Privacy Policy

This privacy notice for TxtGold – Gute Texte, Ines Goldberg ("we," "us," or "our") describes how and why we collect, store, use, and process your personal information when you use our services ("Services"), such as when you:

• Visit our website at https://www.txtgold.de, or any website of ours that links to this privacy notice
• Use our contact form to submit an inquiry
• Engage with us in other related ways, including any communication by email or post

Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at [email protected].

Summary of Key Points

This summary provides key points from our privacy notice, but you can find out more details about any of these topics by using our table of contents below to find the section you are looking for.

What personal information do we process? When you use our contact form, we collect your name, email address, and the text of your inquiry. We do not collect any other personal information automatically. Learn more in Section 1.

Do we process any sensitive personal information? We do not process sensitive personal information.

Do we receive any information from third parties? We do not receive any information from third parties.

Do we use cookies or tracking technologies? No. Our website does not set cookies, use web beacons, use pixels, or employ any other tracking technologies. We do not use any analytics or advertising services. Learn more in Section 5.

How do we process your information? We process your information solely to respond to your inquiry and, where applicable, to enter into a service agreement with you. Learn more in Section 2.

Do we share personal information with third parties? We do not share your personal information with third parties for their own purposes. Your contact form data is stored on infrastructure provided by Google LLC (Google Firebase) — see Section 6 for details.

What are your rights? Depending on where you are located, applicable privacy law may grant you certain rights regarding your personal information, including the rights of access, rectification, erasure, restriction, and data portability. Learn more in Section 9.

How do you exercise your rights? The easiest way to exercise your rights is by contacting us at [email protected] or via our contact form. We will consider and act upon any request in accordance with applicable data protection laws.

Table of Contents

1. What information do we collect?
2. How do we process your information?
3. What legal bases do we rely on to process your personal information?
4. When and with whom do we share your personal information?
5. Do we use cookies and other tracking technologies?
6. Is your information transferred internationally?
7. How long do we keep your information?
8. How do we keep your information safe?
9. Do we collect information from minors?
10. What are your privacy rights?
11. Do we make updates to this notice?
12. How can you contact us about this notice?
13. How can you review, update, or delete the data we collect from you?

1. What Information Do We Collect?

Personal information you disclose to us

In Short: We collect personal information that you voluntarily provide to us through our contact form.

We collect personal information that you voluntarily provide to us when you submit an inquiry through our contact form or otherwise contact us by email or post. The personal information we collect includes:

• Name (first and last name)
• Email address
• The text of your inquiry (free-text message)

Sensitive Information. We do not process sensitive information.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

Information automatically collected

Our website does not automatically collect any personal information. We do not use analytics services, advertising technologies, cookies, or any other tracking mechanisms. Our web server may generate standard server log files (containing IP addresses, timestamps, and requested URLs), which are used solely for technical maintenance and security purposes and are not combined with any other data.

2. How Do We Process Your Information?

In Short: We process your information solely to respond to your inquiry and to provide our services to you.

We process your personal information for the following purposes:

• To respond to your inquiry. When you use our contact form, we process your name, email address, and inquiry text to read, understand, and reply to your message.
• To deliver and facilitate delivery of services. If your inquiry leads to a service agreement (Lektorat / editing), we may use your contact data to communicate about the project.
• To comply with legal obligations. We may process your information where required by applicable law, such as retaining business correspondence under German commercial law (§ 257 HGB).

3. What Legal Bases Do We Rely On to Process Your Personal Information?

In Short: We process your personal information only when we have a valid legal basis to do so under applicable law.

The General Data Protection Regulation (GDPR) requires us to explain the valid legal bases we rely on in order to process your personal information. We rely on the following legal bases:

• Pre-contractual measures and contract performance (Art. 6(1)(b) GDPR). We process your contact form data because you have requested information about our services. This constitutes a pre-contractual measure at your request. If your inquiry leads to a service agreement, processing is necessary for the performance of that contract.
• Legitimate interests (Art. 6(1)(f) GDPR). We have a legitimate interest in responding to business inquiries sent through our website. Our legitimate interest is to communicate with potential clients and to manage our business operations.
• Legal obligations (Art. 6(1)(c) GDPR). We may process your information where necessary to comply with legal obligations, such as record-keeping requirements under German commercial law (HGB) and tax law (AO).

4. When and With Whom Do We Share Your Personal Information?

In Short: We do not share your personal information with third parties for their own purposes.

The only third party involved in the processing of your data is Google LLC, which provides the infrastructure for our contact form database (Google Firebase / Cloud Firestore). Google acts as our data processor pursuant to Art. 28 GDPR under the Google Cloud Data Processing Addendum. Google does not have access to your data for its own purposes.

