Privacy Policy

Version: 2026-03-16-v25
Last updated: March 16, 2026

1) Introduction and Controller Contact Details

1.1

We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about how your personal data is handled when you use our website. Personal data means all data by which you can be personally identified.

1.2

The controller for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Karim Mahmoudi u. Daniel Nikoulchine GbR Korrespont, Paterkamp 11a, 59348 Lüdinghausen, Germany, phone: +4915206615971, email: sunoxio@korrespont.com. The controller of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

2) Data Collection When Visiting Our Website

2.1

When using our website for informational purposes only, that is, if you do not register or otherwise provide us with information, we collect only the data that your browser transmits to the page server (so-called "server log files"). When you access our website, we collect the following data which is technically necessary for us to display the website to you:

• Our visited website
• Date and time at the moment of access
• Volume of data sent in bytes
• Source/referral from which you reached the page
• Browser used
• Operating system used
• IP address used (where applicable in anonymized form)

Processing is carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or otherwise used. However, we reserve the right to review the server log files retrospectively should there be concrete indications of unlawful use.

2.2

For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the https:// character string and the lock symbol in your browser line.

3) Hosting & Content Delivery Network

3.1 Vercel

We use the system of the following provider to host our website and display the page contents: Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA.

All data collected on our website is processed on the provider's servers.

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

3.2 Vercel

We use a content delivery network of the following provider: Vercel Inc., 440 N Barranca Avenue #4133, Covina, CA 91723, USA.

This service enables us to deliver large media files such as graphics, page contents, or scripts more quickly via a network of regionally distributed servers. Processing takes place to safeguard our legitimate interest in improving the stability and functionality of our website pursuant to Art. 6(1)(f) GDPR. We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

4) Cookies

In order to make visiting our website attractive and to enable the use of certain functions, we use cookies, i.e. small text files that are stored on your end device. Some of these cookies are automatically deleted after the browser is closed (so-called "session cookies"), while others remain on your end device for longer and enable page settings to be saved (so-called "persistent cookies"). In the latter case, you can find the storage duration in the overview of your web browser's cookie settings.

If personal data is also processed by individual cookies used by us, processing is carried out either in accordance with Art. 6(1)(b) GDPR for the performance of the contract, in accordance with Art. 6(1)(a) GDPR where consent has been given, or in accordance with Art. 6(1)(f) GDPR to safeguard our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the site visit.

You can configure your browser so that you are informed about the setting of cookies and can decide individually on their acceptance or exclude the acceptance of cookies for certain cases or in general.

Please note that if cookies are not accepted, the functionality of our website may be limited.

5) Contact

When you contact us (e.g. via contact form or email), personal data is processed solely for the purpose of handling and responding to your request and only to the extent required for that purpose.

The legal basis for processing this data is our legitimate interest in responding to your request pursuant to Art. 6(1)(f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6(1)(b) GDPR. Your data will be deleted when it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

6) Data Processing When Opening a Customer Account

Pursuant to Art. 6(1)(b) GDPR, personal data will continue to be collected and processed to the extent necessary if you provide it to us when opening a customer account. You can see which data is required for opening an account from the input form of the relevant form on our website.

You may delete your customer account at any time and can do so by sending a message to the controller's address stated above. After deletion of your customer account, your data will be deleted provided that all contracts concluded through it have been fully processed, no statutory retention periods oppose this, and we have no legitimate interest in further storage.

7) Data Processing for Contract Performance

7.1

For the performance of the contract, we work with the service providers listed below who support us in whole or in part in carrying out concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.

7.2 Use of Payment Service Providers

Stripe

One or more online payment methods from the following provider are available on this website: Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland.

If you select a payment method offered by the provider where you pay in advance (such as credit card payment), the payment data you provided during the order process (including name, address, bank and payment card information, currency, and transaction number) as well as information about the content of your order will be passed on to the provider in accordance with Art. 6(1)(b) GDPR. In this case, your data is passed on exclusively for the purpose of payment processing with the provider and only insofar as this is necessary for this purpose.

If you choose a payment method where the provider pays in advance (such as purchase on account, installment purchase, or direct debit), you will also be asked during the order process to provide certain personal data (first and last name, street, house number, postal code, city, date of birth, email address, telephone number, and, if applicable, data on an alternative payment method).

