Privacy policy

The controller within the meaning of the General Data Protection Regulation (hereinafter referred to as ‘GDPR’, DSGVO in the German original) and other national data protection laws and other data protection regulations is

Dr. Andreas Falke
trading as Beyond the Blur e.K.
Hohe Bleichen 12
20354 Hamburg
Germany

Phone: +49 40 2372-4121-0
Email: af@beyond-the-blur.de

Data protection is of particular importance to us. For this reason, we collect and use the personal data of users and visitors to our website only to the extent necessary to provide a functional website and our content and services. Personal data is any information relating to an identified or identifiable natural person (hereinafter referred to as ‘data subject’).

The collection and use of our visitor’s personal data is always carried out in accordance with the GDPR and the applicable country-specific data protection regulations. If the processing of personal data is necessary and such processing is not permitted by law, we always obtain the consent of the data subject.

Personal data will not be passed on to third parties. A transfer will only take place if you have expressly consented (Art. 6 para. 1 sentence 1 lit. a GDPR), there is a legitimate interest in the transfer and no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data (Art. 6 para. 1 sentence 1 lit. f GDPR), there is a legal obligation for the disclosure (Art. 6 para. 1 sentence 1 lit. c GDPR), or disclosure is permissible in the context of the fulfilment of a contract with you (Art. 6 para. 1 sentence 1 lit. b GDPR).

Each time you visit our website, the browser you use automatically transmits information to the server of our website. The following information is collected and stored until it is automatically deleted:

• IP address of the requesting computer,
• date and time of access,
• name and URL of the retrieved file,
• the referrer URL, i.e. the website from which the access was made,
• information about the type of browser used,
• the operating system of your computer,
• the name of the internet service provider.

 

This data is only stored temporarily in a so-called log file. This does not affect the visitor’s IP addresses or other data that allow the data to be assigned to a user. This data is not stored together with other personal data of the user. When using this data, we do not draw any conclusions about the person concerned.

The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in the provision of a functional website with correctly delivered content, in the optimisation of our systems, and in providing law enforcement authorities with the information necessary for prosecution in the event of a cyber attack. As soon as there is no longer a legitimate interest and there is no legal obligation to retain this data, it is routinely deleted.

We host the content of our website with the provider checkdomain GmbH.

Details can be found in the privacy policy of checkdomain GmbH, which is available here: https://www.checkdomain.de/agb/datenschutz/.

Data processing within the framework of hosting is based on Art. 6 (1) (f) GDPR. We have a legitimate interest in presenting our website as reliably as possible.

We have concluded a corresponding order processing agreement with the provider in accordance with Art. 28 GDPR.

We use cookies on our website. Cookies are small text files that your browser automatically creates and that can be stored on your end device. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. This does not mean that we gain direct knowledge of your identity.

The use of necessary cookies serves to display our website in a technically flawless manner. The data processed by these cookies are necessary for the purposes mentioned to safeguard our legitimate interests and those of third parties in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in the provision of a functional and user-friendly website.

We also use cookies to optimise the user-friendliness of our website and for statistical purposes.

We use so-called session cookies to recognise that you have already visited individual pages of our website. These cookies are automatically deleted after you leave our site. We also use temporary cookies that are stored on your device for a specified period of time. If you visit our site again, it is automatically recognised that you have already visited us and which entries and settings you have made so that you do not have to enter them again. The data collected includes the frequency of page views, search terms entered and the utilisation of website functions.

The use of cookies to statistically record and analyse our offer and for marketing purposes is described in more detail in section 6 et seq. of the privacy policy.

The legal basis for data processing by cookies for statistical purposes and evaluation of our offer as well as for marketing purposes is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR. When you visit our website, you have the option of giving your consent to data processing by cookies for analysis and marketing purposes. This consent is voluntary and can be revoked by you at any time. If you do not give your consent, no cookies will be set for marketing or analysis purposes.

You can also configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot use all the functions of our website.

We use Google Site Kit, a web analysis service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as ‘Google’), for the purpose of designing and continuously optimising our website in line with requirements, with which we can quickly and easily view statistics from Google products such as Google Analytics in our Wordpress dashboard. We use the tracking measures to statistically record the use of our website for the purpose of evaluating and optimising our offer.

Google Analytics enables the website operator to analyse the behaviour of website visitors. In doing so, the website operator receives various usage data, such as page views, length of visit, operating systems used and origin of the user. This data is assigned to the respective end device of the visitor. We can also use Google Analytics to record your mouse and scroll movements and clicks, among other things. Google Analytics also uses various modelling approaches to supplement the data records collected and uses machine learning technologies for data analysis. Google Analytics also uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting).

The legal basis for the data processing of Google services such as Google Site Kit and Google Analytics is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR. When you visit our website, you have the option of giving your consent to data processing by cookies for analysis and marketing purposes. This consent is voluntary and can be revoked by you at any time. If you do not give your consent, no cookies will be set for analysis or marketing purposes.

