1. General Information and Controller

 

Controller (Responsible Body)

The party responsible for data processing on this website (the “controller”) is:

EXIM Berlin Trading & Logistik GmbH [Full legal address of the company] [Postal Code, City] Germany

Commercial Register: [Company’s Commercial Register Number] Managing Director: [Name of Managing Director] Telephone: [Telephone Number] Email: [General Contact Email]

[If applicable: Data Protection Officer (DPO)] [Name of DPO or external service] [Address] [Email]

 

2. Website Hosting

 

Our website is hosted by [Name of your hosting provider, e.g., IONOS, Strato, Hetzner]. Our provider automatically collects and stores information in server log files, which your browser transmits to us.

This data may include:

  • Visited page on our domain

  • Date and time of the server request

  • Amount of data sent

  • Source/referrer URL (the page you came from)

  • Browser type and version

  • Operating system used

  • IP address (usually anonymized)

This data is processed on the basis of our legitimate interest (Art. 6(1)(f) GDPR) in ensuring the secure and error-free operation of our website. This data is typically deleted after [e.g., 7 days]. We have concluded a Data Processing Agreement (DPA) (Auftragsverarbeitungsvertrag – AVV) with our hosting provider.

 

3. Cookies and TTDSG Compliance

 

Our website uses cookies. These are small text files stored on your device via your browser.

In accordance with the German Telecommunications Telemedia Data Protection Act (TTDSG), Section 25, the use of cookies is divided into two categories:

A. Technically Necessary Cookies These cookies are “strictly necessary” for the basic functions of the website (e.g., session management, [if e-commerce: shopping cart]). We do not require your consent to use these cookies. The legal basis is Section 25(2) of the TTDSG.

B. Non-Necessary Cookies These include cookies for analysis (e.g., tracking visitor numbers), marketing, personalization, or third-party content (e.g., YouTube videos).

TTDSG “Opt-In” Rule: We will not activate or deploy any “non-necessary” cookies unless you provide your explicit, active, and prior consent (opt-in) via our Cookie Banner. The legal basis for these cookies is your consent (Art. 6(1)(a) GDPR and Section 25(1) TTDSG).

Managing Your Consent (Cookie Banner) When you first visit our site, you will be presented with a cookie management tool (banner) where you can select your preferences. A “Reject All” option must be as easily accessible as an “Accept All” option.

You can withdraw or change your consent at any time for the future by accessing our privacy settings [You must add a link here, e.g., “Cookie Settings” in the footer].

 

4. Contact (Email or Contact Form)

 

[Include this section if you have a contact form] If you send us inquiries via the contact form, your details from the form (name, email, subject, etc.) including the contact data you provide will be stored by us for the purpose of processing the inquiry and for any follow-up questions. We do not pass on this data without your consent.

[Include this section always] If you contact us by email, the data you transmit will be processed similarly.

This data is processed on the basis of Art. 6(1)(b) GDPR if your request is related to the performance of a contract, or on the basis of our legitimate interest (Art. 6(1)(f) GDPR) in effectively processing the inquiries. Your data will be deleted after your request has been fully resolved, provided there are no statutory retention obligations (e.g., 6 years for business correspondence under the German Commercial Code).

 

5. Third-Party Tools (Analytics, Maps, etc.)

 

[ONLY include the following sections if you ACTUALLY use these tools. You MUST check this.]

[Example: If you use Google Analytics] This website uses Google Analytics, a web analytics service provided by Google Ireland Limited (“Google”). Google Analytics uses cookies. We only use this service if you have given your explicit consent via our cookie banner (Art. 6(1)(a) GDPR and Sec. 25(1) TTDSG). We have activated IP anonymization on this website, meaning your IP address will be truncated by Google within the EU/EEA before being transmitted to the USA. We have concluded a DPA with Google.

[Example: If you use Google Maps] We use Google Maps on this site to display our location. For this service to function, Google may need to process your IP address. We only load these maps after you have given your active consent via our cookie banner (Art. 6(1)(a) GDPR and Sec. 25(1) TTDSG).

[Example: If you use Google Fonts (External)] We use Google Fonts for a consistent display. These fonts are loaded from Google servers, which may transmit your IP address to Google. [If you host the fonts locally on your server, delete this section, as no data is transferred].

 

6. Your Rights as a Data Subject

 

Under the GDPR, you have the following rights:

  • Right of Access (Art. 15 GDPR): The right to request information about your personal data processed by us.

  • Right to Rectification (Art. 16 GDPR): The right to demand the correction of incorrect or incomplete data.

  • Right to Erasure (Art. 17 GDPR): The right to demand the deletion (“right to be forgotten”) of your data, provided no legal retention obligations prevent it.

  • Right to Restriction of Processing (Art. 18 GDPR): The right to demand the restriction of the processing of your data under certain conditions.

  • Right to Data Portability (Art. 20 GDPR): The right to receive your data in a structured, common, and machine-readable format.

  • Right to Object (Art. 21 GDPR): The right to object to processing based on legitimate interests (Art. 6(1)(f) GDPR).

  • Right to Withdraw Consent (Art. 7(3) GDPR): The right to withdraw your consent (e.g., for cookies) at any time with future effect.

 

7. Right to Lodge a Complaint

 

Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with the competent supervisory authority if you believe that the processing of your personal data violates data protection regulations. The competent authority in Berlin is:

Berliner Beauftragte für Datenschutz und Informationsfreiheit [Insert address and contact details of the Berlin DPA]

 

8. Data Security

 

We use SSL/TLS encryption on this site for security reasons and to protect the transmission of confidential content.

Sed lectus. Sed cursus turpis vitae tortor. Proin sapien ipsum, porta a, auctor quis, euismod ut, mi. Integer ante arcu, accumsan a, consectetuer eget, posuere ut, mauris. Donec vitae sapien ut libero venenatis faucibus.

Pellentesque libero tortor, tincidunt et, tincidunt eget, semper nec, quam. Sed a libero. Donec elit libero, sodales nec, volutpat a, suscipit non, turpis. Sed a libero. In consectetuer turpis ut velit.

In turpis. Quisque libero metus, condimentum nec, tempor a, commodo mollis, magna. Curabitur at lacus ac velit ornare lobortis. Donec mi odio, faucibus at, scelerisque quis, convallis in, nisi. Proin magna.