I take the protection of your privacy and the confidentiality of all information that you provide very seriously. At this point I would like to inform you about how I handle your personal data when:
▶ you visit my internet pages under www.carmano.com and www.carmano.de (hereafter referred to as “my web site” or “this web site”)
▶ you send me personal data by email or by any other means
By the way: I also treat all project data with the same care and confidentiality. For example, your software to be documented and the associated specifications as well as, of course, all the results of my own work, such as concepts and the final documentation.
In case you do not agree to the following data protection regulations, do not use the web site.
Responsible in the sense of data protection law:
90513 Zirndorf (near Nürnberg), Germany
Phone: +49 (0)911/60046-659
Fax: +49 (0)911/60046-863
▶ In general, you can use this web site without providing any personal data. As far as personal data is collected on this web site, this is, as far as possible, always on a voluntary basis.
▶ Instead of sniffing after the visitors of my web site with the help of analysis tools, I rather use my time for providing as much useful and informative content on my web site as possible. Therefore, I do not use any analysis tools like Google Analytics or Matomo.
▶ Because it is absolutely none of other companies' business who visits my web site when and how often, I do not use any social media plug-ins. For the same reason, and because I don't want my site to depend on third parties to work, I don't knowingly load any libraries and fonts from other servers.
▶ All computers and backups that I use for processing and storing your data are encrypted.
▶ I do not use any cloud storage located in countries other than Germany and even here I only store encrypted data.
▶ Unless you have expressly agreed to this, I do not use any web applications for processing your data, such as online editors, online translation tools, or online language checkers.
▶ I use current virus protection software and firewalls.
Servers, Providers, Processors
The server on which this web site is hosted is located in Germany. The data center is operated by the German company STRATO AG (Pascalstraße 10, 10587 Berlin). With STRATO AG, a contract for processing data exists in accordance with Art. 28 (3) of the General Data Protection Regulation (GDPR). No data is transmitted to servers outside the European Union.
Data collected when you visit the web site
The information stored includes:
▶ Your IP address: My hosting provider stores the IP address for a maximum of 7 days to be able to detect and defend against possible attacks. However, I myself have no access to your complete IP address, but for reasons of data protection receive all IP addresses via the server log files only in anonymized form. In particular, the host name or IP address of the client accessing a web page is anonymized. However, from the anonymized IP address I can still trace from which country and region a page or file was accessed.
▶ Accessed page or file.
▶ Referrer URL: If you did not call a page by entering the address in the browser, but via a link, I can see here the URL of the page from which you came. Examples: If you followed a link to my page on a third-party web site, I can see that my page was accessed from that particular third-party page. If you accessed a page from a search engine, I might be able to see which search terms you used because these terms are often part of the URL. If you follow a link on my web site to another page of my web site, I can see from which page the second page was accessed.
▶ Date and time of the access.
▶ Browser type and browser version.
▶ Operating system used.
This data cannot be related to you as a person. I do not merge this data with other data sources.
I process the mentioned data for the following purposes:
▶ to ensure an error-free operation of the web site
▶ to ensure a convenient use of the web site
▶ to ensure system security and stability
▶ for administrative purposes
The legal basis for data processing is Art. 6 Para. 1 f GDPR. My legitimate interest for data collection results from the purposes listed above.
Data collected when contacting me by email, by telephone or by other means
If you send me an email or send or tell me personal data in other ways, I will save this data and the notes that I make.
Please note, however, that emails sent unencrypted via the Internet are not protected against unauthorized access by third parties. I always use SSL/TLS for retrieving and for sending emails. To ensure end-to-end transport encryption, I recommend that you use SSL/TLS, too. With SSL/TLS, however, an email is still unencrypted at some points and might still be read by third parties.
For strictly confidential communication, I recommend that you encrypt sensitive data separately with sufficiently strong encryption.
We can also transfer large files via SFTP/FTPS instead of email after encryption.
Important: Do NOT send the password used for encryption by email, but on a separate channel, such as by telephone, by fax or by letter.
I process this data for the purpose of receiving and responding to your inquiry and for being able to communicate with you in a targeted and appropriate manner in the events of follow-up questions and subsequent projects. Data processing is carried out in accordance with Art. 6 Para. 1 b GDPR.
Data collected and transmitted to me when my e-books and other products are sold by MyCommerce Share-It - Digital River GmbH
My e-books and other products are not sold by myself, but by MyCommerce Share-It - Digital River GmbH, Scheidtweilerstr. 4, 50933 Köln, Germany. A link from my web site takes you to the vendor’s web site and places the selected product directly into the shopping cart. The link also contains the URL of a page to which you are to be redirected after the purchase process has been completed or if it is cancelled.
