Privacy Policy

Status: 06/2021


Here we inform you about the processing of personal data when using our online presences. This online data protection declaration therefore applies, among other things, to our website as well as to our social media profiles.

Personal data is all data that can be related to you personally, including your name, address, e-mail, IP address or user behaviour.

With regard to the terms used, such as "processing", "controller" or "data subject", reference is made to the definitions in Art. 4 GDPR.

1. Who is the responsible authority?

We are responsible for the processing of your data on

Webmasters Akademie Nürnberg GmbH
Managing directors with power of representation: Dr. Thorsten Schneider, Dr. Ulrike Walter
Tucherstr. 22
90562 Heroldsberg

Fon: 49 (0)911 / 49 52 23-0
Fax: 49 (0)911 / 49 52 23-99

2. Is there a data protection officer?

We are not legally obliged to appoint a data protection officer.

3. Who is affected by the data processing?

If you visit our online presences (e.g. our website or our social media profiles), e.g. as an interested party, customer, supplier, service provider or other visitor, your personal data will be processed within the scope of the statutory provisions or this declaration. All visitors of our online presences are summarized under the term "user".

4. What data do we collect from you and for what purposes or on what legal basis do we process it?

If you visit our online presences without registering or transmitting information to us in any other way, only the personal data that the browser you use transmits to our server will be processed. As far as we are aware, the data processed includes the data listed below, which is technically required to display our online presence and to ensure its stability and security:

  • IP address of the requesting computer
  • Date and time of the request
  • Name and URL of the retrieved file
  • access status / HTTP status code
  • Amount of data transferred
  • Website from which the request came (referrer URL)
  • Browser used
  • operating system

If you also transmit personal data to us, e.g. in the context of an inquiry by e-mail, then we also process the following data, among others:

  • Inventory data (e.g. name, address)
  • Contact data (e.g. e-mail address)
  • Content data (e.g. text input)
  • Usage data (e.g. sites visited)
  • Communication / metadata (e.g. IP addresses)

In addition, we also process the following personal data for the purposes of providing contractual services, service and customer care as well as marketing / advertising, if you provide it:

  • if applicable, contract data (e.g. subject matter of the contract, customer number).
  • if applicable, payment data (e.g. bank details, payment history)

We process your personal data when you visit our online presence for the following purposes:

  • Providing the functions and contents of our online offer
  • Ensuring a smooth connection to our website
  • Ensuring a comfortable use of our website
  • Evaluation and guarantee of system security and stability as well as general security measures
  • answering any contact requests or communicating with you
  • Other administrative purposes
  • Provision of contractual services
  • customer service
  • Marketing / advertising

Unless we specify a specific legal basis within the scope of this privacy policy, the following applies to the processing of your personal data: The legal basis for obtaining consent results from Art. 6 (1) lit. a, Art. 7 GDPR. The legal basis for data processing for the fulfilment of our services and the implementation of (pre-) contractual measures as well as for the purpose of answering related inquiries is Art. 6 (1) lit. b GDPR. For data processing for the fulfilment of legal obligations, Art. 6 para. 1 lit. c GDPR is the legal basis. If vital interests of the data subject or another natural person make data processing necessary, the legal basis is Art. 6 (1) (d) GDPR. Data processing to protect our legitimate interests is based on Art. 6 (1) lit. f GDPR. Our legitimate interest follows from the above-mentioned purposes of data collection.

If, in the course of processing your personal data, we disclose it to third parties, transfer it to them or otherwise grant them access to the data, this will only be done on the basis of legal permission, insofar as you have consented to it, we are legally obliged to do so or on the basis of our legitimate interests. A legal permission exists in particular if the transfer of data is necessary for the fulfilment of contractual obligations (e.g. in the case of payment or shipping service providers). A legitimate interest may exist if we use data for direct marketing or to prevent fraud, or even if you are a customer of ours. Likewise, a legitimate interest may exist, for example, when using web or email hosts, cloud providers or other service providers. Such service providers often act as so-called order processors on the basis of a corresponding contract. They are also obliged to comply with the data protection requirements and to ensure this contractually. The legal basis for such order processing relationships is Art. 28 GDPR.

