1. Privacy at a Glance
The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data with which you could be personally identified. Detailed information on the subject of data protection can be found in our privacy policy listed below this text.
Data processing on this website is carried out by the website operator. Their contact details can be found in the "Information on the Responsible Party" section of this privacy policy. Your data is collected, on the one hand, when you actively provide it to us (for example, via a contact form). Other data is collected automatically or after your active consent by our IT systems when you visit the website. This primarily involves technical data (e.g., internet browser, operating system, or time of the page request). This data is collected automatically as soon as you enter this website.
A portion of the data is collected to ensure the error-free provision of the website. Other data may be used to analyze your user behavior, provided you have given your explicit consent. Our technological infrastructure (the so-called Novero-Tenant) is fundamentally geared towards data minimization and local processing. We completely refrain from using external marketing tools and do not transmit any usage data to third-party providers such as Google or Meta.
You have the right at any time to receive information free of charge about the origin, recipient, and purpose of your stored personal data. You also have a right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. Furthermore, you have the right to request the restriction of the processing of your personal data under certain circumstances. You also have the right to lodge a complaint with the competent supervisory authority.
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations (in particular the European General Data Protection Regulation, GDPR, as well as the Telecommunications-Digital Services Data Protection Act, TDDDG) and this privacy policy. We point out that data transmission over the Internet can fundamentally have security gaps. Complete protection of data against access by third parties is technologically not feasible.
The responsible party for data processing on this website is:
Daniela Wilken
Susettestraße 6
227653 Hamburg
Phone: +49 1724036353
Email: daniela@casavoltanardo.com
The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.
Unless a more specific storage period has been specified within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, provided we have no other legally permissible reasons for storing your personal data (e.g., tax or commercial retention periods); in the latter case, deletion occurs after these reasons cease to apply.
Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation. To revoke your consent or adjust your preferences, you can access our privacy settings at any time via the consent banner.
For security reasons and to protect the transmission of confidential content, such as inquiries you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If encryption is activated, the data you transmit to us cannot be read by third parties.
The provider of the pages (our hosting service provider) automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are typically the browser type and browser version, the operating system used, the referrer URL, the hostname of the accessing computer, as well as the time of the server request and the IP address. This data is not merged with other data sources. The collection of this data is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of their website – for this purpose, the server log files must obligatorily be recorded.
This website uses an internally developed, completely self-hosted solution for web analytics and reach measurement. We use this tool to understand user behavior on our website and to continuously improve our offering.
In contrast to widely used analytics services, no data flows to third parties (such as Google or Meta) with our solution. All collected information remains exclusively on our own servers. We do not use any external marketing or third-party cookies on our own initiative.
We do not use real, persistent cookies for analysis. Instead, we use the so-called "session storage" of your internet browser. Only temporary identification numbers (the analytics_session_id and the ap_session_id) are stored in this local storage. These IDs allow our system to associate your various page views during a single visit. As soon as you close the browser tab or the entire browser window, these IDs are automatically and irreversibly deleted from your device.
If you consent to the analytics, we record clicks, scroll depth, time spent, and the visibility of certain texts or images ("impressions & views"). We also log the visited URLs on our site, the referrer (the information indicating from which page you came to us), and rough device recognition (the distinction between mobile and desktop use).
A central component of our data protection concept is the strict handling of your IP address. Your IP address is anonymized server-side by our system before it is stored in our database. For this purpose, the last part of the IP address is first removed (zeroed). Subsequently, this shortened value is additionally encrypted with a cryptographic SHA256 hash. Through this mathematical one-way process, it is impossible for us to trace the analytics data stored in our database back to your original IP address or your person.
The storage of temporary IDs in your device's session storage and the collection of the aforementioned analytics data take place exclusively on the basis of your prior, explicit consent. The legal basis for accessing your end device is § 25 Para. 1 TDDDG. The legal basis for the subsequent server-side processing of the pseudonymized usage data is Art. 6 Para. 1 lit. a GDPR. You can revoke this consent at any time via our privacy settings. If you do not give your consent, web analytics will not be activated on your device.
For the uniform and appealing presentation of texts, our website uses the fonts "Inter" and "Instrument Sans." These fonts are integrated via the next/font/google module.
For data protection reasons, we have configured our technical infrastructure (Next.js Font Optimization) in such a way that these fonts are already downloaded during the creation ("build") of our website and permanently stored on our own server. When you visit our website, the fonts are delivered directly from our server to your browser. No connection to Google's servers is established when visiting our website. Consequently, your IP address is not transmitted to Google, and no data transfer to the USA or other third countries takes place. The fonts are de facto locally hosted.
The use of these local fonts is based on Art. 6 Para. 1 lit. f GDPR. We have a legitimate interest in a uniform and error-free typographic presentation of our website, without compromising the privacy of our visitors through unnecessary data transfers to third parties.
We attach great importance to your data sovereignty. Therefore, no external video players or iFrames from third-party providers (such as YouTube or Vimeo) are embedded across our entire web presence. All audiovisual content (such as videos in the hero section or in the CasesScroll) are hosted as direct video files (e.g., in .mp4 format) on our own server.
When you play a video on our website, you download the file directly from our host. No data is sent to external video platforms, and no tracking cookies are placed in your browser by video services. Furthermore, we do not embed any interactive maps from third-party providers (such as Google Maps). The provision of these locally hosted media serves the optimal presentation of our services based on our legitimate interest according to Art. 6 Para. 1 lit. f GDPR.