In order to safeguard our legitimate interest in determining our customers' ability to pay, we forward this data to the provider for the purpose of a credit check in accordance with Art. 6(1)(f) GDPR. On the basis of the personal data you provide and other data (such as shopping basket, invoice amount, order history, and payment experience), the provider checks whether the payment option you selected can be granted with regard to payment and/or default risks.

The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. Among other things, but not exclusively, address data is included in the calculation of the score values.

You may object to this processing of your data at any time by sending a message to us or to the provider. However, the provider may still be entitled to process your personal data if this is necessary for contractual payment processing.

7.3 Electronic Cancellation Option for Ongoing Consumer Contracts

Consumers who have entered into contracts for paid continuing obligations (such as subscription contracts) on this website have the option to terminate them via an electronic button in accordance with the applicable notice periods.

Activating the button leads to a confirmation page on which the consumer can provide more detailed information on the termination, identify themselves clearly, and then submit the termination electronically.

The collection of personal data and its transmission to us takes place pursuant to Art. 6(1)(b) GDPR and only insofar as this is necessary for the proper processing of the termination. Also on the basis of Art. 6(1)(b) GDPR, the personal data provided is used to confirm receipt of the notice of termination and the time of termination electronically in text form. A further legal basis for processing is Art. 6(1)(c) GDPR. We are legally obliged to provide an electronic cancellation option for consumer contracts for paid continuing obligations concluded by electronic means.

8) Web Analytics Services

Cloudflare Web Analytics

This website uses the web analytics service of the following provider: Cloudflare, Inc., 101 Townsend St. San Francisco, CA 94107, USA.

With the help of cookies and/or comparable technologies (tracking pixels, web beacons, algorithms for reading device and browser information), the service collects and stores pseudonymized visitor data, including information about the device used such as the IP address and browser information, in order to evaluate it for statistical analyses of user behavior on our website and to create pseudonymized usage profiles. Among other things, this makes it possible to evaluate movement patterns (so-called heatmaps), which show the duration of page visits as well as interactions with page content (e.g. text input, scrolling, clicks, and mouse-overs). Pseudonymization generally rules out direct personal reference. There is no merging with other clear data collected about your person in other ways.

All processing described above, in particular the reading or storage of information on the end device used, is only carried out if you have given us your express consent to do so pursuant to Art. 6(1)(a) GDPR. You can revoke any consent you have given at any time with effect for the future by deactivating this service in the "cookie consent tool" provided on the website.

We have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

9) Site Functionalities

9.1 Google Sign-In

We provide a single sign-on function from the following provider on our website: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

In addition to a transfer of data to the provider location stated above, data may also be transferred to: Google LLC, USA.

If you have an account with the provider, you can use those account details to log in for the creation of a user account or registration on our website.

When visiting this page, this sign-in function may establish a direct connection between your browser and the provider's servers, even if you do not have an account with the provider or are not logged into such an account. The provider thereby receives the information that you have visited our site. The information collected in this context (including your IP address, where applicable) is transmitted directly from your browser to a server of the provider and stored there. However, the information is not used to identify you personally and is not passed on to third parties.

These data processing operations are carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in a user-friendly and interactive design of our online presence.

If you click the sign-in button in order to register on our website using your account data with the provider, the provider will transmit to us, solely on the basis of your express consent pursuant to Art. 6(1)(a) GDPR, the general and publicly accessible information stored in your account, in particular user ID, name, email address, and profile picture, insofar as this information is provided by the provider.

We store and use the data transmitted by the provider to set up a user account with the necessary data, provided that you have released this to the provider. Conversely, on the basis of your consent, data (e.g. information about your surfing or purchasing behavior) may be transferred by us to your account with the provider.

Any consent granted may be withdrawn from us at any time with effect for the future.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.

Further information about Google's privacy practices can be found here: https://business.safety.google/intl/de/privacy/

9.2 Supabase

On our website, we use the service of the following provider to verify sign-up and login attempts for protected areas: Supabase, Inc., 548 Market St, San Francisco, CA 94104, USA.

