With this privacy policy, we would like to inform you about the nature, scope and purpose of the processing of personal data (also referred to as “data” below). Personal data is any data that has a personal connection to you, such as name, address, e-mail address or your user behavior. The privacy policy applies to all data processing operations carried out by us, both as part of our core activities and to the online media provided by us.
Responsible for data processing is:
Manuel Schneider
In Schranken 3
89155 Erbach
Germany
hello [at] manueldesign [dot] de
We offer agency services. If you are our customer or business partner or are interested in our services, the type, scope and purpose of the processing of your data depends on the contractual or pre-contractual services existing between us. This includes conceptual and strategic consulting, software and design development and consulting and maintenance services in this area, planning and implementation of campaigns, IT and server administration as well as other consulting and training services. In this sense, the data processed by us includes all data that is or has been provided by you for the purpose of using the contractual or pre-contractual services and that is required to process your request or the contract concluded between us. Unless otherwise stated in the further information in this privacy policy, the processing of your data and its transfer to third parties is limited to the data that is necessary and appropriate to answer your inquiries and/or to fulfill the contract concluded between you and us, to protect our rights and to fulfill legal obligations. We will inform you which data is required for this before or as part of data collection. Insofar as we use third-party providers to provide our services, the privacy policies of the respective third-party providers apply.
Affected data:
Affected persons: Customers, prospects, business and contract partners
Processing purpose: Processing of contractual services, communication and answering contact requests, office and organizational procedures
legal basis: Contract performance and pre-contractual inquiries, Art. 6 para. 1 lit. b GDPR, legal obligation, Art. 6 para. 1 lit. c GDPR, legitimate interest, Art. 6 para. 1 lit. f GDPR
According to the GDPR, you have the following rights, which you can assert at any time from the person responsible named in Section 1 of this Privacy Policy:
You have the right to withdraw your consent to data processing at any time.
You have the right to object at any time to the processing of your data, which we base on our legitimate interest in accordance with Article 6 (1) (f) GDPR. If you exercise your right to object, please explain the reasons. We will then no longer process your personal data unless we can prove to you that compelling legitimate reasons for data processing outweigh your interests and rights.
Irrespective of the above, you have the right to object at any time to the processing of your personal data for advertising and data analysis purposes.
Please send your objection to the contact address of the person responsible given above.
We delete your data when we no longer need it or when you tell us to do so. This means that - unless otherwise stated in the individual data protection notices in this privacy policy - we delete your data
However, if we still need to keep (certain parts of) your data for other purposes, for example because this requires tax retention periods (usually 6 years for business correspondence or 10 years for accounting receipts) or the assertion, exercise or defense of legal claims arising from contractual relationships (up to four years) or the data is needed to protect the rights of another natural or legal person, we will delete (the part of) your (r) Data only after these deadlines have expired. However, until these deadlines have expired, we will restrict the processing of this data to these purposes (fulfillment of storage obligations).
We use cloud services in particular
The software applications that we use for these purposes are made available to us by the provider (s) listed below on their servers. We access these servers via the Internet. If you provide us with your data as part of communication with us or in other processes explained by us using this privacy policy, we process this data in the cloud service we use. This means that your data is stored on the third-party cloud service provider's servers. The third-party providers process usage and metadata to secure their servers and to optimize their services. In particular, we process and store your contact, customer and contract data.
Should we make files of any type publicly available via our website using the cloud service we use, the respective third-party cloud service provider may store cookies on your computer system if you access these files. The service provider can process the data collected in this way to analyze your usage behavior or browser settings.
We would like to point out that, depending on the country of residence of the service provider named below, the data specified in more detail below may be transferred and processed on servers outside the European Union. In this case, there is a risk that the level of data protection required by the GDPR will not be met and that the enforcement of your rights will not be possible or may only be difficult. If the service provider we use offers the processing of data exclusively within the EU, we intend - if not already implemented at present - to process your data exclusively there.
