Privacy Policy

1. Preliminary Remarks

We take the protection of personal data very seriously. The processing of personal data is carried out exclusively in compliance with the General Data Protection Regulation (GDPR, Regulation (EU) 2016/679), the German Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG), and all other applicable data protection regulations. This Privacy Policy provides information on the processing of personal data in connection with the use of this website. It applies regardless of the domains, systems, platforms, and devices (e.g. desktop or mobile) used to access the website.

2. Controller Within the Meaning of Data Protection Law

The controller within the meaning of Article 4(7) GDPR is:

Company Name: Bauevx8

Email: info@bauerx8.com

3. General Principles of Processing

We process personal data strictly in accordance with the principles set out in Article 5 GDPR, in particular:

• lawfulness, fairness, and transparency
• purpose limitation
• data minimization
• accuracy
• storage limitation
• integrity and confidentiality

Personal data is processed only where this is technically unavoidable, legally permissible, and objectively necessary for the operation and security of this website.

4. Absence of Active Data Collection

This website does not provide interactive features through which users can actively submit personal data.

In particular, at the time of publication of this Privacy Policy:

• No contact forms are used
• No user registration or login functionality is provided
• No newsletters or subscription services are offered
• No online payment or ordering systems are implemented
• No marketing, tracking, profiling are employed

Visitors can generally access the website without disclosing personal information.

5. Legal Bases for Processing

Any processing of personal data is carried out solely on the basis of the following legal grounds under Article 6 GDPR, insofar as applicable:

• Article 6(1)(f) GDPR – Legitimate interests, in particular the technically necessary operation, maintenance, security, and stability of the website

• Article 6(1)(c) GDPR – Compliance with statutory obligations, where applicable

• Article 6(1)(b) GDPR – Performance of a contract or pre-contractual measures, where applicable in the future

Processing based on consent pursuant to Article 6(1)(a) GDPR does not currently take place.

6. Hosting, Content Management System, and Server Log Data

This website is operated using the WordPress content management system and is hosted by a hosting service provider established within the European Union.

In the course of providing hosting and access to the website, the hosting provider processes data that is technically necessary for the delivery, stability, and security of the website.

This may include, in particular:

• IP address of the requesting device
• Date and time of access
• Accessed content
• HTTP status codes
• Browser type and version
• Operating system
• Referrer URL, where applicable

This data is processed exclusively for technical, security-related, and operational purposes. It is not used to draw conclusions about individual users.

The legal basis for this processing is **Article 6(1)(f) GDPR**. Data is deleted or anonymized in accordance with statutory requirements and the hosting provider’s retention policies.

7. Cookies and Comparable Technologies

This website does not deliberately deploy cookies or comparable technologies for tracking, analysis, profiling, or marketing purposes.

It cannot be entirely ruled out that technically necessary cookies or similar storage mechanisms may be used by the content management system or hosting environment to ensure the secure and error-free operation of the website.

Such technologies, if used, are strictly limited to what is technically required and are processed on the basis of **Article 6(1)(f) GDPR**.

No consent-based cookies pursuant to Article 6(1)(a) GDPR are used.

8. Recipients of Personal Data

Personal data is not disclosed to third parties unless:

• such disclosure is technically necessary for website operation (e.g. hosting),
• we are legally obligated to do so, or
• disclosure is necessary to safeguard our legitimate interests.

No joint controllership arrangements within the meaning of Article 26 GDPR exist.

9. Data Transfers to Third Countries

No transfer of personal data to countries outside the European Union or the European Economic Area is intended or knowingly carried out.

Should such a transfer become necessary in the future, it will only take place in compliance with the requirements of Chapter V GDPR.

10. Storage Duration

Personal data is processed only for as long as is necessary to achieve the respective processing purpose or for as long as statutory retention obligations require. Once the purpose of processing has ceased to apply and no legal retention obligations exist, the data is deleted or anonymized.

11. Future Expansion of Website Functions

In the event that the website is extended in the future to include communication options or other interactive features, personal data will be processed solely for the explicitly stated purpose of the respective functionality.

In such cases:

• the applicable legal basis under Article 6 GDPR will be identified and documented,
• data processing will be limited to the minimum necessary, and
• this Privacy Policy will be updated prior to the commencement of such processing.

12. Rights of Data Subjects

Data subjects have the following rights under the GDPR and applicable German data protection law:

• Right of access (Article 15 GDPR)
• Right to rectification (Article 16 GDPR)
• Right to erasure (Article 17 GDPR)
• Right to restriction of processing (Article 18 GDPR)
• Right to data portability (Article 20 GDPR)
• Right to object to processing (Article 21 GDPR)
• Right to withdraw consent at any time, where applicable (Article 7(3) GDPR)

Requests may be addressed to the controller using the contact details provided above.

13. Right to Lodge a Complaint With a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, data subjects have the right to lodge a complaint with a competent supervisory authority if they consider that the processing of personal data relating to them infringes data protection law.

In Germany, this is the data protection authority of the respective federal state.

14. Technical and Organizational Security Measures

We implement appropriate technical and organizational measures in accordance with Article 32 GDPR to ensure a level of security appropriate to the risk.

These measures take into account the state of the art, implementation costs, the nature, scope, context, and purposes of processing, as well as the risks to the rights and freedoms of natural persons.

15. Amendments to This Privacy Policy

We reserve the right to amend this Privacy Policy at any time, in particular to reflect changes in legal requirements, regulatory guidance, or technical developments.

The version published on this website at the time of access shall apply.