Contact

Privacy Policy

Preamble

With the following privacy policy, we would like to inform you about the types of your personal data (hereinafter referred to as "data") that we process, for what purposes, and to what extent. This privacy policy applies to all processing of personal data carried out by us, both within the scope of providing our services and in particular on our websites, mobile applications, and within external online presences such as our social media profiles (hereinafter collectively referred to as "Online Offer").

The terms used are not gender-specific.

Effective Date: November 27, 2024

Table of Contents

Controller

Rochan Nanthakumar
Petersbergstrasse 92
66119 Saarbrücken

Email Address: truetone(at)rochan.de

Imprint: https://panthera-studios.com/impressum/

Which data is required for the aforementioned purposes will be communicated to the contractual partners before or during data collection, e.g., in online forms, through special markings (e.g., colors) or symbols (e.g., asterisks or similar), or in person.

We delete the data after the expiration of statutory warranty and comparable obligations, i.e., generally after four years, unless the data is stored in a customer account, e.g., if it must be retained for legal archiving purposes (e.g., for tax purposes, usually ten years). Data disclosed to us by the contracting party in the course of an order will be deleted in accordance with the specifications and generally after the end of the order.

  • Processed data types: Inventory data (e.g., full name, residential address, contact information, customer number, etc.); Payment data (e.g., bank details, invoices, payment history); Contact data (e.g., postal and email addresses or phone numbers); Contract data (e.g., contract subject, term, customer category); Usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions). Meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved parties).
  • Data subjects: Service recipients and clients; Interested parties. Business and contractual partners.
  • Purposes of processing: Fulfillment of contractual services and obligations; Security measures; Communication; Office and organizational procedures; Organizational and administrative procedures. Business processes and economic procedures.
  • Retention and deletion: Deletion according to the specifications in the section "General information on data storage and deletion".
  • Legal bases: Fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Legal obligation (Art. 6 para. 1 sentence 1 lit. c) GDPR). Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Further notes on processing activities, procedures, and services:

  • Online shop, order forms, e-commerce, and delivery: We process our customers' data to enable them to select, purchase, or order the chosen products, goods, and related services, as well as their payment and delivery or execution. If required for executing an order, we use service providers, particularly postal, freight, and shipping companies, to carry out delivery or execution to our customers. For handling payment transactions, we use the services of banks and payment service providers. The necessary details are marked as such during the ordering or comparable purchase process and include the information needed for delivery, provision, and billing, as well as contact information for any necessary communication; Legal basis: Fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR).
  • Agency services: We process our customers' data in the context of our contractual services, which may include conceptual and strategic consulting, campaign planning, software and design development/consultation or maintenance, implementation of campaigns and processes, handling, server administration, data analysis/consulting services, and training services; Legal basis: Fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR).
  • Project and development services: We process our customers' and clients' data (hereinafter uniformly referred to as "customers") to enable them to select, purchase, or commission the chosen services or works, as well as related activities, their payment, provision, execution, or performance.

    The necessary details are marked as such during the order, purchase, or comparable contract conclusion process and include the information needed for performance and billing, as well as contact information for any necessary communication. If we have access to information about end customers, employees, or other persons, we process this data in accordance with legal and contractual requirements; Legal basis: Fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR).

Provision of the online offer and web hosting

We process user data to provide our online services. For this purpose, we process the user's IP address, which is necessary to transmit the content and features of our online services to the user's browser or device.

  • Processed data types: Usage data (e.g., page views and dwell time, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and features); Meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved parties). Log data (e.g., log files related to logins, data retrieval, or access times).
  • Data subjects: Users (e.g., website visitors, users of online services).
  • Purposes of processing: Provision of our online offer and user-friendliness; Information technology infrastructure (operation and provision of information systems and technical devices (computers, servers, etc.)). Security measures.
  • Retention and deletion: Deletion according to the specifications in the section "General information on data storage and deletion".
  • Legal bases: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Further notes on processing activities, procedures, and services:

