when visiting the website through the IT systems of the controller. This primarily involves technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter the website.
Use of Your Data
Some of the data is collected to ensure the error-free provision of the website. Other data may be used to analyze your user behavior to optimize and tailor the offering to your needs.
Data Transfer to External Parties
In the course of business operations, it may be necessary for the controller to transfer personal data to external parties. This transfer only takes place under specific conditions: when it is necessary to fulfill a contract, when there is a legal obligation (e.g., to tax authorities), when there is a legitimate interest pursuant to Art. 6(1)(f) GDPR, or when another legal basis allows the data transfer. If external service providers are used for data processing, the transfer of personal data is based solely on a valid data processing agreement in accordance with Art. 28 GDPR. If data is processed jointly with other entities, a joint controller agreement pursuant to Art. 26 GDPR will be concluded.
Revocation of Consent to Data Processing
Certain data processing operations are only possible with your explicit consent. You may revoke your consent at any time. The lawfulness of data processing prior to revocation remains unaffected by this.
Right to Object to Specific Processing and Direct Marketing (Art. 21 GDPR)
If your personal data is processed on the basis of Art. 6(1)(e) or (f) GDPR, you have the right to object to this processing at any time for reasons arising from your particular situation. This also applies to profiling based on these provisions. The specific legal basis for processing can be found in this privacy policy. If you object, the controller will no longer process your personal data unless compelling legitimate grounds for the processing can be demonstrated that override your interests, rights, and freedoms or the processing is necessary for the establishment, exercise, or defense of legal claims (objection pursuant to Art. 21(1) GDPR).
If your personal data is used for direct marketing, you have the right to object to this processing at any time. This also applies to profiling related to such direct marketing. After your objection, your personal data will no longer be used for marketing purposes (objection pursuant to Art. 21(2) GDPR).
Rights Under the General Data Protection Regulation (GDPR)
You have the right to lodge a complaint with a supervisory authority if you believe that your data protection rights have been violated. This right may be exercised in the Member State of your habitual residence, place of work, or place of the alleged infringement. Other administrative or judicial remedies remain unaffected.
You also have the right to receive personal data that is processed based on your consent or in fulfillment of a contract in a structured, commonly used, and machine-readable format. Upon request, this data may be transferred directly to another controller, where technically feasible.
Every data subject has the right to obtain information about their stored personal data, including its origin, recipients, and the purpose of data processing. Additionally, you have the right to correct or delete this data, provided there are no legal obligations that prevent deletion. For further questions or concerns regarding your personal data, you may contact the controller at any time.
You may request the restriction of processing of your personal data if the accuracy of the data is contested and under review. This also applies in the case of unlawful processing, where restriction is requested instead of deletion, or if the data is no longer needed but required for the establishment, exercise, or defense of legal claims. If you object to the processing pursuant to Art. 21(1) GDPR, you have the right to restrict processing pending verification of whether your or the controller’s interests prevail.
If the processing of your personal data has been restricted, such data may – aside from storage – only be processed with your consent or for the establishment, exercise, or defense of legal claims, to protect the rights of another natural or legal person, or for reasons of substantial public interest in the EU or a Member State.
2. Controller
The controller for data processing on this website, as defined by the General Data Protection Regulation (GDPR), is:
Paraschos Makriyannnis
Address: Scharnhorststr. 18, 80992 Munich, Germany
Website: www.checkyourclassic.de
Email: info@checkyourclassic.de
Phone: ____________
3. Data Processors
This website works with various data processors who process data on behalf of the controller. These service providers are contractually obligated to treat the data confidentially and use it solely within the scope of their services. In some cases, data processing responsibilities are shared with other parties. In such cases, responsibilities are clearly defined and documented to ensure compliance with data protection requirements.
4. Definitions
To ensure this privacy policy is transparent and understandable to everyone, it primarily uses terms defined in the General Data Protection Regulation (GDPR). Full definitions can be found in Art. 4 GDPR. The most important terms are explained below:
Personal data: All information relating to an identified or identifiable natural person (referred to as “data subject”). A person is considered identifiable if they can be identified directly or indirectly, in particular by association with an identifier such as a name, ID number, location data, online identifier (e.g. cookie), or one or more characteristics specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.
