Privacy Policy

General

As the operator of this website and as a company, we come into contact with your personal data. This refers to all data that reveals something about you and with which you can be identified. In this privacy policy, we explain how, for what purpose, and on what legal basis we process your data.

The following entity is responsible for data processing on this website and within our company:

Philipp Herrmann
Kreuzstr. 16a
49492 Westerkappeln
Phone: 015227950198
E-mail: info@digelite.de

General information

SSL or TLS encryption

When you enter your data on websites, place online orders, or send emails over the internet, you must always assume that unauthorized third parties may access your data. Complete protection against such access is impossible. However, we make every effort to protect your data as best as possible and to close security gaps wherever possible.

An important security mechanism is the SSL/TLS encryption of our website, which ensures that data you transmit to us cannot be read by third parties. You can recognize the encryption by the padlock icon before the web address in your browser and by the fact that our web address begins with https:// and not with http://.

How long do we store your data?

In some sections of this privacy policy, we inform you about how long we, or the companies that process your data on our behalf, store your data. If no such information is provided, we store your data until the purpose of the data processing no longer applies, you object to the data processing, or you withdraw your consent to the data processing.

In the event of an objection or revocation, we may continue to process your data if at least one of the following conditions is met:

• We have compelling legitimate grounds for continuing the data processing which override your interests, rights and freedoms (only in case of objection to the data processing; if the objection is directed against direct marketing, we cannot provide any compelling legitimate grounds).
• Data processing is necessary to establish, exercise or defend legal claims (this does not apply if your objection is directed against direct marketing).
• We are legally obligated to retain your data.

In this case, we will delete your data as soon as the requirement(s) no longer apply.

Data transfer to the USA

Our website and communication with us sometimes use services from companies that transfer data to the USA, where it may be stored and potentially further processed. The European Commission has adopted an adequacy decision for the EU-US data protection framework. This decision confirms that the USA provides an adequate level of protection for personal data from the EU for certified US companies. You can find a list of these certified companies at [link to list of certified companies]. dataprivacyframework.gov. A change to this decision by the European Commission cannot be ruled out.

Your rights

Objection to data processing

If you read in this privacy policy that we have legitimate interests in processing your data and therefore base this processing on Article 6(1)(f) GDPR, you have the right to object to this processing pursuant to Article 21 GDPR. This also applies to profiling carried out on the basis of the aforementioned provision. The prerequisite is that you provide reasons for your objection that arise from your particular situation. No justification is required if the objection is directed against the use of your data for direct marketing.

The consequence of your objection is that we may no longer process your data — unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims.

Revocation of your consent

Some data processing operations are based on your consent. You grant this consent, for example, by allowing certain cookies. You can withdraw your consent at any time without giving reasons, with effect for the future (Art. 7 para. 3 GDPR). The lawfulness of the processing carried out until the withdrawal remains unaffected. The only exception to continued processing is for legal retention obligations, in particular those arising from tax and commercial law.

Further rights

• Information, correction, deletion: According to Article 15 of the GDPR, you have the right to free access to information about your stored data, its origin and recipients, and the purpose of the storage. If your data is incorrect, you have the right to rectification (Article 16 GDPR) and, under the conditions of Article 17 GDPR, to erasure.
• Restriction of processing: In certain situations, you can request the restriction of processing in accordance with Article 18 GDPR.
• Data portability: Data that we process automatically based on your consent or in fulfillment of a contract will be provided to you or a third party upon request in a commonly used, machine-readable format (Art. 20 GDPR).
• Complaint to the supervisory authority: According to Article 77 of the GDPR, you have the right to lodge a complaint with a data protection supervisory authority in the Member State of your habitual residence, your place of work or the place of the alleged infringement.

Hosting

Our website is hosted on a server of the following internet service provider (host):

DomainFactory GmbH
c/o WeWork, Neuturmstraße 5
80331 Munich, Germany

The hosting provider stores all data from our website—this includes personal data that is collected automatically or through your input (in particular IP address, pages visited, names, contact details and inquiries, as well as metadata and communication data). The hosting provider adheres to our instructions and processes the data only to the extent necessary to fulfill its contractual obligations. This is based on a data processing agreement pursuant to Article 28 GDPR.

Legal basis: Since we use our website to contact potential customers and maintain relationships, the data processing by the hosting provider serves the purpose of initiating and fulfilling contracts (Art. 6 para. 1 lit. b) GDPR). Furthermore, it is in our legitimate interest to provide a professional, secure, and fast internet service (Art. 6 para. 1 lit. f) GDPR).

Data collection on this website

Server log files

Server log files record all requests and accesses to our website and document error messages. They also include personal data, in particular the IP address. The following data is recorded: browser type and version, operating system used, referrer URL, hostname of the accessing computer, time of the server request, and IP address (possibly anonymized). We do not combine this data with other data.

Legal basis: It is in our legitimate interest that our website runs flawlessly and is operated securely (Art. 6 para. 1 lit. f) GDPR).

Cookies

Our website may place cookies on your device—small text files that serve various purposes. Some cookies are technically necessary for the website to function (essential cookies). Others are required for specific functions (functional cookies, e.g., saving your language preference). Session cookies are automatically deleted when you close your browser, while persistent cookies remain stored until you delete them. You can control whether and how cookies are set via your browser settings; disabling cookies may limit the functionality of the website.

