Sustavis
DEEN

Privacy Policy

1. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is: Sustavis – owner Tony Amende, Weingarts 159a, 91358 Kunreuth, Germany.

Email: tony.amende@gmail.com, Phone: +49 151 70183644.

We have not appointed a Data Protection Officer, as the requirements of Art. 37 GDPR and § 38 BDSG are not met.

2. General information on data processing

We take the protection of your personal data seriously. Personal data is any information that can be used to identify you personally. This Privacy Policy explains what data we collect, how we use it, and what rights you have.

We process personal data only within the scope of applicable legal provisions. Processing only takes place where it is legally permitted or where you have given your consent.

3. Hosting and server log files

This website is operated on our own servers. When pages are accessed, the web server automatically records server log files containing: the IP address of the requesting device, date and time of the request, name and URL of the requested file, the referring website (referrer URL), browser type and version, and operating system.

Processing this data is technically necessary to deliver the website and serves to detect and prevent attacks. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in the secure and stable operation of the service). Log files are deleted after a maximum of 14 days.

4. Cloudflare

We use Cloudflare Tunnel, a service of Cloudflare Ireland Ltd., 3 Eastpoint Business Park, Dublin 3, Ireland (parent company: Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA), to securely deliver this website. Cloudflare acts as a reverse proxy and may process connection data including IP addresses in the process.

Cloudflare may process data in the United States. Cloudflare is certified under the EU–U.S. Data Privacy Framework. For more information: https://www.cloudflare.com/privacypolicy/

The legal basis for using Cloudflare is Art. 6(1)(f) GDPR (legitimate interest in a secure and performant website).

5. Contact form and email contact

When you contact us via the contact form or by email, we process the following data: your name, email address, optional company details, and the content of your message.

This data is used solely to respond to your inquiry and is not shared with third parties. Data will be deleted once your request has been fully processed, unless statutory retention obligations apply (generally after three years).

The legal basis is Art. 6(1)(b) GDPR where your inquiry relates to the initiation or performance of a contract, and Art. 6(1)(f) GDPR (legitimate interest in responding to your inquiry) otherwise.

Note: Emails are received and processed via Google Gmail (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). For more information on Google's data processing: https://policies.google.com/privacy

6. Disclosure of data

Personal data is only disclosed to third parties within the legally permissible scope – in particular where necessary for the performance of a contract, where we are legally obliged to do so, or where you have given your consent.

With the exception of the service providers mentioned in Sections 4 and 5 (Cloudflare, Google Gmail), no data is shared with external parties. Your data is never sold.

7. Cookies

This website does not use tracking or analytics cookies. Only technically necessary cookies are used that are required for the operation of the website and do not store personal data for advertising or analytics purposes.

For more information, see our Cookie Policy.

8. Your rights

With regard to the personal data concerning you, you have the following rights:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent (Art. 7(3) GDPR)

9. Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority regarding our processing of your personal data (Art. 77 GDPR).

The supervisory authority with jurisdiction over us is: Bayerisches Landesamt für Datenschutzaufsicht (BayLDA), Promenade 18, 91522 Ansbach, Germany, www.lda.bayern.de.

10. Data security

This website uses an HTTPS connection to encrypt data transmitted between your browser and our server.

11. Updates to this Privacy Policy

We reserve the right to update this Privacy Policy as necessary to reflect current legal requirements. Date of last update: June 2026.