Privacy Policy
Last updated: 23 June 2026
1) Introduction and Contact Details of the Controller
1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about the handling of your personal data when using our website. Personal data refers to all data by which you can be personally identified.
1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is STUDIO Elisabeth Bertelmann, Ronsdorfer Straße 75, 40233 Düsseldorf, Germany, Tel.: +49 211 984 797 92, Fax: +49 211 984 797 96, Email: info@elisabethbertelmann.com. The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.
2) Data Collection When Visiting Our Website
2.1 When you use our website purely for informational purposes — i.e. if you do not register or otherwise provide us with information — we only collect data that your browser transmits to our server (so-called "server log files"). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:
- The page visited on our website
- Date and time of access
- Amount of data sent in bytes
- Source/referrer from which you reached the page
- Browser used
- Operating system used
- IP address used (where applicable: in anonymised form)
Processing is carried out in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not shared or used for any other purpose. We do, however, reserve the right to review server log files retrospectively if there are concrete indications of unlawful use.
2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries to the controller), this website uses SSL or TLS encryption. You can recognise an encrypted connection by the "https://" prefix and the padlock symbol in your browser's address bar.
3) Hosting & Content Delivery Network
3.1 GitHub — For hosting our website and displaying page content, we use the services of GitHub Inc., 88 Colin P Kelly Jr Street, San Francisco, CA 94107, USA. All data collected on our website is processed on the provider's servers. We have entered into a data processing agreement with the provider, which ensures the protection of our visitors' data and prohibits unauthorised disclosure to third parties. For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with European data protection standards on the basis of an adequacy decision by the European Commission.
3.2 Netlify — For hosting our website and displaying page content, we use the services of Netlify, Inc., 2325 3rd St #215, San Francisco, USA. All data collected on our website is processed on the provider's servers. We have entered into a data processing agreement with the provider, which ensures the protection of our visitors' data and prohibits unauthorised disclosure to third parties. For data transfers to the USA, the provider relies on Standard Contractual Clauses of the European Commission, which are intended to ensure compliance with European data protection standards.
4) Contact
When you contact us (e.g. via contact form or email), personal data is collected. The data collected when using a contact form can be seen in the respective form. This data is stored and used solely for the purpose of responding to your enquiry and for the technical administration related to that contact.
The legal basis for processing this data is our legitimate interest in responding to your enquiry in accordance with Art. 6(1)(f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6(1)(b) GDPR. Your data will be deleted once your enquiry has been fully processed — i.e. when it can be determined from the circumstances that the matter has been conclusively resolved and provided no statutory retention obligations apply.
5) Rights of the Data Subject
5.1 Applicable data protection law grants you the following rights against the controller with regard to the processing of your personal data:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to notification (Art. 19 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to withdraw consent (Art. 7(3) GDPR)
- Right to lodge a complaint (Art. 77 GDPR)
5.2 Right to Object — Where we process your personal data on the basis of a balancing of interests in accordance with our overriding legitimate interest, you have the right to object to such processing at any time with future effect, on grounds arising from your particular situation. If you exercise your right to object, we will cease processing the data in question. However, continued processing remains possible if we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defence of legal claims. Where your personal data is processed by us for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing. If you exercise your right to object, we will cease processing the data in question for direct marketing purposes.
6) Retention Period for Personal Data
The retention period for personal data is determined by the applicable legal basis, the purpose of processing, and — where relevant — any applicable statutory retention periods (e.g. commercial and tax law retention obligations).
Where personal data is processed on the basis of explicit consent pursuant to Art. 6(1)(a) GDPR, the data is retained until you withdraw your consent. Where statutory retention periods apply to data processed pursuant to Art. 6(1)(b) GDPR, such data is routinely deleted after expiry of the retention periods, provided it is no longer required for the performance or initiation of a contract. Where personal data is processed on the basis of Art. 6(1)(f) GDPR, such data is retained until you exercise your right to object pursuant to Art. 21(1) GDPR, unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms. Where personal data is processed for direct marketing purposes on the basis of Art. 6(1)(f) GDPR, such data is retained until you exercise your right to object pursuant to Art. 21(2) GDPR. Unless otherwise indicated, stored personal data is deleted when it is no longer necessary for the purposes for which it was collected.
Copyright notice: This privacy policy was created by the specialist lawyers at IT-Recht Kanzlei and is protected by copyright (www.it-recht-kanzlei.de).