Privacy Policy
Privacy Policy
––––––––––––––––––––
1) Introduction and Contact Details of the Data Controller
1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about the handling of your personal data when using our website. Personal data is any data that can be used to personally identify you.
1.2 The data controller for this website within the meaning of the General Data Protection Regulation (GDPR) is Vanessa Bek, Brückengasse 1B, 78462 Konstanz, Germany, Tel.: +4915140093616, Email: hello@vey-in.com. The data controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.
2) Data Collection When You Visit Our Website
2.1 When you use our website for purely informational purposes, i.e., if you do not register or otherwise provide us with information, we only collect data that your browser transmits to the website server (so-called “server log files”). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:
– The website you visited
– Date and time of access
– Amount of data sent in bytes
– Source/referrer from which you accessed the page
– Browser used
– Operating system used
– IP address used (possibly in anonymized form)
This processing is carried out in accordance with Art. 6 Para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be disclosed or used for any other purpose. However, we reserve the right to subsequently review the server log files should there be concrete indications of unlawful use.
2.2 This website uses SSL/TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to us). You can recognize an encrypted connection by the “https://” prefix and the padlock icon in your browser’s address bar.
3) Hosting & Content Delivery Network
We use a provider to host our website and display its content. This provider performs its services, either directly or through selected subcontractors, exclusively on servers within the European Union.
All data collected on our website is processed on these servers.
We have concluded a data processing agreement with this provider, which ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.
4) Cookies
To make visiting our website more attractive and to enable the use of certain functions, we use cookies, which are small text files that are stored on your device. Some of these cookies are automatically deleted after you close your browser (so-called “session cookies”), while others remain on your device for a longer period and allow us to save your website settings (so-called “persistent cookies”). In the latter case, you can find information about the storage duration in your web browser’s cookie settings.
If any of the cookies we use process personal data, this processing is carried out in accordance with Article 6(1)(b) GDPR for the performance of a contract, in accordance with Article 6(1)(a) GDPR if you have given your consent, or in accordance with Article 6(1)(f) GDPR to protect our legitimate interests in ensuring the best possible website functionality and a user-friendly and effective website experience.
You can configure your browser to notify you when cookies are set and allow you to decide whether to accept them individually, or to block cookies in certain cases or entirely.
Please note that if you do not accept cookies, the functionality of our website may be limited.
5) Contacting Us
5.1 Calendly
We use the services of the following provider to offer an online appointment booking function: Calendly, LLC, BB&T Tower, 271 17th St NW, Atlanta, GA 30363, USA.
For the purpose of scheduling appointments, in accordance with Art. 6 Para. 1 lit. b GDPR, we collect your first and last name as well as your email address (and, if applicable, your telephone number if you request a telephone appointment) and, in accordance with Art. 6 Para. 1 lit. f GDPR, transmit this data to the provider based on our legitimate interest in effective customer management and efficient appointment scheduling. This data is then stored there for appointment organization.
After the appointment has taken place or after the agreed appointment period has expired, your data will be deleted.
6) Website Functionalities
Zoom
For conducting online meetings, video conferences, and/or webinars, we use the following provider: Zoom Video Communications Inc., 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA.
The provider processes various types of data. The scope of the data processed depends on what information you provide before or during your participation in an online meeting, video conference, or webinar. Your data as a communication participant is processed and stored on the provider’s servers. This may include, in particular, your registration data (name, email address, phone number (optional), and password) and session data (topic, participant IP address, device information, description (optional)).
In addition, participants’ video and audio contributions, as well as voice input in chats, may be processed. For the processing of personal data necessary for the performance of a contract with you (this also applies to processing operations necessary for carrying out pre-contractual measures), Article 6(1)(b) GDPR serves as the legal basis. If you have given us your consent to the processing of your data, the processing is based on Article 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future. Furthermore, the legal basis for data processing when conducting online meetings, video conferences, or webinars is our legitimate interest, pursuant to Article 6(1)(f) GDPR, in the effective conduct of the online meeting, webinar, or video conference.