In this context, pseudonymised user profiles are created and cookies (see section 5) are used. The information generated by the cookie about your use of this website such as

• browser type / version,
• operating system used,
• referrer URL (the page previously visited),
• host name of the accessing computer (IP address),
• date and time of the server request,

 

are usually transmitted to a Google server and stored there. Under certain circumstances, data may also be transferred to Google servers in the USA. Due to Google’s certification under the EU-US Data Privacy Framework, the European Commission has determined that Google has an adequate level of data protection.

The above-mentioned information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. Under no circumstances will the IP address transmitted by your browser be merged with other Google data. The IP addresses are anonymised so that they cannot be assigned (IP masking). Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there.

Google will use this information on our behalf to analyse your use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on to deactivate Google Analytics: https://tools.google.com/dlpage/gaoptout?hl=en.

Further information on data protection in connection with Google Analytics can be found in the Google Analytics Help: https://support.google.com/analytics/answer/6004245?hl=en.

This website uses the Google reCAPTCHA service from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: ‘Google’). reCAPTCHA is a free captcha service from Google that protects websites from spam software and misuse by non-human visitors. reCAPTCHA collects personal data from users to determine whether the actions on our website actually originate from humans. The IP address and other data that Google requires for the reCAPTCHA service can therefore be sent to Google. The IP address is not combined with other Google data unless you are logged in with your Google account while using reCAPTCHA.

By using this function, we protect our website from spam software and misuse by non-human visitors. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR.

The data is usually transferred to a Google server and stored there. Under certain circumstances, the data may also be transferred to Google servers in the USA. Due to Google’s certification under the EU-US Data Privacy Framework, the European Commission has determined that Google has an adequate level of data protection.

Further information about Google reCAPTCHA can be found at: https://policies.google.com/privacy?hl=en.

We use the analysis and conversion tracking technology of the LinkedIn platform on our website. These LinkedIn services allow us to show you more relevant adverts based on your interests. We also receive aggregated and anonymous reports from LinkedIn about advertising activities and information about how you interact with our website. By statistically evaluating visitor behaviour, we can improve our offering and make it more interesting for you as a visitor. This is also our legitimate interest in the processing of the above data by the third-party provider.

Further information on data protection at LinkedIn can be found here: https://www.linkedin.com/legal/privacy-policy#choices-oblig.

You can object to the analysis of your usage behaviour by LinkedIn and the display of interest-based recommendations (‘opt-out’) by clicking on the field ‘Opt-out on LinkedIn’ (for LinkedIn members) or ‘Opt-out’ (for other users) under the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

We embed videos from YouTube on our website. YouTube is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as ‘Google’).

When you visit a page on our website where a YouTube video is embedded, a connection is automatically established to the YouTube servers, which transmits which of our pages you have visited. If you are logged in with a YouTube account, YouTube can assign the transmitted data to your profile. If you do not wish this to happen, you must log out of your YouTube account. YouTube is used on our website in the so-called extended data protection mode. According to the operator of YouTube, no data is used to personalise browsing on YouTube and no cookies are set when videos are played in extended data protection mode.

The legal basis for data processing is our legitimate interest in an informative and appealing design of our website within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR.

Due to Google’s certification under the EU-US Data Privacy Framework, the European Commission has determined an adequate level of data protection for Google and thus also for the YouTube service.

Further information on data protection at YouTube can be found at the following link: https://policies.google.com/privacy?hl=en.

We use the WordPress plugin ‘Limit Login Attempts Reloaded’ to prevent brute force attacks and unauthorised logins. This stores all logged IP addresses in encrypted form in the WordPress database. This service is used in the interest of protecting our website from hacker attacks. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR.

This website uses the ‘Polylang’ service provided by WP SYNTEX, 8, rue Joseph Cugnot 38307 Bourgoin Jallieu, France. Polylang generates a functional cookie that stores a language preference for the visitor in order to support multilingual websites. The use of Polylang is in the interest of an appealing presentation of our website and is based on our legitimate interest. (Art. 6 para. 1 sentence 1 lit. f GDPR).

The storage duration is one year.

You can access Polylang’s privacy policy here: https://polylang.pro/privacy-policy/.

Due to legal regulations, our website contains information that enables you to contact us quickly by electronic means (in particular e-mail address) and a contact form. If you contact us by e-mail or via the contact form, your voluntarily transmitted personal data will be automatically stored for the purpose of processing or contacting you. The data and your enquiry that you have sent via a form are hosted by checkdomain GmbH, with whom we have concluded an order processing contract.

The data will be deleted if there is no longer a legal retention period and if it is no longer required for contract fulfilment or contract initiation. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 sentence 1 lit. f GDPR. The legitimate interest within the meaning of the GDPR is processing and responding to your contact.