Solely on the basis of our legitimate interest in safeguarding the structural and data security of our website, your login data (email, username, and password) is transmitted to the provider for authentication pursuant to Art. 6(1)(f) GDPR in order to decide on the approval of the login attempt.

We have concluded a data processing agreement with the provider that protects the data of our website visitors and prohibits disclosure to third parties.

For the transfer of data to the USA, the provider relies on the European Commission's standard contractual clauses, which are intended to ensure compliance with the European level of data protection.

10) Tools and Miscellaneous

Cookie Consent Tool

This website uses a so-called "cookie consent tool" to obtain effective user consent for cookies and cookie-based applications that require consent. The "cookie consent tool" is displayed to users when they visit the site in the form of an interactive user interface in which consent can be granted for certain cookies and/or cookie-based applications by ticking boxes. Through the use of the tool, all cookies/services requiring consent are only loaded if the respective user gives corresponding consent by ticking the box. This ensures that such cookies are only set on the respective user's end device if consent has been granted.

The tool sets technically necessary cookies in order to store your cookie preferences. Personal user data is generally not processed in this context.

If, in individual cases, personal data is nevertheless processed for the purpose of storing, assigning, or logging cookie settings, this is done in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in legally compliant, user-specific, and user-friendly consent management for cookies and thus in a legally compliant design of our website. We do not store additional server-side IP data for consent logging.

Another legal basis for processing is also Art. 6(1)(c) GDPR. As controller, we are legally obliged to make the use of technically unnecessary cookies dependent on the respective user consent.

Where required, we have concluded a data processing agreement with the provider that ensures the protection of our website visitors' data and prohibits unauthorized disclosure to third parties.

Further information about the operator and the settings options of the cookie consent tool can be found directly in the corresponding user interface on our website.

11) Rights of the Data Subject

11.1

Applicable data protection law grants you the following data subject rights vis-a-vis the controller with regard to the processing of your personal data, whereby reference is made to the legal basis stated for the respective conditions of exercise:

• right of access pursuant to Art. 15 GDPR
• right to rectification pursuant to Art. 16 GDPR
• right to erasure pursuant to Art. 17 GDPR
• right to restriction of processing pursuant to Art. 18 GDPR
• right to be informed pursuant to Art. 19 GDPR
• right to data portability pursuant to Art. 20 GDPR
• right to withdraw granted consent pursuant to Art. 7(3) GDPR
• right to lodge a complaint pursuant to Art. 77 GDPR

11.2 Right to Object

If, within the framework of a balancing of interests, we process your personal data on the basis of our overriding legitimate interest, you have the right at any time to object to this processing with effect for the future on grounds arising from your particular situation.

If you exercise your right to object, we will stop processing the data concerned. However, further processing remains reserved if we can demonstrate compelling legitimate grounds for the processing which override your interests, fundamental rights, and fundamental freedoms, or if the processing serves the establishment, exercise, or defense of legal claims.

If your personal data is processed by us for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising. You may exercise the objection as described above.

If you exercise your right to object, we will stop processing the data concerned for direct marketing purposes.

12) Duration of Storage of Personal Data

The duration of storage of personal data is determined by the respective legal basis, the processing purpose, and, where applicable, additionally by the respective statutory retention period (e.g. commercial and tax retention periods).

When personal data is processed on the basis of express consent pursuant to Art. 6(1)(a) GDPR, the data concerned is stored until you withdraw your consent.

If statutory retention periods exist for data processed within the framework of legal or quasi-legal obligations on the basis of Art. 6(1)(b) GDPR, this data is routinely deleted after expiry of the retention periods provided that it is no longer required for contract performance or contract initiation and/or we have no legitimate interest in further storage.

When personal data is processed on the basis of Art. 6(1)(f) GDPR, this data is stored until you exercise your right to object pursuant to Art. 21(1) GDPR, unless we can demonstrate compelling legitimate grounds for processing which override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.

When personal data is processed for direct marketing purposes on the basis of Art. 6(1)(f) GDPR, this data is stored until you exercise your right to object pursuant to Art. 21(2) GDPR.

Unless otherwise stated in the other information in this declaration about specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

Copyright notice: This privacy policy was prepared by the specialist lawyers of IT-Recht Kanzlei and is protected by copyright (https://www.it-recht-kanzlei.de).