thuy doan – designs
Hannover, Germany
E-Mail: thuydoan.designs@gmail.com
I have drawn up this data protection declaration (version 01.08.2020-311199623) to explain to you, in accordance with the provisions of the basic data protection regulation (EU) 2016/679, what information we collect, how I use data and what decision-making options you have as a visitor to this website.
Unfortunately, it is in the nature of things that these explanations sound very technical, but I have tried to describe the most important things as simply and clearly as possible.
When you visit websites today, certain information is automatically created and stored, including on this website.
When you visit my website as you are doing right now, my web server (the computer on which this website is stored) automatically saves data such as
– the address (URL) of the accessed web page
– Browser and browser version
– the operating system used
– the address (URL) of the previously visited page (referrer URL)
– the host name and IP address of the device from which access is made
– Date and time
in files (web server log files).
Usually web server log files are stored for two weeks and then automatically deleted. I do not pass on this data, but cannot exclude the possibility that this data may be viewed in the event of illegal behaviour.
My website uses HTTP cookies to store user-specific data. In the following I explain what cookies are and why they are used so that you can better understand the following privacy policy.
Whenever you surf the Internet, you are using a browser. Some popular browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.
One of them cannot be dismissed: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are other cookies for other applications. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder, quasi the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.
Cookies store certain user data about you, such as language or personal page settings. When you visit our site again, your browser transmits the "user-related" information back to our site. Thanks to the cookies, our website knows who you are and offers you your accustomed standard settings. In some browsers each cookie has its own file, in others, such as Firefox, all cookies are stored in a single file.
There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner sites (e.g. Google Analytics). Each cookie is unique because each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, trojans or other "pests". Cookies also cannot access information on your PC.
For example, cookie data may look like this:
Name: _ga
Expiry period: 2 years
Usage: Differentiation of website visitors
Example value: GA1.2.1326744211.152311199623
A browser should support the following minimum sizes:
A cookie should be able to contain at least 4096 bytes
At least 50 cookies should be able to be stored per domain
A total of at least 3000 cookies should be able to be stored
The question which cookies I use in particular depends on the services used and is clarified in the following sections of the privacy policy. At this point I would like to briefly discuss the different types of HTTP cookies.
Essential cookies
These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed when a user places a product in the shopping cart, then continues surfing on other pages and only proceeds to checkout later. These cookies do not delete the shopping cart, even if the user closes his browser window.
Functional cookies
These cookies collect information about user behaviour and whether the user receives any error messages. In addition, these cookies also measure the loading time and the behaviour of the website with different browsers.
Target-oriented cookies
These cookies ensure a better user experience. For example, entered locations, font sizes or form data are stored.
Advertising cookies
These cookies are also called targeting cookies. They are used to deliver customized advertising to the user. This can be very practical, but also very annoying.
Usually, the first time you visit a website, you are asked which of these types of cookies you would like to allow. And of course this decision is also stored in a cookie.
How and if you want to use cookies is up to you. Regardless of the service or website from which the cookies originate, you always have the option to delete cookies, to allow them only partially or to deactivate them. For example, you can block third-party cookies, but allow all other cookies.
If you do not wish to receive cookies, you can set up your browser so that it always informs you when a cookie is to be set. In this way, you can decide for each individual cookie whether you want to allow it or not. The procedure varies depending on the browser. The best thing to do is to look for the instructions in Google using the search term "Delete Chrome cookies" or "Disable Chrome cookies" in the case of a Chrome browser, or replace the word "Chrome" with the name of your browser, e.g. Edge, Firefox, Safari.
Since 2009 there are the so-called "cookie guidelines". This states that the storage of cookies requires your consent. Within the EU countries, however, there are still very different reactions to these guidelines. In Germany, the cookie guidelines have not been implemented as national law. Instead, the implementation of this directive was largely carried out in § 15 para.3 of the German Telemedia Act (TMG).
If you want to know more about cookies and are not afraid of technical documentation, I recommend this site, the Request for Comments of the Internet Engineering Task Force (IETF) called "HTTP State Management Mechanism".
Personal information that you submit to us electronically on this website, such as your name, e-mail address, postal address or other personal information when submitting a form or comments on the blog, together with the time and IP address, will only be used by me for the purpose stated in each case, will be kept securely stored and will not be disclosed to third parties.
Thus, we will only use your personal data for communication with those visitors who expressly request contact and for processing the services and products offered on this website. I will not pass on your personal data without your consent, but I cannot exclude the possibility that this data may be viewed in the event of unlawful behaviour.
If you send me personal data by e-mail - thus off this website - I cannot guarantee secure transmission and the protection of your data. I recommend that you never send confidential data by e-mail without encryption.
