This site uses third-party website tracking technologies to offer and continuously improve its services, and to display advertisements according to users' interests. I agree to this and can revoke or change my consent at any time with future effect. Privacy Policy
Settings
Accept allReject all
Cookies

Privacy policy

With this privacy policy, we would like to inform you about the type, scope and purpose of the processing of personal data (hereinafter also referred to as "data"). Personal data is all data that has a personal reference to you, e.g. name, address, e-mail address or your user behavior. The privacy policy applies to all data processing operations carried out by us, both in the context of our core activities and for the online media we provide.

Who is responsible for data processing at our company

Responsible for data processing is:

Matthias Werschmann Digital Product Design
Matthias Werschmann
Subbelrather Str. 196
50823 Cologne
Germany
+4917632967698
hello@mttw.space
https://www.mttw.studio/impressum

Processing of your data in the context of the agency services we provide

We offer agency services. If you are our customer or business partner or are interested in our services, the type, scope and purpose of the processing of your data depends on the contractual or pre-contractual services existing between us. This includes conceptual and strategic consulting, software and design development and consulting and maintenance services in this area, planning and implementation of campaigns, IT and server administration as well as other consulting and training services. In this sense, the data processed by us includes all data that is or has been provided by you for the purpose of using the contractual or pre-contractual services and that is required to process your request or the contract concluded between us. Unless otherwise stated in the further information in this privacy policy, the processing of your data and its disclosure to third parties is limited to the data that is necessary and expedient to answer your inquiries and/or to fulfill the contract concluded between you and us, to protect our rights and to fulfill legal obligations. We will inform you which data is required for this before or during data collection. Insofar as we use third-party providers to provide our services, the data protection notices of the respective third-party providers apply.

Data concerned:

  • Inventory data (e.g. names, addresses)
  • Payment data (e.g. bank details, invoices)
  • Contact data (e.g. e-mail address, telephone number, postal address)
  • Contract data (e.g. subject matter of the contract, duration of the contract)

Affected persons: Customers, interested parties, business and contractual partners

Purpose of processing: Processing of contractual services, communication and answering contact requests, office and organizational procedures

Legal basis: Fulfillment of contract and pre-contractual inquiries, Art. 6 para. 1 lit. b GDPR, legal obligation, Art. 6 para. 1 lit. c GDPR, legitimate interest, Art. 6 para. 1 lit. f GDPR

Your rights under the GDPR

According to the GDPR, you are entitled to the rights listed below, which you can assert at any time with the controller named in section 1 of this privacy policy:

  • Right to information: You have the right to request information from us as to whether and which of your data we process.
  • Right to rectification: You have the right to request the rectification of inaccurate data or the completion of incomplete data.
  • Right to erasure: You have the right to request the erasure of your data.
  • Right to restriction of processing: In certain cases, you have the right to request that we restrict the processing of your data.
  • Right to data portability: You have the right to request that we transmit your data to you or another controller in a structured, commonly used and machine-readable format.
  • Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority. The competent supervisory authority is that of your usual place of residence, your workplace, or our company headquarters.

Right of withdrawal

You have the right to withdraw your consent to data processing at any time.

Right to object

You have the right to object at any time to the processing of your data, which we base on our legitimate interest according to Art. 6 para. 1 lit. f GDPR. If you exercise your right to object, we kindly ask you to state your reasons. We will then no longer process your personal data unless we can demonstrate to you compelling legitimate grounds for the data processing that override your interests and rights.

Irrespective of the foregoing, you have the right to object at any time to the processing of your personal data for advertising and data analysis purposes.

Please address your objection to the controller's contact address provided above.

When do we delete your data?

We delete your data when we no longer need it or when you instruct us to do so. This means that – unless otherwise stated in the individual data protection notices of this privacy policy – we delete your data,

  • if the purpose of data processing has ceased to exist and thus the respective legal basis mentioned in the individual data protection notices no longer applies, e.g.,
    • after the termination of the contractual or membership relationships between us (Art. 6 para. 1 lit. a GDPR) or
    • after our legitimate interest in the further processing or storage of your data ceases to exist (Art. 6 para. 1 lit. f GDPR),
  • if you exercise your right of withdrawal and no other legal basis for processing in the sense of Art. 6 para. 1 lit. b-f GDPR applies,
  • if you exercise your right to object and there are no compelling legitimate grounds preventing the erasure.

