Arti-IT

Privacy policy

Information under the GDPR on the processing of personal data on arti-it.de.

Last updated on: 29 September 2025

1. Controller

Arti-IT — Owner: Albert Milaqi
Pinner Straße 11, 42579 Heiligenhaus, Germany
Email: info@arti-it.de · Phone: +49 163 3720226
Legal form: sole proprietorship

Note: for sole proprietorships, the owner’s full first and last name must be indicated. The designation “Arti-IT” may be used as a trade name.

Privacy contact

No data protection officer (DPO) is currently appointed. For any request, please write to info@arti-it.de.

2. Purposes, legal bases and mandatory data

Purpose Categories of data Legal basis Mandatory?
Provision of the website & IT security IP address, timestamp, URL, referrer, user agent, status code Art. 6(1)(f) GDPR (legitimate interests) technically necessary
Contact (form/email/phone/WhatsApp) Name, company, email, phone number, message content Art. 6(1)(b) GDPR (pre-contract/contract) or 6(1)(f) GDPR (communication) required to handle your request
Consent management (if applicable) Consent status, timestamp, browser information Art. 6(1)(c) GDPR, §25 TTDSG and Art. 6(1)(f) GDPR technically necessary

Providing your data is not required by law; however, without the data marked as necessary we may be unable to process your request.

3. Hosting and processors

This website is hosted by an external provider (processor) on the basis of a data processing agreement in accordance with Art. 28 GDPR.

Hosting: Hostinger International Ltd. (Hostinger group)
Purposes: infrastructure, storage, security, email delivery (SMTP)
Legal bases: Art. 6(1)(f) GDPR, Art. 28 GDPR
Third countries: mainly EU/EEA; in individual cases (e.g. support) Standard Contractual Clauses (SCCs) plus additional safeguards.

5. Server logs

When you visit our website, certain data are automatically stored in server log files (IP address, date/time, URL, referrer, user agent, status code).

  • Purpose: stability, security, error diagnostics
  • Legal basis: Art. 6(1)(f) GDPR
  • Retention: usually 14–30 days; longer where necessary to investigate faults or abuse

6. Contact

If you contact us via form, email, phone or WhatsApp, we process your data in order to handle your request and, where necessary, to initiate or perform a contract.

  • Legal basis: Art. 6(1)(b) or Art. 6(1)(f) GDPR
  • Recipients: internal departments; technical providers (hosting/SMTP)
  • Retention: until your request has been dealt with; longer where legal obligations apply (e.g. 6 or 10 years)

WhatsApp (optional): if you contact us voluntarily via WhatsApp, WhatsApp Ireland Ltd. processes data as an independent controller. Please do not send sensitive information via WhatsApp.

7. Recipients and third parties

  • External processors: hosting/IT, email delivery (SMTP), maintenance/support
  • Independent controllers: communication providers (e.g. WhatsApp), payment/shipping providers — only if used
  • Authorities/legal counsel: where required by law or for the establishment, exercise or defence of legal claims

8. Transfers to third countries

Any transfers outside the EU/EEA take place only in accordance with Arts. 44 et seq. GDPR (e.g. adequacy decisions, SCCs and additional safeguards).

9. Retention periods

Personal data are stored for as long as necessary for the purposes described or as required by law; thereafter they are deleted or anonymised.

10. Your rights

  • Right of access (Art. 15), rectification (16), erasure (17), restriction (18), data portability (20)
  • Right to object to processing based on Art. 6(1)(e) or (f) GDPR (Art. 21)
  • Right to withdraw consent (Art. 7(3)) with effect for the future
  • Right to lodge a complaint with a supervisory authority (Art. 77)

To exercise these rights, please contact info@arti-it.de. We may ask for information to verify your identity.

11. Supervisory authority

Among others, the supervisory authority responsible for NRW (Germany):

Landesbeauftragte für Datenschutz und Informationsfreiheit NRW (LDI NRW)
Postfach 20 04 44, 40102 Düsseldorf — Kavalleriestr. 2–4, 40213 Düsseldorf
Phone: +49 (0)211 38424-0 — Email: poststelle@ldi.nrw.de
Website: ldi.nrw.de

12. Minors

Our services are not directed at children under the age of 16. We do not knowingly process data of minors unless consent is given or authorised by the holder(s) of parental responsibility (Art. 8 GDPR).

13. Security (TLS/SSL)

We use TLS/SSL encryption, which you can recognise by “https://” and the padlock icon in your browser.

14. Changes to this privacy policy

We will update this information if legal requirements or our processing activities change. The current version is always available at /en/privacy.

15. Optional services (currently not in use)

We are currently not using analytics/marketing services or embedded third-party content (YouTube/Vimeo, Google Maps, Google Fonts via CDN, reCAPTCHA). Should we enable such services in the future, we will inform you beforehand and obtain your consent via a banner.

Pre-defined blocks (only applicable if activated)

  • Web analytics (Matomo/GA4): only with consent, IP anonymisation, data minimisation, limited retention.
  • Google Fonts (local): local integration recommended; no transmission to Google.
  • YouTube/Vimeo, maps, reCAPTCHA: 2-click/consent-based integration; transmission of IP address and device data to third parties.

16. Legal notice

Information about the website provider can be found at /en/legal. Please ensure that the Legal notice and Privacy policy contain consistent details (name, address, contact information).