Privacy Policy

Overview

This website processes personal data only to the extent required for operating the website, protected project and questionnaire areas, and handling inquiries.

Responsible entity

Niklas Hoffmann

Fröbelstraße 20

67433 Neustadt an der Weinstraße

E-Mail: datenschutz@pfalz-development.de

Types of Data Processed

Depending on your use of this website, the processed data may include inventory data, contact data, content data, usage data, connection data, and meta/log data (e.g. technical access data).

Purposes of Processing

Data is processed to provide and technically operate the website, control access to protected project and questionnaire areas, handle contact requests and reveal direct contact details, prevent misuse and bots, and perform statistical reach measurement for QR campaigns based on pseudonymized data. Drawing conclusions about individual persons is currently neither intended nor pursued.

Legal Bases

Contact requests are processed based on Art. 6 para. 1 lit. b GDPR (pre-contractual communication) and Art. 6 para. 1 lit. f GDPR (efficient request handling). Technical security/log data and pseudonymized QR statistics are processed based on Art. 6 para. 1 lit. f GDPR. Even when pseudonymized, QR processing remains subject to data protection law.

Contact requests

If you contact me via the contact form or by email, the submitted information (name, email, optional business/phone, message) will be processed to handle your request and stored for follow-up. If you unlock protected contact details, the required verification and security data will also be processed.

Server and log data

When visiting the website, technically necessary server logs may be processed. For contact requests and the unlocking of protected contact details, the IP address is processed for security and abuse prevention purposes; on the server side, it is logged only in pseudonymized form (short hash).

Cookies and Tracking

This website does not use analytics or marketing cookies and does not set consent-requiring cookies. Only technically necessary cookies and comparable technologies are used where required for secure operation, protected project and questionnaire areas, or user-side presentation. This includes in particular a technically necessary session cookie for protected access as well as entries in local storage or session storage, for example for theme settings, presentation effects, and already revealed contact details. Tracking via external analytics platforms (e.g. Google Analytics) is currently not used.

Recipients of Data

Data is shared with third parties only where necessary for contractual performance, technical service provision (e.g. hosting, email delivery, spam and bot protection), or legal obligations. Pseudonymized access data is processed for reach measurement via QR links. When Cloudflare Turnstile is used, technical connection data, the IP address, browser information, and the respective verification token may be transmitted to Cloudflare.

Hosting and Processors

Hosting is provided by STRATO AG, Otto-Ostrowski-Straße 7, 10249 Berlin, Germany. A data processing agreement pursuant to Art. 28 GDPR is in place with the hosting provider. Email delivery is handled by a technically integrated email service provider (SMTP provider) as part of technical communication. Cloudflare Turnstile is also integrated as a technical service for spam and bot protection for forms and the reveal of direct contact details.

Storage Duration

Contact inquiries are generally stored in email inboxes for up to 12 months unless statutory retention obligations require longer storage. Pseudonymized QR tracking data is automatically deleted after 90 days.

Security Measures

Appropriate technical and organizational measures are implemented to protect your data against loss, unauthorized access, and other risks. This website uses SSL/TLS encryption for data transmission.

Your rights

Under applicable law, you have in particular the right to access, rectification, erasure, restriction of processing, data portability, and objection to certain processing activities.

Withdrawal of Consent

You may withdraw any consent you have given at any time with effect for the future. The lawfulness of processing carried out before withdrawal remains unaffected.

Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data.

Data Protection Officer

There is currently no legal obligation to appoint a data protection officer.

Version of this Privacy Policy

Version: May 2026