Privacy policy

1) Introduction and Contact Information of the Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about how your personal data is handled when you use our website. Personal data includes all data that can be used to personally identify you.

1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Filip Krzyzynski, FLP Trade, Maximiliansplatz 102, 96145 Sesslach, Germany, Tel.: +49 1567 8200302, Email: kontakt@filip-krzyzynski.com.
The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.

2) Data Collection When Visiting Our Website

2.1 When you use our website purely for informational purposes—that is, if you do not register or otherwise transmit information to us—we only collect the data that your browser transmits to our server (so-called „server log files“). When you access our website, we collect the following data, which is technically necessary for us to display the website:

  • Our visited website

  • Date and time of access

  • Amount of data sent in bytes

  • Source/referrer from which you accessed the page

  • Browser used

  • Operating system used

  • IP address used (possibly in anonymized form)

The processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website. This data is not shared or used in any other way. However, we reserve the right to retrospectively check the server log files if there are specific indications of unlawful use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries sent to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the string “https://” and the lock symbol in your browser’s address bar.

3) Hosting & Content Delivery Network

To host our website and display the page content, we use a service provider who performs these services either directly or through selected subcontractors exclusively on servers located within the European Union.

All data collected on our website is processed on these servers.

We have entered into a data processing agreement with this provider, which ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.

4) Cookies

To make visiting our website more attractive and to enable the use of certain functions, we use cookies—small text files that are stored on your device. Some of these cookies are automatically deleted after you close your browser (so-called “session cookies”), while others remain on your device for a longer period and allow the storage of site settings (so-called “persistent cookies”). For persistent cookies, you can find the storage duration in the cookie settings overview of your web browser.

If personal data is also processed through individual cookies we use, this processing takes place either in accordance with Art. 6(1)(b) GDPR for the performance of a contract, in accordance with Art. 6(1)(a) GDPR if consent has been given, or in accordance with Art. 6(1)(f) GDPR to safeguard our legitimate interest in ensuring the best possible functionality of the website as well as a user-friendly and effective website experience.

You can configure your browser to notify you about the setting of cookies and decide individually whether to accept them, or you can exclude the acceptance of cookies for specific cases or in general.

Please note that disabling cookies may limit the functionality of our website.

5) Contacting Us

5.1 Calendly

To provide an online appointment booking function, we use the services of the following provider:
Calendly, LLC, BB&T Tower, 271 17th St NW, Atlanta, GA 30363, USA

For the purpose of scheduling appointments, your first and last name as well as your email address (and optionally your phone number, if a phone appointment is requested) are collected in accordance with Art. 6(1)(b) GDPR and transmitted to the provider, where they are stored for appointment organization purposes, based on our legitimate interest in effective customer management and efficient scheduling as per Art. 6(1)(f) GDPR.

Your data will be deleted by the provider after the appointment has taken place or after the scheduled appointment period has expired.

We have concluded a data processing agreement with the provider to ensure the protection of our website visitors’ data and to prohibit unauthorized disclosure to third parties.

For data transfers to the USA, the provider is certified under the EU-U.S. Data Privacy Framework, which, based on an adequacy decision by the European Commission, ensures compliance with the European level of data protection.

5.2 When contacting us (e.g., via contact form or email), personal data is collected. The specific data collected when using a contact form can be seen from the respective form itself. This data is stored and used exclusively for the purpose of responding to your inquiry or for initiating contact and the associated technical administration.

The legal basis for processing this data is our legitimate interest in responding to your inquiry in accordance with Art. 6(1)(f) GDPR. If the contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6(1)(b) GDPR.
Your data will be deleted once your inquiry has been fully processed, provided that no legal retention requirements prevent deletion. This is deemed to be the case when it is evident from the circumstances that the relevant matter has been conclusively resolved.

6) Use of Customer Data for Direct Advertising

6.1 Subscription to Our Email Newsletter

If you subscribe to our email newsletter, we will regularly send you information about our offers. The only mandatory information required for sending the newsletter is your email address. Providing additional data is voluntary and is used to address you personally. We use the so-called double opt-in procedure for sending the newsletter. This means we will only send you an email newsletter if you have explicitly confirmed that you agree to receive newsletters. We will then send you a confirmation email, in which you are asked to confirm your subscription by clicking a link.

By activating the confirmation link, you give us your consent to use your personal data in accordance with Art. 6(1)(a) GDPR. When you subscribe to the newsletter, we store the IP address assigned by your Internet Service Provider (ISP) as well as the date and time of registration in order to trace any possible misuse of your email address at a later time. The data collected during newsletter registration is used exclusively for promotional communication via the newsletter.

You can unsubscribe from the newsletter at any time using the link provided in the newsletter or by contacting the controller named above. After unsubscribing, your email address will be immediately deleted from our newsletter distribution list, unless you have expressly consented to further use of your data or we reserve the right to use the data in any other way permitted by law and informed in this declaration.

6.2 Klaviyo

Our email newsletters are sent via the following provider:
Klaviyo, Inc., 125 Summer St., Ste 600, Boston, MA 02110, USA

Based on our legitimate interest in effective and user-friendly newsletter marketing, we share the data you provided during newsletter registration with this provider in accordance with Art. 6(1)(f) GDPR so that they can send newsletters on our behalf.

With your express consent in accordance with Art. 6(1)(a) GDPR, the provider also carries out statistical success analyses of newsletter campaigns using web beacons or tracking pixels in the emails sent, which can measure open rates and specific interactions with the newsletter content. Device information (e.g., access time, IP address, browser type, and operating system) is also collected and evaluated in this process, but is not merged with other datasets.

You can revoke your consent to newsletter tracking at any time with effect for the future.

We have entered into a data processing agreement with the provider, which ensures the protection of our website visitors’ data and prohibits unauthorized disclosure to third parties.

For data transfers to the USA, the provider is certified under the EU-U.S. Data Privacy Framework, which ensures compliance with the European level of data protection based on an adequacy decision by the European Commission.

7) Retargeting / Remarketing and Conversion Tracking

7.1 Meta Pixel

Within our online offering, we use the “Meta Pixel” service provided by the following provider:
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Meta”).

If a user clicks on one of our ads on Facebook and/or Instagram, the URL of our linked page is extended with a parameter using Meta Pixel. This URL parameter is then entered into the user’s browser via a cookie set by our linked site.

This allows Meta to identify visitors of our website as a target group for the display of advertisements (“ads”). We use this service to show our Facebook and/or Instagram ads only to those users who have shown interest in our online offering or who meet certain characteristics (e.g., interests in particular topics or products, based on visited websites) that we transmit to Meta (“Custom Audiences”).

Meta Pixel also allows us to track whether users are redirected to our website after clicking on an ad and what actions they perform there (“Conversion Tracking”).

The collected data is anonymous to us and does not allow us to identify individual users. However, the data is stored and processed by Meta, which may enable it to link it to the user’s profile and use it for Meta’s own advertising purposes.

All the aforementioned processing, particularly the setting of cookies to read information on the user’s device, is carried out only if you have given your explicit consent pursuant to Art. 6(1)(a) GDPR. You may revoke your consent at any time with future effect by deactivating this service via the cookie consent tool provided on the website.

We have concluded a data processing agreement with Meta to ensure the protection of our website visitors’ data and to prevent unauthorized disclosure to third parties.

Data generated by Meta may be transferred to and stored on Meta’s servers, including servers located in the USA.

Meta is certified under the EU-U.S. Data Privacy Framework, which ensures compliance with the European level of data protection based on an adequacy decision by the European Commission.

7.2 Google Ads Conversion Tracking

This website uses the online advertising program “Google Ads” and, within Google Ads, the conversion tracking service provided by:
Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

We use Google Ads to draw attention to our attractive offers on external websites with the help of advertising materials (Google AdWords). Using campaign data, we can determine how successful individual advertising measures are. Our goal is to show you ads that are relevant to your interests, to make our website more interesting for you, and to ensure a fair calculation of advertising costs.

The conversion tracking cookie is set when a user clicks on a Google ad. Cookies are small text files stored on your device. These cookies generally expire after 30 days and do not serve to personally identify users. If the user visits certain pages on this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to the respective page.

