Imprint

Service Provider

Christian Müller

Koblenzer Straße 58

56759 Kaisersesch, Germany

Contact Information

Email Address: no-reply@simstints.de

Privacy Policy

Last updated: March 7, 2025

Table of Contents

Controller

Christian Müller
Koblenzer Straße 58
56759 Kaisersesch, Germany

Email address: no-reply@simstints.de

Overview of Processing Activities

The following overview summarizes the types of processed data, the purposes of their processing, and the affected individuals.

Types of Processed Data

  • Inventory data.
  • Contact data.
  • Content data.
  • Usage data.
  • Meta, communication, and procedural data.
  • Log data.

Categories of Affected Individuals

  • Communication partners.
  • Users.

Purposes of Processing

  • Provision of contractual services and fulfillment of contractual obligations.
  • Communication.
  • Security measures.
  • Organizational and administrative procedures.
  • Feedback.
  • Provision of our online services and user-friendliness.
  • Information technology infrastructure.

Relevant Legal Bases

Relevant legal bases under the GDPR: Below, you will find an overview of the legal bases of the GDPR on which we process personal data. Please note that in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or establishment. If more specific legal bases are applicable in individual cases, we will inform you about them in this privacy policy.

  • Consent (Art. 6(1)(a) GDPR) - The data subject has given consent to the processing of their personal data for one or more specific purposes.
  • Performance of a contract and pre-contractual inquiries (Art. 6(1)(b) GDPR) - Processing is necessary for the performance of a contract to which the data subject is a party, or to take steps at the request of the data subject prior to entering into a contract.
  • Legitimate interests (Art. 6(1)(f) GDPR) - Processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, provided that such interests are not overridden by the interests, fundamental rights, and freedoms of the data subject requiring the protection of personal data.

National data protection regulations in Germany: In addition to the data protection regulations of the GDPR, national data protection regulations apply in Germany. This includes, in particular, the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG), which contains special regulations on the right to access, the right to deletion, the right to object, the processing of special categories of personal data, processing for other purposes, and data transfer, as well as automated decision-making in individual cases, including profiling. Additionally, the data protection laws of individual federal states may apply.

Reference to the applicability of the GDPR and the Swiss FADP: This privacy notice serves to provide information under both the Swiss Federal Act on Data Protection (FADP) and the General Data Protection Regulation (GDPR). Therefore, please note that for broader applicability and clarity, the terminology of the GDPR is used. In particular, instead of the terms "processing" of "personal data," "overriding interest," and "particularly sensitive personal data" used in the Swiss FADP, the GDPR terms "processing" of "personal data," "legitimate interest," and "special categories of data" are used. However, the legal meaning of these terms remains determined under the Swiss FADP within its scope of application.

Security Measures

In accordance with legal requirements and considering the state of the art, implementation costs, the nature, scope, circumstances, and purposes of processing, as well as varying probabilities of occurrence and the severity of threats to the rights and freedoms of individuals, we take appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as access to, input, transmission, availability, and separation of the data. Furthermore, we have implemented procedures to ensure the exercise of data subject rights, data deletion, and responses to data security threats. Additionally, we take data protection into account in the development and selection of hardware, software, and procedures in accordance with the principles of data protection by design and by default.

Securing online connections using TLS/SSL encryption technology (HTTPS): To protect users' data transmitted through our online services from unauthorized access, we use TLS/SSL encryption technology. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are the cornerstones of secure data transmission on the Internet. These technologies encrypt the information transmitted between the website or app and the user's browser (or between two servers), ensuring that data remains protected from unauthorized access. TLS, as the more advanced and secure version of SSL, ensures that all data transfers meet the highest security standards. When a website is secured with an SSL/TLS certificate, this is indicated by the presence of HTTPS in the URL. This serves as an indicator for users that their data is being transmitted securely and in encrypted form.

General Information on Data Storage and Deletion

We delete personal data that we process in accordance with legal requirements as soon as the underlying consent is revoked or no further legal basis for processing exists. This applies to cases where the original purpose of processing ceases or the data is no longer needed. Exceptions to this rule exist if legal obligations or special interests require longer retention or archiving of the data.

In particular, data that must be retained for commercial or tax reasons, or whose storage is necessary for legal prosecution or the protection of the rights of other natural or legal persons, must be archived accordingly.

Our privacy notices contain additional information on data retention and deletion, which specifically apply to certain processing activities.

If multiple retention or deletion periods are specified for data, the longest period always applies.