However, if we still need to retain (certain parts of) your data for other purposes, for example, because tax retention periods (generally 6 years for business correspondence and 10 years for accounting records) or the assertion, exercise, or defence of legal claims arising from contractual relationships (up to four years) require it, or if the data is needed to protect the rights of another natural or legal person, we will only delete (that part of) your data after these periods have expired. Until these periods expire, we will restrict the processing of this data to these purposes (fulfilment of retention obligations).

Cookies

Our website uses cookies. Cookies are small text files, consisting of a series of numbers and letters, which are placed and stored on the device you use. Cookies primarily serve to exchange information between the device you use and our website. This includes, among other things, language settings on a website, login status, or the point at which a video was watched.

When you visit our websites, two types of cookies are used:

  • Temporary Cookies (Session Cookies): These store a so-called session ID, which allows various requests from your browser to be assigned to the common session. Session cookies are deleted when you log out or close your browser.
  • Permanent Cookies: Permanent cookies remain stored even after the browser is closed. This allows our website to recognise your computer when you return to our website. These cookies store, for example, information on language settings or login information. Furthermore, your browsing behaviour can be documented and stored with these cookies. This data can be used for statistical, marketing, and personalisation purposes.

In addition to the above classification, cookies can also be distinguished according to their purpose:

  • Necessary Cookies: These are cookies that are absolutely essential for the operation of our website, to store logins or shopping carts for the duration of your session, or cookies that are set for security reasons.
  • Statistical, Marketing, and Personalisation Cookies: These are cookies used for analysis purposes or audience measurement. Such "tracking" cookies can store information about entered search terms or the frequency of page views. In addition, the browsing behaviour of an individual user (e.g., viewing specific content, using functions, etc.) can also be stored in a user profile. Such profiles are used to display content to users that matches their potential interests. Insofar as we use services that store cookies for statistical, marketing, and personalisation purposes on your device, we will inform you separately in the following sections of our privacy policy or when obtaining your consent.

Data concerned:

  • Usage data (e.g., access times, clicked web pages)
  • Communication data (e.g., information about the device used, IP address).

Data subjects: Users of our online services

Purpose of processing: Displaying our websites, ensuring the operation of our websites, improving our online services, communication and marketing

Legal basis:
Legitimate interest, Art. 6 para. 1 lit. f GDPR
If we do not obtain your consent for setting cookies, we base the processing of your data on our legitimate interest in improving the quality and user-friendliness of our website, especially its content and functions. You have the option to object to the use of cookies set by us based on our legitimate interest via your browser's security settings. There, you can specify whether you accept no cookies at all, only on request, or if cookies should be deleted after each time you close your browser. If cookies are deactivated for our website, it may no longer be possible to fully use all functions of the website.

Consent, Art. 6 para. 1 lit. a GDPR
If, before your visit to our website, we ask for your permission to set certain cookies on your device, and you consent to this, then your given consent serves as the legal basis. As part of your consent, we will inform you which specific cookies we set. If you do not give this consent, only the so-called technically necessary cookies will be set, which are required for the proper operation of our websites and their display in your browser. If you have consented to the setting of cookies, you have the option to revoke your consent at any time.

Webhosting

We use a provider to host our websites, on whose servers our websites are stored and made available for retrieval on the internet (hosting). In this process, the provider may process all data transmitted via the browser you use when accessing our websites. This includes, in particular, your IP address, which the provider needs to deliver our online offering to your browser, as well as all entries you make via our website. In addition, the provider we use may  

  • the date and time of access to our website
  • Time zone difference to Greenwich Mean Time (GMT)
  • Access status (HTTP status)
  • the amount of data transferred
  • the Internet service provider of the accessing system
  • the browser type and version you use
  • the operating system you use
  • the website from which you may have accessed our website
  • the pages or sub-pages you visit on our website.

collect. The aforementioned data is stored as log files on our provider's servers. This is necessary to ensure the stability and security of our website's operation.

Data concerned:

  • Content data (e.g., posts, photos, videos)
  • Usage data (e.g., access times, clicked web pages)
  • Communication data (e.g., information about the device used, IP address)

Data subjects: Users of our website

Purpose of processing: Displaying our websites, ensuring the operation of our websites

Legal basis: Legitimate interest, Art. 6 para. 1 lit. f GDPR

Web host(s) commissioned by us:

Webflow

Service provider: Webflow
Website: Inc. 208 Utah, Suite 210, San Francisco, CA 94103, USA
Privacy Policy: https://webflow.com

We host our website with Webflow. The provider is Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter: Webflow). When you visit our website, Webflow collects various log files, including your IP addresses, which are then anonymized.