Legal basis: We use necessary and functional cookies based on our legitimate interest in ensuring technically sound operation (Art. 6 para. 1 lit. f) GDPR or § 25 para. 2 TDDDG). We only use all other cookies with your consent (Art. 6 para. 1 lit. a) GDPR, § 25 para. 1 TDDDG), which you can withdraw at any time with effect for the future.

Cookie consent with Pixelmate

We use the consent management provider Pixelmate to obtain your consent for the storage of cookies requiring consent and to document this consent in accordance with data protection regulations. Pixelmate is hosted exclusively locally; no connection to third-party servers is established. The provider is Christian Wedel, soulsites, Niedere Wiesen 7, 31848 Bad Münder, Germany. When you close the cookie banner, your IP address (for country determination), the browser used, the language, and the website visited are typically stored, and cookies are set to associate your consent.

Legal basis: We are legally obliged to obtain consent for the use of certain cookies; the use of Pixelmate serves to fulfill this legal obligation (Art. 6 para. 1 lit. c) GDPR).

Inquiry form for suppliers

On the "Become a Provider" page, you can send us a non-binding inquiry via a form. We process the data you provide—name, company/provider name, email address, phone number (if applicable), city, provider type, and an optional free-text message—in order to process your inquiry and contact you. These submissions are stored in our back office (WordPress). We will not share this data with uninvolved third parties without your consent.

Storage duration: We will delete the data as soon as your request has been fully processed, you request us to delete it, or the purpose no longer applies — unless statutory retention periods prevent this.

Legal basis: If your inquiry relates to a (potential) contractual relationship or serves pre-contractual measures, the legal basis is Article 6(1)(b) GDPR. In all other cases, it is our legitimate interest to process inquiries addressed to us effectively (Article 6(1)(f) GDPR).

Booking Assistant

Commercial providers can use the booking assistant ("Book pillars") to make binding bookings for Perfect Day's services. We process the data entered in the form: the selected pillars and, if applicable, the coupon rate, company name and legal form, VAT ID number (if applicable), first and last name of the contact person, address (street, postal code, city), email address, and telephone number. The bookings are stored in our back office (WordPress) and are used for processing your booking, concluding and fulfilling the contract, and for subsequent invoicing.

Storage duration: We store booking and contract data for the duration of the business relationship and beyond, as long as statutory retention periods exist (especially under commercial and tax law, usually 6 to 10 years).

Legal basis: The processing is carried out for the initiation, conclusion, and fulfillment of the contract (Art. 6 para. 1 lit. b) GDPR) as well as for compliance with statutory retention obligations (Art. 6 para. 1 lit. c) GDPR). No payment is processed via the website; invoicing is done by invoice.

Contact us via email or telephone

When you contact us by email or telephone, we process your information (name, contact details, content of the inquiry) in order to handle your request. The legal basis for this is Article 6(1)(b) GDPR if the inquiry serves the purpose of initiating or fulfilling a contract; otherwise, it is our legitimate interest in processing the inquiry (Article 6(1)(f) GDPR). We delete the data as soon as the purpose for processing it no longer applies and there are no legal obligations to retain it.

Communication via WhatsApp

For communication with customers and prospective clients, we sometimes use the instant messaging service WhatsApp, specifically the "WhatsApp Business" version. The provider is WhatsApp Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Communication is end-to-end encrypted; automatic address book synchronization does not take place. However, WhatsApp receives access to metadata from the communication process and shares this with its US parent company, Meta. This transfer to the USA is based on the adequacy decision of the European Commission. Further information: whatsapp.com/legal.

Legal basis: Article 6 paragraph 1 letter b) GDPR, insofar as the exchange serves the purpose of initiating or fulfilling a contract; otherwise, our legitimate interest in efficient communication (Article 6 paragraph 1 letter f) GDPR) or your consent (Article 6 paragraph 1 letter a) GDPR).

Social media

We maintain publicly accessible profiles on social networks to present our company. When visiting these profiles, the data protection regulations of the respective operator also apply. We are jointly responsible with the operator for the processing operations triggered by your visit; you can assert your rights against both us and the operator. Our influence on the processing by the operators is limited.

Legal basis: Our profiles serve to provide a comprehensive online presence; we have a legitimate interest in this (Art. 6 para. 1 lit. f) GDPR).

• Facebook / Instagram: The operator is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. Data is transferred to the USA and other third countries. Privacy policy: Facebook, Instagram.

WordPress plugins used

Our website is based on the WordPress content management system. For security, sending system emails, and general protection, we use the following technical plugins, which do not collect any data for marketing or analytics purposes:

• UpdraftPlus — Creation and management of backups. Processes technical data and backup information. Legal basis: legitimate interest in data backup and recoverability (Art. 6 para. 1 lit. f) GDPR).
• WP Mail SMTP — Improves the deliverability of emails sent from the website. Legal basis: legitimate interest in reliable email delivery (Art. 6 para. 1 lit. f) GDPR).
• All-In-One Security — Protection against unauthorized access and attacks. Processes, among other things, IP addresses to detect malicious activity. Legal basis: legitimate interest in the security of the website (Art. 6 para. 1 lit. f) GDPR).

Status & Currentness

This privacy policy is effective as of May 2026. We will update this text as soon as there are any significant changes to our data processing practices, the services we use, or the legal situation.