In case of a successful sale, the vendor sends me an email, which contains the following data, provided that this data was provided by you at the time of purchase:
number of licenses purchased
reseller (if the sale was made via a reseller)
promotion name (if a discount coupon was redeemed)
VAT on shipping costs
total amount of invoice
state / province
VAT registration number
payment method (for payments by credit card including the name of the credit card company)
licensee (e.g. name or company name)
I process this data in order to be able to support you as a customer in case of problems with the product or its licenses. Data processing is carried out in accordance with Art. 6 Para. 1 b GDPR.
Duration of storage
I adhere to the principles of data minimization. I store all personal data only as long as it is necessary for the purpose and as long as I am legally obliged to do so.
Information disclosure to third parties
Normally, I will not pass on your data to third parties without your express consent. The following cases are excluded from this:
▶ You have expressly given your consent in accordance with Art. 6 Para. 1 a GDPR.
▶ According to Art. 6 Para. 1 f GDPR, a disclosure is necessary to assert, exercise, or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data.
▶ There is a legal obligation to pass on data in accordance with Art. 6 Para. 1 c GDPR.
▶ A transfer is legally permissible and required by Art. 6 Para. 1 b GDPR for the processing of contractual relationships with you.
Electronic messages via the contact form and via email are transferred to me via my hosting provider.
To make using this web site as convenient as possible, some of the web site’s pages use so-called cookies. Cookies are small text files that your browser stores on your device used for viewing this web site.
Many of the cookies used on the pages of this web site are so-called session cookies. These cookies improve you user experience and get automatically deleted at the end of your visit. Session cookies do not collect information from your device. Other cookies remain stored on your device until you delete them yourself. These resident cookies enable a page to recognize your browser the next time you visit the page and, if necessary, automatically restore certain user settings for the display, such as the selected font size.
Most web browsers accept cookies by default. However, with small limitations you can also use this web site without cookies. You can configure most browsers so that before saving a cookie the browser asks you whether you want to allow this. Optionally, in most browsers you can prohibit accepting cookies completely, or you can have cookies deleted automatically when closing your browser. For instructions, please refer to your browser's documentation. If necessary, use a browser that supports the required privacy features.
Links to third-party web sites
This web site contains links to other web sites. If you follow a link, the operator of the linked page can use the so-called referrer URL to determine the page from which you came.
However, for example, if the operator of a linked page evaluates your IP address, or if the operator reads cookies from your device that had been set during a previous visit on the operator’s web site, or if you are personally logged in to the pages of the operator, the operator of the visited web site may be able to identify you personally. The operator can find out that you personally have been on my web site beforehand and thus the operator may understand part of your surfing behavior. However, unlike with social media plugins (which I do not use), this does not already happen when you simply visit my web site but only if you actually actively click the corresponding link. Tip: You can restrict or prevent the collection of data by deleting cookies and by logging out of any user account on the linked pages before clicking a link.
Please note that every data transfer on the Internet may have security gaps. For sensitive data, I recommend using encrypted communication by email with some additional, separate encryption of the confidential data.
In addition, I use suitable organisational and technical measures to protect your data against intentional or unintentional manipulation, against partial or total loss, and against unauthorized access by third parties.
Your rights as a data subject
As a person affected by the processing of your data, you have the following rights vis-à-vis me as the processing body in particular:
▶ Right to information in accordance with Art. 15 GDPR: At any time, you have a right to free information about your personal data stored with me as well as about its origin, recipients and purpose.
▶ Right to rectification in accordance with Art. 16 GDPR: You may request the completion of the data concerning you and the correction of incorrect data concerning you.
▶ Right to erasure and right to restriction of processing in accordance with Art. 17 GDPR and Art. 18 GDPR: You may request your personal data to be deleted or its processing to be restricted.
▶ Right to data portability in accordance with Art. 20 GDPR: You have a right to have the personal data that automatically process on the basis of your consent or in fulfillment of a contract handed over to yourself or to a third party in a common, machine-readable format.
You can revoke any consent that you might have given to the processing of your personal data at any time. Please note that the revocation will only take effect in the future. Processing that took place before the revocation is not affected by this.
In the event of data protection violations, in accordance with Art. 77 GDPR, you as the person concerned also have a right of appeal to the responsible supervisory authority. For me, the responsible supervisory authority for issues of data protection is:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Information about your right to object in accordance with Art. 21 GDPR
For reasons arising from your particular situation, at any time you have the right to object to the processing of your personal data that was collected on the basis of Art. 6 Para. 1 f GDPR.
In the event of an objection, I will no longer process your personal data unless I can prove that for processing I have compelling legitimate reasons that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.
You also have the right to object to the processing of your personal data for the purpose of direct advertising at any time without needing to state any specific situation.
If you object to the processing for direct advertising, I will no longer process your data for this purpose.
▶ to meet current legal requirements
▶ if new functions are added to this web site or if new services are added to my portfolio
▶ if functions or services are discontinued in the future
Last updated: May 30, 2018