  • Provision of online offer on rented storage space: To provide our online offer, we use storage space, computing capacity, and software, which we rent or obtain from a corresponding server provider (also referred to as "web host"); Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).
  • Collection of access data and log files: Access to our online offer is logged in the form of so-called "server log files". The server log files may include the address and name of the retrieved web pages and files, date and time of retrieval, transferred data volumes, notification of successful retrieval, browser type along with version, user's operating system, referrer URL (the previously visited page), and as a rule, IP addresses and the requesting provider. The server log files can be used for security purposes, e.g., to prevent server overload (especially in case of misuse attacks, so-called DDoS attacks), and to ensure server stability and load balancing; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Deletion of data: Log file information is stored for a maximum duration of 30 days and then deleted or anonymized. Data whose further retention is required for evidence purposes is excluded from deletion until the respective incident is fully resolved.
  • Content Delivery Network: We use a "Content Delivery Network" (CDN). A CDN is a service that allows the faster and more secure delivery of content from an online offer, especially large media files such as graphics or program scripts, using regionally distributed servers connected via the Internet; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).
  • ALL-INKL: Services in the field of providing IT infrastructure and related services (e.g., storage space and/or computing capacities); Service provider: ALL-INKL.COM - Neue Medien Münnich, Owner: René Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://all-inkl.com/; Privacy policy: https://all-inkl.com/datenschutzinformationen/. Data processing agreement: Provided by the service provider.
  • Types of data processed: Inventory data (e.g., full name, residential address, contact information, customer number, etc.); Contact data (e.g., postal and email addresses or phone numbers); Meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons). Usage data (e.g., page views and duration, click paths, usage intensity and frequency, device types and operating systems, interactions with content and features).
  • Affected persons: Communication partners.
  • Purposes of processing: Direct marketing (e.g., via email or post).
  • Legal basis: Consent (Art. 6 Para. 1 S. 1 lit. a) GDPR).
  • Opt-out option: You can unsubscribe from our newsletter at any time, i.e., revoke your consent or object to further receipt. A link to unsubscribe is provided at the end of each newsletter, or you can use one of the contact methods listed above, preferably email.

Additional information on processing methods, procedures, and services:

  • Tracking open and click rates: Newsletters contain a "web beacon," a pixel-sized file retrieved from our server (or the server of a dispatch service provider, if used) when the newsletter is opened. This retrieval captures technical information, such as browser details and system specifications, as well as your IP address and time of access. This information is used to enhance the newsletter based on technical data or target group behaviors, such as access locations (determinable via IP address) or access times. The analysis also determines if and when newsletters are opened and which links are clicked. The information is linked to individual newsletter recipients and stored in their profiles until deletion. These evaluations help us understand user reading habits and tailor our content accordingly or send varied content aligned with user interests.

Social Media Presences

We maintain online presences on social networks and process user data to communicate with active users or provide information about us.

Please note that user data may be processed outside the European Union. This could pose risks to users, for example, by making it more difficult to enforce user rights.

Additionally, user data in social networks is typically processed for market research and advertising purposes. For instance, usage profiles may be created based on user behavior and interests, which may be used for advertising both within and outside the networks. Generally, cookies are stored on users' devices to log usage behavior and interests. Usage profiles may also include data independent of devices (especially for users logged into the platforms).

For detailed information on respective processing methods and opt-out options, please refer to the privacy policies of the respective providers.

For inquiries and exercising rights, we recommend contacting the providers directly, as they have access to user data and can take immediate action. If you need assistance, you can contact us.

  • Types of data processed: Contact data (e.g., postal and email addresses or phone numbers); Content data (e.g., textual or visual messages and posts, including related information such as authorship or creation timestamps); Usage data (e.g., page views and duration, click paths, usage intensity and frequency, device types and operating systems, interactions with content and features); Inventory data (e.g., full name, residential address, contact information, customer number, etc.). Meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons).
  • Affected persons: Users (e.g., website visitors, users of online services).
  • Purposes of processing: Communication; Feedback (e.g., collecting feedback via online forms); Public relations; Provision of online offerings and user-friendliness. IT infrastructure (operation and provision of information systems and technical equipment like computers, servers, etc.).
  • Retention and deletion: Deletion as per details in the section "General information on data retention and deletion."
  • Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR).

Additional information on processing methods, procedures, and services:

  • Instagram: Social network enabling sharing of photos and videos, commenting, favoriting posts, messaging, and following profiles and pages; Provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland; Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f) GDPR); Website: https://www.instagram.com; Privacy Policy: https://privacycenter.instagram.com/policy/. Third-country transfer basis: Data Privacy Framework (DPF).
  • Facebook Pages: Profiles within the Facebook social network...

Notes on legal bases: If we ask users for their consent to use third-party providers, the legal basis for data processing is the user's consent. Otherwise, user data is processed based on our legitimate interests (i.e., interest in efficient, economic, and user-friendly services). In this context, we would also like to draw your attention to the information about the use of cookies in this privacy policy.

