Privacy Policy

1. General Information

Protecting your personal data is particularly important to us. We process personal data confidentially and in accordance with the statutory provisions (GDPR, BDSG, TTDSG) as well as this Privacy Policy.

This statement informs you, pursuant to Art. 13 GDPR, about the type, scope and purposes of data processing on this website and about your rights.

2. Controller

Hilke Dethleff
kiosko.berlin
Geisenheimerstrasse 12
14197 Berlin
Germany

Communication

E-mail: hilke@kiosko.berlin
Phone: +49 178 8889393

When you contact us (by e-mail/phone), we process the data you provide (e.g. name, contact details, content of the inquiry) in order to handle your request (Art. 6 para. 1 lit. b or f GDPR). We delete this data once your inquiry has been resolved, provided no legal retention obligations apply.

3. Hosting by IONOS

This website is hosted by IONOS SE (Elgendorfer Straße 57, 56410 Montabaur, Germany). IONOS automatically logs the following in server log files: IP address (anonymized), browser type/version, operating system, referrer URL, hostname and time of the server request. Processing serves the technical provision, stability and security of the website (Art. 6 para. 1 lit. f GDPR). No merging of this data with other sources takes place.

4. Cookies & Consent

We use necessary cookies to operate the website (Art. 6 para. 1 lit. f GDPR in conjunction with § 25 para. 2 no. 2 TTDSG). Optional cookies/technologies (e.g. for reach measurement) are only used with your consent via the cookie banner (Art. 6 para. 1 lit. a GDPR; § 25 para. 1 TTDSG). You can change your selection in the banner at any time.

5. Google Analytics

We use Google Analytics, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, for reach measurement. After your consent, cookies are set. IP anonymization is enabled; your IP is shortened within the EU. Legal basis: Art. 6 para. 1 lit. a GDPR; § 25 para. 1 TTDSG.

You can withdraw your consent at any time in the cookie banner or additionally prevent data collection with the browser add-on: https://tools.google.com/dlpage/gaoptout.

Google acts as a processor. Data transfers to third countries (esp. USA) may occur, secured by EU Standard Contractual Clauses.

6. Google Search Console

We use Google Search Console for technical monitoring/optimization. No personal data of visitors is processed; the Search Console only provides aggregated technical metrics.

7. Google Fonts (local)

Fonts are hosted locally. No requests are sent to Google servers, and no personal data is transmitted to Google.

8. YouTube (enhanced privacy mode)

Embedded YouTube videos are used with enhanced privacy mode. Data transfer to YouTube/Google occurs only after you click on a video (consent, Art. 6 para. 1 lit. a GDPR; § 25 para. 1 TTDSG). If you are logged into YouTube, your visit may be linked to your account. Please log out beforehand if necessary.

9. Legal Bases & Data Retention

Unless otherwise stated, data is processed based on Art. 6 para. 1 lit. a (consent), lit. b (contract/pre-contractual measures) or lit. f GDPR (legitimate interest). Personal data is deleted as soon as the purpose no longer applies and no statutory retention obligations (e.g. commercial/tax law) conflict.

10. Your Rights

• Access (Art. 15 GDPR)
• Rectification (Art. 16 GDPR)
• Erasure (Art. 17 GDPR)
• Restriction of processing (Art. 18 GDPR)
• Data portability (Art. 20 GDPR)
• Objection (Art. 21 GDPR), in particular against direct marketing
• Withdrawal of consent (Art. 7 para. 3 GDPR)
• Complaint to a supervisory authority (Art. 77 GDPR)

11. Security (SSL/TLS)

This website uses SSL/TLS encryption. You can recognize an encrypted connection by the lock symbol in your browser’s address bar.

12. Objection to Advertising Emails

The use of contact details published in the imprint for sending unsolicited advertising is hereby rejected. Legal action may be taken in case of unsolicited marketing.

13. Updates to this Privacy Policy

Status: July 2025. Due to developments or legal changes, adjustments to this policy may be necessary. The current version is always available on this page.

14. Data Processing for Clients, Suppliers & Partners

If you work with us or enter into a business relationship, we process the following data: title, name, company information, address, e-mail address, phone number(s), invoicing and payment data (e.g. tax ID/VAT ID), contract- and project-related information.

Purposes & Legal bases: Contract performance and initiation, advice/communication and invoicing (Art. 6 para. 1 lit. b GDPR), fulfillment of legal obligations (Art. 6 para. 1 lit. c GDPR), legitimate interests such as internal administration or legal defense (Art. 6 para. 1 lit. f GDPR).

Recipients: Hosting/IT service providers (e.g. IONOS), tax advisors, banks, contractors (project-related). No use for other purposes.

Retention: Contract/communication data generally until expiry of statutory retention periods (typically 6–10 years under German commercial/tax law); other correspondence is deleted once no longer required.

Your rights follow from section 10; please direct withdrawals/objections to hilke@kiosko.berlin.

15. Data Subject Rights

You have the right at any time to obtain information about your stored personal data and its processing, to rectification of inaccurate data, to erasure of your data, and to restriction of processing if erasure is not possible due to legal obligations. You also have the right to object to the processing of your personal data and the right to data portability if you have consented to processing or entered into a contract with us.

You can withdraw any consent you have given at any time with effect for the future. You also have the right to lodge a complaint with the competent data protection authority. Which authority is responsible for you depends on your place of residence, your workplace, or the place of the alleged infringement. A list of supervisory authorities (for the non-public sector) with contact details can be found here: www.bfdi.bund.de.