5. To whom do we transfer your data?

Unless otherwise stated in the privacy policy, we regularly work with the following recipients in particular:

  • Web hosters
  • payment provider

We carefully select the external service providers. In the case of order processing relationships (Art. 28 GDPR), these companies are contractually bound to our instructions and are regularly monitored by us. In the case of joint responsibility (Art. 26 GDPR), corresponding contractual bases exist. More detailed information on this can be found in the following descriptions of the individual services.

The legal basis for the transfer of your personal data is stated above under point 4.

6. Will your data be transferred outside the EU?

A transfer of your personal data to third countries (i.e. outside the EU or the EEA) or to an international organisation is only envisaged in certain exceptional cases. More detailed information can be found in the following descriptions of the individual services.

If we process your personal data in a third country or have it processed by a third party, this will only be done if it is done to fulfil our (pre-) contractual obligations or on the basis of your consent, a legal obligation or our legitimate interests. Your personal data will only be processed in a third country if the special requirements of Art. 44 et seq. GDPR, unless in individual cases there are legal or contractual permissions. This means that the data processing is carried out, for example, on the basis of special guarantees, such as the officially recognized determination of a level of data protection corresponding to the European Union or the observance of special, recognized contractual obligations (in particular the so-called "EU standard contractual clauses").

7. How long do we process your data?

The duration of the storage of your personal data is regularly measured by existing legal retention periods (e.g. according to commercial or tax law). Unless otherwise stated below, your personal data will be routinely deleted after the expiry of any relevant period, provided that they are no longer required for the performance of the contract or contract initiation, we no longer have a legitimate interest in further storage and/or if you have not consented to storage beyond this.

In Germany, special retention periods exist in the following areas, among others:

  • according to commercial law (6 years e.g. for opening balances, annual financial statements, accounting vouchers, etc.)
  • according to tax law (10 years for all documents relevant to tax law)
  • according to labour law (6 months for documents of rejected applicants)

8. What are your rights?

With regard to the processing of your personal data, you have the following rights towards us:

  • Right to information (Art. 15 GDPR).
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent given (Art. 7(3) GDPR)
  • Right to lodge a complaint (Art. 77 GDPR)

The latter 3 rights are explained in more detail below. If you have any questions about your rights, please do not hesitate to contact us. The contact details can be found above in the sections on the controller.

9. When and how can you object to data processing?

Insofar as your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f GDPR, you have the right to object to the data processing at any time. This will mean that we may no longer process your personal data in the future, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the data processing serves to assert, exercise or defend legal claims.

However, the right to object only applies if there are grounds for doing so that arise from your particular situation or if your objection is directed against direct advertising. In the latter case, you have a general right to object, which is implemented by us without specifying a particular situation.

If you wish to exercise your right of objection, it is sufficient to send a message to our postal address or an e-mail (see above under point 1).

10. When and how can you revoke your consent?

You can revoke any consent you have given to us at any time. This then has the consequence that we may no longer continue the processing of your personal data, which was based on this consent, for the future.

If you wish to exercise your right of revocation, it is sufficient to send a message to our postal address or an e-mail (see above under point 1).

11. Where can you complain?

With regard to the processing of your personal data by us, you have the right to complain to a data protection supervisory authority. A list of the German state data protection supervisory authorities can be found at the following address:

12. When and why is it necessary to provide your data?

In the context of support or other requests, you provide us with your personal data (e.g. name or e-mail address).

The provision of your personal data is sometimes required by law (e.g. by provisions of commercial or tax law). It may also be necessary for the implementation of (pre-) contractual measures. Failure to provide your personal data would mean that the contract with you could not be concluded or that your inquiry could not be answered.

For the execution of contracts or pre-contractual measures or for communication with us, the provision of the following data in particular is mandatory:

  • Name
  • e-mail address
  • if applicable, telephone number (e.g. for queries or answering customer enquiries)
  • if applicable, customer number (e.g. for support activities)

Unless otherwise stated in this privacy policy, all other information is voluntary.

13. Does automated decision making (e.g. profiling) take place?

An automated decision including profiling does not take place.

14. How can you contact us?

You can contact us either by post, telephone or email. You can find our contact details above under the details of the responsible body.

If you contact us by e-mail, for example, we automatically store the personal data you voluntarily send us for the purpose of processing your request or contacting you. This data will not be passed on to third parties.

