Privacy Policy
This English translation is provided for convenience only. The German version (Datenschutzerklärung) is the legally binding one.
1. Controller
The controller within the meaning of the General Data Protection Regulation (GDPR) is:
Obesser – IT
Kevin Obesser
Moorweg 20
86316 Friedberg, Germany
E-mail: info@obesser-it.de
Phone: +49 1520 2362504
2. Privacy at a glance
This website is deliberately built to be data-minimal:
- No cookies are set. If you manually switch the website language (DE/EN), your choice is stored exclusively locally in your browser (localStorage); no data is transmitted to us or to third parties (§ 25 (2) no. 2 of the German TDDDG – technically required for the function you requested).
- There is no tracking and no analysis by third parties.
- No external content (fonts, scripts, CDNs) is loaded from third-party servers.
- The contact form transmits your details exclusively encrypted (HTTPS) and delivers them to us directly by e-mail – they are not stored permanently on the web server.
3. Hosting and server log files
When you visit this website, the hosting provider automatically processes information in so-called server log files that your browser transmits. This typically includes:
- IP address (usually shortened/anonymised)
- date and time of the request
- page or file accessed
- browser type and version
- operating system used
- referrer URL
This processing is based on Art. 6 (1) (f) GDPR. Our legitimate interest lies in the technically error-free presentation and the security of the website (e.g. defence against attacks). This data is not merged with other data sources. We have concluded a data processing agreement pursuant to Art. 28 GDPR with our hosting provider.
4. Contacting us
If you contact us by e-mail, telephone or via the contact form, your details, including the contact data you provide, will be stored by us for the purpose of processing your request and in case of follow-up questions. When you use the contact form, the data you enter is transmitted to our server in encrypted form (HTTPS) and forwarded to us immediately by e-mail; the form data is not stored permanently on the web server. To protect against misuse (spam), the sender's IP address is processed briefly in a non-traceable, hashed form for rate limiting.
The contact form can only be submitted if you first confirm, by ticking the consent box, that you have taken note of this privacy policy and agree to the processing of your details.
The processing is based on your consent (Art. 6 (1) (a) GDPR) and – insofar as your request is aimed at a contract – on Art. 6 (1) (b) GDPR (contract initiation/performance). You may withdraw your consent at any time informally, e.g. by e-mail, with effect for the future (Art. 7 (3) GDPR); the lawfulness of the processing carried out before the withdrawal remains unaffected. We do not pass this data on without your consent and delete it as soon as it is no longer required for processing and no statutory retention obligations apply.
5. Your rights
Within the scope of the statutory provisions, you have the right at any time to:
- information about your stored personal data (Art. 15 GDPR)
- rectification of inaccurate data (Art. 16 GDPR)
- erasure of your data (Art. 17 GDPR)
- restriction of processing (Art. 18 GDPR)
- data portability (Art. 20 GDPR)
- objection to processing (Art. 21 GDPR)
- withdrawal of consent given, with effect for the future (Art. 7 (3) GDPR)
You also have the right to lodge a complaint with a data protection supervisory authority. The competent authority is the Bavarian State Office for Data Protection Supervision (BayLDA), Promenade 18, 91522 Ansbach, Germany.
6. SSL/TLS encryption
For security reasons and to protect the transmission of confidential content, this site uses SSL/TLS encryption. You can recognise an encrypted connection by the browser address line changing from "http://" to "https://" and by the padlock symbol in your browser bar.
7. External links
This website contains a link to our Instagram profile. Only when you actively click this link do you leave our website; the data processing by Instagram (Meta Platforms Ireland Ltd.) is then subject to their privacy policy.
8. Currency of this privacy policy
This privacy policy is dated July 2026. Due to the further development of our website or changed legal requirements, it may become necessary to amend this privacy policy.