Information about the service provider

The Roomlight Studio brand belongs to

Betterstory PR UG (limited liability)

Schliemannstrasse 39,
10437 Berlin,
Germany

Phone: 0049-179-6965909
Email: info@roomlightstudio.de

Register: Commercial Register
Registration number: HRB: 159032
Register court: Charlottenburg District Court

VAT number: DE295299250
Job title: Consultant
Awarding country: Germany

Managing Director: Christina Eulgem

Supervisory authority:
Berlin Commissioner for Data Protection and Freedom of Information
Alt-Moabit 59-61, 10555 Berlin
Website: https://www.datenschutz-berlin.de/

Data protection officer:
Christina Eulgem
Email: info@roomlightstudio.de
Phone: +49-0179-6965909

Universal Arbitration Board

We participate in dispute resolution proceedings before a consumer arbitration board. The responsible body is the Federal Universal Arbitration Board, Center for Arbitration e.V., located at Straßburger Straße 8, 77694 Kehl am Rhein ( https://www.verbraucher-schlichter.de ).

EU dispute settlement

In accordance with the Regulation on Online Dispute Resolution in Consumer Affairs (ODR Regulation), we would like to inform you about the Online Dispute Resolution Platform (ODR Platform).
Consumers have the opportunity to submit complaints to the European Commission's online dispute resolution platform at https://ec.europa.eu/consumers/odr/main/index.cfm?event=main.home2.show&lng=DE . The necessary contact details can be found above in our legal notice.

However, we would like to point out that we are not willing or obliged to participate in dispute resolution proceedings before a consumer arbitration board.

Image credits

The images, photos and graphics on this website are protected by copyright.

The image rights belong to:
Photographer John Rohrer

 

Privacy Policy

Introduction and Overview

We have drawn up this privacy policy (version 09.11.2024-322904702) to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (hereinafter referred to as "data") we as the controller – and the processors commissioned by us (e.g., providers) – process and will process in the future, and what legal options you have. The terms used are to be understood as gender-neutral.
In short: We provide you with comprehensive information about the data we process about you.

Data protection declarations usually sound very technical and use legal jargon. This data protection declaration, on the other hand, is intended to describe the most important things to you as simply and transparently as possible. Wherever it promotes transparency, technical terms are explained in a reader-friendly manner , links to further information are provided, and graphics are used. We are thus informing you in clear and simple language that we only process personal data in the context of our business activities if there is a corresponding legal basis. This is certainly not possible if you give explanations that are as brief, unclear, and legal-technical as possible, as is often the norm on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative and that you may find some information there that you were not aware of.
If you still have any questions, please contact the responsible office listed below or in the imprint, follow the links provided, and view further information on third-party websites. Our contact details can also be found in the imprint.

scope

This privacy policy applies to all personal data processed by us within the company and to all personal data processed by companies commissioned by us (contract processors). By personal data, we mean information within the meaning of Art. 4 No. 1 GDPR, such as a person's name, email address, and postal address. The processing of personal data ensures that we can offer and bill our services and products, whether online or offline. The scope of this privacy policy includes:

• all online presences (websites, online shops) that we operate
• Social media presence and email communication
• mobile apps for smartphones and other devices

In short: This privacy policy applies to all areas in which personal data is processed in a structured manner within the company via the aforementioned channels. Should we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.

Legal basis

In the following privacy policy, we provide you with transparent information on the legal principles and regulations, i.e. the legal basis of the General Data Protection Regulation, that enable us to process personal data.
Regarding EU law, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. This EU General Data Protection Regulation is available online on EUR-Lex, the gateway to EU law, at https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=celex%3A32016R0679 .

We only process your data if at least one of the following conditions applies:

1. Consent (Article 6 (1) (a) GDPR): You have given us your consent to process data for a specific purpose. An example would be storing the data you entered in a contact form.
2. Contract (Article 6 (1) (b) GDPR): We process your data to fulfill a contract or pre-contractual obligations with you. For example, if we conclude a purchase agreement with you, we require personal information in advance.
3. Legal obligation (Article 6 (1) (c) GDPR): We process your data if we are subject to a legal obligation. For example, we are legally obligated to retain invoices for accounting purposes. These usually contain personal data.
4. Legitimate interests (Article 6 (1) (f) GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website securely and economically efficiently. This processing therefore constitutes a legitimate interest.

