Scroll Top
contact@culture-smart.com
+49 15560 054811

Data Protection

Data Protection

At Culture Smart, we value and prioritize your privacy and data security. We are committed to complying with the General Data Protection Regulation (GDPR) and ensuring the protection of your personal data. This policy explains how we collect, use, store, and protect your data when you visit our website or use our services.

1. What Are Personal Data?

Personal data refers to any information that can identify an individual directly or indirectly. Examples include:

  • Name
  • Email address
  • Postal address
  • Date of birth
  • IP address Under the GDPR, personal data is protected to ensure individuals’ privacy and security.

2. Legal Basis for Processing Personal Data

We process personal data according to the GDPR based on the following legal grounds:

  • Consent (Art. 6 (1) a GDPR): You have given explicit consent for your data to be processed for one or more specific purposes.
  • Contractual Necessity (Art. 6 (1) b GDPR): Processing is necessary to perform a contract you are part of or to take pre-contractual steps at your request.
  • Legal Obligation (Art. 6 (1) c GDPR): Processing is necessary for us to comply with legal obligations.
  • Vital Interests (Art. 6 (1) d GDPR): Processing is necessary to protect someone’s life or health.
  • Legitimate Interests (Art. 6 (1) f GDPR): Processing is based on our legitimate interests, provided these interests do not override your rights and freedoms.

3. Data Collection

When you use our website, we collect two types of data:

Personal Data:
This includes information you voluntarily provide through forms, such as:

  • Name
  • Email address
  • Other identifying information when contacting us

Non-Personal Data:
This refers to automatically collected data, including:

  • Browser type
  • Operating system
  • IP address
  • Time and date of visit
  • Referring website These data are used for analytical and statistical purposes to improve website functionality.

4. Creation of Log Files

Whenever you access our website, our system automatically collects the following information, which is temporarily stored in log files:

  • Browser type and version
  • Operating system
  • IP address
  • Date and time of access
  • Websites from which you were referred to our website
  • Websites you access through our website

This information is collected for website security and optimization. We analyze these log files to improve your experience and ensure the site’s stability.

5. Routine Deletion and Blocking of Personal Data

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected or to comply with legal obligations. Once these purposes are fulfilled or the retention period has expired, the data is routinely deleted or blocked from further processing.

6. Data Protection Contact

Although we are a small company and not legally required to appoint a Data Protection Officer (DPO), we take data protection seriously. For any questions, concerns, or requests regarding your personal data, feel free to reach out to us at:

Email: contact@culture-smart.com

7. Data Breach Protocol

In the unlikely event of a data breach, we will notify the relevant supervisory authority within 72 hours, as required by GDPR Article 33. If the breach poses a high risk to your rights and freedoms, we will also inform you promptly and take all necessary measures to mitigate any impact and prevent further breaches.

8. Your Rights Under GDPR

You have the following rights concerning your personal data:

  • Right of Access (Art. 15 GDPR): You have the right to know whether your personal data is being processed, and if so, you can request a copy of the data.
  • Right to Rectification (Art. 16 GDPR): You can request the correction of inaccurate or incomplete personal data.
  • Right to Erasure (Art. 17 GDPR): You have the right to request the deletion of your personal data if it is no longer necessary for the purposes for which it was collected.
  • Right to Restriction of Processing (Art. 18 GDPR): You can request that we limit the processing of your personal data in certain situations.
  • Right to Data Portability (Art. 20 GDPR): You can request a copy of your data in a structured, commonly used format that allows it to be transferred to another service provider.
  • Right to Object (Art. 21 GDPR): You can object to the processing of your data for direct marketing or legitimate interest-based purposes.
  • Right to Lodge a Complaint (Art. 77 GDPR): You can lodge a complaint with a supervisory authority if you believe that your rights under the GDPR have been violated.

9. Use of Cookies

Our website uses cookies—small text files stored on your device to enhance your user experience. Cookies allow us to recognise returning visitors and track usage patterns. You can control or disable cookies in your browser settings; however, please note that this may impact the functionality of our website.

10. Third-Party Services and Content

We use third-party service providers for specific functions, and these providers may process personal data:

  • Cloudflare: Used to optimise website performance and provide security. Personal data such as IP addresses may be transferred to the USA with standard contractual clauses (Art. 46 GDPR) in place for protection.
  • Microsoft Clarity: Used to analyse website user behaviour. It collects metrics such as IP addresses and activity data, which are transferred to the USA with safeguards.
  • Google Analytics 4: Used for website analytics and user behaviour analysis. Data collected via cookies is anonymised and transferred to the USA with appropriate data protection clauses.

11. Data Sharing and Processors

We may share your personal data with trusted third-party providers for:

  • Hosting services for site operations
  • Email marketing providers for newsletter distribution
  • IT services for website maintenance and support
  • Law enforcement if required by law

These service providers are bound by data protection agreements and may only process data under our instructions.

12. Children’s Privacy

Our website and services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children without parental consent. If you believe we have collected data from a child under 16, please contact us immediately, and we will delete the data.

13. Newsletter Subscription

If you subscribe to our newsletter, we will use your personal data (e.g., email address) solely for this purpose. We follow a double opt-in process to ensure consent, and you can unsubscribe at any time via the link in the newsletter or by contacting us directly.

14. Data Security

We take the security of your personal data seriously and implement industry-standard security measures, including encryption, access controls, and regular system audits, to protect your data from unauthorized access, alteration, or destruction.

For more information or specific inquiries, please contact us at contact@culture-smart.com.

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.
Privacy Policy
You have read and agreed to our privacy policy
Required