Each Google Ads customer receives a different cookie, so cookies cannot be tracked across websites of multiple Ads customers. The information collected using the conversion cookie is used to create conversion statistics for Ads customers who have opted into conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive information that could identify users personally.

In connection with the use of Google Ads, personal data may also be transmitted to servers of Google LLC in the USA.

You can find more information about the processing triggered by Google Ads Conversion Tracking and how Google handles data from websites here:
https://policies.google.com/technologies/partner-sites

All processing described above, particularly the setting of cookies for reading information on the user’s device, is carried out only with your express consent pursuant to Art. 6(1)(a) GDPR. You can revoke your consent at any time with future effect by deactivating this service in the cookie consent tool provided on the website.

You can also permanently object to the setting of cookies for Google Ads Conversion Tracking by downloading and installing the browser plugin available here:
https://www.google.com/settings/ads/plugin?hl=de

Please note that certain functions of this website may be limited or unavailable if you disable the use of cookies.

Google’s privacy policy can be found here:
https://business.safety.google/intl/de/privacy/
https://www.google.de/policies/privacy/

Google is certified under the EU-U.S. Data Privacy Framework, ensuring compliance with the European level of data protection.

8) Website Functionalities

8.1 Vimeo

This website uses plugins to display and play videos from the following provider:
Vimeo.com, Inc., 330 West 34th Street, 10th Floor, New York, NY 10001, USA.

When you access a page of our website that contains such a plugin, your browser establishes a direct connection to the provider’s servers in order to load the plugin. In the process, certain information—including your IP address—is transmitted to the provider.

If playback of embedded videos is started via the plugin, the provider also uses cookies to collect information on user behavior, compile playback statistics, and prevent abusive behavior.

If you are logged into a user account with the provider during your visit to our website, your data will be directly linked to your account when you click on a video. If you do not want the data to be associated with your account, you must log out before clicking the playback button.

All the above-mentioned processing—particularly the setting of cookies to read information from your device—only occurs if you have given your explicit consent in accordance with Art. 6(1)(a) GDPR. You can revoke your consent at any time with future effect by deactivating this service via the cookie consent tool provided on the website.

For data transfers to the USA, the provider is certified under the EU-U.S. Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

8.2 Google reCAPTCHA

This website uses the CAPTCHA service provided by the following provider:
Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

Data may also be transferred to: Google LLC, USA. For the visual design of the CAPTCHA window, the provider uses „Google Fonts,“ fonts loaded from the internet by Google. No additional information is processed beyond what is already transmitted through the reCAPTCHA functionality.

This service checks whether an entry is made by a human or abusively through automated processing and helps to block spam, DDoS attacks, and similar automated malicious access. To verify whether an action is being performed by a human and not by an automated bot, the provider collects the IP address of the device, identifying information about the browser and operating system type used, and the date and duration of the visit. This information is then transmitted to and evaluated on the provider’s servers. Cookies—small text files stored in the browser—may be used in the process.

If the processing described above involves cookies, these are only set if you have given your explicit consent in accordance with Art. 6(1)(a) GDPR. You may withdraw your consent at any time with future effect by deactivating this service via the cookie consent tool provided on the website.

If the processing is carried out without the use of cookies, the legal basis is our legitimate interest in identifying individual responsibility online and preventing misuse and spam in accordance with Art. 6(1)(f) GDPR.

We have concluded a data processing agreement with the provider to ensure the protection of our website visitors’ data and to prevent unauthorized disclosure to third parties.

For data transfers to the USA, the provider is certified under the EU-U.S. Data Privacy Framework, ensuring compliance with the European data protection level.

You can find more information about Google’s data protection policies here:
https://business.safety.google/intl/de/privacy/

8.3 Google Customer Reviews (formerly Google Certified Shops Program)

We work with Google under the “Google Customer Reviews” program. The provider is:
Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

This program gives us the opportunity to collect customer reviews from users of our website. After completing a purchase, you may be asked whether you would like to take part in an email survey from Google.

If you give your consent pursuant to Art. 6(1)(a) GDPR, we transmit your email address to Google. You will then receive an email from Google Customer Reviews asking you to rate your shopping experience on our website. The rating you provide will be aggregated with other reviews and displayed in our Google Customer Reviews badge and in our Merchant Center dashboard. Your review will also be used for Google Seller Ratings.

