Preamble
In this privacy policy, I explain the types of personal data (hereinafter also referred to as “data”) I process, for what purposes, and to what extent. This privacy policy applies to all processing of personal data carried out by me, both in the context of providing our services and particularly on my websites, in mobile applications, and within external online presences, such as my social media profiles (hereinafter collectively referred to as “online services”).
The terms used are not gender-specific.
Last updated: 2025-12-22
Table of Contents
- Preamble
- Responsible person
- Overview of processing activities
- Relevant legal bases
- Security measures
- Transmission of personal data
- Data processing in third countries
- Deletion of data
- Use of cookies
- Payment methods
- Provision of the online offering and web hosting
- Registration, login and user account
- Community functions
- Blogs and publication media
- Newsletter and electronic notifications
- Promotional communication via email, post, fax or telephone
- Prize draws and competitions
- Affiliate programmes and affiliate links
- Customer reviews and rating procedures
- Presence in social networks (Social Media)
- Plugins and embedded functions and content
- Amendment and update of the privacy policy
- Rights of the data subjects
- Definitions
Responsible person
Nicolas Kerscher
Jourdanallee 53a
64546 Mörfelden-Walldorf
Hessen, Germany
Legal notice: https://kernic.net/legal-notice/
Overview of processing activities
The following overview summarises the types of data processed and the purposes of their processing, and refers to the data subjects concerned.
Types of data processed
- Inventory data
- Payment data
- Location data
- Contact data
- Content data
- Contract data
- Usage data
- Meta, communication and procedural data
Categories of data subjects
- Customers
- Prospective customers
- Communication partners
- Users
- Lottery and competition participants
Purposes of processing
- Provision of contractual services and customer service
- Contact requests and communication
- Security measures. Direct marketing
- Affiliate tracking
- Managing and responding to enquiries
- Running lotteries and competitions
- Feedback
- Marketing
- Provision of our online services and user-friendliness
- Information technological infrastructure
Relevant legal bases
Below you will find an overview of the legal bases of the GDPR on which we process personal data. Please note that in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or registered office. Should more specific legal bases be relevant in individual cases, we will inform you of these in the privacy policy.
- Consent (Art. 6(1)(a) GDPR)
The data subject has given consent to the processing of his or her personal data for one or more specific purposes. - Performance of a contract and pre-contractual enquiries (Art. 6(1)(b) GDPR) Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
- Legitimate interests (Art. 6(1)(f) GDPR)
Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
In addition to the data protection regulations of the GDPR, national data protection regulations apply in Germany. This includes, in particular, the Act on Protection against the Misuse of Personal Data in Data Processing (Bundesdatenschutzgesetz – BDSG). The BDSG contains, in particular, special provisions on the right to information, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes and transmission, as well as automated individual decision-making, including profiling. Furthermore, the data protection laws of the individual federal states may also apply.
Security measures
In accordance with legal requirements, taking into account the state of the art, implementation costs, and the nature, scope, context, and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, we implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk.
These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as its access, input, disclosure, assurance of availability, and its separation. Furthermore, we have established procedures to ensure the exercise of data subjects’ rights, the deletion of data, and responses to data breaches. We also consider the protection of personal data from the outset in the development or selection of hardware, software, and procedures, in accordance with the principle of data protection by design and by default.
IP Address Truncation: If we or the service providers and technologies we use process IP addresses and the processing of a full IP address is not necessary, the IP address will be truncated (also known as “IP masking”). This involves removing the last two digits, or the last part of the IP address after a dot, or replacing them with placeholders. The purpose of truncating the IP address is to prevent or significantly hinder the identification of a person by their IP address.
TLS Encryption (https): To protect your data transmitted via our online services, we use TLS encryption. You can recognise such encrypted connections by the prefix https:// in your browser’s address bar.