Privacy Notice

Responsible body in the sense of data protection legislation, in particular the EU Data Protection Regulation

RALF WEBER · Parkstrasse 45 · 85435 Erding
See below for full contact details.


Thank you for visiting our website and for your interest in the services of RALF WEBER design. In this privacy policy, we provide you with information on how we handle information that is collected when you visit our website. We take the protection of your personal data very seriously and only collect personal data to the extent technically necessary. The legal basis for its use is Art. 6, Para. 1 lit. f. GDPR (legitimate interest) as well as Art. 6, Para. 1 lit. b. GDPR (fulfilment of contract), Art. 6, Para. 1 lit. c GDPR (legal obligation) and Art. 6, Para. 1 lit. a GDPR (given consent).

Personal data is information that relates to an identified or identifiable person (Art. 4, No. 1 GDPR). This can be the name or the e-mail address, but also data from which the identity is not immediately apparent, such as location data and IP addresses, which are combined in such a way that conclusions can be drawn about a specific person.

Access data / server log files: When you access our website, the browser used on your terminal device automatically sends information to the server of our website. This information is temporarily stored in a log file on the server (by Host Europe GmbH, Hansestrasse 111, 51149 Cologne, Germany - server location: EU). The access data includes:

  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which the access is made (referrer URL)
  • Browser type and version used
  • Operating system used
  • IP address in anonymised form

The log data is only processed for statistical evaluations for the purpose of the operation, security and optimisation of the website. Under no circumstances will this data be merged with other data sources or used to draw conclusions about your person.

Contact: When contacting the provider (for example via contact form or e-mail), the user's details are stored for the purpose of processing the enquiry and in the event that follow-up questions arise.

Communication via WhatsApp: For communication with our customers and other third parties, we use, among other things, the instant messaging service WhatsApp. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Communication takes place via end-to-end encryption (peer-to-peer), which prevents WhatsApp or other third parties from gaining access to the communication content. However, WhatsApp obtains access to metadata that is generated in the course of the communication process (e.g. sender, recipient and time). We would also like to point out that WhatsApp, according to its own statement, shares personal data of its users with its parent company Meta, which is based in the USA. Further details on data processing can be found in WhatsApp's privacy policy at:

WhatsApp is used on the basis of our legitimate interest in communicating as quickly and effectively as possible with customers, interested parties and other business and contractual partners (Art. 6 para. 1 p. 1 lit. f GDPR). If a corresponding consent has been requested, the data processing is carried out exclusively on the basis of the consent; this can be revoked at any time with effect for the future.

The communication content exchanged between and on WhatsApp remains with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after processing your enquiry has been completed). Mandatory legal provisions - in particular retention periods - remain unaffected.

We use WhatsApp in the "WhatsApp Business" variant.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:

Collection of personal data: When you visit our website, no personal data such as your name, address or e-mail will be stored as a matter of principle, except for the information you provide voluntarily. This data is used exclusively for the aforementioned functions and is accessible only to the employees entrusted with the administration of these functions.

Purposes of data processing by the controller and third parties: We process your personal data only for the purposes stated in this privacy policy. A transfer of your personal data to third parties for purposes other than those mentioned will not take place. We will only disclose your personal data to third parties if:

  • you have given your express consent to this (Art. 6., Para. 1 lit. a GDPR),
  • the processing is necessary for the performance of a contract with you (Art. 6, Para. 1 lit. b. GDPR),
  • the processing is necessary for compliance with a legal obligation (Art. 6, para. 1 lit. c GDPR),
  • the processing is necessary to protect legitimate interests and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data (Art. 6, Para. 1 lit. f. GDPR).

Under no circumstances will personal data be sold to third parties.

Deletion or blocking of the data: We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as is necessary to achieve the purposes stated here or as stipulated by the various storage periods provided for by law. After the respective purpose has ceased to exist or these periods have expired, the corresponding data is routinely blocked or deleted in accordance with the statutory provisions.

Cookies: This website deliberately avoids the use of tracking cookies and annoying pop-up banners.

SSL encryption: To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) via HTTPS. You can recognise active SSL encryption by a small lock logo displayed on the left in the address bar of your browser.

Change to our privacy policy: We reserve the right to adapt this data protection declaration so that it always complies with the current legal requirements or in order to implement changes to our services in the data protection declaration, e.g. when introducing new services. The new data protection statement will then apply to your next visit.

Your rights: Of course, as a user you have the possibility to exercise the following rights free of charge upon request:

  • Information about your data stored by us and its processing (Art. 15 GDPR)
  • Correction of inaccurate personal data (Art. 16 GDPR)
  • Deletion of your data stored with us (Art. 17 GDPR)
  • Restriction of data processing if we are not yet allowed to delete your data due to legal obligations (Art. 18 GDPR)
  • Object to the processing of your data by us (Art. 21 GDPR)
  • Data portability, provided you have consented to the data processing or have concluded a contract with us (Art. 20 GDPR)

If you have given us consent, you may revoke it at any time with effect for the future (Art. 7 GDPR). You also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement, if the data subject considers that the processing of personal data concerning him or her infringes this Regulation.