If a period does not explicitly start on a specific date and is at least one year, it automatically begins at the end of the calendar year in which the event triggering the period occurred. In the case of ongoing contractual relationships in which data is stored, the triggering event is the effective date of termination or another form of contract termination.

Data that is no longer stored for its original purpose but is retained due to legal requirements or other reasons will only be processed for the purposes that justify their retention.

Further Information on Processing Activities, Procedures, and Services:

  • Data Retention and Deletion: The following general retention periods apply under German law:
    • 10 years - Retention period for books and records, annual financial statements, inventories, management reports, opening balance sheets, and other necessary documents for their understanding (§ 147 Abs. 1 Nr. 1 i.V.m. Abs. 3 AO, § 14b Abs. 1 UStG, § 257 Abs. 1 Nr. 1 i.V.m. Abs. 4 HGB).
    • 8 years - Accounting records, such as invoices and cost receipts (§ 147 Abs. 1 Nr. 4 and 4a i.V.m. Abs. 3 Satz 1 AO as well as § 257 Abs. 1 Nr. 4 i.V.m. Abs. 4 HGB).
    • 6 years - Other business documents: received business correspondence, copies of sent business letters, and other documents relevant for taxation, such as payroll records, calculation documents, and price listings (§ 147 Abs. 1 Nr. 2, 3, 5 i.V.m. Abs. 3 AO, § 257 Abs. 1 Nr. 2 u. 3 i.V.m. Abs. 4 HGB).
    • 3 years - Data required to consider potential warranty and compensation claims or similar contractual claims and rights, as well as associated inquiries, based on previous business experience and industry standards, will be retained for the regular statutory limitation period of three years (§§ 195, 199 BGB).

Rights of Data Subjects

Rights of data subjects under the GDPR: As a data subject, you have various rights under the GDPR, which are particularly outlined in Articles 15 to 21 GDPR:

  • Right to object: You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data based on Article 6(1)(e) or (f) GDPR, including profiling based on these provisions. If your personal data is processed for direct marketing purposes, you have the right to object to such processing at any time; this also applies to profiling related to such direct marketing.
  • Right to withdraw consent: You have the right to withdraw your consent at any time.
  • Right of access: You have the right to obtain confirmation as to whether data concerning you is being processed, as well as to request access to this data and additional information and copies of the data, in accordance with legal requirements.
  • Right to rectification: You have the right, in accordance with legal requirements, to request the completion of your data or the correction of incorrect data concerning you.
  • Right to deletion and restriction of processing: You have the right, in accordance with legal requirements, to request the immediate deletion of your data or, alternatively, to request the restriction of the processing of your data.
  • Right to data portability: You have the right to receive the data you provided to us in a structured, commonly used, and machine-readable format, or to request its transmission to another controller, in accordance with legal requirements.
  • Right to lodge a complaint with a supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your habitual residence, place of work, or the place of the alleged infringement, if you believe that the processing of your personal data violates the GDPR.

Provision of Online Services and Web Hosting

We process user data to provide them with our online services. For this purpose, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or device.

  • Types of Processed Data: Usage data (e.g., page views and duration, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions); Meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved parties). Log data (e.g., log files related to logins, data retrieval, or access times).
  • Data Subjects: Users (e.g., website visitors, users of online services).
  • Purposes of Processing: Provision of our online services and user-friendliness; IT infrastructure (operation and provision of information systems and technical equipment such as computers, servers, etc.). Security measures.
  • Retention and Deletion: Deletion in accordance with the details provided in the section "General Information on Data Storage and Deletion".
  • Legal Bases: Legitimate interests (Art. 6(1) sentence 1 lit. f) GDPR).

Further Information on Processing Activities, Procedures, and Services:

  • Collection of Access Data and Log Files: Access to our online services is logged in the form of so-called "server log files". Server log files may include the address and name of accessed web pages and files, the date and time of access, transferred data volumes, a message about successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page), and usually IP addresses and the requesting provider. Server log files may be used for security purposes, for example, to prevent server overload (especially in the case of abusive attacks, such as DDoS attacks), and to ensure server capacity and stability; Legal Bases: Legitimate interests (Art. 6(1) sentence 1 lit. f) GDPR). Deletion of Data: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data that must be retained for evidentiary purposes is excluded from deletion until the respective incident is fully resolved.

