top of page

DATA PROTECTION STATEMENT

Studio Tsavaris takes the protection of your personal data very seriously. We treat your personal data confidentially and in compliance with the statutory data protection regulations and this data protection statement. The purpose of this Data Protection Statement is to inform you about the type of personal data that will be collected when you use our website, www.studiotsavaris.com, and how we will process, use, and protect such data.


1. GENERAL INFORMATION

1.1 Responsible Party

Use of the www.studiotsavaris.com website is subject to the Data Protection Statement set out below. The www.studiotsavaris.com website is a service provided by Annkatrin Kann-Tsavaris, Dockenhudener Str. 18, 22587 Hamburg, Germany (hereinafter referred to as “Studio Tsavaris”).

1.2 Data Collection

On the one hand, your data is collected when you provide it to us. This may, for example, be data that you provide to us by e-mail. Other data is collected automatically or with your consent by our IT systems when you visit the website. This is mainly technical data (e.g. internet browser, operating system or time of page access). This data is collected automatically as soon as you enter this website. Part of the data is collected to ensure error-free provision of the website. Other data may be used to analyse your user behaviour. If you contact us by e-mail or telephone, your enquiry including all resulting personal data (name, enquiry) will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent. We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

 

1.3 Your Rights

At any time, at no cost to you and without providing any reason you can request information regarding the data relating to you which is saved in our systems as well as information regarding the origin, recipients or categories of recipients to whom such data has been transmitted and why such data has been saved. In addition, legally you are entitled to have your personal data corrected, blocked or deleted. Also, you can revoke your consent to the use of your data at any time and without having to provide a reason. Please address any requests for information, inquiries, objections to the processing of your data, and any questions you may have to Studio Tsavaris in writing via letter or e-mail to info@studiotsavaris.comThe collected personal data will be deleted or blocked as soon as the purpose of the storage no longer applies.

2 HOSTING

We host the content of our website with the provider WIX: Wix.com Ltd, 40 Namal Tel Aviv St, Tel Aviv 6350671, Israel (hereinafter "WIX").

WIX is a tool for creating and hosting websites. When you visit our website, WIX can analyse user behaviour, visitor sources, the region of website visitors and visitor numbers. WIX stores cookies on your browser that are necessary for the technical presentation of the website and to ensure security (necessary cookies). The data collected via WIX may be stored on various servers worldwide. The WIX servers are located in the USA, among other places. Details can be found in the data protection declaration of WIX: https://de.wix.com/about/privacy.

 

According to WIX, data transfer to the USA and other third countries is based on the standard contractual clauses of the EU Commission or comparable guarantees according to Art. 46 DSGVO. Details can be found here: https://de.wix.com/about/privacy-dpa-users.

The use of WIX is based on Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in ensuring that our website is presented as reliably as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device as defined by the TTDSG. The consent can be revoked at any time.

 

The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Any company certified under the DPF undertakes to comply with these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant- detail?contact=true&id=a2zt0000000GnbGAAS&status=Active

3 MANDATORY INFORMATION

3.1 Storage Period

Unless a more specific storage period has been stated within this privacy policy, your personal data will remain with us until the purpose for processing the data no longer applies. If you assert a justified request for deletion or revoke consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer apply.

3.2 Legal Basis for Data Processing

Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) a DSGVO serves as the legal basis. When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) (b) DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures. If processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 (1) c DSGVO serves as the legal basis. If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) f DSGVO serves as the legal basis for the processing.

3.3 Information, Correction and Deletion

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if applicable, a right to correction or deletion of this data.

3.4 Rights of Restricting Data Processing

You have the right to request the restriction of the processing of your personal data. To do this, you can contact us at any time. The right to restriction of processing exists in the following cases:

- If you dispute the accuracy of your personal data stored by us, we usually need time to check this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.

- If the processing of your personal data happened/is happening unlawfully, you can request the restriction of data processing instead of erasure.

- If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request restriction of the processing of your personal data instead of erasure.

- If you have lodged an objection pursuant to Art. 21 (1) DSGVO, a balancing of your and our interests must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to demand the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, such data may - apart from being stored - only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.

3.5 SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

3.6 Objection to Advertising E-Mails

We hereby object to the use of contact data published within the framework of the imprint obligation for the purpose of sending advertising and information material that has not been expressly requested. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example by spam e-mails.


4 AUTOMATED DATA COLLECTION

4.1 Cookies

Our website uses so-called "cookies". Cookies are small data packets and do not harm your computer or mobile device and do not contain any viruses. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser. Cookies can originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). In your browser settings you can choose to be informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally, as well as activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited. We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change (e.g. the language setting). We also use cookies on our website that allow us to analyse users' surfing behaviour (such as the frequency of page views and use of website functions). The user data collected in this way is pseudonymised by technical precautions. Therefore, it is no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the user.

4.2 Server Log Files

As with every website, our server automatically collects the following information and temporarily saves it in server log files which are transmitted by your browser unless you have deactivated such function:

(1) Browser type and browser version

(2) Operating system used

(3) Referrer URL

(4) Host name of the accessing computer

(5) Date and time of the server request

(6) IP address

 

This data is not merged with other data sources. The collection of this data is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the technically error-free presentation and optimisation of its website - for this purpose, the server log files must be collected.

4.3 Enquiry by E-Mail and Telephone

If you contact us by e-mail or telephone, your enquiry including all resulting personal data (name, enquiry) will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.

The processing of this data is based on Art. 6 (1) lit. b DSGVO if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f DSGVO) or on your consent (Art. 6 para. 1 lit. a DSGVO) if this has been requested; the consent can be revoked at any time.

The data you send us via contact requests will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

5 SOCIAL MEDIA

Instagram

Functions of the Instagram service are integrated on this website. These functions are offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. When the social media element is active, a direct connection is established between your end device and the Instagram server. Instagram thereby receives information about your visit to this website. If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to this website with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Instagram. Insofar as consent has been obtained, the above-mentioned service is used on the basis of Art. 6 Para. 1 lit. a DSGVO and § 25 TTDSG. The consent can be revoked at any time. Insofar as no consent has been obtained, the use of the service is based on our legitimate interest in achieving visibility in social media.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook or Instagram. The processing by Facebook or Instagram that takes place after the forwarding is not part of the joint responsibility. Our joint obligations have been set out in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the data protection information when using the Facebook or Instagram tool and for the data protection-secure implementation of the tool on our website. Facebook is responsible for the data security of the Facebook or Instagram products. Data subject rights (e.g. requests for information) regarding the data processed by Facebook or Instagram can be asserted directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:

https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381.

 

For more information, please see Instagram's privacy policy: https://instagram.com/about/legal/privacy/.

The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA to ensure compliance with European data protection standards for data processing in the USA. Any company certified under the DPF undertakes to comply with these data protection standards. For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant- detail?contact=true&id=a2zt0000000GnywAAC&status=Active

bottom of page