The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations as well as this privacy policy.

Using our website is generally possible without providing personal data. If personal data (such as name, address, or email address) is collected on our pages, this is always done voluntarily wherever possible. These data will not be passed on to third parties without your explicit consent.

Please note that data transmission over the Internet (e.g., when communicating by email) can have security vulnerabilities. Complete protection of data from access by third parties is not possible.

​

Responsible for data processing:
Carlo Lux
Dolziger Straße 13
10247 Berlin
Germany
mail [at] carlolux.com

​

We appreciate your interest in our website. Protecting your privacy is very important to us. Below, we provide detailed information on how we handle your data.

​

Access Data and Hosting

You can visit our websites without providing personal information. Each time a website is accessed, the web server automatically stores a so-called server log file, which includes, for example, the name of the requested file, your IP address, date and time of access, amount of data transferred, and the requesting provider (access data) and documents the request. These access data are evaluated exclusively for the purpose of ensuring the smooth operation of the site and improving our offer. This serves to protect our overriding legitimate interests within the framework of a balancing of interests for the correct presentation of our offer according to Art. 6 (1) sentence 1 lit. f GDPR. All access data are processed as long as necessary for the purposes described above.

​

Hosting
The services for hosting and displaying the website are partially provided by our service providers on our behalf. Unless otherwise explained in this privacy policy, all access data as well as all data collected via forms on this website are processed on their servers. For questions about our service providers and the basis of our cooperation with them, please contact us via the contact options described in this privacy policy.

Our service providers are located and/or use servers in the following countries, for which the European Commission has recognized an adequate level of data protection by decision: Israel, United Kingdom, USA.

The adequacy decision for the USA serves as the basis for third-country transfers insofar as the respective service provider is certified. Certification is in place. Our service providers are located and/or use servers in these countries: Brazil, Mexico, India, Ukraine. For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on these guarantees: Standard Contractual Clauses of the European Union.

​

Data Processing for Contact and Customer Communication

Contact
When contacting us (e.g., via contact form, live chat, or email), we collect personal data for handling your requests in accordance with Art. 6 (1) sentence 1 lit. b GDPR, if you voluntarily provide this data. Mandatory fields are marked as such because we need the data to process your inquiry. The data collected are visible from the respective input forms. After your inquiry has been fully processed, your data will be deleted unless you have explicitly consented to further use according to Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to further data use which is legally permitted and described in this policy.

After complete processing of your customer inquiry, your data will be restricted for further processing and deleted after expiration of tax and commercial retention periods according to Art. 6 (1) sentence 1 lit. c GDPR unless you have explicitly consented to further use according to Art. 6 (1) sentence 1 lit. a GDPR or we reserve the right to further data use which is legally permitted and described here.

​

Cookies

General Information
To make visiting our website attractive and to enable the use of certain functions, we use technologies including so-called cookies on various pages. Cookies are small text files automatically stored on your device. Some of the cookies we use are deleted after the end of the browser session (session cookies). Other cookies remain on your device and allow us to recognize your browser on your next visit (persistent cookies).

​

Privacy Protection on End Devices
We use strictly necessary technologies to provide the expressly desired telemedia service. Storing information on your device or accessing information already stored on your device does not require your consent in this context.

For functions that are not strictly necessary, storing information or accessing information on your device requires your consent. Without consent, parts of the website may not be fully usable. Your given consents remain valid until you adjust or reset the settings on your device.

​

Subsequent Data Processing by Cookies and Other Technologies
We use technologies required for certain functions of our website (e.g., preference settings). These technologies collect and process your IP address, visit time, device and browser information, and usage data (e.g., preferences) based on our legitimate interests according to Art. 6 (1) sentence 1 lit. f GDPR.

We also use technologies to fulfill legal obligations (e.g., proof of consent) and for web analytics and online marketing. Details including the legal basis for processing are described further in this privacy policy.

If you have consented to these technologies under Art. 6 (1) sentence 1 lit. a GDPR, you can revoke your consent at any time by contacting us as described in this policy.