Use of Cookies

The term "cookies" refers to functions that store and retrieve information on users' devices. Cookies can be used for various purposes, such as ensuring the functionality, security, and convenience of online services, as well as analyzing visitor flows. We use cookies in accordance with legal requirements. Where necessary, we obtain prior user consent. If consent is not required, we rely on our legitimate interests. This applies when storing and retrieving information is essential for providing explicitly requested content and features. This includes storing preferences and ensuring the functionality and security of our online services. Consent can be withdrawn at any time. We provide clear information about its scope and which cookies are used.

Legal Basis for Data Protection: Whether we process personal data using cookies depends on user consent. If consent is given, it serves as the legal basis. Without consent, we rely on our legitimate interests, as outlined in this section and in the context of respective services and procedures.

Storage Duration: Regarding storage duration, the following types of cookies are distinguished:

  • Temporary Cookies (also known as session cookies): Temporary cookies are deleted at the latest when a user leaves an online service and closes their device (e.g., browser or mobile application).
  • Permanent Cookies: Permanent cookies remain stored even after the device is closed. For example, the login status can be saved, and preferred content can be displayed directly when a user revisits a website. Cookies may also be used for reach measurement. Unless explicitly stated otherwise (e.g., in the context of obtaining consent), users should assume that these cookies are permanent and may have a storage duration of up to two years.

General Information on Withdrawal and Objection (Opt-out): Users can withdraw their consent at any time and also object to processing in accordance with legal requirements, including through their browser's privacy settings.

  • Types of Processed Data: Meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved parties).
  • Data Subjects: Users (e.g., website visitors, online service users).
  • Legal Bases: Legitimate interests (Art. 6(1) sentence 1 lit. f) GDPR). Consent (Art. 6(1) sentence 1 lit. a) GDPR).

Further Information on Processing Activities, Procedures, and Services:

  • Processing of Cookie Data Based on Consent: We use a consent management solution that obtains users' consent for the use of cookies or the procedures and providers specified in the consent management solution. This procedure is used to obtain, record, manage, and revoke consent, particularly regarding the use of cookies and similar technologies for storing, retrieving, and processing information on users' devices. In this process, users' consent for the use of cookies and related processing activities, including specific processing and providers mentioned in the consent management process, is collected. Users also have the option to manage and revoke their consent. Consent statements are stored to avoid repeated requests and to provide proof of consent in compliance with legal requirements. Storage occurs server-side and/or in a cookie (so-called opt-in cookie) or using similar technologies to associate consent with a specific user or device. Unless specific details about consent management service providers are provided, the following general information applies: The duration of consent storage is up to two years. A pseudonymous user identifier is created, which is stored along with the time of consent, the scope of consent (e.g., affected categories of cookies and/or service providers), and information about the browser, system, and device used; Legal Basis: Consent (Art. 6(1) sentence 1 lit. a) GDPR).

Registration, Login, and User Account

Users can create a user account. During the registration process, the required mandatory information is provided to the users and processed for the purpose of providing the user account based on contractual obligation. The processed data particularly includes login information (username, password, and email address).

In the context of using our registration and login functions, as well as using the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as those of the users, in protecting against misuse and other unauthorized use. This data is generally not shared with third parties, unless necessary for the enforcement of our claims or there is a legal obligation to do so.

Users may be informed via email about processes relevant to their user account, such as technical changes.

  • Types of Processed Data: Inventory data (e.g., full name, residential address, contact information, customer number, etc.); Contact data (e.g., postal and email addresses, or phone numbers); Content data (e.g., textual or visual messages and posts, along with related information such as authorship or creation time); Usage data (e.g., page views and duration, click paths, usage intensity and frequency, device types and operating systems, interactions with content and features); Log data (e.g., log files regarding logins or data retrieval or access times).
  • Data Subjects: Users (e.g., website visitors, users of online services).
  • Purposes of Processing: Provision of contractual services and fulfillment of contractual obligations; security measures; organizational and administrative procedures. Provision of our online offer and user-friendliness.
  • Storage and Deletion: Deletion in accordance with the information in the "General Information on Data Storage and Deletion" section. Deletion after termination.
  • Legal Bases: Contract performance and pre-contractual inquiries (Art. 6 (1) sentence 1 lit. b) GDPR). Legitimate interests (Art. 6 (1) sentence 1 lit. f) GDPR).

