- Feel free to drop me a message. Looking forward to hearing from you!
1. Data Protection at a Glance
General Information
The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. Detailed information on data protection can be found in the full privacy policy listed below this text.
Data Collection on This Website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. Their contact details can be found in the section “Note on the Responsible Body” in this privacy policy.
How do we collect your data?
On one hand, your data is collected when you provide it to us. This may include, for example, data you enter into a contact form.
Other data is collected automatically or with your consent when you visit the website. This is primarily technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter the website.
What do we use your data for?
Some of the data is collected to ensure the website functions without errors. Other data may be used to analyze user behavior.
What rights do you have regarding your data?
You have the right to obtain free information at any time about the origin, recipient, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can withdraw this consent at any time in the future. Furthermore, you have the right, under certain circumstances, to request the restriction of the processing of your personal data. You also have the right to lodge a complaint with the relevant supervisory authority.
For this and other questions regarding data protection, you can contact us at any time.
Analysis Tools and Third-Party Tools
When visiting this website, your browsing behavior may be statistically analyzed. This is primarily done with analytics programs. Detailed information on these analytics programs can be found in the privacy policy below.
2. Hosting and Content Delivery Networks (CDN)
We host the content of our website with the following provider:
IONOS
Provider: IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany.
When you visit our website, IONOS collects various log files including your IP address.
Details: IONOS Privacy Policy
The use of IONOS is based on Art. 6(1)(f) GDPR. We have a legitimate interest in a reliable presentation of our website. If consent is requested, processing is based solely on Art. 6(1)(a) GDPR and § 25(1) TTDSG, if it includes storing cookies or accessing device info (e.g., device fingerprinting). You can revoke your consent at any time.
Data Processing Agreement (DPA)
We have signed a DPA with the provider, which ensures that IONOS processes personal data only in accordance with our instructions and complies with GDPR.
Cloudflare
Provider: Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA.
Cloudflare provides a globally distributed CDN and DNS. Technically, this routes information between your browser and our website through Cloudflare’s network. This enables Cloudflare to analyze traffic and act as a filter against malicious traffic. Cloudflare may use cookies or technologies for user recognition, used solely for the purpose described.
Use is based on our legitimate interest in a secure and error-free website (Art. 6(1)(f) GDPR).
Data transfer to the USA is based on EU Commission standard contractual clauses.
Details: Cloudflare Privacy Policy
Certified under the EU-US Data Privacy Framework (DPF)
More info: Cloudflare DPF status
Data Processing Agreement
We have a DPA with Cloudflare to ensure GDPR-compliant processing.
Google Cloud CDN
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
This is a global CDN that improves website performance and availability.
Use is based on our legitimate interest in a secure and efficient website (Art. 6(1)(f) GDPR).
Data transfers to the USA rely on standard contractual clauses.
Details: Google Cloud CDN
Certified under the EU-US Data Privacy Framework
More info: Google DPF status
Data Processing Agreement
A DPA has been concluded with Google.
Amazon CloudFront CDN
Provider: Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, L-1855, Luxembourg.
CloudFront is a global CDN that routes content delivery through Amazon’s network.
Use is based on our legitimate interest in reliable website delivery (Art. 6(1)(f) GDPR).
Data transfer to the USA relies on standard contractual clauses.
Details: AWS GDPR Info
Privacy Policy: Amazon Privacy Notice (German)
Certified under the EU-US Data Privacy Framework
More info: Amazon DPF status
Data Processing Agreement
We have a DPA with Amazon to ensure GDPR-compliant processing.
3. General Notes and Mandatory Information
Data Protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations and this privacy policy.
When you use this website, various personal data is collected. This privacy statement explains what data we collect, how, and for what purpose.
We point out that data transmission over the internet (e.g., via email) may have security gaps. A complete protection of data against access by third parties is not possible.
Note on the Responsible Party
Responsible entity for data processing on this website:
Viet Luan Tran
Phone: +49-152-24845996
Email: info@vietluantran.com
Gelleper Str. 32, 47809 Krefeld, Germany
The responsible entity is the person or organization that determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).
Data Retention Period
Unless a more specific retention period is mentioned, your personal data will remain with us until the purpose for processing ends. If you request deletion or revoke consent, your data will be deleted unless we are legally required to keep it (e.g., for tax or legal reasons). In such cases, data will be deleted once those obligations expire.
Legal Bases for Data Processing
If you have consented to data processing, your personal data will be processed based on Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR if special categories of data are processed. If you explicitly consented to the transfer of data to non-EU countries, processing also occurs under Art. 49(1)(a) GDPR. If data is necessary to fulfill a contract or pre-contractual steps, it’s processed under Art. 6(1)(b) GDPR. Data processed to fulfill a legal obligation is based on Art. 6(1)(c) GDPR. Processing may also be based on our legitimate interest (Art. 6(1)(f) GDPR). Specific legal bases are detailed throughout this privacy policy.