According to article 6 paragraph 1 a DSGVO (legality of processing), the legal basis is that you give me your consent to process the data you have entered. You can revoke this consent at any time - an informal e-mail is sufficient; you will find our contact details in the imprint.
In accordance with the provisions of the DSGVO, you are basically entitled to the following rights:
Right of rectification (Article 16 DSGVO)
Right of cancellation ("right to be forgotten") (Article 17 DPA)
Right to restrict processing (Article 18 DSGVO)
Right of notification - Obligation to notify in connection with the correction or deletion of personal data or the restriction of processing (Article 19 DPA)
Right to data transferability (Article 20 DSGVO)
Right of objection (Article 21 DSGVO)
Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 DPA)
If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
On my website I use Google Fonts. These are the "Google fonts" of the company Google Inc. For the European area the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.
To use Google fonts, you do not need to sign in or set a password. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, the requests for CSS and fonts are completely separate from all other Google services. If you have a Google Account, you don't need to worry about your Google Account information being submitted to Google while using Google Fonts. Google tracks the use of CSS (Cascading Style Sheets) and the fonts used and stores this information securely. I'll be taking a closer look at what exactly this data storage looks like.
Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts that Google makes available to its users free of charge. Many of these fonts are published under the SIL Open Font License, while others are published under the Apache License. Both are free software licenses.
With Google Fonts I can use fonts on my own website, but I don't have to upload them to my own server. Google Fonts is an important component to keep the quality of my website high. All Google fonts are automatically optimized for the web, which saves data volume and is a great advantage especially for use with mobile devices. When you visit my site, the low file size ensures a fast loading time. Furthermore, Google Fonts are secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can visually distort some texts or entire web pages. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all major browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). So we use Google Fonts to make my entire online service as beautiful and consistent as possible.
When you visit my website, the fonts are reloaded via a Google server. This external call transfers data to the Google servers. In this way Google also recognises that you or your IP address are visiting my website. The Google Fonts API was developed to reduce the use, storage and collection of end user data to what is necessary for the proper provision of fonts. By the way, API stands for "Application Programming Interface" and serves, among other things, as a data transmitter in the software sector.
Google Fonts stores CSS and font requests securely at Google and is therefore protected. Through the collected usage figures, Google can determine how well the individual fonts are received. Google publishes the results on internal analysis pages, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in Google Fonts' BigQuery database. Entrepreneurs and developers use Google's BigQuery web service to examine and move large amounts of data.
However, it should also be noted that each Google Font request automatically sends information such as language settings, IP address, browser version, browser screen resolution and browser name to the Google servers. Whether this data is also stored cannot be clearly determined or is not clearly communicated by Google.
Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This allows us to use the fonts with the help of a Google style sheet. A stylesheet is a style template that allows you to easily and quickly change, for example, the design or font of a web page.
The font files are stored at Google for one year. Google's goal is to improve the loading time of web pages. If millions of web pages link to the same fonts, they are cached after the first visit and reappear immediately on all other web pages visited later. Sometimes Google updates font files to reduce file size, increase language coverage and improve design.
The data that Google stores for a day or a year cannot be easily deleted. The data is automatically sent to Google when you view the page. To delete this data prematurely, you must contact Google support. In this case, you only prevent data storage if you do not visit my site.
Unlike other web fonts, Google allows us unlimited access to all fonts. This means that I have unlimited access to a sea of fonts and can thus get the best out of my website. You can find out more about Google Fonts and other questions. Although Google addresses privacy issues there, it does not provide really detailed information about data storage. It's relatively difficult to get really detailed information about data storage from Google.
You can also read about what data Google collects and how it is used.
On my website I use Google fonts from Google Inc. The company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for the European area. We have integrated the Google fonts locally, i.e. on my web server - not on the servers of Google. This means that there is no connection to Google servers and therefore no data transfer or storage.
In former times Google Fonts were also called Google Web Fonts. This is an interactive directory with over 800 fonts, which Google provides free of charge. With Google Fonts you could use fonts without uploading them to your own server. But to prevent any information transfer to Google servers, I have downloaded the fonts to my server. In this way, I act in accordance with data protection laws and do not send any data to Google Fonts.
Unlike other web fonts, Google gives me unlimited access to all fonts. This means I have unlimited access to a sea of fonts and can thus get the best out of my website.
I integrate elements of social media services on my website to display images, videos and text. When you visit pages that display these elements, data is transferred from your browser to the respective social media service and stored there. I have no access to this data. The following links will take you to the pages of the respective social media services where it is explained how they handle your data:
Instagram Privacy Policy
For YouTube the Google Privacy Policy applies
Facebook data policy
Twitter Privacy Policy