We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which, based on an adequacy decision by the European Commission, ensures compliance with the European level of data protection.
7) Tools and Other Information
Cookie Consent Tool
This website uses a so-called “cookie consent tool” to obtain effective user consent for cookies and cookie-based applications that require consent. The “cookie consent tool” is displayed to you as an interactive user interface when you visit the site, where you can grant consent for specific cookies and/or cookie-based applications by ticking boxes. By using this tool, all cookies/services requiring consent are only loaded if you grant the corresponding consent by ticking the boxes. This ensures that such cookies are only placed on your device if you have given your consent.
The tool sets technically necessary cookies to save your cookie preferences. Personal user data is generally not processed in this process.
If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning, or logging cookie settings, this is done in accordance with Article 6(1)(f) GDPR based on our legitimate interest in legally compliant, user-specific, and user-friendly cookie consent management and thus in the legally compliant design of our website.
A further legal basis for processing is Article 6(1)(c) GDPR. As the data controller, we are legally obligated to make the use of cookies that are not technically necessary dependent on the respective user’s consent.
Where necessary, we have concluded a data processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.
Further information about the operator and the settings options of the cookie consent tool can be found directly in the corresponding user interface on our website.
8) Rights of the Data Subject
8.1 The applicable data protection law grants you the following rights as a data subject (rights of access and intervention) with regard to the processing of your personal data by us as the controller, whereby reference is made to the legal basis listed for the respective requirements for exercising these rights:
– Right of access pursuant to Art. 15 GDPR;
– Right to rectification pursuant to Art. 16 GDPR;
– Right to erasure pursuant to Art. 17 GDPR;
– Right to restriction of processing pursuant to Art. 18 GDPR;
– Right to be informed pursuant to Art. 19 GDPR;
– Right to data portability pursuant to Art. 20 GDPR;
– Right to withdraw consent pursuant to Art. 7 para. 3 GDPR;
– Right to lodge a complaint pursuant to Art. 77 GDPR.
8.2 Right to object
If we process your personal data based on our legitimate interests, you have the right to object to this processing pursuant to Art. 15 GDPR.
If we process your personal data based on our legitimate interests, you have the right to object to this processing at any time, on grounds relating to your particular situation, with effect for the future.
If you exercise your right to object, we will cease processing the data in question. However, further processing remains possible if we can demonstrate compelling legitimate grounds for the processing which override your interests, fundamental rights and freedoms, or if the processing serves the purpose of establishing, exercising or defending legal claims.
If you exercise your right to object, we will cease processing the data in question. If we process your personal data for direct marketing purposes, you have the right to object to the processing of your personal data for such marketing at any time. You can exercise your right to object as described above.
If you exercise your right to object, we will cease processing the data in question for direct marketing purposes.
9) Duration of storage of personal data
The duration of storage of personal data is determined by the respective legal basis, the purpose of processing, and – where applicable – the respective statutory retention period (e.g., commercial and tax law retention periods).
When processing personal data based on explicit consent pursuant to Article 6(1)(a) GDPR, the data in question will be stored until you withdraw your consent.
If statutory retention periods exist for data processed in connection with contractual or quasi-contractual obligations based on Article 6(1)(b) GDPR, this data will be routinely deleted after the retention periods have expired, unless it is still required for the performance of a contract or for taking steps prior to entering into a contract and/or we have a legitimate interest in its continued storage.
When processing personal data based on Article 6(1)(f) GDPR, this data will be stored until you exercise your right to object pursuant to Article 21(1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims.
When processing personal data for direct marketing purposes based on Article 6(1)(f) GDPR, this data will be stored until you exercise your right to object pursuant to Article 21(2) GDPR.
Unless otherwise specified in this privacy policy regarding specific processing situations, stored personal data will be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.
Copyright notice: This privacy policy was created by the specialist lawyers of the IT Law Firm and is protected by copyright (https://www.it-recht-kanzlei.de).
Last updated: June 4, 2026, 9:23:10 AM