Date: Dec 14, 2023

Imprint and Privacy Policy

How we handle and protect your data.

Disclaimer

I compile the contents of these internet pages with great care and ensure their regular updating. The information serves only for non-binding general information and does not replace detailed individual advice or any kind of training, especially dive training.

I assume no liability for the timeliness, accuracy, and completeness of the information on these pages or for uninterrupted access at all times. When referring (links) to internet pages of third parties, I assume no responsibility for the contents of the linked pages. Furthermore, I exclude liability for services, particularly when downloading files provided by me on the internet pages of this domain, for slight negligence breaches of duty.

All rights reserved. Texts, images, graphics, sound, animations, and videos as well as their arrangement on this domain are subject to copyright and other protective laws. The content of this website may not be copied, distributed, modified, or made accessible to third parties for commercial purposes.

Data Protection

Responsible Person

Timo Buhmann
Stuttgart, Germany
timo scuba-society.com

Relevant Legal Bases

Relevant legal bases according to the GDPR: Below is an overview of the legal bases of the GDPR, on which basis we process personal data. Please note that in addition to the provisions of the GDPR, national data protection regulations in your or our country of residence may apply. Should more specific legal bases be relevant in individual cases, we will inform you in the data protection declaration.

  • Legitimate Interests (Art. 6 para. 1 s. 1 lit. f) GDPR) - The processing is necessary to safeguard the legitimate interests of the controller or a third party, provided that the interests or fundamental rights and freedoms of the data subject that require the protection of personal data do not outweigh them.

National data protection regulations in Germany: In addition to the data protection regulations of the GDPR, national regulations on data protection in Germany apply. This includes in particular the law for the protection against misuse of personal data in data processing (Federal Data Protection Act – BDSG). The BDSG contains special regulations on the right to access, the right to deletion, the right to object, processing of special categories of personal data, processing for other purposes and transmission as well as automated decision making in individual cases including profiling. Furthermore, state data protection laws of the individual federal states may be applicable.

Note on the applicability of the GDPR and Swiss DPA: These data protection notes serve both for the provision of information according to the Swiss Federal Act on Data Protection (Swiss DPA) and according to the General Data Protection Regulation (GDPR). For this reason, we ask you to note that due to the broader spatial application and comprehensibility, the terms of the GDPR are used. In particular, instead of the terms used in the Swiss DPA "processing" of "personal data" and "overriding interest", the terms used in the GDPR "processing" of "personal data" and "legitimate interest" are used. However, the legal meaning of the terms will continue to be determined according to the Swiss DPA within the scope of its applicability.

Overview of Processing

The following overview summarizes the types of processed data and the purposes of their processing and refers to the data subjects.

Types of processed data

  • Usage data
  • Meta, communication, and procedural data

Categories of data subjects

  • Users

Purposes of processing

  • Security measures
  • Provision of our online offer and user-friendliness
  • Information technology infrastructure

Security Measures

We take appropriate technical and organizational measures in accordance with legal requirements, considering the state of the art, the costs of implementation, and the nature, scope, circumstances, and purposes of processing as well as the varying likelihood and severity for the rights and freedoms of natural persons, to ensure a level of security appropriate to the risk.

The measures include ensuring the confidentiality, integrity, and availability of data by controlling the physical and electronic access to the data as well as the access, input, transfer, ensuring availability and their separation. Furthermore, we have established procedures that ensure the exercise of data subjects' rights, deletion of data, and response to data compromise. Additionally, we consider the protection of personal data in the development or selection of hardware, software, and processes, according to the principle of data protection, through technology design and data protection-friendly default settings.

TLS encryption (https): To protect your data transmitted via our online offer, we use TLS encryption. You can recognize such encrypted connections by the prefix https:// in the address bar of your browser.

Provision of the Online Offer and Web Hosting

We process users' data to provide them with our online services. For this purpose, we process the IP address of the user, which is necessary to transmit the contents and functions of our online services to the user's browser or device.

  • Types of Data Processed: Usage data (e.g., visited websites, interest in content, access times); Meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, consent status).
  • Affected Persons: Users (e.g., website visitors, users of online services).
  • Purposes of Processing: Provision of our online offer and user-friendliness; Information technology infrastructure (operation and provision of information systems and technical devices (computers, servers, etc.)); security measures.
  • Legal Bases: Legitimate interests (Art. 6 para. 1 s. 1 lit. f) GDPR).

Further Information on Processing Processes, Procedures, and Services:

  • Collection of Access Data and Log Files: Access to our online offer is logged in the form of so-called "server log files". Server log files can include the address and name of the retrieved web pages and files, date and time of access, transmitted data volumes, report of successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page), and typically IP addresses and the requesting provider. The server log files can be used for security purposes, e.g., to prevent server overload (especially in the case of abusive attacks, so-called DDoS attacks) and also to ensure the utilization of the servers and their stability; Legal bases: Legitimate interests (Art. 6 para. 1 s. 1 lit. f) GDPR); Deletion of Data: Logfile information is stored for a maximum of 30 days and then deleted or anonymized. Data required for further retention for evidence purposes is exempted from deletion until the final clarification of the respective incident.

This privacy policy was created with the help of the free data protection generator from Dr.Thomas Schwenke