Privacy Policy

Last updated: 29 May 2026

1. Scope

This privacy policy applies to the website https://raphaelkirchner.com. The controller responsible is the person named under "Controller".

2. Controller

The controller responsible for data processing on the website is:

Raphael Kirchner
Vorwerkstr. 11
20357 Hamburg
Germany
E-mail:

[Anti-Spam: JavaScript required]

The controller is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data.

Legal basis: Art. 13(1)(a) GDPR

3. Privacy at a Glance

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. Their contact details can be found in the "Controller" section.

How do we collect your data?

Data is collected on the one hand by you providing it to us (e.g. when you contact us by e-mail). Other data is collected automatically when you visit the website by our IT systems — essentially technical data such as browser type, operating system or time of page access.

What do we use your data for?

The data is used exclusively for the error-free provision of the website. Your usage behaviour is not analysed.

What rights do you have regarding your data?

A detailed list of your rights and our contact details for exercising them can be found below in the section "Your Rights (GDPR)".

4. Hosting (Strato)

We host the content of our website with an external provider:

Strato AG
Otto-Ostrowski-Straße 7, 10249 Berlin, Germany
Data processor (data processing agreement in place)
Privacy policy

Purpose: Stable, performant and secure delivery of the website.

Data processed:

  • IP address
  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in reliable hosting); where consent was obtained, additionally Art. 6(1)(a) GDPR in conjunction with § 25(1) TDDDG.

5. Server Log Files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us.

Purpose: Technically error-free display and optimisation of the website; defence against attacks.

Data processed:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

Note: This data is not merged with other data sources.

Legal basis: Art. 6(1)(f) GDPR

6. Cookies

This website uses only essential cookies. No tracking, advertising or analytics cookies are used. The following overview lists the cookies in use.

COOKIE_CONSENT

Purpose: Stores that the cookie notice has been displayed or confirmed, so that it is not shown again on every visit.

Storage duration: 1 year

Legal basis: Art. 6(1)(f) GDPR; § 25(2) TDDDG.

SESSION_ID

Purpose: Unique session ID for server-side functions, in particular persistence of the language setting during a session.

Storage duration: Session (deleted when the browser is closed)

Legal basis: Art. 6(1)(f) GDPR or Art. 6(1)(b) GDPR; § 25(2) TDDDG.

On the first visit to the website, a notice about the essential cookies in use may be displayed. Only cookies that are necessary for the functioning of the website are set. Consent for non-necessary cookies is not requested, as no tracking, advertising or analytics cookies are used. You can manage the use of cookies at any time via your browser settings or delete cookies that have been set.

Further details: /en/cookies.html

7. No Analytics, Tracking or Advertising Services

The website doesn't use analytics, tracking or advertising services such as Google Analytics, Firebase Analytics, Crashlytics, Amplitude, Mixpanel, AdMob, reCAPTCHA, or embedded YouTube or Vimeo players. Fonts are served locally.

8. Your Rights (GDPR)

You have the following rights with regard to personal data concerning you at any time:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent given (Art. 7(3) GDPR) — the lawfulness of processing carried out before withdrawal remains unaffected
  • Right to lodge a complaint with the competent supervisory authority (Art. 77 GDPR)

Please direct requests to exercise your rights to:

[Anti-Spam: JavaScript required]
.

The competent supervisory authority at the controller's place of business is: Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit (https://datenschutz-hamburg.de/).

9. Storage Duration

Unless a more specific storage duration is stated within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or withdraw your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing it (e.g. tax or commercial law retention periods); in the latter case, deletion will occur once those reasons no longer apply.

10. General Notes on the Legal Bases for Data Processing

If you have consented to data processing, we process your personal data on the basis of Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, where special categories of data within the meaning of Art. 9(1) GDPR are processed. In the event of express consent to the transfer of personal data to third countries, data processing also takes place on the basis of Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or to access to information on your end device, data processing additionally takes place on the basis of § 25(1) TDDDG. Consent can be withdrawn at any time. Where your data is required for the performance of a contract or for pre-contractual measures, we process your data on the basis of Art. 6(1)(b) GDPR. Furthermore, we process your data where this is required for the fulfilment of a legal obligation on the basis of Art. 6(1)(c) GDPR. Data processing may also take place on the basis of our legitimate interest pursuant to Art. 6(1)(f) GDPR. Information on the applicable legal basis in each individual case is provided in the preceding sections of this privacy policy.

11. SSL/TLS Encryption

For security reasons and to protect the transmission of confidential content, this site uses SSL/TLS encryption. You can recognise an encrypted connection by the fact that the address bar of the browser changes from "http://" to "https://" and by the padlock symbol in your browser bar. When SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties.

12. Objection to Advertising Emails

The use of contact details published as part of the imprint obligation for the purpose of sending unsolicited advertising and informational materials is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, e.g. via spam emails.

13. Children

Our website and app are not specifically directed at children under the age of 16. We do not knowingly collect personal data from children under the age of 16. If we become aware that a child has transmitted personal data to us without the consent of a parent or guardian, we will delete this data without delay.

14. Changes to This Privacy Policy

We reserve the right to adapt this privacy policy so that it always complies with current legal requirements or to reflect changes to our services (e.g. new providers). The version in force at the time of your visit is always the applicable one. The date of the last amendment can be found at the beginning of this policy.