We generally do not apply other conditions, such as the processing of recordings in the public interest, the exercise of official authority, or the protection of vital interests. Should such a legal basis be applicable, it will be indicated at the appropriate point.

In addition to the EU regulation, national laws also apply:

• In Austria this is the Federal Act on the Protection of Natural Persons with regard to the Processing of Personal Data ( Data Protection Act ), or DSG for short.
• In Germany, the Federal Data Protection Act ( BDSG) applies.

If other regional or national laws apply, we will inform you about them in the following sections.

Contact details of the person responsible

If you have any questions about data protection or the processing of personal data, you will find the contact details of the responsible person or body below:
Christina Eulgem

Email: info@roomlightstudio.de
Phone: +49-0179-6965909

Storage period

Our general principle is that we only store personal data for as long as it is absolutely necessary to provide our services and products. This means that we delete personal data as soon as the reason for processing it no longer exists. In some cases, we are legally obligated to retain certain data even after the original purpose no longer applies, for example, for accounting purposes.

If you wish to have your data deleted or withdraw your consent to data processing, the data will be deleted as quickly as possible and unless there is an obligation to store it.

We will inform you below about the specific duration of the respective data processing, provided we have further information on this.

Rights under the General Data Protection Regulation

In accordance with Articles 13 and 14 of the GDPR, we inform you of the following rights to which you are entitled to ensure fair and transparent data processing:

• According to Article 15 of the GDPR, you have the right to information about whether we process your data. If so, you have the right to receive a copy of the data and the following information:
  • for what purpose we carry out the processing;
  • the categories, i.e. the types of data that are processed;
  • who receives this data and, if the data is transferred to third countries, how security can be guaranteed;
  • how long the data is stored;
  • the existence of the right to rectification, erasure or restriction of processing and the right to object to processing;
  • that you can lodge a complaint with a supervisory authority (links to these authorities can be found below);
  • the origin of the data if we did not collect it from you;
  • whether profiling is carried out, i.e. whether data is automatically evaluated to create a personal profile of you.
• According to Article 16 of the GDPR, you have the right to rectification of data, which means that we must correct data if you find any errors.
• According to Article 17 GDPR, you have the right to erasure (“right to be forgotten”), which specifically means that you can request that your data be deleted.
• According to Article 18 GDPR, you have the right to restriction of processing, which means that we may only store the data but not use it further.
• According to Article 20 GDPR, you have the right to data portability, which means that we will provide you with your data in a common format upon request.
• According to Article 21 GDPR, you have the right to object, which, once enforced, will result in a change in the processing.
  • If the processing of your data is based on Article 6 (1) (e) (public interest, exercise of official authority) or Article 6 (1) (f) (legitimate interest), you may object to the processing. We will then examine as quickly as possible whether we can legally comply with this objection.
  • If data is used for direct marketing purposes, you can object to this type of data processing at any time. We may no longer use your data for direct marketing purposes after this time.
  • If data is used for profiling, you can object to this type of data processing at any time. We may no longer use your data for profiling after this time.
• According to Article 22 GDPR, you may have the right not to be subjected to a decision based solely on automated processing (e.g. profiling).
• According to Article 77 of the GDPR, you have the right to lodge a complaint. This means you can lodge a complaint with the data protection authority at any time if you believe that the processing of personal data violates the GDPR.

In short: You have rights – do not hesitate to contact the responsible body listed above!

If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can lodge a complaint with the supervisory authority. In Austria, this is the Data Protection Authority, whose website can be found at https://www.dsb.gv.at/ . In Germany, each federal state has a data protection officer. For further information, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI) . The following local data protection authority is responsible for our company:

Messenger & Communication Introduction

Messenger & Communication Privacy Policy Summary 👥 Affected: Visitors to the website 🤝 Purpose: Contact requests and general communication between us and you 📓 Processed data: Data such as name, address, email address, telephone number, general content data, if applicable IP address You can find more details in the respective tools used. 📅 Storage period: depends on the messenger & communication functions used ⚖️ Legal basis: Art. 6 (1) (a) GDPR (consent), Art. 6 (1) (f) GDPR (legitimate interests), Art. 6 (1) (b) GDPR (contractual or pre-contractual obligations)

What are messenger and communication features?