Processing: Any operation or set of operations performed on personal data, whether or not by automated means. This includes collecting, recording, organizing, structuring, storing, adapting, retrieving, consulting, using, disclosing by transmission, disseminating or otherwise making available, aligning or combining, restricting, erasing, or destroying data.
Controller: The natural or legal person, public authority, agency, or other body that alone or jointly determines the purposes and means of the processing of personal data.
Processor: A natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.
Consent: A freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they signify agreement to the processing of their personal data, either by statement or by a clear affirmative action.
Website: The term refers to the entire internet offering provided by the controller under a specific URL, including all published content, information, features, and services accessible to users through that URL.
End device: An electronic device capable of accessing the internet and loading web pages. This includes, for example, computers, laptops, tablets, and smartphones.
These definitions help improve understanding of the privacy policy and clarify the meaning of the terms used.
5. Hosting
This website is hosted on the servers of an external service provider to ensure reliable and secure usage of the online offering.
The data processing by the hosting provider is based on Art. 6(1)(f) GDPR, as the controller has a legitimate interest in providing a stable and secure website. If user consent is required (e.g., for certain cookies or tracking technologies), processing is based on the user’s consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. This consent may be withdrawn at any time with future effect.
The hosting provider is:
fngnet ltd
Astydamantos 85
11634 Athens
Greece
You can find details about data processing and privacy in the hosting provider’s privacy policy here:
www.fngnet.gr/gdpr-compliance-statement
6. Legal Bases for Data Processing
Unless a more specific legal basis is mentioned within this privacy policy, the following applies:
Consent (Art. 6(1)(a) GDPR): Processing is lawful if the data subject has given consent for the specific purpose(s).
Contract performance (Art. 6(1)(b) GDPR): Processing is necessary for the performance of a contract or to take pre-contractual steps at the request of the data subject.
Legal obligation (Art. 6(1)(c) GDPR): Processing is required for compliance with a legal obligation to which the controller is subject.
Legitimate interest (Art. 6(1)(f) GDPR): Processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, unless overridden by the interests or fundamental rights and freedoms of the data subject.
If personal data is processed on the basis of your consent, you have the right to revoke this consent at any time with future effect. Processing that occurred prior to the revocation remains lawful.
If we base processing on our legitimate interest, you have the right to object under the conditions of Art. 21 GDPR.
7. General Data Collection and Log Files
When you access this website, certain data is automatically collected and stored in so-called server log files. This data is technically necessary to display the website and ensure its security and stability. The following data may be collected:
IP address of the accessing device
Date and time of access
Name and URL of the accessed file
Website from which access is made (referrer URL)
Browser used and, if applicable, the operating system of your device
Name of the access provider
This data is not merged with other data sources.
The processing is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of the website, for which server log files must be collected.
8. Use of Cookies
This website uses cookies. Cookies are small text files stored on your end device by your browser. They serve to make the website more user-friendly, efficient, and secure. Some cookies are necessary for the website to function properly (essential cookies), while others help analyze user behavior or personalize content (non-essential cookies).
Essential cookies are stored based on Art. 6(1)(f) GDPR, as the website operator has a legitimate interest in the technically flawless operation of the website.
Non-essential cookies are only stored with your consent under Art. 6(1)(a) GDPR and § 25(1) TTDSG. This consent can be revoked at any time.
Cookie Consent with Real Cookie Banner
This website uses the “Real Cookie Banner” tool to manage your cookie preferences. When you access the website, a banner is displayed asking for your consent to the use of cookies. You can customize your settings at any time.
The use of Real Cookie Banner is based on our legitimate interest in legally compliant and user-friendly cookie management (Art. 6(1)(f) GDPR).
The provider is:
devowl.io GmbH
Tannet 12
94539 Grafling, Germany
Website: https://devowl.io/
9. Contact Form and Email Communication
If you contact us via the contact form or email, your details from the request—including the contact information provided—will be stored for the purpose of processing your inquiry and in case of follow-up questions.
The processing of this data is based on:
Art. 6(1)(b) GDPR: If your request relates to the performance of a contract or is necessary for pre-contractual measures.