In connection with the use of Google Customer Reviews, personal data may be transmitted to servers of Google LLC in the USA.

You may revoke your consent at any time by notifying the data controller or Google directly.

For data transfers to the USA, the provider is certified under the EU-U.S. Data Privacy Framework, which ensures compliance with the European level of data protection.

Further information on Google’s privacy policy can be found here:
https://business.safety.google/intl/de/privacy/

9) Tools and Miscellaneous

Cookie Consent Tool

This website uses a so-called “cookie consent tool” to obtain valid user consents for cookies and cookie-based applications that require consent. When the site is accessed, this “cookie consent tool” is displayed to users in the form of an interactive interface, where they can grant consent for specific cookies and/or cookie-based applications by ticking checkboxes. The tool ensures that all cookies/services requiring consent are only loaded if the respective user has given consent via checkbox selection. This guarantees that such cookies are only placed on the user’s device if consent has been provided.

The tool sets technically necessary cookies to save your cookie preferences. In general, no personal user data is processed in this context.

If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning, or logging cookie preferences, this processing is carried out in accordance with Art. 6(1)(f) GDPR, based on our legitimate interest in legally compliant, user-specific, and user-friendly cookie consent management, and thus in a legally compliant design of our online presence.

Another legal basis for the processing is Art. 6(1)(c) GDPR. As the data controller, we are legally obligated to ensure that the use of non-essential cookies depends on the respective user’s consent.

Where necessary, we have entered into a data processing agreement with the provider to ensure the protection of our website visitors‘ data and to prohibit unauthorized disclosure to third parties.

Further information about the operator and configuration options of the cookie consent tool can be found directly in the corresponding user interface on our website.

10) Rights of the Data Subject

10.1 The applicable data protection law grants you the following rights regarding the processing of your personal data by the data controller (rights to access and intervention), with reference to the relevant legal basis for exercising these rights:

  • Right of access in accordance with Art. 15 GDPR;

  • Right to rectification in accordance with Art. 16 GDPR;

  • Right to erasure in accordance with Art. 17 GDPR;

  • Right to restriction of processing in accordance with Art. 18 GDPR;

  • Right to notification in accordance with Art. 19 GDPR;

  • Right to data portability in accordance with Art. 20 GDPR;

  • Right to withdraw consents given in accordance with Art. 7(3) GDPR;

  • Right to lodge a complaint in accordance with Art. 77 GDPR.

10.2 Right to Object

If we process your personal data based on a balancing of interests due to our overriding legitimate interest, you have the right to object to this processing at any time, on grounds related to your particular situation, with effect for the future.

If you exercise your right to object, we will cease the processing of the affected data. However, further processing may be reserved if we can demonstrate compelling legitimate grounds for the processing, which override your interests, rights, and freedoms, or if the processing is necessary for the establishment, exercise, or defense of legal claims.

If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing purposes. You can exercise the right to object as described above.

If you exercise your right to object, we will cease the processing of the affected data for direct marketing purposes.

11) Duration of Storage of Personal Data

The duration of the storage of personal data depends on the respective legal basis, the purpose of processing, and—if applicable—on the statutory retention periods (e.g., commercial and tax law retention periods).

When processing personal data based on explicit consent in accordance with Art. 6(1)(a) GDPR, the data will be stored as long as you do not withdraw your consent.

If statutory retention periods exist for data processed in the context of contractual or quasi-contractual obligations based on Art. 6(1)(b) GDPR, these data will be routinely deleted once the retention periods have expired, unless they are still required for the fulfillment of the contract or the initiation of a contract, or if we have a legitimate interest in retaining them.

When processing personal data based on Art. 6(1)(f) GDPR, the data will be stored as long as you do not exercise your right to object according to Art. 21(1) GDPR, unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.

When processing personal data for direct marketing purposes based on Art. 6(1)(f) GDPR, the data will be stored as long as you do not exercise your right to object in accordance with Art. 21(2) GDPR.

Unless otherwise stated in the specific processing situations outlined in this declaration, stored personal data will be deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.

2025 © Filip Krzyzynski. All rights reserved.