Further Information on Processing Activities, Procedures, and Services:

  • Registration with Pseudonyms: Users may use pseudonyms as usernames instead of real names; Legal Bases: Contract performance and pre-contractual inquiries (Art. 6 (1) sentence 1 lit. b) GDPR).
  • User Profiles are Not Public: User profiles are not publicly visible and are not accessible.
  • Deletion of Data after Termination: If users have canceled their user account, their data regarding the user account will be deleted, subject to any legal permission, obligation, or consent of the users; Legal Bases: Contract performance and pre-contractual inquiries (Art. 6 (1) sentence 1 lit. b) GDPR).
  • No Obligation to Retain Data: It is the responsibility of the users to back up their data before the end of the contract in case of termination. We are entitled to irreversibly delete any data stored during the contract period; Legal Bases: Contract performance and pre-contractual inquiries (Art. 6 (1) sentence 1 lit. b) GDPR).

Registration, Login, and User Account

Users can create a user account. During registration, users are informed about the required mandatory details, which are processed for the purpose of providing the user account based on contractual obligations. The processed data includes, in particular, login information (username, password, and email address).

When utilizing our registration and login functions, as well as using the user account, we store the IP address and the time of each user action. Storage is based on our legitimate interests and those of the users to protect against misuse and other unauthorized use. These data are generally not shared with third parties unless it is necessary for the enforcement of our claims or there is a legal obligation to do so.

Users may be informed via email about activities relevant to their user accounts, such as technical changes.

  • Types of Processed Data: Inventory data (e.g., full name, residential address, contact information, customer number, etc.); Contact data (e.g., postal and email addresses or phone numbers); Content data (e.g., text or image-based messages and posts, along with related information such as authorship details or creation timestamps); Usage data (e.g., page views and duration, click paths, usage intensity and frequency, device types, and operating systems used, interactions with content and features); Log data (e.g., log files related to logins, data retrieval, or access times).
  • Data Subjects: Users (e.g., website visitors, online service users).
  • Purposes of Processing: Provision of contractual services and fulfillment of contractual obligations; Security measures; Organizational and administrative procedures; Provision of our online services and user-friendliness.
  • Storage and Deletion: Deletion as specified in the section "General Information on Data Storage and Deletion." Data is deleted upon termination.
  • Legal Bases: Contract performance and pre-contractual inquiries (Art. 6(1) sentence 1 lit. b) GDPR). Legitimate interests (Art. 6(1) sentence 1 lit. f) GDPR).

Further Information on Processing Activities, Procedures, and Services:

  • Registration with Pseudonyms: Users may use pseudonyms instead of real names as usernames; Legal Basis: Contract performance and pre-contractual inquiries (Art. 6(1) sentence 1 lit. b) GDPR).
  • User Profiles Are Not Public: User profiles are not publicly visible or accessible.
  • Data Deletion After Termination: When users terminate their user accounts, their data related to the user account will be deleted, subject to legal permissions, obligations, or user consent; Legal Basis: Contract performance and pre-contractual inquiries (Art. 6(1) sentence 1 lit. b) GDPR).
  • No Obligation to Retain Data: It is the responsibility of users to back up their data before the contract ends upon termination. We are entitled to irreversibly delete all data stored during the contract duration; Legal Basis: Contract performance and pre-contractual inquiries (Art. 6(1) sentence 1 lit. b) GDPR).

Contact and Inquiry Management

When contacting us (e.g., by mail, contact form, email, phone, or via social media) or in the context of existing user and business relationships, the details of the inquiring persons are processed to the extent necessary to respond to contact inquiries and any requested measures.

  • Types of Processed Data: Inventory data (e.g., full name, residential address, contact information, customer number, etc.); Contact data (e.g., postal and email addresses or phone numbers); Content data (e.g., text or image-based messages and posts, along with related information such as authorship details or creation timestamps); Usage data (e.g., page views and duration, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and features); Meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, involved persons).
  • Data Subjects: Communication partners.
  • Purposes of Processing: Communication; Organizational and administrative procedures; Feedback (e.g., collecting feedback via online form); Provision of our online services and user-friendliness.
  • Storage and Deletion: Deletion as specified in the section "General Information on Data Storage and Deletion."
  • Legal Bases: Legitimate interests (Art. 6(1) sentence 1 lit. f) GDPR). Contract performance and pre-contractual inquiries (Art. 6(1) sentence 1 lit. b) GDPR).

Further Information on Processing Activities, Procedures, and Services:

  • Contact Form: When contacting us via our contact form, email, or other communication channels, we process the personal data provided to respond to and handle the respective request. This typically includes details such as name, contact information, and any other information necessary for proper processing. We use this data exclusively for the stated purpose of contact and communication; Legal Bases: Contract performance and pre-contractual inquiries (Art. 6(1) sentence 1 lit. b) GDPR), Legitimate interests (Art. 6(1) sentence 1 lit. f) GDPR).