We offer various options for communicating with us on our website (e.g., messenger and chat functions, online or contact forms, email, and telephone). Your data will also be processed and stored to the extent necessary to respond to your inquiry and our subsequent actions.

In addition to traditional communication tools such as email, contact forms, or telephone, we also use chats and messengers. The currently most frequently used messenger function is WhatsApp, but there are, of course, many different providers offering messenger functions specifically for websites. If content is end-to-end encrypted, this will be indicated in the individual privacy texts or in the privacy policy of the respective provider. End-to-end encryption simply means that the content of a message is not visible even to the provider. However, information about your device, location settings, and other technical data may still be processed and stored.

Why do we use messenger and communication features?

Communication options with you are extremely important to us. Ultimately, we want to talk to you and answer all possible questions about our service as best as possible. Effective communication is a key part of our service. With our practical messenger and communication functions, you can always choose the one you prefer. In exceptional cases, however, we may not be able to answer certain questions via chat or messenger. This is the case, for example, when it concerns internal contractual matters. In these cases, we recommend other communication options such as email or telephone.

We generally assume that we remain responsible for data protection even when we use the services of a social media platform. However, the European Court of Justice has ruled that in certain cases, the operator of the social media platform may be jointly responsible with us within the meaning of Art. 26 GDPR. Where this is the case, we will specifically point this out and work on the basis of a relevant agreement. The essence of the agreement is set out below for the relevant platform.

Please note that when using our integrated elements, your data may also be processed outside the European Union, as many providers, such as Facebook Messenger or WhatsApp, are American companies. This may make it more difficult for you to assert or enforce your rights regarding your personal data.

What data is processed?

Exactly which data is stored and processed depends on the respective provider of the messenger and communication functions. This generally includes data such as name, address, telephone number, email address, and content data, such as any information you enter into a contact form. Information about your device and IP address is usually also stored. Data collected via a messenger and communication function is also stored on the providers' servers.

If you want to know exactly which data is stored and processed by the respective providers and how you can object to data processing, you should carefully read the respective company's privacy policy.

How long is data stored?

How long the data is processed and stored depends primarily on the tools we use. You can find out more about how the individual tools process data below. The providers' privacy policies usually state exactly which data is stored and processed for how long. In principle, personal data is only processed for as long as it is necessary to provide our services. When data is stored in cookies, the storage period varies greatly. The data can be deleted immediately after you leave a website, but it can also be stored for several years. You should therefore look at each individual cookie in detail if you want to know more about data storage. You can usually find informative information about the individual cookies in the privacy policies of the individual providers.

Right of objection

You also have the right and option to revoke your consent to the use of cookies or third-party services at any time. This can be done either through our cookie management tool or through other opt-out functions. For example, you can also prevent data collection through cookies by managing, deactivating, or deleting cookies in your browser. For further information, please refer to the section on consent.

Since cookies may be used in messaging and communication functions, we also recommend that you read our general privacy policy regarding cookies. To learn exactly which of your data is stored and processed, you should read the privacy policies of the respective tools.

Legal basis

If you have consented to your data being processed and stored through integrated messenger and communication functions, this consent serves as the legal basis for data processing (Art. 6 (1) (a) GDPR) . We process your inquiry and manage your data within the framework of contractual or pre-contractual relationships in order to fulfill our pre-contractual and contractual obligations and to answer inquiries. The basis for this is Art. 6 (1) (b) GDPR . In principle, if you have given your consent, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 (1) (f) GDPR) in fast and effective communication with you or other customers and business partners.

Aircall Privacy Policy

We use the communication tool Aircall. The service provider is the French company Aircall SAS, 11 Rue Saint-Georges, 75009 Paris, France.

You can learn more about the data processed through the use of Aircall in the privacy policy at https://aircall.io/privacy/ .

Web design introduction

Web design privacy policy summary 👥 Affected: Visitors to the website 🤝 Purpose: Improving the user experience 📓 Data processed: Which data is processed depends largely on the services used. This usually includes IP address, technical data, language settings, browser version, screen resolution, and browser name. You can find more details in the respective web design tools used. 📅 Storage period: depends on the tools used ⚖️ Legal basis: Art. 6 (1) (a) GDPR (consent), Art. 6 (1) (f) GDPR (legitimate interests)

What is web design?