Webflow is a tool for creating and hosting websites. Webflow stores cookies or other recognition technologies that are necessary for displaying the page, providing certain website functions, and ensuring security (necessary cookies).

For details, please refer to Webflow's privacy policy: https://webflow.com/legal/eu-privacy-policy

The use of Webflow is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in presenting our website as reliably as possible. If corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

Processor Agreement: We have concluded a data processing agreement (DPA) with the aforementioned provider. This is a contract required by data protection law, which ensures that personal data of our website visitors is processed only according to our instructions and in compliance with the GDPR.

Content Delivery Network

We use a Content Delivery Network (CDN) to deliver our websites. A CDN is a network of regionally distributed servers connected via the internet. The CDN provides scalable storage and delivery capacities. This optimizes the loading times of our websites and ensures optimal data throughput even during peak loads. User requests on our websites are routed through the CDN's servers. Statistics are generated from these data streams. This serves, on the one hand, to detect potential threats to our websites from malware early on, and on the other hand, to continuously improve our offering and make our websites more user-friendly for you as a user.

We would like to point out that, depending on the country of residence of the service provider mentioned below, the data collected via the service may be transferred and processed outside the European Union. In this case, there is a risk that the level of data protection required by the GDPR may not be complied with, and the enforcement of your rights may be difficult or impossible.

Data concerned:

  • Content data (e.g., posts, photos, videos)
  • Usage data (e.g., access times, clicked web pages)
  • Communication data (e.g., information about the device used, IP address)

Purpose of processing: Technical optimization of the internet presence, analysis of errors and user behavior

Legal basis: Legitimate interest, Art. 6 para. 1 lit. f GDPR

CDN service providers used:

Amazon CloudFront

Service provider: Amazon Web Services, Inc., 410 Terry Avenue North, Seattle WA 98109, USA
Website: https://aws.amazon.com/de/
Privacy Policy: https://aws.amazon.com/de/privacy/?nc1=f_pr.

Amazon CloudFront
Service provider: Amazon Web Services, Inc., 410 Terry Avenue North, Seattle WA 98109, USA
Website: https://aws.amazon.com/de/
Privacy Policy: https://aws.amazon.com/de/privacy/?nc1=f_pr.

Fastly
Service provider: Fastly Inc., 475 Brannan St. #300, San Francisco, CA 94107, USA
Website: https://www.fastly.com
Privacy Policy: https://www.fastly.com/de/privacy

Contacting Us

If you contact us via email, social media, phone, fax, mail, our contact form, or otherwise, and provide us with personal data such as your name, phone number, or email address, or make further statements about yourself or your request, we process this data to answer your inquiry within the scope of the existing pre-contractual or contractual relationships between us.

Data concerned:

  • Inventory data (e.g. names, addresses)
  • Contact data (e.g. e-mail address, telephone number, postal address)
  • Content data (texts, photos, videos)
  • Contract data (e.g. subject matter of the contract, duration of the contract)

Data subjects: Prospective customers, customers, business and contractual partners

Purpose of processing: Communication and answering contact inquiries, office and organizational procedures

Legal basis: Fulfillment of contract and pre-contractual inquiries, Art. 6 para. 1 lit. b GDPR, legitimate interest, Art. 6 para. 1 lit. f GDPR

Web analysis and statistics

To record and statistically evaluate visitor flows on our website, we use web analysis services. Such services collect data, among other things, about which website you came from to our website (so-called referrers), which pages of our website you accessed, how long you visited our pages, and what interactions you performed there. In addition, data on the browser, computer system, and type of device you use are collected. Furthermore, demographic information, such as age or gender, can also be collected as pseudonymous values via such a service. If you have consented to the collection of your location data, this may also be processed, depending on the provider.

To collect and store this data, the web analysis service we use typically places a cookie on your device, which also collects the IP address assigned to you. However, this is shortened using a so-called IP masking procedure, so that the IP address can no longer be assigned to your visit to our website. Furthermore, no clear data such as names or email addresses are stored. Neither we nor the service we use know the identity of the visitors to our websites.