Affected data:
Affected persons: interested parties, communication partners, customers, employees (e.g. applicants, current and former employees)
Processing purpose: Organization of office and administrative tasks
legal basis: Consent, Art. 6 para. 1 lit. a DSGVO, contract performance and pre-contractual inquiries, Art. 6 para. 1 lit. b GDPR, legitimate interest, Art. 6 para. 1 lit. f GDPR
Cloud service providers used:
Google cloud services
Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Internet site: https://cloud.google.com/
Privacy statement: https://www.google.com/policies/privacy
Our website uses cookies. Cookies are small text files, consisting of a series of numbers and letters, which are stored and stored on the device you are using. Cookies are primarily used to exchange information between the device you are using and our website. These include language settings on a website, login status, or where a video was watched.
Two types of cookies are used when you visit our websites:
In addition to the above classification, cookies can also be differentiated with regard to their purpose:
Affected data:
Affected persons: Users of our online offerings
Processing purpose: Playing out our websites, ensuring the operation of our websites, improving our website, communication and marketing
legal basis:
Legitimate interest, Art. 6 para. 1 lit. f DSGVO
Unless we obtain your consent to set cookies, we base the processing of your data on our legitimate interest in improving the quality and usability of our website, in particular the content and functions. You must use your browser's security settings to object to the use of cookies set by us as part of our legitimate interest. There, you can determine whether you do not accept cookies from the outset or only accept cookies upon request, or whether you want cookies to be deleted every time you close your browser. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.
Consent, Art. 6 para. 1 lit. a GDPR
If we ask you to be allowed to set certain cookies on your device before you visit our website and you consent to this, the consent you have given is the legal basis. As part of your consent, we will inform you which cookies we set in detail. If you do not give this consent, only the so-called technically necessary cookies are set, which are necessary for the proper operation of our Internet pages and their display in your browser. If you have consented to the setting of cookies, you have the option to withdraw your consent to us at any time.
On our website, we use the consent management tool “Consent Pro” from Finsweet to legally manage and document your consent to the processing of certain data (e.g. cookies, scripts, use of storage such as sessionStorage).
The consent banner that appears on your first visit allows you to select which categories you would like to agree to (technical, marketing, personalization, analytics). The consent tool ensures that only cookies and scripts are set or loaded that have received appropriate consent. You can change your settings at any time via the cookie settings on our website and withdraw your consent with effect for the future.
We use Cloudflare's services to save your consent decision. For this purpose, a technically necessary cookie or comparable technology is stored on your device, in which your consent or rejection of individual categories is stored. This information is required so that our system recognizes your selection when you visit further pages without the consent banner appearing again every time you visit.
Storage period:
The consent preferences stored via Consent Pro and Cloudflare are usually stored for a period of up to 365 days, unless you withdraw your consent beforehand or delete the website data (cookies/website data) stored in your browser.
Affected data:
- Usage data (e.g. access times, consent categories clicked on)
- Communication and device data (e.g. IP address, browser information)
- Consent data (time, scope and status of consent)
Persons concerned: users of our website
Processing purpose:
Obtaining, managing and documenting consents in accordance with GDPR and TTDSG, managing the delivery of non-essential cookies/scripts, verifiability to regulatory authorities.
legal basis:
- Art. 6 para. 1 lit. c GDPR (fulfilment of a legal obligation to obtain and document consent)
- Art. 6 para. 1 lit. f DSGVO (legitimate interest in legally secure, user-friendly consent management)
- For carrying out the respective services subject to consent yourself: Art. 6 para. 1 lit. a GDPR (your consent)
On this website, we use the analysis to evaluate usage behavior on our website and to continuously improve our content and user experience. Webflow Analyze is an integrated web analysis service from the Webflow website builder we use.Webflow Help Center
Webflow Analyze collects, among other things, the following information about the use of our website:
Webflow Analyze uses anonymous identifiers and stores information in Local Storage the browser you are using. It will no cookies set for this service and according to Webflow no direct personal information (PII) collected; the data is only evaluated in aggregate form and does not allow any conclusions to be drawn about individual persons.
