Personal data processing policy. Couple & wedding photographer based in Bavaria Germany Alps I ForLoveLegends

Data Protection

1. Data Protection

General Information

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data refers to all data that can personally identify you. For detailed information on data protection, please refer to our privacy policy listed below.

Data Collection on Our Website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. The operator’s contact details can be found in the website’s legal notice (Impressum).

How do we collect your data?

Some of your data is collected when you provide it to us. This can include data you enter into a contact form, for example.

Other data is collected automatically by our IT systems when you visit the website. This primarily consists of technical data (e.g., internet browser, operating system, or the time of page access). This data is collected automatically as soon as you access our website.

What do we use your data for?

Some data is collected to ensure the website is provided without errors. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right to obtain free information at any time about the origin, recipient, and purpose of your stored personal data. You also have the right to request the correction, blocking, or deletion of this data. For this, as well as for further questions regarding data protection, you can contact us at any time using the address provided in the legal notice (Impressum). Furthermore, you have the right to file a complaint with the relevant supervisory authority.

Additionally, you have the right, under certain circumstances, to request the restriction of the processing of your personal data. Details on this can be found in the privacy policy under “Right to Restriction of Processing.”

Analytics and Third-Party Tools

When visiting our website, your browsing behavior may be statistically analyzed. This is primarily done using cookies and so-called analytics programs. The analysis of your browsing behavior is generally anonymous and cannot be traced back to you.

You can object to this analysis or prevent it by not using certain tools. Detailed information on these tools and your options for objection can be found in the following privacy policy.

2. General Information and Mandatory Disclosures

Data Protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations as well as this privacy policy.

When you use this website, various personal data will be collected. Personal data refers to data that can personally identify you. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose this happens.

Your personal data will be stored for a period of two years after fulfilling the contract’s purpose unless there are legal retention requirements that contradict this. After this period, the data will be deleted unless a longer retention period is legally required or justified.

We would like to point out that data transmission over the internet (e.g., communication via email) can have security vulnerabilities. Complete protection of data from third-party access is not possible.

Responsible Party

The responsible party for data processing on this website is:

Nataliia Shavro

Glückstr. 4

87629 Füssen

E-Mail: shavronatali@gmail.com

Phone: (+49) 015901493242

The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).

Withdrawal of Your Consent to Data Processing

Many data processing operations are only possible with your express consent. You can withdraw any previously given consent at any time. A simple email notification to us is sufficient for this purpose. The legality of data processing carried out before the withdrawal remains unaffected by the withdrawal.

Right to Object to Data Collection in Special Cases and to Direct Marketing (Article 21 GDPR)

If data processing is based on Article 6(1) (e) or (f) of the GDPR, you have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data, including profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights, and freedoms, or the processing serves the assertion, exercise, or defense of legal claims (Objection under Article 21(1) GDPR).

If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such advertising purposes; this also applies to profiling to the extent that it is related to direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (Objection under Article 21(2) GDPR).

Right to Lodge a Complaint with the Competent Supervisory Authority

In the event of GDPR violations, data subjects have the right to file a complaint with a supervisory authority, particularly in the Member State of their habitual residence, place of work, or the location of the alleged infringement. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.

Right to Data Portability

You have the right to receive data that we process based on your consent or in fulfillment of a contract in a commonly used, machine-readable format and to have it transmitted to yourself or a third party. If you request the direct transfer of data to another controller, this will only be done where technically feasible.

Right to Information, Blocking, Deletion, and Correction

Within the framework of applicable legal provisions, you have the right at any time to obtain free information about your stored personal data, its origin, recipients, and the purpose of data processing, as well as a right to correct, block, or delete this data. For this, as well as for further questions regarding personal data, you can contact us at any time using the address provided in the legal notice (Impressum).

Right to Restriction of Processing

You have the right to request the restriction of processing your personal data. To do this, you can contact us at any time using the address provided in the legal notice (Impressum). The right to restriction of processing applies in the following cases:

If you contest the accuracy of your personal data stored with us, we generally need time to verify this. During the verification period, you have the right to request the restriction of processing your personal data.
If the processing of your personal data was or is unlawful, you can request restriction of data processing instead of deletion.
If we no longer need your personal data, but you require it to exercise, defend, or assert legal claims, you have the right to request restriction of processing instead of deletion.
If you have objected under Article 21(1) GDPR, a balance must be struck between your interests and ours. As long as it has not been determined whose interests prevail, you have the right to request restriction of processing your personal data.