When collecting data, the service provider can, however, create pseudonymous usage profiles with information derived from the use of various devices by employing cookies.

We would like to point out that, depending on the country of residence of the service provider mentioned below, the data collected via the service may be transferred and processed outside the European Union. In this case, there is a risk that the level of data protection required by the GDPR may not be complied with, and the enforcement of your rights may be difficult or impossible.

Data concerned:

  • Usage data (e.g., access times, clicked web pages)
  • Communication data (e.g., information about the device used, IP address).

Data subjects: Users of our online services

Purpose of processing: Reach measurement, campaign success control, remarketing, and interest- and behavior-based marketing

Legal basis: If we have requested your consent prior to using the respective service, this constitutes the legal basis, Art. 6 para. 1 lit. a GDPR. Otherwise, we use the respective service based on our legitimate interest to analyze the visitor traffic on our websites, thereby continuously improving their functions, offers, and user experience, Art. 6 para. 1 lit. f GDPR.

We use the following web analysis services:

Google Analytics 4

Service provider: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Headquarters within the EU: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland
Website: https://marketingplatform.google.com/intl/de/about/analytics/
Privacy policy: https://policies.google.com/privacy?hl=de
Note on data transfer to Google Analytics servers: When our website is accessed within the EU (based on the geographical location according to the IP address), the IP address assigned to you is collected exclusively via servers in the EU and used as geolocation data, after which it is immediately deleted. It is neither logged nor used in any other way. The further measurement data is then forwarded to Google Analytics servers for evaluation.
Opt-out option: If you do not want your data to be used by Google Analytics, you can install an opt-out plugin, which will prevent your data from being collected on our website in the future. You can obtain this plugin here: https://tools.google.com/dlpage/gaoptout?hl=de

Our online presences on social networks

We maintain online presences on the social networks listed below. If you visit one of these presences, the data detailed below will be collected and processed by the respective provider. Typically, this data is collected for advertising and market research purposes, and user profiles are created from it. Data can be stored in these user profiles regardless of the device you use. This is particularly true if you are a member of the respective platform and logged in. Providers may use these user profiles to display interest-based advertising to you. You have a right to object to the creation of user profiles. To exercise this right, you must contact the respective provider.

If you have an account with one of the providers listed below and are logged in there when visiting our website, the respective provider can collect data about your usage behavior on our website. To prevent such a linking of your data, you can log out of the provider's service before visiting our site.

The purpose and extent to which data is collected by each provider can be found in their respective privacy policies, provided below.

We would like to point out that, depending on the country of domicile of the provider mentioned below, data collected via their platform may be transferred to and processed outside the European Union. In such cases, there is a risk that the data protection level required by the GDPR may not be met, and the enforcement of your rights may be difficult or impossible.

Data concerned:

  • Inventory and contact data (e.g., name, address, telephone number, email address)
  • Content data (e.g., posts, photos, videos)
  • Usage data (e.g., access times, clicked web pages)
  • Communication data (e.g., information about the device used, IP address).

Purpose of processing: Communication and marketing, tracking and analysis of user behavior

Legal basis: Consent, Art. 6 para. 1 lit. a GDPR, legitimate interests Art. 6 para. 1 lit. f GDPR

Opt-out options: For information on how to object (opt-out), please refer to the details provided by the linked providers below.

We maintain online presences on the following social networks:

Instagram

Service provider: Instagram Inc., 1601 Willow Road, Menlo Park CA 94025, USA
Parent company: Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA
Headquarters in the EU: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Website: https://www.instagram.com/
Privacy policy: http://instagram.com/about/legal/privacy

LinkedIn

Service provider: LinkedIn Corporation, 1000 W Maude, Sunnyvale, CA 94085, USA
Headquarters in Germany: LinkedIn, Hofstatt 4th Floor, Sendlinger Str. 12, 80331 Munich
Website: https://www.linkedin.com/?trk=nav_logo
Privacy policy: https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy

Security measures

Furthermore, we implement state-of-the-art technical and organizational security measures to comply with data protection laws and protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties.

Updates and changes to this privacy policy

This privacy policy is currently valid and is effective as of December 2024. Due to changed legal or regulatory requirements, it may become necessary to adapt this privacy policy.

This privacy policy was created with the help of the data protection generator from SOS Recht. SOS Recht is an offering of Mueller.legal Rechtsanwälte Partnerschaft, based in Berlin.

Back