Processing takes place exclusively if, as part of our consent management tool (“Consent Pro”), you in the category “Analyses” have consented. Webflow Analyze will not be activated without your consent.
Affected data:
Affected persons:
visitors to our website
Processing purpose:
legal basis:
Service provider & third country transfer:
Webflow Analyze is provided by:
Webflow, Inc.
398 11th Street, 2nd Floor
San Francisco, CA 94103, United States
When using Webflow Analyze, data can be processed on servers in the USA. Webflow is after EU-US Data Privacy Framework certified. This is an adequacy decision by the EU Commission, which confirms an appropriate level of data protection for the USA in relation to companies certified under this framework.
For more information about data processing by Webflow, please see Webflow's privacy policy at:
Withdrawal of your consent:
You can withdraw your consent to processing by Webflow Analyze at any time with effect for the future by using the Cookie or consent settings click on the appropriate link (“Cookie Settings”/“Manage Cookies”) at the bottom of the page and enter the category “Analyses” deactivate. In this case, future page views will no longer be recorded in Webflow Analyze. Data that has already been processed remains unaffected by the revocation, but will only be used in aggregate form for statistical purposes.
Our website uses the _cf_bm cookie, which is provided by Cloudflare, our content delivery network (CDN). This cookie is used to detect and prevent automated traffic in order to protect our website from so-called “bad bots.” It is a technically necessary cookie that contributes to the functionality of Cloudflare's security and bot management solutions. The _cf_bm cookie contains encrypted information that can only be decrypted by Cloudflare, as well as time-related data that is used to calculate a bot score and, if necessary, to detect anomalies. It does not store any personal data and is required for our website to function. The cookie is not used to track users across different websites or sessions and expires automatically after 30 minutes of inactivity. For more information about processing by Cloudflare, see the Cloudflare Privacy Policy.
Language Preferences
This website uses sessionStorage to store visitors' language preferences for the duration of their browser session. SessionStorage is a function of the web browser that allows data to be temporarily stored as long as the browser session is active. As soon as the browser is closed, all stored data is automatically deleted.
The stored language preferences are used to adjust the website's language according to the visitor’s settings. The stored information contains no personal data and serves solely to improve the user experience.
If you do not want this website to store your language preferences during your browser session, you can manage this through your web browser settings.
Theme Setting (Dark/Light Mode)
This website uses sessionStorage to store the display option selected by the visitor (e.g., light or dark mode) during the current browsing session. SessionStorage is a function of the web browser that enables the temporary storage of user settings as long as the browser session is active. Once the browser is closed, all stored data is automatically deleted.
The stored information relates exclusively to the website’s appearance and serves to improve the user experience. The storage takes place without processing personal data and does not allow conclusions to be drawn about individual visitors.
If you do not wish this website to store your display settings during the session, you can prevent this by adjusting the corresponding settings in your web browser.
To maintain our websites, we use a provider on whose server our websites are stored and made available for retrieval on the Internet (hosting). In doing so, the provider can process all data transmitted via the browser you use that is generated when using our Internet pages. This includes in particular your IP address, which the provider requires in order to be able to deliver our online offer to the browser you are using, as well as any entries you have made via our website. In addition, the provider we use can
Raise. The above data is stored as log files on our provider's servers. This is necessary to ensure the stability and security of the operation of our website.
Affected data:
Affected persons: users of our website
Processing purpose: Play our Internet pages, ensure the operation of our Internet pages
legal basis: Legitimate interest, Art. 6 para. 1 lit. f DSGVO
Web host (s) commissioned by us:
Webflow, Inc.