We may also need to share your personal information in the following exceptional situations:

• Legal requirements. We may disclose your information where required by law, court order, or governmental regulation.
• Business transfers. We may share or transfer your information in connection with, or during negotiations of, any transfer of our business to another party.

5. Do We Use Cookies and Other Tracking Technologies?

In Short: No. We do not use cookies or any other tracking technologies.

Our website does not use cookies, web beacons, pixels, or any other tracking technologies. We do not use analytics services (such as Google Analytics), advertising networks, or social media tracking plugins.

Because no cookies or tracking technologies are used, no cookie consent banner is required under the Telecommunications Digital Services Data Protection Act (TTDSG § 25) or the ePrivacy Directive.

6. Is Your Information Transferred Internationally?

In Short: Your contact form data is stored on Google Firebase servers, which may be located in the United States.

Our contact form data is stored in a Cloud Firestore database provided by Google LLC (Google Firebase). Google's servers may be located in the United States or other countries outside the European Economic Area (EEA). The United States does not have data protection laws as comprehensive as those in the EEA.

To protect your personal information during international transfers, we rely on the following safeguards:

• EU-US Data Privacy Framework. Google LLC is certified under the EU-U.S. Data Privacy Framework, providing an adequacy basis for data transfers from the EEA to the United States.
• Standard Contractual Clauses (SCCs). Google's Cloud Data Processing Addendum incorporates the European Commission's Standard Contractual Clauses as an additional transfer mechanism.
• Technical measures. Data is encrypted in transit (TLS) and at rest on Google's infrastructure.

7. How Long Do We Keep Your Information?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this privacy notice, unless a longer retention period is required by law.

We retain contact form submissions for a maximum of 6 months after the inquiry has been fully resolved, unless a longer retention period is required or permitted by law. In particular, German commercial law (§ 257 HGB) and tax law (§ 147 AO) may require the retention of business correspondence for 6 to 10 years.

When we have no ongoing legitimate business need to process your personal information, we will delete it. If deletion is not immediately possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

8. How Do We Keep Your Information Safe?

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. These include encrypted data transmission (TLS / HTTPS) and encrypted storage on our database provider's infrastructure (Google Firebase). However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

9. Do We Collect Information From Minors?

In Short: We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 years old. If we learn that personal information from users less than 18 years of age has been collected, we will take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at [email protected].

10. What Are Your Privacy Rights?

In Short: Under the GDPR and German data protection law, you have comprehensive rights regarding your personal information.

As a data subject, you have the following rights under the General Data Protection Regulation (GDPR):

• Right of access (Art. 15 GDPR) — You have the right to request a copy of the personal information we hold about you.
• Right to rectification (Art. 16 GDPR) — You have the right to request correction of inaccurate personal information.
• Right to erasure (Art. 17 GDPR) — You have the right to request deletion of your personal information, subject to legal retention obligations.
• Right to restriction of processing (Art. 18 GDPR) — You have the right to request that we restrict the processing of your personal information in certain circumstances.
• Right to data portability (Art. 20 GDPR) — You have the right to receive your personal information in a structured, commonly used, machine-readable format.
• Right to object (Art. 21 GDPR) — You have the right to object to the processing of your personal information based on our legitimate interests.

You can exercise any of these rights by contacting us using the details provided in Section 12 below. We will consider and act upon any request in accordance with applicable data protection laws.

Withdrawing your consent

Where we rely on your consent to process your personal information, you have the right to withdraw your consent at any time. You can withdraw your consent by contacting us using the details provided in Section 12 below. However, please note that this will not affect the lawfulness of the processing before its withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.

Right to lodge a complaint

If you believe we are unlawfully processing your personal information, you have the right to lodge a complaint with your local data protection supervisory authority. As we are based in Baden-Württemberg, Germany, the competent authority is:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg
Lautenschlagerstraße 20
70173 Stuttgart
Website: www.baden-wuerttemberg.datenschutz.de

You can also find the contact details of all EU data protection authorities here: https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

If you have questions or comments about your privacy rights, you may email us at [email protected].

11. Do We Make Updates to This Notice?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this privacy notice from time to time. The updated version will be indicated by an updated "Last updated" date at the top of this page, and the updated version will be effective as soon as it is accessible. We encourage you to review this privacy notice periodically to be informed of how we are protecting your information.

12. How Can You Contact Us About This Notice?

If you have questions or comments about this notice, you may email us at [email protected] or contact us by post at:

TxtGold – Gute Texte, Ines Goldberg
Klingenstraße 40/1
70771 Leinfelden-Echterdingen
Germany

13. How Can You Review, Update, or Delete the Data We Collect From You?

You have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law.

To request to review, update, or delete your personal information, please contact us at [email protected] or use our contact form.