If you have restricted the processing of your personal data, this data—apart from being stored—may only be processed with your consent or for asserting, exercising, or defending legal claims or for protecting the rights of another natural or legal person or for reasons of significant public interest of the European Union or a Member State.

3. Data Collection on Our Website

Cookies

Our website uses so-called cookies in some instances. Cookies do not harm your computer and do not contain viruses. They help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies.” These are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser the next time you visit.

You can configure your browser to inform you about the setting of cookies, allow cookies only in specific cases, exclude the acceptance of cookies in certain cases or in general, and activate automatic deletion of cookies when closing the browser. If you disable cookies, the functionality of this website may be limited.

Cookies that are required for electronic communication processes or for the provision of certain functions you request (e.g., shopping cart function) are stored based on Art. 6(1) (f) GDPR. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. If other cookies (e.g., those used to analyze your browsing behavior) are stored, they will be specifically addressed in this privacy policy.

Requests via Email, Phone, or Fax

If you contact us by email, phone, or fax, your request, including all resulting personal data (e.g., name, request), will be stored and processed for the purpose of handling your inquiry. We do not share this data without your consent.

The processing of this data is based on Art. 6(1) (b) GDPR if your request is related to the fulfillment of a contract or is necessary for pre-contractual measures. In all other cases, processing is based on your consent (Art. 6(1) (a) GDPR) and/or our legitimate interests (Art. 6(1) (f) GDPR), as we have a legitimate interest in effectively handling the inquiries addressed to us.

The data you send to us via contact requests will remain with us until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your inquiry has been fully processed). Mandatory legal provisions—especially statutory retention periods—remain unaffected.

Data Deletion

Data we process will be deleted or restricted in processing in accordance with Articles 17 and 18 GDPR. Unless explicitly stated otherwise in this privacy policy, stored data will be deleted as soon as it is no longer needed for its intended purpose and there are no legal retention obligations preventing deletion. If data is not deleted because it is required for other and legally permitted purposes, its processing will be restricted. This means the data will be locked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.

According to German law, data retention occurs for:

10 years under Sections 147(1) AO, 257(1) No. 1 and 4, 257(4) HGB (accounting records, financial reports, tax-related documents, etc.)
6 years under Section 257(1) No. 2 and 3, 257(4) HGB (business correspondence)

According to Austrian law, data retention occurs for:

7 years under Section 132(1) BAO (accounting documents, invoices, records, financial statements, etc.)
22 years for data related to real estate transactions
10 years for data related to electronically provided services, telecommunications, broadcasting, and television services provided to non-business customers in EU member states, when the Mini-One-Stop-Shop (MOSS) scheme is used

Business-Related Data Processing

Additionally, we process:

Contract data (e.g., contract subject, duration, customer category)
Payment data (e.g., bank details, payment history)

from our customers, interested parties, and business partners for the purpose of fulfilling contractual services, customer support, marketing, and market research.

Contractual Services

We process the data of our contract partners and interested parties, as well as other clients, customers, or business partners (collectively referred to as “contract partners”) in accordance with Art. 6(1) (b) GDPR to fulfill our contractual or pre-contractual obligations. The type, scope, purpose, and necessity of data processing are determined by the underlying contractual relationship.

The processed data includes:

Basic data (e.g., names, addresses)
Contact details (e.g., email addresses, phone numbers)
Contract-related data (e.g., services used, contract contents, contractual communication, contact persons)
Payment data (e.g., bank details, payment history)

We generally do not process special categories of personal data unless they are part of a commissioned or contractual processing.

We process data necessary for the establishment and fulfillment of contractual services and inform contract partners about the necessity of data provision unless this is already evident. Data is only disclosed to external persons or companies if required by the contract. When processing data provided to us under a contract, we act in accordance with the instructions of the client and legal requirements.

When using our online services, we may store the IP address and time of user activity based on our legitimate interests and for the protection of users against abuse and unauthorized use. This data is not shared with third parties unless required for the enforcement of our legal claims (Art. 6(1) (f) GDPR) or a legal obligation exists (Art. 6(1)© GDPR).

Data will be deleted when it is no longer required for fulfilling contractual or legal obligations, subject to periodic review every three years. Otherwise, legal retention obligations apply.