Service provider: Webflow, Inc. 208 Utah, Suite 210, San Francisco, CA 94103, USA
Site: https://webflow.com
We host our website with Webflow. The provider is Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter: Webflow). When you visit our website, Webflow collects various log files, including your IP address, which is anonymized.
Webflow is a tool for building and hosting websites. Webflow stores cookies or other recognition technologies that are necessary to display the page, to provide certain website functions and to ensure security (necessary cookies).
Webflow privacy policy: https://webflow.com/legal/eu-privacy-policy
Webflow is used on the basis of Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in presenting our website as reliably as possible. If a corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user's device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be withdrawn at any time.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.
Order processing: We have concluded an order processing contract (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that it only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
We use a content delivery network (CDN) to display our websites. A CDN is a network of regionally distributed servers connected via the Internet. Scaling storage and delivery capacities are made available via the CDN. This optimizes the loading times of our websites and ensures optimal data throughput even during heavy load peaks. User inquiries on our websites are routed via CDN servers. Statistics are created from these data streams. On the one hand, this serves to identify potential threats to our websites due to malware at an early stage and, on the other hand, to constantly improve our offering and make our websites more user-friendly for you as a user.
We would like to point out that, depending on the country of residence of the service provider mentioned below, the data collected via the service may be transferred and processed outside the area of the European Union. In this case, there is a risk that the level of data protection required by the GDPR will not be met and that the enforcement of your rights will not be possible or may only be difficult.
Affected data:
Processing purpose: Technical optimization of the website, analysis of errors and user behavior
legal basis: Legitimate interest, Art. 6 para. 1 lit. f DSGVO
CDN service providers used:
Amazon CloudFront
Service provider: Amazon Web Services, Inc.
Address: 410 Terry Avenue North, Seattle WA 98109, United States
Internet site: https://aws.amazon.com/de/
Privacy statement: https://aws.amazon.com/de/privacy/
Fastly
Service provider: Fastly, Inc.
Address: 475 Brannan St. #300, San Francisco, CA 94107, USA
Internet site: https://www.fastly.com/
Privacy statement: https://www.fastly.com/de/privacy
If you contact us via e-mail, social media, telephone, fax, post, our contact form or otherwise and provide us with personal data such as your name, telephone number or email address or provide further information about yourself or your request, we process this data to answer your request as part of the pre-contractual or contractual relationship existing between us.
Affected data:
Affected persons: Interested parties, customers, business and contract partners
Processing purpose: Communication and response to contact requests, office and organizational procedures
legal basis: Contract performance and pre-contractual inquiries, Art. 6 para. 1 lit. b DSGVO, legitimate interest, Art. 6 para. 1 lit. f GDPR
Cal.com
We use Cal.com services to enable online appointments.
Service provider: Cal.com, Inc., 2261 Market Street #4322, San Francisco, CA 94114, USA
Internet site: https://cal.com
Privacy statement: https://cal.com/privacy
In order to give you a first impression of the quality of our offers and services, we display a selection of reviews from our customers and the overall rating derived from all reviews via the rating seal (also known as a review widget) on our website. If you click on the widget, you will be redirected to the website of the respective provider. There you can find all reviews about our offer. You can also rate us there.
The provider's seal included on our website is displayed via an interface from the server of the respective provider. For this purpose, when you visit our website, a data connection to the provider's server is established. This provides the provider with certain data that is required to display the content of the widget to your browser. This includes the IP address assigned to you and other access data.