15. How do we secure our website?

Taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, we take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk (Article 32 GDPR). These measures include, in particular, ensuring the confidentiality, integrity and availability of data. In addition, we have set up business processes at our company that ensure, in particular, the protection of data subjects' rights, the deletion of data and also the response to data breaches. In addition, we observe the principles of data protection law, including data protection through technology design and through data protection-friendly default settings (privacy by design and privacy by default, Art. 25 GDPR).

For security reasons and to protect the transmission of your personal data and other confidential content, we use encrypted transmission via SSL / TLS certificate on our website. You can recognize this by the fact that "https" (instead of "http") and a lock symbol and a different color display appear in the address line of your browser.

16. How do we process your data when you subscribe to our newsletter?

You can subscribe to our newsletter. To do so, you must explicitly give us your consent. With our newsletter, we will inform you regularly about our services, our company and/or current offers. You can find the details in the declaration of consent.

After you have registered for our newsletter, we will first send you an e-mail to the e-mail address you have provided, in which we will ask you to click on the activation link contained for the purpose of confirmation. If you do not confirm your registration in this way within 72 hours, your information will be blocked and automatically deleted after 2 weeks. In addition, we store your IP address and the time of registration and, if applicable, the confirmation. The purpose of this so-called double opt-in procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.

Only your e-mail address is required for sending our newsletter, this is the only mandatory information you have to provide. The possible provision of further, separately marked data is voluntary and will be used for the purpose of a personal address. After your confirmation, we process your e-mail address and, if applicable, the other voluntarily provided data exclusively for the purpose of sending and administering our newsletter. The legal basis for the administration and dispatch as well as the associated performance measurement is Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR in conjunction with § 7 para. 2 No. 3 UWG or on the basis of the exceptional circumstances pursuant to § 7 para. 3 UWG. The logging of the registration process takes place on the basis of our legitimate interests, among other things, for verification purposes (Art. 6 para. 1 lit. f GDPR).

You can revoke your consent to receive our newsletter at any time with effect for the future. You can declare your revocation by clicking on the unsubscribe link contained in each newsletter.

When sending our newsletter, we evaluate your user behaviour. For this purpose, the individual newsletters contain so-called web beacons or tracking pixels ("1-pixel image files"), which are stored on our website. They are retrieved from there when you open the newsletter. Technical information (e.g. information about your browser or your system) and also your IP address and the time of the retrieval are then collected. The data collected is used to create a user profile in order to tailor our newsletter to your individual interests. In doing so, we record the time at which you read our newsletter, which links you click on in it and deduce your personal interests from this. We link this data to actions you have taken on our website.

This information is used for the technical improvement of our services and, if necessary, for the individualization of our offer. You can object to this tracking at any time by informing us in a separate e-mail. In this case, we would stop sending our newsletter to you, as it is not technically possible for us to deactivate tracking for individual users.

17. How and why do we use Matomo?

On our websites we use Matomo (formerly Piwik) for web analysis (provider: InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, NZBN 6106769). We do not use an external service provider for this purpose, but operate Matomo on our own server and also use Matomo without cookie technology. We have also configured Matomo in such a way that your IP address is only recorded in abbreviated form. We therefore process your personal usage data anonymously. It is not possible for us to draw any conclusions about your person. Further information on the terms of use of Matomo and the data protection regulations can be found at:

To stop the data collection by the Matomo web analysis tool, please click here:

18. What are cookies and how do we use them?

On our website we use so-called cookies and alternatively also so-called web storage objects, a further development of cookie technology. With these technologies we store in your web browser, for example, a certain identifier, through which your end device can be recognized when you return to our website. For example, the login status can also be stored so that you do not have to log in each time you visit our site.

You can delete cookies or the web storage via the security settings in your browser at any time or, for example, also refuse to accept them. If you generally wish to object to the use of cookies for online marketing purposes, you can do so with various services or providers, e.g. via the American site or via the European site Please note, however, that you may then not be able to use all the functions of our website.

We only use cookies and web storage objects that are technically necessary for the operation of our website.

The legal basis is Art. 6 para. 1 p. 1 lit. f GDPR or, if applicable, your consent (Art. 6 para. 1 p. 1 lit. a GDPR).