top of page

PRIVACY POLICY

General Privacy Policy of Studio Elisabeth Bertelmann as of July 2025

1) Introduction and Contact Details of the Controller
1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data refers to all data with which you can be personally identified.
1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is STUDIO Elisabeth Bertelmann, Studio Elisabeth Bertelmann, Ronsdorfer Straße 75, 40233 Düsseldorf, Germany, Tel: +49 211 984 797 92, Fax: +49 211 984 797 96, Email: info@elisabethbertelmann.com.
 The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.
2) Data Collection When Visiting Our Website
2.1 When you visit our website for purely informational use, i.e., without registering or otherwise providing us with information, we only collect data that your browser transmits to the server (so-called “server log files”). When you access our website, we collect the following data, which is technically necessary for us to display the website:

  • The website visited

  • Date and time of access

  • Amount of data sent in bytes

  • Source/referrer from which you accessed the page

  • Browser used

  • Operating system used

  • IP address used (if applicable, in anonymized form)
     Processing is carried out pursuant to Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be disclosed or used in any other way. However, we reserve the right to check server log files retrospectively if there are concrete indications of unlawful use.
    2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the character string “https://” and the lock symbol in your browser line.

3) Hosting & Content Delivery Network
3.1 Amazon Web Services
 We use the system of the following provider for hosting our website and displaying the content: Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109, USA.
 All data collected on our website is processed on the provider’s servers.
 We have concluded a data processing agreement with the provider, ensuring the protection of our website visitors' data and prohibiting unauthorized disclosure to third parties.
 The provider is certified under the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection based on an adequacy decision by the European Commission.
3.2 Wix
 We use the system of the following provider for hosting our website and displaying the content: Wix HQ, 6350671, Nemal Tel Aviv St 40, Tel Aviv-Yafo, Israel.
 Data is also transmitted to: Wix Inc., 500 Terry A. Francois Boulevard, San Francisco, California 94158, USA.
 All data collected on our website is processed on the provider’s servers.
 We have concluded a data processing agreement with the provider, ensuring the protection of our website visitors' data and prohibiting unauthorized disclosure to third parties.
 An adequate level of data protection is guaranteed by an adequacy decision of the European Commission.
 The provider is also certified under the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection.
3.3 Google Cloud CDN
 We use a content delivery network (CDN) from the following provider: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
 This service allows us to deliver large media files, such as graphics or scripts, more quickly via a network of regionally distributed servers.
 Processing is based on our legitimate interest in improving the stability and functionality of our website in accordance with Art. 6(1)(f) GDPR.
 Data may also be transferred to: Google LLC, USA.
 We have concluded a data processing agreement with the provider to ensure the protection of our website visitors’ data.
 The provider is certified under the EU-US Data Privacy Framework, ensuring compliance with the European data protection level.
4) Cookies
 To make visiting our website attractive and to enable the use of certain functions, we use cookies—small text files stored on your device. Some cookies are automatically deleted after the browser is closed (so-called "session cookies"), while others remain on your device for longer and allow for saving site settings (so-called "persistent cookies"). The storage duration can be found in your browser’s cookie settings.
 If personal data is also processed by individual cookies, processing is based on Art. 6(1)(b) GDPR (for contract performance), Art. 6(1)(a) GDPR (if consent was given), or Art. 6(1)(f) GDPR (our legitimate interest in optimal website functionality and user experience).
 You can configure your browser to inform you about cookie settings and decide individually whether to accept them or to exclude them in certain cases or generally.
 Please note that disabling cookies may limit the functionality of our website.
5) Contacting Us
 When you contact us (e.g., via contact form or email), personal data is collected. The specific data collected can be seen from the respective contact form.
 This data is stored and used exclusively for the purpose of responding to your inquiry and the technical administration associated with it.
 The legal basis for processing this data is our legitimate interest in responding to your request in accordance with Art. 6(1)(f) GDPR. If your contact is aimed at concluding a contract, the legal basis for the processing is also Art. 6(1)(b) GDPR.
 Your data will be deleted once your request has been finally resolved and if no legal retention obligations apply.
6) Tools and Miscellaneous
Cookie Consent Tool
 This website uses a “cookie consent tool” to obtain valid user consent for consent-requiring cookies and cookie-based applications.
 The tool is displayed to users when accessing the page in the form of an interactive interface, where users can give consent for specific cookies and/or applications via checkbox.
 Cookies requiring consent are only set if the user has given consent.
 The tool itself uses technically necessary cookies to save your cookie preferences.
 Personal data is generally not processed. If personal data (e.g., IP address) is processed for the purpose of storing or logging cookie settings, this is done in accordance with Art. 6(1)(f) GDPR (legitimate interest in legally compliant cookie management).
 Further legal basis: Art. 6(1)(c) GDPR (legal obligation to obtain user consent for non-essential cookies).
 If necessary, a data processing agreement has been concluded with the tool provider.
 Further information can be found in the tool’s user interface on our website.
7) Rights of the Data Subject
7.1 According to applicable data protection law, you have the following rights regarding the processing of your personal data:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to notification (Art. 19 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to withdraw consent (Art. 7(3) GDPR)

  • Right to lodge a complaint (Art. 77 GDPR)

7.2 RIGHT TO OBJECT
 IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR LEGITIMATE INTERESTS, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THIS PROCESSING ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION.
 IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE AFFECTED DATA.
 FURTHER PROCESSING IS ONLY PERMITTED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR IF THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS.
 IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF DATA FOR SUCH PURPOSES.
 IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL IMMEDIATELY STOP PROCESSING THE DATA FOR DIRECT MARKETING PURPOSES.
8) Duration of Storage of Personal Data
 The duration of storage of personal data depends on the legal basis, the purpose of processing, and—if applicable—statutory retention periods (e.g., commercial and tax retention periods).
 If processing is based on your consent (Art. 6(1)(a) GDPR), your data will be stored until you withdraw your consent.
 If processing is based on contractual obligations (Art. 6(1)(b) GDPR), data will be stored until those obligations no longer exist, and no further legitimate interest in storage exists.
 If processing is based on legitimate interest (Art. 6(1)(f) GDPR), data will be stored until you exercise your right to object, unless overriding legitimate grounds exist or data is required for legal claims.
 If data is processed for direct marketing purposes, it will be stored until you object pursuant to Art. 21(2) GDPR.
 Otherwise, personal data will be deleted once it is no longer necessary for the purposes for which it was collected or otherwise processed.

Copyright notice: This privacy policy has been created by the specialist lawyers of IT-Recht Kanzlei and is protected by copyright (https://www.it-recht-kanzlei.de)

bottom of page