Affected data:
Affected persons: Customers, users of our website
Processing purpose: Obtaining customer feedback, as well as marketing based on interests and behavior
legal basis: Consent, Art. 6 para. 1 lit. a DSGVO, legitimate interest, Art. 6 para. 1 lit. f GDPR
We use the following rating seals:
Trustpilot
Service provider: Trustpilot A/S, Pilestraede 58, 5th floor, 1112 Copenhagen, Denmark
Internet site: https://de.trustpilot.com/
Privacy statement: https://de.legal.trustpilot.com/end-user-privacy-terms
We process personal data for our promotional communication via e-mail, post or telephone. You can object to receiving our advertising measures at any time or withdraw your previously given consent to receive our promotional communication at any time. In order to be able to prove that your consent was available even after your objection or revocation in case of doubt, we can store your data for up to 4 years after your objection/revocation. After your objection/revocation, we will no longer use your data for further purposes. If you want us to delete your data beforehand, we will do so after you have confirmed to us that you have originally given us consent.
Affected data:
Affected persons: Communication partner
Processing purpose: Direct advertising measures (marketing) via e-mail, post or telephone
legal basis: Consent, Art. 6 para. 1 lit. a DSGVO, legitimate interest, Art. 6 para. 1 lit. f GDPR
We operate online presences within the social networks listed below. If you visit one of these sites, the data listed in more detail below will be collected and processed by the respective provider. As a rule, this data is collected for advertising and market research purposes and user profiles are thus created. Data can be stored in user profiles regardless of the device you are using. This is particularly the case if you are a member of the respective platform and logged in to it. The user profiles can be used by providers to display interest-based advertising to you. You have a right of withdrawal against the creation of user profiles. To exercise this, you must contact the respective provider.
If you have an account with one of the providers listed below and are logged in there when you visit our website, the respective provider can collect data about your usage behavior on our website. To prevent such linking of your data, you can log out of the provider's service before visiting our site.
For what purpose and to what extent data is collected by the provider, you can find out in the respective data protection declarations of the providers provided below.
We would like to point out that, depending on the country of residence of the provider mentioned below, the data collected via their platform may be transferred and processed outside the area of the European Union. In this case, there is a risk that the level of data protection required by the GDPR will not be met and that the enforcement of your rights will not be possible or may only be difficult.
Affected data:
Processing purpose: Communication and marketing, tracking and analysis of user behavior
legal basis: Consent, Art. 6 para. 1 lit. a DSGVO, legitimate interests, Art. 6 para. 1 lit. f GDPR
Objection options: For the respective options for objection (opt-out), we refer to the information provided by the providers linked below.
We maintain online presences on the following social networks:
Service provider: Instagram Inc., 1601 Willow Road, Menlo Park CA 94025, USA
Parent company: Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA
Headquarters in the EU: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Internet site: https://www.instagram.com/
Privacy statement: http://instagram.com/about/legal/privacy
Service provider: LinkedIn Corporation, 1000 W Maude, Sunnyvale, CA 94085, USA
Based in Germany: LinkedIn, Hofstatt 4th Floor, Sendlinger Str. 12, 80331 Munich
Internet site: https://www.linkedin.com
Privacy statement: https://www.linkedin.com/legal/privacy-policy
TikTok
Service provider: musical.ly Inc., 10351 Santa Monica Boulevard #310, Los Angeles, 90025 California, USA
Headquarters in the EU: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland
Internet site: https://www.tiktok.com/de/
Privacy statement: https://www.tiktok.com/de/privacy-policy
We use offers from third-party providers to enable online meetings, conference calls via video and/or audio, and online seminars among employees as well as with interested parties or customers. If you communicate with us via such a service, the data collected in this communication process is processed both by us and by the third party provider. The data that may arise in such a communication process includes in particular your registration and contact details, contributions in the chat window, your video and audio contributions, and shared screen content. The data processed by the third-party provider we use primarily includes user data and metadata (e.g. IP address, computer system information). The third party providers usually process this data to verify and ensure the security of the service. In addition, findings from data processing should be used to optimize the third-party provider's offerings and carry out appropriate marketing measures. Please note the third-party provider's privacy policy in this regard.
We would like to point out that, depending on the country of residence of the service provider mentioned below, the data collected via the service may be transferred and processed outside the area of the European Union. In this case, there is a risk that the level of data protection required by the GDPR will not be met and that the enforcement of your rights will not be possible or may only be difficult.
