CONTACT

Lutz Schwemer Panchez
Holsteiner Str. 1
21465 Reinbek
Phone: +49 176 72439032
E-Mail: shark@shark5060.net

Information § 5 DDG

LIABILITY FOR CONTENT

The content of our website has been created with the utmost care. However, we cannot guarantee the accuracy, completeness, or timeliness of the content. As a service provider, we are responsible for our own content on these pages in accordance with Section 7 Paragraph 1 of the German Telemedia Act (TMG). However, according to Sections 8 to 10 of the TMG, we are not obligated as a service provider to monitor transmitted or stored third-party information or to investigate circumstances that indicate illegal activity. Obligations to remove or block the use of information in accordance with general laws remain unaffected. However, liability in this respect is only possible from the point at which we become aware of a specific legal violation. Upon becoming aware of such legal violations, we will remove this content immediately. 

LIABILITY FOR LINKS

Our website contains links to external websites of third parties, over whose content we have no control. Therefore, we cannot assume any liability for this external content. The respective provider or operator of the linked pages is always responsible for their content. The linked pages were checked for possible legal violations at the time of linking. Illegal content was not apparent at the time of linking. However, constant monitoring of the content of linked pages is unreasonable without concrete evidence of a legal violation. Upon notification of legal violations, we will remove such links immediately. 

COPYRIGHT

The content and works created by the site operators on these pages are subject to German copyright law. Reproduction, processing, distribution, and any kind of exploitation outside the limits of copyright law require the written consent of the respective author or creator. Downloads and copies of this page are only permitted for private, non-commercial use. Insofar as the content on this page was not created by the operator, the copyrights of third parties are respected. In particular, third-party content is identified as such. Should you nevertheless become aware of a copyright infringement, please inform us accordingly. Upon notification of legal violations, we will remove such content immediately. 

Privacy Policy

Preamble

With the following privacy policy, we would like to inform you about the types of your personal data (hereinafter also referred to as "data") that we process, for what purposes, and to what extent. This privacy policy applies to all processing of personal data carried out by us, both in the context of providing our services and, in particular, on our websites, in mobile applications, and within external online presences, such as our social media profiles (hereinafter collectively referred to as "online services").

The terms used are not gender-specific.

Last updated: December 29, 2025

Responsible Person

Lutz Schwemer Panchez
Holsteiner Str. 1
21465 Reinbek
Phone: +49 176 72439032
E-Mail: shark@shark5060.net

Types of data processed

• Usage data
• Metadata, communication data, and process data
• Log data

Purposes of processing

• Security measures
• Provision of our online services and user-friendliness
• Information technology infrastructure

Relevant legal bases

Relevant legal bases under the GDPR: Below you will find an overview of the legal bases under the GDPR on which we process personal data. Please note that in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or establishment. Furthermore, should more specific legal bases apply in individual cases, we will inform you of these in the privacy policy.

Legitimate interests

The processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

National data protection regulations in Germany: In addition to the GDPR data protection regulations, national data protection regulations apply in Germany. These include, in particular, the Federal Data Protection Act (BDSG). The BDSG contains specific provisions regarding the right of access, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes, and data transfers, as well as automated decision-making in individual cases, including profiling. Furthermore, state data protection laws of the individual federal states may also apply.

Security measures

In accordance with legal requirements, and taking into account the state of the art, the costs of implementation, and the nature, scope, context, and purposes of processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as access to, input of, disclosure of, and ensuring the availability and separation of the data. Furthermore, we have established procedures that guarantee the exercise of data subject rights, the erasure of data, and responses to data breaches. We also consider the protection of personal data during the development and selection of hardware, software, and processes, in accordance with the principles of data protection by design and by default.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as access to, input of, disclosure of, and ensuring the availability and separation of the data. Securing online connections with TLS/SSL encryption technology (HTTPS): To protect user data transmitted through our online services from unauthorized access, we rely on TLS/SSL encryption technology. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are the cornerstones of secure data transmission on the internet. These technologies encrypt the information transmitted between the website or app and the user's browser (or between two servers), thus protecting the data from unauthorized access. TLS, as the more advanced and secure version of SSL, ensures that all data transmissions meet the highest security standards. When a website is secured with an SSL/TLS certificate, this is indicated by the display of HTTPS in the URL. This serves as an indicator to users that their data is being transmitted securely and encrypted.

Transfer of personal data

As part of our processing of personal data, it may be necessary to transfer or disclose this data to other entities, companies, legally independent organizational units, or individuals. Recipients of this data may include, for example, IT service providers or providers of services and content integrated into a website. In such cases, we comply with legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data to ensure its protection.

General information on data storage and deletion

We delete personal data that we process in accordance with legal regulations as soon as the underlying consent is withdrawn or no further legal basis for processing exists. This applies to cases where the original processing purpose no longer applies or the data is no longer needed. Exceptions to this rule exist if legal obligations or special interests require longer retention or archiving of the data.

In particular, data that must be retained for commercial or tax law reasons, or whose storage is necessary for legal proceedings or to protect the rights of other natural or legal persons, must be archived accordingly.

Our privacy policy contains additional information on the retention and deletion of data that applies specifically to certain processing activities.

If there are multiple retention periods or deletion deadlines for a given date, the longest period always applies. Data that is no longer retained for the originally intended purpose, but is retained due to legal requirements or other reasons, is processed by us exclusively for the reasons that justify its retention.