The data is deleted as soon as it has been used to fulfil the purpose for which it was collected. This is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified. You have the option to object to the storage of your personal data at any time. To do so, please contact the controller named in section 1 (in writing, by email or by telephone). The data from the previous communication will then be deleted and no further conversation will be possible.

In order to protect your data in the best possible way, we use the SSL (Secure Socket Layer) method on our website in conjunction with the highest level of encryption supported by your browser. You can recognise whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the status bar of your browser. We also use suitable technical and organisational security measures to protect your data against manipulation, loss, destruction, or unauthorised access by third parties.

We collect, process and use personal customer and contract data to establish, organise the content of and amend our contractual relationships. We collect, process and use personal data about the use of this website and platform (usage data) only insofar as this is necessary to enable the user to use the service or to bill the user. The legal basis for this is Art. 6 para. 1 sentence 1 lit. b GDPR.

The client data collected will be deleted after completion of the order or termination of the business relationship and expiry of any existing statutory retention periods. Statutory retention periods remain unaffected.

Company and personal data is stored in the Lexware Office cloud booking system. We have concluded a corresponding order processing contract with the provider.

In addition, we pass on company, address and invoice data to our tax consultant.

Project data is forwarded to external service providers as required. If we use external service providers as part of an order processing relationship, we conclude an NDA in each case.

We use various software to process the order, such as Adobe Creative Cloud, including Adobe Premiere, HappyScribe and Open AI’s Whisper. We conclude an order processing contract with the respective provider before using the respective service.

As a data subject, you have the following rights vis-à-vis the controller. If you wish to exercise one of these rights, please contact the controller using the contact details provided in section 1.

15.1  Right to information (Art. 15 GDPR): You can request information from the controller as to whether personal data concerning you is being processed by the controller. If processing is taking place, you can obtain information from the controller about this personal data and the purposes of the processing; the categories of personal data that are being processed; the recipients or categories of recipients to whom the personal data concerning you have been or will be the categories of recipients to whom the personal data concerning you have been or will be disclosed; the envisaged period for which the personal data concerning you will be stored, or, if not possible, the criteria used to determine that period; the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing; the existence of the right to lodge a complaint with a supervisory authority; where the personal data are not collected from you, any available information as to their source; the existence of automated decision-making including profiling in accordance with Art. 22 (1), (4) GDPR and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing for the data subject; the transfer of personal data to a third country or to an international organisation and the appropriate safeguards in this regard in accordance with Art. 46 GDPR; request information.

15.2 Right to rectification (Art. 16 GDPR): You have the right to obtain from the controller without undue delay the rectification and/or completion of your personal data if the personal data processed concerning you is inaccurate or incomplete.

15.3 Right to deletion (Art. 17 GDPR): You can request the erasure of your data stored by us if the data is no longer necessary for the purposes for which it was collected or processed; you withdraw your consent and there is no other legal basis for the processing; you object to the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate grounds for the processing or you object to the processing pursuant to Art. 21 para. 2 GDPR; the personal data has been processed unlawfully; the erasure is necessary for compliance with a legal obligation; or the personal data is no longer necessary in relation to information society services offered pursuant to Art. 21 para. 1 GDPR. Art. 21 para. 2 GDPR; the personal data have been processed unlawfully; the erasure is necessary for compliance with a legal obligation; or the personal data have been collected in relation to the offer of information society services referred to in Art. 8 para. 1 GDPR. This right to erasure does not apply if the processing is necessary for exercising the right of freedom of expression and information; for compliance with a legal obligation; for reasons of public interest; or for the establishment, exercise or defence of legal claims.

15.4 Right to restriction of processing (Art. 18 GDPR): You may request the restriction of the processing of your personal data if the accuracy of the personal data is contested by you for a period enabling the controller to verify the accuracy of the personal data; the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; the controller no longer needs the personal data, but you require them for the establishment, exercise or defence of legal claims; or you have objected to processing pursuant to Art. 21 (1) GDPR pending the verification whether the legitimate grounds of the controller override your grounds. If the processing of personal data concerning you has been restricted, this data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.

15.5  Right to data portability (Art. 20 GDPR): You have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller.

15.6  Right to object: If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data if there are reasons for this arising from your particular situation. If the objection is directed against direct advertising, you have a general right of objection, which we will implement without specifying a particular situation.

15.7  Right to withdraw consent: If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data if there are reasons for this arising from your particular situation. If the objection is directed against direct advertising, you have a general right of objection, which we will implement without specifying a particular situation.

This privacy policy is up to date as of March 2025. Due to the further development of our website and offerings or due to changed legal requirements, changes to this policy may become necessary.

This is a machine translation of the original privacy policy written in German. You can find that here: https://www.beyond-the-blur.de/datenschutzerklaerung/

Please note that the regulation referred to as ‘GDPR’ in this text is a translation of “DSGVO”. The articles and paragraphs referred to should be read as referring to the DSGVO.