​

Use of the Wix Consent Manager Tool
We use the Wix Consent Manager Tool to inform you about cookies and other technologies on our website, to obtain, manage, and document your consent for the processing of your personal data by these technologies. This is required under Art. 6 (1) sentence 1 lit. c GDPR to comply with our legal obligations under Art. 7 (1) GDPR. Wix Consent Manager is offered by Wix.com Ltd., 40 Nemal St., Tel Aviv 6350671, Israel (“Wix”). After you submit your cookie declaration, Wix’s web server stores your IP address, date and time of the declaration, browser information, language, referring URL, and your consent behavior. A cookie is also used to store your consent data. Your data will be deleted after 365 days unless you explicitly consent to further use or we reserve the right to further legally permitted use.

Our service providers are located and/or use servers in countries recognized by the European Commission as providing adequate data protection: Israel, United Kingdom, USA. The adequacy decision for the USA applies for certified providers. Certification is in place. Our providers also operate servers in Brazil, Mexico, India, and Ukraine, for which there is no adequacy decision. Cooperation is based on the EU standard contractual clauses.

​

Use of Cookies and Other Technologies for Web Analytics and Advertising

We use the following cookies and technologies from third-party providers on our website. Unless otherwise stated, these are based on your consent under Art. 6 (1) sentence 1 lit. a GDPR. After the respective technology’s purpose ceases or we stop using it, related data will be deleted. You can revoke consent at any time with future effect. Details about revocation options are in the “Cookies and Other Technologies” section. More info including legal basis and cooperation details is provided with each technology. For questions, please contact us via the contact details in this privacy policy.

Social Media

​

Our Online Presence on LinkedIn
If you have consented under Art. 6 (1) sentence 1 lit. a GDPR to the respective social media operator, visiting our LinkedIn presence will automatically collect and store data for market research and advertising purposes. Pseudonymous usage profiles are created, which may be used to display ads that match your interests on and off the platform, usually through cookies. Detailed information on data processing by LinkedIn, contact options, and your privacy rights are available in LinkedIn’s privacy notices linked below. You may contact us for assistance if needed.

LinkedIn is offered by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”). Data collected by LinkedIn about your use of our LinkedIn presence is usually transferred to and stored on servers of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA.

Our service providers use servers in countries deemed to provide adequate protection by the European Commission: USA. The adequacy decision for the USA applies to certified providers. Certification is in place.

​

Contact Options and Your Rights

Your rights

As a data subject, you have the following rights:

• According to Art. 15 GDPR, the right to request information about your personal data processed by us to the extent specified therein;

• According to Art. 16 GDPR, the right to request the immediate correction of inaccurate or completion of your personal data stored with us;

• According to Art. 17 GDPR, the right to request the deletion of your personal data stored with us, unless further processing is necessary

  • for exercising the right to freedom of expression and information;

  • for compliance with a legal obligation;

  • for reasons of public interest; or

  • for the establishment, exercise, or defense of legal claims;

• According to Art. 18 GDPR, the right to request restriction of the processing of your personal data, insofar as

  • the accuracy of the data is disputed by you;

  • the processing is unlawful but you oppose the deletion;

  • we no longer need the data but you require them for the establishment, exercise, or defense of legal claims; or

  • you have objected to the processing pursuant to Art. 21 GDPR;

• According to Art. 20 GDPR, the right to receive your personal data which you have provided to us in a structured, commonly used, and machine-readable format, or to request transmission to another controller;

• According to Art. 77 GDPR, the right to lodge a complaint with a supervisory authority. Generally, you may contact the supervisory authority of your usual residence, workplace, or our company’s location.

 

Right to Object
If we process data based on legitimate interests, you can object to this processing with future effect. For direct marketing, you can object anytime without reason. For other processing, objection requires grounds related to your particular situation. After objection, we will stop processing unless we prove compelling legitimate grounds or it serves legal claims. For direct marketing, processing stops immediately after objection.

​

Contact
For questions regarding the collection, processing, use, correction, restriction, deletion of data, withdrawal of consent, or objection to data use, please contact us directly using the contact details in our imprint.