Sicherheitslücke in Nextjs/ReactDu weißt nicht ob deine Next/React Application noch sicher ist?

Jetzt kostenlos prüfen
Skip to main content

Legal - Privacy Policy

The protection of your personal data is important to us. We process your data exclusively on the basis of legal provisions (GDPR, TKG 2003). In this privacy policy, we inform you about the most important aspects of data processing on our website.

1. Name and contact details of the data controller

Pixel & Process UG (haftungsbeschränkt) Marliring 74 23566 Lübeck Germany Email: info (at) pixelandprocess.de Phone: +49 (0) 172 8643008

2. Collection and processing of data

a) Visiting the website

When you visit our website, information of a general nature is automatically collected. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your internet service provider, and the like. This is exclusively information that does not allow any conclusions to be drawn about your person. This information is technically necessary to correctly deliver the content you have requested from websites and is mandatory when using the internet. It is processed in particular for the following purposes:

  • Ensuring a trouble-free connection to the website,
  • Ensuring smooth use of our website,
  • Evaluating system security and stability as well as
  • for other administrative purposes.

The processing of your personal data is based on our legitimate interest from the aforementioned purposes for data collection. We do not use your data to draw conclusions about your person. Recipients of the data are only the responsible party and, if applicable, processors.

b) Contact form

If you contact us by email or contact form, the information you provide will be stored for the purpose of processing the request and for possible follow-up questions. Providing a valid email address is required to answer the request. We do not pass on this data without your consent.

Retention period: Contact form data will be stored for the duration of processing your request and for a maximum of 6 months after project completion or last communication, unless legal retention obligations require longer storage.

c) Cookies and tracking

Our website uses cookies to improve user-friendliness and provide various functions. Cookies are small text files that are stored on your device.

Types of cookies:

  • Necessary cookies: These are required for the basic functions of the website, including our Strapi CMS, which is needed for all website content.
  • Analytics cookies: Help us understand how visitors interact with the website (e.g., Umami Analytics).
  • Marketing cookies: Enable personalized advertising and tracking for marketing purposes.

You can adjust your cookie settings at any time via our cookie banner or in your browser settings.

d) Umami Analytics

legal.privacy.section2.subsectionD.content

  • legal.privacy.section2.subsectionD.chatMessages.title legal.privacy.section2.subsectionD.chatMessages.description
  • legal.privacy.section2.subsectionD.technicalData.title legal.privacy.section2.subsectionD.technicalData.description
  • legal.privacy.section2.subsectionD.timestamp.title legal.privacy.section2.subsectionD.timestamp.description

legal.privacy.section2.subsectionD.note

e) Data categories and legal bases

We process the following categories of personal data:

  • Contact data (name, email address, phone number, message)
  • Technical data (IP address, browser type, operating system, device information)
  • Usage data (pages visited, access times, duration of stay)

Legal bases for processing (Art. 6 GDPR):

  • Consent (Art. 6 para. 1 lit. a GDPR): For marketing newsletters and optional cookies
  • Contract fulfillment (Art. 6 para. 1 lit. b GDPR): For processing inquiries and project requests
  • Legitimate interest (Art. 6 para. 1 lit. f GDPR): For website analysis, security, and technical functionality
  • Legal obligation (Art. 6 para. 1 lit. c GDPR): For tax and commercial retention obligations

f) Processors and third-party providers

We use the following processors and third-party providers:

  • IONOS SE (Hosting): Hosting of our website and email services. Server location: Germany. Contract according to Art. 28 GDPR in place.
  • Umami Analytics (self-hosted): Website analysis. Server location: Germany (analytics.pixelandprocess.de). No cookies, fully anonymized.
  • Strapi CMS (self-hosted): Content management system. Server location: Germany (strapi-prod.srv-02.pixelandprocess.de).
  • Listmonk / Mailcoach (self-hosted): Newsletter delivery. Server location: Germany. Double opt-in required.
  • n8n (self-hosted): Automation workflows for form processing. Server location: Germany (n8n.pixelandprocess.de).

g) Data transfer to third countries

In principle, we process and store your data within the European Union (EU) and the European Economic Area (EEA). All our servers and services are located in Germany. Data transfer to third countries outside the EU/EEA only takes place if this is legally required or you have expressly consented. In such cases, we ensure that appropriate guarantees in accordance with Art. 44 ff. GDPR are in place (e.g., EU Commission standard contractual clauses).

h) Security measures

We use technical and organizational measures to protect your data from unauthorized access, loss, destruction, or alteration:

  • SSL/TLS encryption for all data transmissions
  • Access controls and authentication for all systems
  • Regular backups with encrypted storage
  • Regular security updates and patch management
  • Training of our employees in data protection

i) Embedded third-party content

Our website embeds content from external providers that are required for the functionality and design of the website:

  • Bunny Fonts (fonts.bunny.net): We use Bunny Fonts as a privacy-friendly alternative to Google Fonts. When loading fonts, your IP address is transmitted to Bunny Fonts. Bunny Fonts does not store cookies and does not collect personal data. The data transmission is based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) to provide an appealing and user-friendly website.
  • IONOS Partner Badge (images-2.partnerportal.ionos.de): In the footer of our website, we display an IONOS partner badge. When loading this image, a connection to the IONOS server is established. No cookies are set and no personal data is collected. The data transmission is based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) to display our partnership.

3. Your rights

You generally have the rights to information, correction, deletion, restriction, data portability, revocation, and objection. If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can complain to the supervisory authority. In Germany, this is the responsible state data protection authority.

In detail, you have the following rights:

  • Right of access (Art. 15 GDPR): You can request information about the personal data we have stored.
  • Right to rectification (Art. 16 GDPR): You can request the correction of incorrect or the completion of incomplete data.
  • Right to deletion (Art. 17 GDPR): You can request the deletion of your personal data, provided there are no legal retention obligations.
  • Right to restriction (Art. 18 GDPR): You can request the restriction of processing of your data.
  • Data portability (Art. 20 GDPR): You can request that we transmit your data in a structured, common, and machine-readable format.
  • Right to object (Art. 21 GDPR): You can object to the processing of your data for reasons arising from your particular situation.
  • Right to withdraw (Art. 7 para. 3 GDPR): You can withdraw your consent at any time.

To exercise your rights, please contact us by email at info@pixelandprocess.de or use our contact form. We will process your request within one month. For complex requests, the deadline may be extended by a further two months, of which we will inform you.

You also have the right to complain to a supervisory authority if you believe that the processing of your personal data violates the GDPR. The supervisory authority responsible for us is:

4. Changes to our privacy policy

We reserve the right to adapt this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g., when introducing new services. The new privacy policy will then apply to your next visit.

5. Questions to the data protection officer

If you have questions about data protection, please write us an email or contact the person responsible for data protection in our organization directly:

Florian Wartner Marliring 74 23566 Lübeck Email: florian@pixelandprocess.de

Tell us about your project

Get in Touch

We are here for you

As a remote-first agency, we are globally networked and work flexibly to meet your requirements. We usually respond within 24 hours.

Privacy Policy - Pixel & Process | Pixel & Process | Pixel & Process