We use various tools on our website to support our web design. Web design is not, as is often assumed, just about making our website look pretty, but also about functionality and performance. But of course, the right look and feel for a website is also one of the major goals of professional web design. Web design is a sub-area of media design and deals with the visual, structural, and functional design of a website. The goal is to use web design to improve your experience on our website. In web design jargon, this is referred to as user experience (UX) and usability. User experience refers to all the impressions and experiences that website visitors have on a website. A sub-section of user experience is usability. This refers to the user-friendliness of a website. We place particular emphasis on ensuring that content, subpages, and products are clearly structured and that you can find what you're looking for quickly and easily. To offer you the best possible experience on our website, we also use so-called third-party web design tools. In this privacy policy, the category "web design" includes all services that enhance the design of our website. These could include, for example, fonts, various plugins, or other integrated web design features.

Why do we use web design tools?

How you absorb information on a website depends heavily on its structure, functionality, and visual perception. Therefore, good and professional web design has become increasingly important to us. We are constantly working on improving our website and see this as an extended service for you as a website visitor. Furthermore, a beautiful and functional website also has financial advantages for us. After all, you will only visit us and take advantage of our services if you feel completely comfortable.

What data are stored by web design tools?

When you visit our website, web design elements may be integrated into our pages that can also process data. The exact nature of this data depends largely on the tools used. Below you can see exactly which tools we use for our website. For more detailed information about data processing, we recommend reading the privacy policy of the tools used. This usually tells you which data is processed, whether cookies are used, and how long the data is stored. Fonts such as Google Fonts, for example, also automatically transmit information such as language settings, IP address, browser version, browser screen resolution, and browser name to Google's servers.

Duration of data processing

How long data is processed varies greatly from person to person and depends on the web design elements used. If cookies are used, for example, the retention period can be as little as one minute or as long as several years. Please inform yourself about this. We recommend that you read our general section on cookies as well as the privacy policies of the tools used. There you will usually find out which cookies are used and what information is stored in them. Google Font files, for example, are stored for one year. This is intended to improve the loading time of a website. As a general rule, data is only stored for as long as necessary to provide the service. If required by law, data can be stored for longer.

Right of objection

You also have the right and the option to revoke your consent to the use of cookies or third-party providers at any time. This works either via our cookie management tool or via other opt-out functions. You can also prevent data collection through cookies by managing, deactivating or deleting cookies in your browser. However, some web design elements (usually fonts) also contain data that cannot be deleted so easily. This is the case when data is automatically collected when a page is accessed and transmitted to a third party provider (such as Google). In this case, please contact the support of the respective provider. In the case of Google, you can reach support at https://support.google.com/?hl=de .

Legal basis

If you have consented to the use of web design tools, this consent forms the legal basis for the corresponding data processing. According to Art. 6 (1) (a) GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as may occur when collected by web design tools. We also have a legitimate interest in improving the web design on our website. After all, only then can we provide you with an attractive and professional website. The corresponding legal basis for this is Art. 6 (1) (f) GDPR (legitimate interests). However, we only use web design tools if you have given your consent. We would like to emphasize this again here.

Information on specific web design tools – where available – can be found in the following sections.

Google Fonts Privacy Policy

Google Fonts Privacy Policy Summary 👥 Affected: Visitors to the website 🤝 Purpose: Optimization of our service 📓 Processed data: Data such as IP address and CSS and font requests You can find more details further down in this privacy policy. 📅 Storage period: Font files are stored by Google for one year ⚖️ Legal basis: Art. 6 (1) (a) GDPR (consent), Art. 6 (1) (f) GDPR (legitimate interests)

What are Google Fonts?

We use Google Fonts on our website. These are the "Google Fonts" of Google Inc. For the European region, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is responsible for all Google services.

You don't need to log in or enter a password to use Google Fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from all other Google services. If you have a Google Account, you don't need to worry about your Google Account data being transmitted to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. We'll look at how this data is stored in more detail later.

Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts that Google makes available to its users free of charge.

Many of these fonts are released under the SIL Open Font License, while others are released under the Apache License. Both are free software licenses.

Why do we use Google Fonts on our website?