Data retention and deletion: The following general retention periods apply under German law:

• 10 years - Retention period for books and records, annual financial statements, inventories, management reports, opening balance sheets and the work instructions and other organizational documents required for their understanding (§ 147 para. 1 no. 1 in conjunction with para. 3 AO, § 14b para. 1 UStG, § 257 para. 1 no. 1 in conjunction with para. 4 HGB).
  
  
• 8 years - accounting documents, such as invoices and cost receipts (§ 147 para. 1 no. 4 and 4a in conjunction with para. 3 sentence 1 AO as well as § 257 para. 1 no. 4 in conjunction with para. 4 HGB).
  
  
• 6 years - Other business documents: received commercial or business letters, copies of sent commercial or business letters, other documents insofar as they are relevant for taxation, e.g. timesheets, operating statements, calculation documents, price labels, but also payroll documents, insofar as they are not already accounting documents and cash register tapes (§ 147 para. 1 no. 2, 3, 5 in conjunction with para. 3 AO, § 257 para. 1 no. 2 and 3 in conjunction with para. 4 HGB).
  
  
• 3 years - Data required to consider potential warranty and damage claims or similar contractual claims and rights, as well as to process related inquiries, based on previous business experience and standard industry practices, will be stored for the duration of the regular statutory limitation period of three years (§§ 195, 199 BGB).

Commencement of a time limit at the end of the year: If a time limit does not expressly begin on a specific date and is at least one year long, it starts automatically at the end of the calendar year in which the event triggering the time limit occurred. In the case of ongoing contractual relationships in which data is stored, the event triggering the time limit is the effective date of the termination or other end of the legal relationship.

Rights of data subjects

Rights of data subjects under the GDPR: As a data subject, you have various rights under the GDPR, which arise in particular from Articles 15 to 21 GDPR:

• Right to object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) of the GDPR, including profiling based on those provisions. Where personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
  
  
• Right of withdrawal for consents: You have the right to withdraw any consent you have given at any time.
  
  
• Right to information: You have the right to request confirmation as to whether data concerning you is being processed, and to access this data as well as further information and a copy of the data in accordance with legal requirements.
  
  
• Right to rectification: In accordance with legal requirements, you have the right to request the completion of your personal data or the correction of inaccurate personal data concerning you.
  
  
• Right to erasure and restriction of processing: In accordance with legal requirements, you have the right to request that data concerning you be erased without undue delay, or alternatively, in accordance with legal requirements, to request a restriction of the processing of the data.
  
  
• Right to data portability: You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format, or to request its transmission to another controller, in accordance with the legal requirements.
  
  
• Right to lodge a complaint with a supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

Provision of the online service and web hosting

We process user data to provide our online services. For this purpose, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or device.

• Types of data processed: Usage data (e.g., page views and time spent on the site, click paths, usage intensity and frequency, device types and operating systems used, interactions with content and functions); metadata, communication data, and procedural data (e.g., IP addresses, timestamps, identification numbers, persons involved). Log data (e.g., log files concerning logins or data retrieval or access times).
  
  
• Affected persons: Users (e.g., website visitors, users of online services).
  
  
• Purposes of processing: Provision of our online services and user-friendliness; Information technology infrastructure (operation and provision of information systems and technical equipment (computers, servers, etc.)). Security measures.
  
  
• Storage and deletion: Deletion according to the information in the section "General information on data storage and deletion".
  
  
• Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).

Further information on processing procedures, methods and services:

• Provision of online services on rented storage space: For the provision of our online services, we use storage space, computing capacity and software that we rent from a corresponding server provider (also called "web host") or otherwise obtain; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).
  
  
• Collection of Access Data and Log Files: Access to our online services is logged in the form of so-called "server log files." Server log files may contain the address and name of the accessed web pages and files, the date and time of access, the amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), and, as a rule, IP addresses and the requesting provider. Server log files may be used for security purposes, e.g., to prevent server overload (especially in the case of malicious attacks, so-called DDoS attacks), and to ensure server capacity and stability. Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Deletion of Data: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data that needs to be retained for evidentiary purposes is exempt from deletion until the respective incident has been fully resolved.
  
  
• netcup: Services in the field of providing information technology infrastructure and related services (e.g., storage space and/or computing capacity)
  Service provider: netcup GmbH, Daimlerstraße 25, D-76185 Karlsruhe, Germany
  Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR)
  Website: https://www.netcup.de/
  Privacy policy: https://www.netcup.de/kontakt/datenschutzerklaerung.php
  Data processing agreement: https://helpcenter.netcup.com/de/wiki/general/avv/

Changes and updates

We encourage you to review our Privacy Policy regularly. We will update the Privacy Policy as soon as changes to our data processing activities make this necessary. We will inform you if any changes require your action (e.g., consent) or other individual notification.

If we provide addresses and contact information for companies and organizations in this Privacy Policy, please note that these addresses may change over time. We recommend verifying the information before contacting them.

COPYRIGHT FOR THIRD-PARTY CONTENT

The CMS 'Publii' © Publii
The Theme 'Square' © Publii (my theme 'Prism' is based on the Square theme)
The Font for the Headers 'Yanone Kaffeesatz' © Yanone & Cyreal
General Legal Text © Kanzlei Hasselbach
GDPR Text © Dr. Thomas Schwenke