Data Protection Officer
We have appointed a data protection officer:
Data Protection Officer ABC
Phone: 0000-000000
Email: datenschutzbeauftragter@digi-motion.com
Data Transfers to Third Countries or Non-DPF Certified US Providers
We use tools from providers in third countries and from US-based companies that are not certified under the EU-US Data Privacy Framework. If these tools are active, your personal data may be transferred to these countries. These countries may not guarantee a data protection level equivalent to that of the EU.
The USA is considered a secure third country under the DPF. Data transfers to certified US companies are therefore permitted.
Right to Restriction of Processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time for this purpose. The right to restrict processing applies in the following cases:
If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of deletion.
If we no longer need your personal data, but you need them to exercise, defend, or assert legal claims, you have the right to request the restriction of processing instead of deletion.
If you have objected to processing pursuant to Art. 21(1) GDPR, a balancing of your and our interests must take place. As long as it has not been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, these data – apart from storage – may only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
SSL or TLS Encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as site operators, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the change in the browser’s address line from “http://” to “https://” and by the lock symbol in your browser line.
When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Objection to Promotional Emails
We hereby object to the use of contact data published as part of the legal notice obligation for the purpose of sending unsolicited advertising and informational material. The operators of the site expressly reserve the right to take legal action in the event of unsolicited advertising being sent, for example through spam emails.
Cookies
Our websites use so-called “cookies.” Cookies are small data packets that do not cause any harm to your device. They are either stored temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit. Persistent cookies remain stored on your device until you delete them or your web browser deletes them automatically.
Cookies can originate from us (first-party cookies) or from third-party companies (third-party cookies). Third-party cookies allow the integration of certain services provided by third-party companies on websites (e.g., cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g., the shopping cart or video display). Other cookies are used to evaluate user behavior or for advertising purposes.
Cookies required to carry out the electronic communication process, to provide certain functions you desire (e.g., for the shopping cart), or to optimize the website (e.g., cookies for measuring web audience) are stored based on Art. 6(1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically flawless and optimized provision of its services. If consent for the storage of cookies and similar recognition technologies was requested, processing is based exclusively on this consent (Art. 6(1)(a) GDPR and § 25(1) TTDSG); consent can be revoked at any time.
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies in certain cases or in general, and enable automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
You can find out which cookies and services are used on this website in this privacy policy.
Consent with Borlabs Cookie
Our website uses the Borlabs Cookie consent technology to obtain your consent for storing certain cookies in your browser or for using certain technologies in a data protection-compliant manner. The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany (hereinafter “Borlabs”).
When you enter our website, a Borlabs cookie is stored in your browser, which saves the consents you have given or the revocation of those consents. These data are not passed on to the provider of Borlabs Cookie.
The collected data are stored until you request us to delete them, delete the Borlabs cookie yourself, or the purpose for data storage no longer applies. Mandatory statutory retention periods remain unaffected. You can find details on data processing by Borlabs Cookie at: https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.
The use of Borlabs Cookie consent technology is to obtain the legally required consents for the use of cookies. The legal basis is Art. 6(1)(c) GDPR.
Server Log Files
The provider of the pages automatically collects and stores information in so-called server log files that your browser automatically transmits to us. These are:
Browser type and browser version
Operating system used
Referrer URL
Hostname of the accessing computer
Time of the server request
IP address
This data is not combined with other data sources.
The collection of this data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – for this, the server log files must be recorded.
Contact Form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not share this data without your consent.
The processing of this data is based on Art. 6(1)(b) GDPR, if your request is related to the performance of a contract or necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries directed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if it was requested; consent can be revoked at any time.
The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions – especially retention periods – remain unaffected.
Request by Email, Phone, or Fax
If you contact us by email, telephone, or fax, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of handling your request. We do not share this data without your consent.
The processing of this data is based on Art. 6(1)(b) GDPR, if your request is related to the performance of a contract or necessary for pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling the inquiries directed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), if requested; consent can be revoked at any time.
The data you send to us via contact inquiries will remain with us until you request deletion, revoke your consent to storage, or the purpose for storage no longer applies (e.g., after your request has been completed). Mandatory legal provisions – especially legal retention periods – remain unaffected.
Comment Function on This Website
For the comment function on this site, in addition to your comment, details such as the time the comment was created, your email address, and, if you are not posting anonymously, the username you have chosen are stored.
Storage of IP Address
Our comment function stores the IP addresses of users who post comments. Since we do not check comments on this website before they are published, we need this data to be able to take action against the author in case of legal violations such as insults or propaganda.
