Data Privacy Policy
Short version: MarketingSurfer.com does not use Cookies and does not automatically collect or store any personal information. When you contact us via e-mail (or any other form), or book an appointment (here we use Microsoft Bookings, and for calls mostly Teams; thus Microsoft's T&Cs apply for that), we save that information to answer your requests and to keep you updated. We will of course not share your personal data with anybody else. You can also request to have your data deleted at any time. The processing of your data happens based on GDPR Art. 6, Ch. 1.
This website hosted by Ionos (their privacy policy).
Terms of Service: All information on this website is provided with the best intention and knowledge, but without any guarantees. In case you find anything which is missing here, please be so kind and let us know so we can fix it, instead of getting us chased down by lawyers. We are nice, really.
Copyright: © Copyright 2026 MarketingSurfer.com. All rights reserved.
Privacy Policy — Full Text
Outline
- Person in charge
- Overview of processing
- Relevant legal bases
- Safety measures
- International data transfers
- General information on data storage and deletion
- Rights of data subjects
- Provision of the online offer and web hosting
- Blogs and publication media
- Contact and request management
Person in charge
See Imprint — https://marketingsurfer.com/imprint.html
Overview of processing
The following overview summarises the types of data processed and the purposes of their processing, and refers to the data subjects.
Types of data processed: Inventory data; Contact details; Content Data; Usage; Meta, communication and procedural data; Log.
Categories of data subjects: Communication; User.
Purposes of processing: Provision of contractual services and fulfilment of contractual obligations; Communication; Security Measures; Organisational and administrative procedures; Feedback; Provision of our online offer and user-friendliness; Information technology infrastructure.
Relevant legal bases
Relevant legal bases under the GDPR: Below you will find an overview of the legal bases of the GDPR on the basis of which we process personal data.
- Performance of a contract and pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR) — Processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract.
- Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR) — The processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, provided that the interests, fundamental rights and freedoms of the data subject which require the protection of personal data are not overridden.
National data protection regulations in Germany: In addition to the data protection regulations of the GDPR, national regulations on data protection apply in Germany, including the Federal Data Protection Act (BDSG).
Safety measures
In accordance with the legal requirements, taking into account the state of the art, the implementation costs and the type, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, we take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk.
Securing online connections with TLS/SSL encryption technology (HTTPS): In order to protect the data of users transmitted via our online services from unauthorized access, we rely on TLS/SSL encryption technology. If a website is secured by an SSL/TLS certificate, this is signaled by the display of HTTPS in the URL.
International data transfers
If we transfer data to a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this happens in the context of the use of third-party services, this is always done in accordance with the legal requirements.
General information on data storage and deletion
We delete personal data that we process in accordance with the law, as soon as the underlying consents are withdrawn or there are no other legal grounds for the processing. Retention periods under German law:
- 10 years — books and records, annual financial statements, inventories, management reports (sec. 147 AO, sec. 257 HGB)
- 8 years — accounting documents such as invoices and cost receipts
- 6 years — other business documents, received commercial letters, other documents important for taxation
- 3 years — data necessary to consider potential warranty and indemnity claims (§§ 195, 199 BGB)
Rights of data subjects
As data subjects, you have various rights under the GDPR (Art. 15 to 21 GDPR):
- Right to object: You have the right to object at any time to the processing of personal data concerning you.
- Right to withdraw consent: You have the right to revoke consent at any time.
- Right of access: You have the right to request confirmation as to whether the data in question is being processed and to access this data.
- Right to rectification: You have the right to request the completion or correction of inaccurate data concerning you.
- Right to erasure and restriction of processing: You have the right to demand that data concerning you be deleted immediately or that processing be restricted.
- Right to data portability: You have the right to receive data concerning you in a structured, commonly used and machine-readable format.
- Complaint to supervisory authority: You have the right to lodge a complaint with a supervisory authority if you believe that the processing of personal data concerning you violates the GDPR.
Provision of the online offer and web hosting
We process users' data in order to be able to provide them with our online services. For this purpose, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or device.
1&1 IONOS: Services in the field of the provision of information technology infrastructure and related services (e.g. storage space and/or computing capacities); Service provider: 1&1 IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.ionos.de; Privacy Policy: https://www.ionos.de/terms-gtc/terms-privacy.
Log file information is stored for a maximum period of 30 days and then deleted or anonymized.
Contact and request management
When contacting us (e.g. by post, contact form, e-mail, telephone or via social media) as well as in the context of existing user and business relationships, the information of the enquiring persons will be processed insofar as this is necessary to answer the contact requests and any requested measures.
Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Performance of a contract and pre-contractual enquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR).