top of page

Privacy policy

 

This data protection declaration informs you about the type, scope and purpose of the processing of personal data (hereinafter referred to as "data") within our online offer and the websites, functions and content associated with it, as well as external online presences, such as our social media profiles (hereinafter jointly referred to as "online offer"). With regard to the terms used, such as "processing" or "controller", we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

 

Person responsible

Kira Chaparro Schmiel / Kira Flora

Burgunderweg 4

75365, Calw

Germany

 

kira.flora@outlook.de

Managing director/ owner: Kira Chaparro Schmiel

Link to imprint: https://www.kiraflora-fotografie.com/ueber-mich

 

Types of data processed:

- Inventory data (e.g., names, addresses).

- Contact data (e.g., e-mail, telephone numbers).

- Content data (e.g., text entries, photographs, videos).

- Usage data (e.g., web pages visited, interest in content, access times).

- Meta/communication data (e.g., device information, IP addresses).

 

Categories of data subjects

Visitors and users of the online offer (hereinafter, we also refer to the data subjects collectively as "users").

 

Purpose of processing

- Making available the online offer, its functions and content.

- Responding to contact requests and communicating with users.

- Security measures.

- Reach measurement/marketing.

 

Terminology used

"Personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

 

"Processing" means any operation or set of operations which is performed upon personal data, whether or not by automatic means. The term is broad and includes virtually any handling of data.

 

"Pseudonymization" means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures which ensure that the personal data are not attributed to an identified or identifiable natural person.

 

"Profiling" means any automated processing of personal data which consists in using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or change of location.

 

"Controller" means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.

 

"Processor" means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller.

 

Relevant legal basis

In accordance with Art. 13 DSGVO, we inform you of the legal basis for our data processing activities. If the legal basis is not mentioned in the privacy statement, the following applies: The legal basis for obtaining consent is Art. 6(1)(a) and Art. 7 DSGVO, the legal basis for processing to fulfill our services and carry out contractual measures and respond to inquiries is Art. 6(1)(b) DSGVO, the legal basis for processing to fulfill our legal obligations is Art. 6(1)(c) DSGVO, and the legal basis for processing to protect our legitimate interests is Art. 6(1)(f) DSGVO. In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) lit. d DSGVO serves as the legal basis.

 

Security measure

We take security measures in accordance with Art. 32 DSGVO, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing.

bottom of page