Privacy policy

1. Controller

The controller as defined by the General Data Protection Regulation (GDPR) is:

Axel Kopp
Liebigstr. 252
50739 Cologne Germany

Contact: Axel Kopp
Email: mail@axelkopp.com

2. Legal Basis

The processing of personal data on our website is carried out based on the following legal grounds:

  • Art. 6 (1) (a) GDPR – Consent of the data subject

  • Art. 6 (1) (b) GDPR – Performance of a contract or pre-contractual measures

  • Art. 6 (1) (c) GDPR – Compliance with a legal obligation

  • Art. 6 (1) (f) GDPR – Legitimate interests of the controller

 

3. Hosting & Server Log Files

Our website is hosted by UD Media GmbH. The server location is within the EU/EEA. A data processing agreement (DPA) has been concluded between us and the hosting provider in accordance with Art. 28 GDPR.

When you visit our website, our hosting provider automatically collects information in so-called server log files. This is technically necessary to display our website to you and to ensure stability and security.

The following data may be processed:

  • IP address of the requesting device

  • Date and time of access

  • Page/file accessed (URL) and amount of data transferred

  • HTTP status code (successful access or error)

  • Browser type and version, as well as the operating system

  • Referrer URL (the previously visited page), if transmitted

The processing is carried out for the technical provision of the website, error analysis, and the prevention and investigation of abuse or cyberattacks. The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in the secure and functional operation of the website). Server log files are stored for a limited period and then deleted or anonymized, unless further storage is required for evidentiary purposes (e.g., in the event of security incidents).

4. Cookies & Consent Management

Our website uses cookies – small text files stored on your device. We distinguish between technically necessary cookies, required for the operation of the website, and non-necessary cookies, which are only set with your explicit consent.

To manage your cookie settings and obtain consent, we use the plugin Cookie Notice & Compliance for GDPR / CCPA (Provider: hu-manity.co). Via the cookie banner, you can grant, refuse, or withdraw your consent at any time for the future. Non-necessary services (e.g., analysis or marketing tools) are only loaded after your consent. The legal basis for processing based on your consent is Art. 6 (1) (a) GDPR.

5. Contact Form

A contact form is available on our website. If you use it, the following information will be collected:

  • First and last name

  • Company / Organization

  • Email address

  • Phone number

  • Subject

  • Message

This data is processed exclusively to handle your request and, if applicable, to contact you regarding pre-contractual or contractual measures. The legal basis is Art. 6 (1) (b) GDPR and, if no contractual relationship is established, Art. 6 (1) (f) GDPR (legitimate interest in responding to inquiries). Data entered in the contact form will not be passed on to third parties without your consent and will be deleted after final processing of your request, provided there are no statutory retention obligations. The contact form is provided via the form function of Elementor Pro.

6. Spam and Bot Protection

Google reCAPTCHA We use Google reCAPTCHA (Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) to protect form entries from misuse by automated programs (bots). Information about your behavior on the website (e.g., mouse movements, dwell time, IP address) is transmitted to Google and analyzed. Legal basis: Art. 6 (1) (a) GDPR (consent) and Art. 6 (1) (f) GDPR (legitimate interest in security). Data transfer to the USA may occur. Further information: https://policies.google.com/privacy

Akismet To detect and filter spam comments, we use the plugin Akismet (Provider: Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA). Comment content and technical data (e.g., IP address, browser info) are transmitted to Automattic’s servers. Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in avoiding spam). Data transfer to the USA may occur.

7. Web Analysis

Google Tag Manager We use the Google Tag Manager (Provider: Google Ireland Limited). This tool allows us to manage website tags centrally. The Tag Manager itself does not process personal data but may trigger other services that do. It is only activated after your consent.

Google Analytics Via the Tag Manager, we integrate Google Analytics (Provider: Google Ireland Limited). This allows us to analyze user behavior. Data processed may include:

  • IP address (usually shortened/anonymized)

  • Pages visited and duration of stay

  • Origin of the visitor (e.g., search engine, direct entry)

  • Device, browser, and operating system used Google Analytics is only loaded after your explicit consent (Art. 6 (1) (a) GDPR). Data transfer to the USA may occur.

8. Embedded Content and External Services

  • YouTube Videos: Embedded via Google Ireland Limited. Loaded only after consent (Art. 6 (1) (a) GDPR).

  • Google Maps: Embedded via Google Ireland Limited. Loaded only after consent (Art. 6 (1) (a) GDPR).

  • Instagram Feed: Embedded via Meta Platforms Ireland Limited using the Smash Balloon plugin. Loaded only after consent (Art. 6 (1) (a) GDPR). Data transfer to the USA may occur.

  • Fonts: Provided locally. No connection to external font servers is established.

9. Comment Function & Notifications

When you leave a comment, the data entered (e.g., name, email, content) is stored and displayed after approval. Using the plugin Subscribe to Comments Reloaded, you can subscribe to email notifications. Legal basis: Art. 6 (1) (a) GDPR (consent). You can unsubscribe at any time via the link in the email.

10. Data Backup

We use the plugin UpdraftPlus for backups, stored on Google Drive (Google Ireland Limited). Backups may include personal data (e.g., comments, form entries). Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in data security).

11. Recipients and Processors

We use the following service providers to operate our website:

  • UD Media GmbH: Hosting

  • Google Ireland Limited: Tag Manager, Analytics, reCAPTCHA, YouTube, Maps, Google Drive (Backup)

  • Meta Platforms Ireland Limited: Instagram Feed (Smash Balloon)

  • Automattic Inc.: Akismet (Spam protection)

  • hu-manity.co: Cookie Notice & Compliance

  • OnTheGoSystems: WPML (Multilingualism)

12. Data Transfer to Third Countries

If we use services from providers that process personal data outside the EU/EEA (e.g., in the USA), this constitutes a transfer to third countries. These countries may not have a level of data protection comparable to the EU. Where necessary, we base such transfers on Standard Contractual Clauses (SCCs) of the EU Commission and additional protective measures.

13. Storage Duration

We store personal data only as long as necessary for the respective processing purpose or as required by statutory retention periods.

14. Your Rights as a Data Subject

You have the following rights:

  • Right of access (Art. 15 GDPR)

  • Right to rectification (Art. 16 GDPR)

  • Right to erasure (Art. 17 GDPR)

  • Right to restriction of processing (Art. 18 GDPR)

  • Right to data portability (Art. 20 GDPR)

  • Right to object (Art. 21 GDPR)

  • Right to withdraw consent (Art. 7 (3) GDPR)

To exercise your rights, please contact: mail@axelkopp.com

15. Right to Lodge a Complaint

You have the right to complain to a data protection supervisory authority. The competent authority for us is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
Postfach 20 04 44
40102 Düsseldorf
Germany
Email: poststelle@ldi.nrw.de

16. Status

This privacy policy is current as of: March 2026