Privacy policy

1. Controller

The controller for data processing on this website within the meaning of the GDPR is the provider named in the legal notice of this website. Please refer to the legal notice for contact details.

2. Data processing when visiting the website (server log files)

When you visit this website for information purposes only, the web server automatically records and stores the following information in so‑called log files:

• IP address of the requesting device
• Date and time of access
• Page/file requested (URL)
• Amount of data transferred
• Message whether the retrieval was successful (HTTP status code)
• Referrer URL (previously visited page, if transmitted)
• Browser and operating system used

Purposes of processing:
• Technical provision of the website
• Ensuring stability and security of operation (e.g. defence against attacks)
• Error analysis in the event of faults

Legal basis:
Article 6 (1) (f) GDPR (legitimate interest in a secure and stable operation of the website).
The log files are deleted as soon as they are no longer required for the purposes mentioned; in individual cases, longer storage may be necessary to defend or document attacks or to assert legal claims.

3. Cookies

Only technically necessary cookies are used on this website, for example to

• store individual settings (e.g. session)
• enable the technical delivery of pages

No cookies are set for tracking, analysis or marketing purposes.

Legal basis:
Article 6 (1) (f) GDPR (legitimate interest in a technically functioning and user‑friendly website).
You can disable or restrict the storage of cookies in your browser. You can delete already stored cookies at any time. Disabling technically necessary cookies may lead to restrictions in the functionality of the website.

4. Email contact

If you contact us via the email address provided on the website, the personal data you transmit will be processed. This includes in particular:

• Email address
• Content of your message
• Any contact details you provide (e.g. name, telephone number, signature data)

Purpose of processing:
Processing your enquiry and any subsequent correspondence.

Legal basis:
• Article 6 (1) (b) GDPR, insofar as the request is aimed at concluding or fulfilling a contract (e.g. offers, orders, service enquiries),
• Article 6 (1) (f) GDPR (legitimate interest in processing enquiries),
• where applicable Article 6 (1) (c) GDPR if statutory retention obligations exist (e.g. commercial and tax documentation obligations).

The data will be deleted as soon as they are no longer required for processing the enquiry, unless statutory retention obligations require otherwise.

5. Recipients / hosting

We use the services of an external hosting provider to provide this website:

Visual Online S.A.,
6, rue Goell, L‑5326 Contern, Luxembourg

The hoster provides infrastructure and platform services, computing capacity, storage space, security and technical maintenance services.

The data mentioned under point 2 (in particular server log files) are processed on the hoster's servers. A data processing agreement pursuant to Article 28 GDPR has been concluded with the hoster.

Processing takes place within the European Union or the European Economic Area.

6. No analysis or marketing tools

No services for reach measurement, web analysis or profiling are used on this website (e.g. no Google Analytics, no Matomo, no comparable tracking tools). Personal data is also not passed on to third parties for marketing or advertising purposes.

7. No transfer to third countries

Due to the technical operation of this website, personal data is generally not transferred to recipients in countries outside the European Union or the European Economic Area.

If you access our website via external services such as search engines or map providers (e.g. Google Maps), the processing of your data by these third‑party providers takes place outside our area of responsibility. The data protection provisions of the respective providers apply

8. Storage period

Unless expressly stated otherwise in this privacy policy, the following applies:

• Personal data is only stored for as long as is necessary for the respective purposes.
• In addition, storage only takes place to the extent and for as long as statutory retention obligations (e.g. commercial or tax law) exist or the data is required to assert, exercise or defend legal claims.
• Thereafter, the data will be deleted or their processing will be restricted.

9. Your rights as a data subject

You have the following rights with regard to your personal data under the legal requirements:

• Right of access (Art. 15 GDPR): You can request information about whether and which personal data we process about you.
• Right to rectification (Art. 16 GDPR): You can request the correction of incorrect or completion of incomplete data.
• Right to erasure (Art. 17 GDPR): You can request the deletion of your personal data, unless statutory retention obligations or other overriding reasons prevent this.
• Right to restriction of processing (Art. 18 GDPR).
• Right to data portability (Art. 20 GDPR): You can request that we provide you with the data you have provided to us in a structured, commonly used and machine‑readable format or transmit it to another controller.

Right to object (Art. 21 GDPR)

Insofar as we process data on the basis of Article 6 (1) (f) GDPR (legitimate interest), you have the right to object at any time to the processing for reasons arising from your particular situation. We will then no longer process these personal data unless we can demonstrate compelling legitimate grounds that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Withdrawal of consent (Art. 7 GDPR)

If processing is based on your consent, you can revoke this consent at any time with effect for the future. The lawfulness of the processing carried out until the withdrawal remains unaffected.

To exercise your rights, you can contact the controller at the contact details given in the legal notice at any time.

10. Right to lodge a complaint with the supervisory authority

You also have the right to lodge a complaint with a data protection supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, if you are of the opinion that the processing of your personal data violates the GDPR.

In Luxembourg the competent authority is:

Commission nationale pour la protection des données (CNPD)
15, Boulevard du Jazz
L‑4370 Belvaux, Luxembourg
Email: info@cnpd.lu
Web: https://cnpd.public.lu

11. No automated decision‑making / profiling

There is no automated decision‑making including profiling within the meaning of Art. 22 GDPR.

12. Status of this privacy policy

Status: 12 November 2025