Art. 6(1)(f) GDPR: In all other cases, we have a legitimate interest in effectively processing the inquiries sent to us.
We will not share your data without your consent.
10. SSL or TLS Encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as inquiries sent via the contact form. You can recognize an encrypted connection by the browser address line changing from “http://” to “https://” and by the lock symbol in your browser line.
When SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.
11. Google Services
This website uses various services provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Depending on the service, data may be transmitted to Google servers in the USA. Google has submitted to the EU-U.S. Data Privacy Framework. For more information:
https://policies.google.com/privacy/frameworks
For each service used, the legal basis is Art. 6(1)(a) GDPR and § 25 TTDSG, based on your explicit consent.
a) Google Analytics
This website uses Google Analytics to analyze website usage. Cookies are used for this purpose. The information generated is transmitted to Google servers and stored there.
We have activated IP anonymization, so that your IP address is shortened by Google within the EU or EEA before transmission.
You can prevent the collection of data by Google Analytics by refusing cookies via the cookie banner or by installing the following browser plugin:
https://tools.google.com/dlpage/gaoptout?hl=en
b) Google Maps
This website uses the Google Maps map service to display interactive maps and directions. When using Google Maps, data about your usage is transmitted to Google and may be stored.
More about how Google handles user data:
https://policies.google.com/privacy
c) Google Fonts (local hosting)
This website uses Google Fonts for consistent font display. Fonts are hosted locally, so no connection to Google servers is established.
12. Data Processing by Third Parties and Transfer to Third Countries
In the course of our website operations and services, we may engage external service providers (processors) who support us in technical, organizational, or administrative tasks—for example, hosting providers, IT service providers, or marketing platforms. These processors are contractually obligated under Art. 28 GDPR to handle your data carefully and in accordance with data protection regulations.
A transfer of data to third countries (outside the EU/EEA) only occurs if:
It is necessary for the performance of a contract.
You have given explicit consent.
It is required by law.
There is an adequate level of data protection, either through an EU adequacy decision or appropriate safeguards (e.g., EU Standard Contractual Clauses).
If data is transferred to the USA, we ensure, where applicable, that the recipient is certified under the EU-U.S. Data Privacy Framework or equivalent safeguards are in place.
13. Your Rights under the GDPR
You have the following rights under the General Data Protection Regulation (GDPR):
Right of access (Art. 15 GDPR): You have the right to obtain confirmation as to whether personal data concerning you is being processed and, if so, to access this data and further information.
Right to rectification (Art. 16 GDPR): You have the right to request the correction of inaccurate personal data and the completion of incomplete data.
Right to erasure (Art. 17 GDPR): You may request the deletion of your data if it is no longer necessary or if processing is unlawful.
Right to restriction of processing (Art. 18 GDPR): You have the right to request the restriction of processing under certain conditions.
Right to data portability (Art. 20 GDPR): You may request to receive your data in a structured, commonly used, and machine-readable format or have it transmitted to another controller.
Right to object (Art. 21 GDPR): You may object to processing based on legitimate interest or direct marketing at any time.
Right to withdraw consent (Art. 7(3) GDPR): You may withdraw your previously given consent at any time with future effect.
Right to lodge a complaint (Art. 77 GDPR): You may lodge a complaint with a supervisory authority, especially in the Member State of your habitual residence or place of work.
You may assert your rights by contacting us using the details provided above under “Controller”.
14. Data Security
We use appropriate technical and organizational security measures to protect your personal data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
All data transmitted via our website (e.g., contact forms) is encrypted using SSL/TLS technology.
15. Storage Duration and Deletion of Data
Unless a specific storage period is stated within this privacy policy, your personal data will be retained only as long as necessary for the purposes outlined or to comply with legal obligations.
We delete or block personal data once the storage purpose no longer applies, unless further storage is required by:
Tax or commercial retention obligations (e.g., 6 or 10 years according to § 257 HGB, § 147 AO).
Legal or contractual retention obligations.
16. Changes to this Privacy Policy
We reserve the right to amend this privacy policy to reflect changes in legal requirements or technical developments. The current version is always available on our website under the “Privacy Policy” section.
