Furor 404

Privacy Policy

Preamble

With the following privacy policy, we would like to inform you about the types of your personal data (hereinafter also referred to as “data”), the purposes for which we process them, and the extent of such processing. This privacy policy applies to all processing of personal data carried out by us, both in the context of providing our services and, in particular, on our websites, in mobile applications, as well as within external online presences, such as our social media profiles (hereinafter collectively referred to as “online offering”).

The terms used are not gender-specific.

Status: 2 June 2025

Preamble
Controller
Overview of Processing
Relevant Legal Bases
Security Measures
Transfer of Personal Data
General Information on Data Retention and Deletion
Provision of the Online Offering and Web Hosting

Controller

Rhein Designer
Liebigstr. 2
53859 Niederkassel
Germany

Email: mail@furor404.com

Overview of Processing

The following overview summarizes the types of data processed, the purposes of their processing, and refers to the categories of data subjects.

Types of Data Processed

Inventory data.
Contact data.
Content data.
Usage data.
Meta, communication, and procedural data.
Log data.

Categories of Data Subjects

Communication partners.
Users.

Purposes of Processing

Communication.
Security measures.
Organizational and administrative procedures.
Feedback.
Provision of our online offering and user-friendliness.
Information technology infrastructure.

Relevant Legal Bases

Relevant legal bases under the GDPR: Below you will find an overview of the legal bases of the GDPR on which we process personal data. Please note that, in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or establishment. Should more specific legal bases be relevant in individual cases, we will inform you of these in this privacy policy.

Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

National data protection regulations in Germany: In addition to the data protection regulations of the GDPR, national regulations on data protection apply in Germany. This includes, in particular, the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG). The BDSG contains, in particular, special provisions on the right of access, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes, and transmission as well as automated decision-making in individual cases including profiling. Furthermore, data protection laws of the individual federal states may apply.

Security Measures

We take appropriate technical and organizational measures, in accordance with legal requirements and taking into account the state of the art, the implementation costs, the nature, scope, circumstances and purposes of processing as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, to ensure a level of security appropriate to the risk.

These measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access, input, transfer, securing availability and separation of the data. Furthermore, we have established procedures that ensure the exercise of data subjects’ rights, the erasure of data and responses to data threats. We also consider the protection of personal data during the development or selection of hardware, software, and procedures in accordance with the principle of data protection by design and by default.

Securing online connections with TLS/SSL encryption technology (HTTPS): To protect users’ data transmitted via our online services from unauthorized access, we use TLS/SSL encryption technology. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are the cornerstones of secure data transmission on the Internet. These technologies encrypt information exchanged between the website or app and the user’s browser (or between two servers), thereby protecting the data from unauthorized access. TLS, as the advanced and more secure version of SSL, ensures that all data transmissions meet the highest security standards. When a website is secured by an SSL/TLS certificate, this is indicated by HTTPS in the URL. This serves as an indicator for users that their data is being transmitted securely and in encrypted form.

Transfer of Personal Data

In the course of our processing of personal data, it may happen that data is transferred to other entities, companies, legally independent organizational units, or persons, or disclosed to them. Recipients of this data may include, for example, service providers tasked with IT tasks or providers of services and content integrated into a website. In such cases, we comply with the legal requirements and, in particular, conclude corresponding contracts or agreements that serve to protect your data with the recipients of your data.

General Information on Data Retention and Deletion

We delete personal data that we process in accordance with legal requirements as soon as the consents underlying the processing are revoked or other legal grounds for processing cease to apply. This applies in cases where the original purpose of processing no longer exists or the data is no longer needed. Exceptions apply if legal obligations or special interests require a longer retention or archiving of the data.

In particular, data that must be retained for commercial or tax reasons or whose retention is necessary for the pursuit of legal claims or the protection of the rights of other natural or legal persons must be archived accordingly.

Our privacy notices contain additional information on the retention and deletion of data, specifically for particular processing operations.

Where there are multiple details on retention periods or deletion deadlines for a particular item of data, the longest period always applies.

If a deadline does not expressly begin on a specific date and is at least one year, it automatically starts at the end of the calendar year in which the event triggering the period occurred. In the case of ongoing contractual relationships during which data is stored, the event triggering the period is the date the termination or other end of the legal relationship becomes effective.

Data that is retained not for its originally intended purpose but due to legal requirements or other reasons is processed solely for the reasons justifying its retention.

Further information on processing, procedures, and services:

Retention and deletion of data: The following general periods apply for retention and archiving under German law:
- 10 years – retention period for books and records, annual financial statements, inventories, management reports, opening balance sheets as well as the work instructions and other organizational documents required for their understanding (§ 147 para. 1 no. 1 in conjunction with para. 3 AO, § 14b para. 1 UStG, § 257 para. 1 no. 1 in conjunction with para. 4 HGB).
- 8 years – accounting documents, such as invoices and cost receipts (§ 147 para. 1 no. 4 and 4a in conjunction with para. 3 sentence 1 AO and § 257 para. 1 no. 4 in conjunction with para. 4 HGB).
- 6 years – other business documents: received commercial or business letters, copies of sent commercial or business letters, other documents relevant for taxation, e.g. time sheets, operating calculation sheets, calculation documents, price tags, but also payroll documents, provided they are not already accounting documents, and cash register tapes (§ 147 para. 1 nos. 2, 3, 5 in conjunction with para. 3 AO, § 257 para. 1 nos. 2 and 3 in conjunction with para. 4 HGB).
- 3 years – data required to consider potential warranty and compensation claims or similar contractual claims and rights as well as to process related inquiries, based on previous business experience and usual industry practice, are retained for the duration of the standard statutory limitation period of three years (§§ 195, 199 BGB).

Provision of the Online Offering and Web Hosting

We process users’ data in order to be able to provide them with our online services. For this purpose, we process the user’s IP address, which is necessary to deliver the content and functions of our online services to the user’s browser or device.

Types of data processed: Usage data (e.g. page views and duration of visit, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions); Meta, communication, and procedural data (e.g. IP addresses, time data, identification numbers, parties involved). Log data (e.g. log files regarding logins or data retrieval or access times).
Data subjects: Users (e.g. website visitors, users of online services).
Purposes of processing: Provision of our online offering and user-friendliness; information technology infrastructure (operation and provision of information systems and technical devices (computers, servers, etc.)). Security measures.
Retention and deletion: Deletion in accordance with the information in the section “General Information on Data Retention and Deletion”.
Legal bases: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).