(as of 31/5/2023)
This data protection declaration clarifies the type, scope and purpose of the processing of personal data (hereinafter referred to as "data") as part of the provision of our services and within my online offer and the websites, functions and content associated with it as well as external online presences , such as my social media profiles (hereinafter jointly referred to as "online offer"). With regard to the terms used, such as "processing" or "person responsible", I refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).
1. General information and mandatory information
The operator of this website takes the protection of your personal data very seriously. I treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
I would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of the data against access by third parties is not possible.
Note on the responsible body
The responsible body for data processing on this website is:
Link to imprint: extensions.stephanroemer.de/imprint
Responsible body is the natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke consent that you have already given at any time. An informal message by e-mail to me is sufficient. The legality of the data processing that took place up until the revocation remains unaffected by the revocation.
Right of appeal to the competent supervisory authority
In the event of violations of data protection law, the person concerned has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which my company is based. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data that I process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done to the extent that it is technically feasible.
Information, blocking, deletion
You have the right to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data at any time within the framework of the applicable legal provisions. You can contact me at any time at the address given in the legal notice if you have further questions on the subject of personal data.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as online purchases, registration processes or contact requests that you send to me as the site operator, this site uses an SSL or. TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you send to me cannot be read by third parties.
Objection to advertising mails
We hereby object to the use of contact data published as part of the imprint obligation to send unsolicited advertising and information material. The operator of the site expressly reserves the right to take legal action in the event of unsolicited advertising being sent, such as spam e-mails.
2. Data collection on our website
I use what are called “session cookies” on this website. These technically necessary cookies are used to provide the website and its functionality. They do not store any personal data and are automatically deleted at the end of your visit..
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when the browser is closed. However, the functionality of this website may be restricted if cookies are deactivated.
If you send me inquiries via the contact form, your details from the form, including the contact details you provided there, will be stored by me for the purpose of processing the inquiry and in the event of follow-up questions. I will not pass on this data without your consent.
I collect and process the following data via the contact form: name, e-mail address, message
The processing of the data entered in the contact form is therefore exclusively based on your consent (Article 6 (1) (a) GDPR). You can revoke this consent at any time. An informal message by e-mail to me is sufficient. The legality of the data processing operations that took place up until the revocation remains unaffected by the revocation.
The data you enter in the contact form will remain with me until you ask me to delete them, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.
Registration for a user account
You can register as a user on my website to download free and paid extensions. I use the data entered for this purpose only for the purpose of creating the account, providing the corresponding functions and processing payments or invoicing. The mandatory information requested during registration must be provided in full.
If you register for a user account, I collect and process the following data: first name, last name and email address. If you want to purchase a paid "Pro Version", you will need to upgrade your existing account or create a new account. In this case, we also collect the following data: address (street, house number), zip code, city and country. As an entrepreneur, you still need to provide the following information: company name and VAT ID.
I collect, process and use personal data only insofar as they are necessary for the establishment, content or change of the legal relationship (inventory data). This is based on Article 6 Paragraph 1 Letter b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures. I only collect, process and use personal data about the use of my website (usage data) to the extent necessary to enable the user to use the service or to bill the user.
The data recorded during registration will be stored by us until the statutory retention periods have expired. These are basically 10 years for reasons of tax law requirements (for "Pro version").
3. External payment service providers
To process your order for a "pro version", I work together with the following service providers, who support me in whole or in part in the execution of closed contracts. Certain personal data is transmitted to these service providers in accordance with the following information.
I will pass on your payment data to the commissioned bank as part of the payment process, provided this is necessary for the payment process. If payment service providers are used, we will explicitly inform you about this below. The legal basis for the transfer of data is Art. 6 Paragraph 1 lit. b GDPR.
As part of the fulfillment of contracts, I use payment service providers on the basis of Article 6 Paragraph 1 lit I use the external payment service providers mentioned on the basis of my legitimate interests in accordance with Article 6 Paragraph 1 lit. f GDPR in order to offer my users effective and secure payment options.
The data processed by the payment service providers includes inventory data , such as name and address, bank details, such as account numbers or credit card numbers, passwords, TANs and checksums, as well as contract, total and recipient-related information. The information is required to carry out the transactions. However, the data entered will only be used by the Payment service providers processed and stored by them I do not receive any account or credit card-related information, only information with confirmation or negative information about the payment. Under certain circumstances, the payment service provider may transmit the data to credit agencies. The purpose of this transmission is to check identity and creditworthiness. For this I refer to the terms and conditions and data protection notices of the payment service providers.
The terms and conditions and data protection notices of the respective payment service providers apply to the payment transactions, which can be called up within the respective websites or transaction applications. I also refer to this for the purpose of further information and the assertion of revocation, information and other data subject rights.
If you choose a payment method from the payment service provider Stripe, the payment will be processed by the payment service provider Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, to whom I will pass on the information you provided during the ordering process along with the information about your order (name, address, account number, sort code, possibly credit card number, invoice amount, currency and transaction number) in accordance with Article 6 Paragraph 1 lit. b GDPR. You can find more information about Stripe's data protection at the URL https://stripe.com/ de/privacy#translation.
Stripe reserves the right to carry out a credit check based on mathematical-statistical procedures in order to protect the legitimate interest in determining the solvency of the user. Stripe may transmit the personal data required for a credit check and received as part of payment processing to selected credit agencies, which Stripe discloses to users upon request. The credit report can contain probability values (so-called score values). As far as score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical process. Among other things, but not exclusively, address data is included in the calculation of the score values. Stripe uses the result of the credit check in relation to the statistical probability of payment default for the purpose of deciding whether to use the selected payment method.
You can object to this processing of your data at any time by sending a message to Stripe or the commissioned credit agencies. However, Stripe may still be entitled to process your personal data if this is necessary for contractual payment processing.
4. Online presence in social media
I maintain online presences within social networks and platforms in order to communicate with the customers, interested parties and users active there and to be able to inform them there about our services.
I would like to point out that data from Users outside the European Union can be processed. This can result in risks for users, for example because it could make it more difficult to enforce user rights. With regard to US providers who are certified under the Privacy Shield, I would like to point out that they undertake to comply with the data protection standards of the EU.
Furthermore, user data is usually processed for market research and advertising purposes. For example, user profiles can be created from user behavior and the resulting interests of users. The usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users' computers, in which the usage behavior and the interests of the users are stored. Furthermore, data can also be stored in the usage profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
The processing of the personal data of the users takes place on Basis of my legitimate interests in effective user information and communication with users in accordance with Article 6 (1) (f) GDPR. If the users are asked by the respective providers for their consent to data processing (i.e. by declaring their consent, e.g. by ticking a checkbox or confirming a button), the legal basis for the processing is Article 6 (1) a., Article 7 DSGVO.
For a detailed description of the respective processing and the possibility of objection (opt-out), I refer to the following linked information from the providers.
Also in the case of requests for information and the assertion of user rights, I would like to point out that these can be asserted most effectively with the providers. Only the providers have access to the data of the users and can take appropriate measures and provide information directly. If you still need help, you can contact us.