PRIVACY POLICY

DATA CONTROLLER

The data controller for this website in accordance with the General Data Protection Regulation (GDPR) is:

PO Box 5476, 80401 Diani Beach
Kerstin.diani@gmail.com
+254 716 284 060 (Tel & WhatsApp)

GENERAL INFORMATION ON DATA PROCESSING

The protection of your personal data is very important to us. We process personal data solely in accordance with applicable data protection laws, especially the General Data Protection Regulation (GDPR).

Personal data includes all information relating to an identified or identifiable natural person, such as name, email address, or IP address.

This privacy policy informs you about the type, scope, and purpose of the processing of personal data on our website.

APPLICABILITY OF THE GDPR

Our website is also directed at users in the European Economic Area (EEA). Therefore, personal data is processed in compliance with the requirements of the GDPR.

DATA PROCESSING WHEN VISITING THE WEBSITE

When you access our website, information is automatically collected by the hosting provider and stored in so-called server log files. These include:

– IP address
– Date and time of the request
– Requested page/file
– Amount of data transferred
– Browser type and version
– Operating system
– Referrer URL
– Hostname of the accessing computer

These data are used to ensure the technical availability, stability, and security of the website.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a secure and stable website operation).

Log files are usually deleted after a maximum of 14 days, unless security-related reasons require longer storage.

HOSTING

Our website is hosted by a hosting provider, whose services we obtain through a reseller.

The hosting provider processes personal data solely for the purpose of providing the website (infrastructure, storage, technical security).

A data processing agreement is in place with the hosting provider in accordance with Art. 28 GDPR.

Legal basis: Art. 6(1)(f) GDPR.

CONTACT FORM AND CONTACT

If you contact us via the contact form or by email, we process the data you provide (e.g., name, email address, message) to handle your inquiry.

Legal basis:
– Art. 6(1)(b) GDPR (pre-contractual communication)
– Art. 6(1)(f) GDPR (legitimate interest in communication)

The data will be deleted as soon as it is no longer necessary to process the inquiry and there are no legal retention obligations.

COOKIES

Our website uses only technically necessary cookies required for the operation of the website.

These cookies do not store personal data for marketing or analysis purposes.

Legal basis: Art. 6(1)(f) GDPR.

You can delete or block cookies at any time via your browser settings. However, this may limit the functionality of the website.

NO ANALYSIS OR TRACKING TOOLS

We do not use web analytics or tracking services such as Google Analytics or comparable services.

No evaluation of user behavior for marketing or statistical purposes takes place.

DATA TRANSFER TO THIRD COUNTRIES

Our company is located outside the European Union or European Economic Area.

If personal data of persons from the EU is processed, a transfer to a third country may occur.

We ensure that appropriate safeguards are in place in accordance with Art. 44 ff. GDPR, in particular through:

– Contractual protection measures
– Technical security measures
– Access restrictions
– Secure data transfer

DATA RETENTION

Personal data is stored only as long as required for the respective processing purposes or as required by law.

Once the processing purpose no longer exists or legal retention periods expire, the data is deleted.

YOUR RIGHTS AS A DATA SUBJECT

You have the following rights under the GDPR:

– Right of access (Art. 15 GDPR)
– Right to rectification (Art. 16 GDPR)
– Right to erasure (Art. 17 GDPR)
– Right to restriction of processing (Art. 18 GDPR)
– Right to data portability (Art. 20 GDPR)
– Right to object (Art. 21 GDPR)
– Right to withdraw consent (Art. 7 GDPR)

To exercise your rights, please contact us using the contact details above.

RIGHT TO COMPLAIN

You have the right to lodge a complaint with a data protection supervisory authority, particularly in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

SECURITY OF DATA PROCESSING

We implement technical and organizational security measures to protect personal data against loss, manipulation, or unauthorized access.

Our security measures are regularly updated according to technological developments.

EU REPRESENTATIVE

No EU representative has currently been appointed under Art. 27 GDPR.

CHANGES TO THIS PRIVACY POLICY

We reserve the right to adjust this privacy policy to reflect changes in legal requirements or changes to our services.

The current version is always available on our website.