Subscribing to Comments
As a user of the site, you can subscribe to comments after registering. You will receive a confirmation email to verify that you are the owner of the provided email address. You can unsubscribe from this function at any time via a link in the info emails. The data provided when subscribing to comments will be deleted in this case; if you have provided this data to us for other purposes and elsewhere (e.g., newsletter subscription), the data will remain with us.
Retention Period for Comments
Comments and related data are stored and remain on this website until the commented content has been completely deleted or the comments must be deleted for legal reasons (e.g., offensive comments).
Legal Basis
The storage of comments is based on your consent (Art. 6(1)(a) GDPR). You can revoke your consent at any time. An informal email notification to us is sufficient for this purpose. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
🔍 Zusammenfassung nach Tools gegliedert
1. Google Tag Manager
Funktion: Dient zur Verwaltung von Analyse- und Marketing-Tools.
Datenerhebung: Keine Cookies oder Analysen direkt, aber IP-Adresse wird verarbeitet.
Rechtsgrundlage:
Berechtigtes Interesse (Art. 6 Abs. 1 lit. f DSGVO)
Einwilligung erforderlich, wenn Cookies oder gerätebezogene Informationen (TTDSG §25) einbezogen sind.
2. Google Analytics
Funktion: Analyse des Nutzerverhaltens mit Daten wie Seitenaufrufe, Verweildauer, etc.
Zusätzliche Features:
IP-Anonymisierung aktiviert
Google-Signale (für personalisierte Werbung)
E-Commerce-Tracking aktiv
Rechtsgrundlage:
Nur mit Einwilligung (Art. 6 Abs. 1 lit. a DSGVO + §25 TTDSG)
Verträge & Schutz: AVV abgeschlossen, Standardvertragsklauseln & DPF-Zertifizierung
3. Google Optimize
Funktion: A/B-Tests und Website-Personalisierungen
Rechtsgrundlage:
Berechtigtes Interesse oder
Einwilligung, wenn Cookies involviert
4. Google Ads + Conversion-Tracking
Funktion: Keyword-Targeting, Zielgruppen-Targeting, Erfolgsmessung
Rechtsgrundlage: Nur mit Einwilligung
Keine personenbezogene Identifikation durch Conversion-Tracking
5. Meta Pixel (Facebook Pixel)
Funktion: Conversion-Tracking, Zielgruppenanalyse
Besonderheiten:
Erweiterter Abgleich (hashed Daten wie E-Mail, Tel., Geburtsdatum etc.)
Daten fließen u. a. auch in die USA, Profilverknüpfung möglich
Rechtsgrundlage: Einwilligung nötig
✅ Stärken dieses Abschnitts
Sehr detailliert und transparent
Enthält korrekte rechtliche Grundlagen (Art. 6 DSGVO, §25 TTDSG)
Klare Hinweise auf Widerrufsmöglichkeit der Einwilligung
Verlinkungen zu relevanten Google-Dokumentationen und DPF-Zertifizierung
Erwähnung von AV-Verträgen mit Google
⚠️ Hinweise & Optimierungspotenzial
Gliederung: Die Aufteilung ist funktional, aber bei sehr langen Passagen (wie Google Analytics) könnte man Unterpunkte oder Accordion-Darstellung verwenden.
Einwilligungs-Management: Es sollte klar ersichtlich sein, wie Nutzer ihre Einwilligung verwalten oder widerrufen können (z. B. über ein Cookie-Consent-Tool).
Meta-Datenübertragung: Zwar korrekt beschrieben, aber es sollte evtl. klarer formuliert sein, dass die Verantwortung bei Meta liegt und keine vollständige Kontrolle durch die Websitebetreiber möglich ist.
Technische Umsetzung prüfen: Es sollte sichergestellt sein, dass Tracking nur nach Einwilligung erfolgt – dies ist nicht nur textlich, sondern technisch relevant.
📋 Fazit
Dieser Datenschutzerklärungs-Abschnitt ist bereits sehr professionell und rechtlich fundiert formuliert. Er eignet sich gut für Websites, die Google- und Meta-Dienste nutzen und ihre Datenschutzverpflichtungen ernst nehmen.
Wenn du möchtest, kann ich dir auch dabei helfen, eine gekürzte, verständlichere Version für normale Nutzer oder eine juristisch geprüfte Version zur Vorlage bei einer Kanzlei zu erstellen.
Möchtest du den Text auch für eine mehrsprachige Website oder eine spezielle Branche (z. B. E-Commerce, WordPress-Agentur etc.) anpassen lassen?
Viet Luan Tran
Welcome to my page. I am passionated in 3D rendering, animation and character design also in digital creations and post productions. On my page i will presents my artworks. Please feel free to contact me. Send a message to info@vietluantran.com.