Affected data:
Affected persons: Interested parties, customers, communication partners
Processing purpose: Processing of contact requests, internal and external communication with employees as well as interested parties and customers, fulfillment of our contractual services, range of services
legal basis: Consent, Art. 6 para. 1 lit. a DSGVO, contract performance and pre-contractual inquiries, Art. 6 para. 1 lit. b GDPR, legitimate interest, Art. 6 para. 1 lit. f GDPR
Google Meet (formerly Google Hangout)
Services offered: video conferences, chats, instant messaging
Service provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland
Parent company: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Internet site: https://gsuite.google.com/intl/de/
Privacy statement: https://policies.google.com/privacy?hl=de
Slack
Services offered: (group) chats, video conferences, voice conferences
Service provider: Slack Technologies, Inc., 500 Howard Street, San Francisco, CA 94105, USA
Internet site: https://slack.com/intl/de-de/
Privacy statement: https://slack.com/intl/de-de/privacy-policy
Zoom
Services offered: video conferences, voice conferences, chats
Service provider: Zoom Video Communications, Inc., 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA
Internet site: https://zoom.us/de-de/meetings.html
Privacy statement: https://zoom.us/de-de/privacy.html
We use certain services to be able to display certain content or graphics (videos, images, music, fonts, maps) via our website. The services we use process the IP address assigned to you at the time of your visit to our website, as this is the only way to display the respective content in the browser you are using. In addition, the providers of these services may set other cookies on your device, which collect information about your usage behavior, your interests, the device and browser you use, and the time and duration of your session. The providers regularly use this data for analysis, statistics and marketing purposes. In addition, this information can also be combined with information from other sources. This is especially true if you yourself have an account with the service provider and are logged in there at the time of the session.
We would like to point out that, depending on the country of residence of the service provider named below, the data specified in more detail below may be transferred and processed on servers outside the European Union. In this case, there is a risk that the level of data protection required by the GDPR will not be met and that the enforcement of your rights will not be possible or may only be difficult.
Affected data:
Affected persons: users of our website
Processing purpose: Playing our websites, offering content, ensuring the operation of our websites
legal basis: Consent via cookie consent banners, Art. 6 para. 1 lit. a GDPR, legitimate interests, Art. 6 para. 1 lit. f GDPR
We use the following content services:
Vimeo
On this website, we use components from Vimeo to include videos on our websites so that they can be played via your Internet browser when you visit our websites. This process requires Vimeo to process the IP address assigned to you, as without this, the content could not be sent to the browser. Vimeo recognizes when you visit one of our pages on which we have included a Vimeo video, provided that you are logged in to Vimeo. This information is sent to Vimeo even if you do not click on the Vimeo video. Vimeo collects this information and assigns it to your Vimeo account.
Service provider: Vimeo LLC, 555 West 18th Street, New York 10011, USA
Internet site: https://vimeo.com/de/
Privacy statement: https://vimeo.com/privacy
youtube
We use YouTube components on this website to include videos on our websites so that they can be played via your Internet browser when you visit our websites. During your visit to our websites, both YouTube and Google are informed which page or subpage you have visited by transmitting your IP address to Google's external servers in the USA. This information is transmitted regardless of whether the videos viewed are actually viewed or clicked on or whether you are logged into your YouTube or Google account. This information is collected and assigned to your Google account, provided that you are logged in there when you visit our websites.
Service provider: YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA
Internet site: https://www.youtube.com/
Privacy statement: https://policies.google.com/privacy
Opt-out option: https://tools.google.com/dlpage/gaoptout?hl=de
We also take state of the art technical and organizational security measures to comply with the provisions of data protection laws and to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties.
This privacy policy is currently valid and was last updated in November 2025. Due to changes in legal or regulatory requirements, it may be necessary to adapt this privacy policy.