With Google Fonts, we can use fonts on our own website without having to upload them to our own server. Google Fonts is an important component in maintaining the high quality of our website. All Google Fonts are automatically optimized for the web, saving data volume and being a major advantage, especially for use on mobile devices. When you visit our site, the small file size ensures fast loading times. Furthermore, Google Fonts are secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems, and mobile devices can lead to errors. Such errors can visually distort text or entire web pages. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). We use Google Fonts so that we can display our entire online service as beautifully and consistently as possible.

What data does Google store?

When you visit our website, the fonts are loaded via a Google server. This external call transmits data to the Google servers. This is how Google recognizes that you or your IP address are visiting our website. The Google Fonts API was developed to reduce the use, storage, and collection of end-user data to what is necessary for proper font delivery. API stands for "Application Programming Interface" and serves, among other things, as a data transmitter in the software sector.

Google Fonts securely stores CSS and font requests with Google, making them protected. The collected usage data allows Google to determine how well individual fonts are received. Google publishes the results on internal analysis sites, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google Fonts. This data is published in the Google Fonts BigQuery database. Business owners and developers use Google's BigQuery web service to examine and manipulate large amounts of data.

However, it's important to note that every Google Font request automatically transmits information such as language settings, IP address, browser version, screen resolution, and browser name to Google's servers. Whether this data is actually stored is unclear, and Google doesn't clearly communicate this.

How long and where is the data stored?

Google stores requests for CSS assets for one day on its servers, which are primarily located outside the EU. This allows us to use the fonts with the help of a Google stylesheet. A stylesheet is a formatting template that allows you to quickly and easily change, for example, the design or font of a website.

Google stores font files for one year. Google's goal is to fundamentally improve website loading times. If millions of websites link to the same fonts, they are cached after the first visit and immediately appear on all other websites visited subsequently. Google sometimes updates font files to reduce file size, increase language coverage, and improve design.

How can I delete my data or prevent data storage?

The data that Google stores for one day or one year cannot simply be deleted. This data is automatically transmitted to Google when a page is accessed. To delete this data prematurely, you must contact Google Support at https://support.google.com/?hl=de&tid=322904702 . In this case, you can only prevent data storage if you do not visit our site.

Unlike other web fonts, Google gives us unrestricted access to all fonts. This means we have unlimited access to a sea of fonts and can thus get the most out of them for our website. You can find more information about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=322904702 . While Google addresses data protection-related issues there, it doesn't provide truly detailed information about data storage. It's relatively difficult to get truly precise information about stored data from Google.

Legal basis

If you have consented to the use of Google Fonts, this consent forms the legal basis for the corresponding data processing. According to Art. 6 (1) (a) GDPR (consent), this consent constitutes the legal basis for the processing of personal data, as may occur when Google Fonts is collected.

We also have a legitimate interest in using Google Fonts to optimize our online service. The legal basis for this is Art. 6 (1) (f) GDPR (legitimate interests) . However, we only use Google Fonts if you have given your consent.

Google processes your data, among other places, in the USA. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. Further information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en .

In addition, Google uses so-called standard contractual clauses (= Art. 46 (2) and (3) GDPR). Standard contractual clauses (SCCs) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the standard contractual clauses, Google undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The Google Ads Data Processing Terms, which refer to the standard contractual clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/ .

You can also find out which data Google generally collects and what this data is used for at https://www.google.com/intl/de/policies/privacy/ .

Closing words

Congratulations! If you're reading these lines, you've truly "fought" your way through our entire privacy policy, or at least scrolled this far. As you can see from the length of our privacy policy, we take the protection of your personal data anything but lightly.
It is important to us to inform you to the best of our knowledge and belief about the processing of personal data. In doing so, we not only want to tell you which data is processed, but also explain the reasons for using various software programs. Privacy policies usually sound very technical and legalistic. However, since most of you are not web developers or lawyers, we wanted to take a different approach and explain the matter in simple and clear language. Of course, this is not always possible due to the subject matter. Therefore, the most important terms are explained in more detail at the end of the privacy policy.
If you have any questions about data protection on our website, please do not hesitate to contact us or the responsible party. We wish you a pleasant stay and hope to welcome you back to our website soon.

All texts are protected by copyright.

Source: Created with the Data Protection Generator Germany by AdSimple