  • Processed data types: Usage data (e.g., page views and time spent, click paths, usage intensity and frequency, device types, and operating systems used, interactions with content and features); Meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons); Inventory data (e.g., full name, residential address, contact information, customer number, etc.); Contact data (e.g., postal and email addresses or phone numbers); Content data (e.g., textual or visual messages and posts as well as information concerning them, such as authorship or creation time); Location data (information on the geographical position of a device or person).
  • Data subjects: Users (e.g., website visitors, users of online services).
  • Purposes of processing: Provision of our online offering and user-friendliness; Marketing. Profiles with user-related information (creation of user profiles).
  • Retention and deletion: Deletion as specified in the section "General information on data storage and deletion." Storage of cookies for up to 2 years (unless otherwise specified, cookies and similar storage methods may be stored on users' devices for a period of two years).
  • Legal bases: Consent (Art. 6 (1) sentence 1 lit. a GDPR). Legitimate interests (Art. 6 (1) sentence 1 lit. f GDPR).

Additional notes on processing operations, procedures, and services:

  • Integration of third-party software, scripts, or frameworks (e.g., jQuery): We integrate software into our online offering that we retrieve from servers of other providers (e.g., function libraries we use to enhance the display or user-friendliness of our online offering). In this process, the respective providers collect the IP address of users and may process it for the purpose of transmitting the software to the users' browser as well as for security purposes, evaluation, and optimization of their offering. Legal bases: Legitimate interests (Art. 6 (1) sentence 1 lit. f GDPR).
  • Google Fonts (self-hosted): Provision of font files to ensure user-friendly presentation of our online offering; Service provider: Google Fonts are hosted on our server, and no data is transmitted to Google; Legal bases: Legitimate interests (Art. 6 (1) sentence 1 lit. f GDPR).
  • Google Fonts (hosted by Google): Retrieval of fonts (and icons) to ensure technically secure, maintenance-free, and efficient use of fonts and icons in terms of up-to-date features and load times, consistent display, and compliance with possible license restrictions. The font provider receives the user's IP address to provide the fonts in the user's browser. Technical data (language settings, screen resolution, operating system, hardware used) is also transmitted as necessary for font provision based on devices and technical environment. This data may be processed on the provider’s server in the USA. Google Fonts does not log or store IP addresses nor analyze them. However, HTTP request details (requested URL, user-agent, and referrer URL) are logged and controlled. This information is used for maintenance and aggregated statistics about font usage. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal bases: Legitimate interests (Art. 6 (1) sentence 1 lit. f GDPR); Website: https://fonts.google.com/; Privacy Policy: https://policies.google.com/privacy; Third country transfer basis: Data Privacy Framework (DPF). More information: https://developers.google.com/fonts/faq/privacy?hl=en.
  • Google Maps: We integrate the maps of the "Google Maps" service provided by Google. Data processed may include IP addresses and location data of users; Service provider: Google Cloud EMEA Limited, 70 Sir John Rogerson’s Quay, Dublin 2, Ireland; Legal bases: Consent (Art. 6 (1) sentence 1 lit. a GDPR); Website: https://mapsplatform.google.com/; Privacy Policy: https://policies.google.com/privacy; Third country transfer basis: Data Privacy Framework (DPF).
  • X Plugins and Content: Plugins and buttons of the platform "X" - This may include, for example, content such as images, videos, or texts and buttons that users can use to share this online offering within X; Service provider: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland; Legal bases: Legitimate interests (Art. 6 (1) sentence 1 lit. f GDPR); Website: https://x.com/en; Privacy Policy: https://x.com/en/privacy, (Settings: https://x.com/personalization); Data Processing Agreement: https://privacy.x.com/en/for-our-partners/global-dpa. Third country transfer basis: Standard contractual clauses (https://privacy.x.com/en/for-our-partners/global-dpa).
  • YouTube videos: Video content; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal bases: Consent (Art. 6 (1) sentence 1 lit. a GDPR); Website: https://www.youtube.com; Privacy Policy: https://policies.google.com/privacy; Third country transfer basis: Data Privacy Framework (DPF). Opt-out: Opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=en, ad settings: https://myadcenter.google.com/personalizationoff.

Changes and updates

We ask you to regularly review the contents of our privacy policy. We will adjust the privacy policy as soon as changes to the data processing activities we carry out make this necessary. We will inform you if your participation (e.g., consent) or other individual notification becomes necessary due to changes.

If we provide addresses and contact information of companies and organizations in this privacy policy, please note that the addresses may change over time and ask that you check the information before contacting them.

Created with the free privacy policy generator by Dr. Thomas Schwenke