thuy doan – designs
Hannover, Germany
E-Mail:
thuydoan.designs@gmail.com
I have drawn up this data protection declaration (version
01.08.2020-311199623) to explain to you, in accordance with the provisions
of the basic data protection regulation (EU) 2016/679, what information we
collect, how I use data and what decision-making options you have as a
visitor to this website.
Unfortunately, it is in the nature of things that these explanations sound
very technical, but I have tried to describe the most important things as
simply and clearly as possible.
When you visit websites today, certain information is automatically created
and stored, including on this website.
When you visit my website as you are doing right now, my web server (the
computer on which this website is stored) automatically saves data such
as
– the address (URL) of the accessed web page
– Browser and browser version
– the operating system used
– the address (URL) of the previously visited page (referrer URL)
– the host name and IP address of the device from which access is
made
– Date and time
in files (web server log files).
Usually web server log files are stored for two weeks and then automatically
deleted. I do not pass on this data, but cannot exclude the possibility that
this data may be viewed in the event of illegal behaviour.
My website uses HTTP cookies to store user-specific data. In the following I
explain what cookies are and why they are used so that you can better
understand the following privacy policy.
Whenever you surf the Internet, you are using a browser. Some popular
browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft
Edge. Most websites store small text files in your browser. These files are
called cookies.
One of them cannot be dismissed: Cookies are really useful little helpers.
Almost all websites use cookies. More precisely, they are HTTP cookies, as
there are other cookies for other applications. HTTP cookies are small files
that are stored on your computer by our website. These cookie files are
automatically stored in the cookie folder, quasi the "brain" of your
browser. A cookie consists of a name and a value. When defining a cookie,
one or more attributes must also be specified.
Cookies store certain user data about you, such as language or personal page
settings. When you visit our site again, your browser transmits the
"user-related" information back to our site. Thanks to the cookies, our
website knows who you are and offers you your accustomed standard settings.
In some browsers each cookie has its own file, in others, such as Firefox,
all cookies are stored in a single file.
There are both first-party cookies and third-party cookies. First-party
cookies are created directly by our site, third-party cookies are created by
partner sites (e.g. Google Analytics). Each cookie is unique because each
cookie stores different data. The expiration time of a cookie also varies
from a few minutes to a few years. Cookies are not software programs and do
not contain viruses, trojans or other "pests". Cookies also cannot access
information on your PC.
For example, cookie data may look like this:
Name: _ga
Expiry period: 2 years
Usage: Differentiation of website visitors
Example value: GA1.2.1326744211.152311199623
A browser should support the following minimum sizes:
A cookie should be able to contain at least 4096 bytes
At least 50 cookies should be able to be stored per domain
A total of at least 3000 cookies should be able to be stored
The question which cookies I use in particular depends on the services used
and is clarified in the following sections of the privacy policy. At this
point I would like to briefly discuss the different types of HTTP
cookies.
Essential cookies
These cookies are necessary to ensure basic functions of the website. For
example, these cookies are needed when a user places a product in the
shopping cart, then continues surfing on other pages and only proceeds to
checkout later. These cookies do not delete the shopping cart, even if the
user closes his browser window.
Functional cookies
These cookies collect information about user behaviour and whether the user
receives any error messages. In addition, these cookies also measure the
loading time and the behaviour of the website with different browsers.
Target-oriented cookies
These cookies ensure a better user experience. For example, entered
locations, font sizes or form data are stored.
Advertising cookies
These cookies are also called targeting cookies. They are used to deliver
customized advertising to the user. This can be very practical, but also
very annoying.
Usually, the first time you visit a website, you are asked which of these types of cookies you would like to allow. And of course this decision is also stored in a cookie.
How and if you want to use cookies is up to you. Regardless of the service
or website from which the cookies originate, you always have the option to
delete cookies, to allow them only partially or to deactivate them. For
example, you can block third-party cookies, but allow all other cookies.
If you do not wish to receive cookies, you can set up your browser so that
it always informs you when a cookie is to be set. In this way, you can
decide for each individual cookie whether you want to allow it or not. The
procedure varies depending on the browser. The best thing to do is to look
for the instructions in Google using the search term "Delete Chrome cookies"
or "Disable Chrome cookies" in the case of a Chrome browser, or replace the
word "Chrome" with the name of your browser, e.g. Edge, Firefox, Safari.
Since 2009 there are the so-called "cookie guidelines". This states that the
storage of cookies requires your consent. Within the EU countries, however,
there are still very different reactions to these guidelines. In Germany,
the cookie guidelines have not been implemented as national law. Instead,
the implementation of this directive was largely carried out in § 15 para.3
of the German Telemedia Act (TMG).
If you want to know more about cookies and are not afraid of technical
documentation, I recommend
this site,
the Request for Comments of the Internet Engineering Task Force (IETF)
called "HTTP State Management Mechanism".
Personal information that you submit to us electronically on this website,
such as your name, e-mail address, postal address or other personal
information when submitting a form or comments on the blog, together with
the time and IP address, will only be used by me for the purpose stated in
each case, will be kept securely stored and will not be disclosed to third
parties.
Thus, we will only use your personal data for communication with those
visitors who expressly request contact and for processing the services and
products offered on this website. I will not pass on your personal data
without your consent, but I cannot exclude the possibility that this data
may be viewed in the event of unlawful behaviour.
If you send me personal data by e-mail - thus off this website - I cannot
guarantee secure transmission and the protection of your data. I recommend
that you never send confidential data by e-mail without encryption.
According to article 6 paragraph 1 a DSGVO (legality of processing), the
legal basis is that you give me your consent to process the data you have
entered. You can revoke this consent at any time - an informal e-mail is
sufficient; you will find our contact details in the imprint.
In accordance with the provisions of the DSGVO, you are basically entitled
to the following rights:
Right of rectification (Article 16 DSGVO)
Right of cancellation ("right to be forgotten") (Article 17 DPA)
Right to restrict processing (Article 18 DSGVO)
Right of notification - Obligation to notify in connection with the
correction or deletion of personal data or the restriction of processing
(Article 19 DPA)
Right to data transferability (Article 20 DSGVO)
Right of objection (Article 21 DSGVO)
Right not to be subject to a decision based solely on automated processing,
including profiling (Article 22 DPA)
If you believe that the processing of your data violates data protection law
or your data protection rights have otherwise been violated in any way, you
can contact the Federal Commissioner for Data Protection and Freedom of
Information (BfDI).
On my website I use Google Fonts. These are the "Google fonts" of the
company Google Inc. For the European area the company Google Ireland Limited
(Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all
Google services.
To use Google fonts, you do not need to sign in or set a password.
Furthermore, no cookies are stored in your browser. The files (CSS, fonts)
are requested via the Google domains fonts.googleapis.com and
fonts.gstatic.com. According to Google, the requests for CSS and fonts are
completely separate from all other Google services. If you have a Google
Account, you don't need to worry about your Google Account information being
submitted to Google while using Google Fonts. Google tracks the use of CSS
(Cascading Style Sheets) and the fonts used and stores this information
securely. I'll be taking a closer look at what exactly this data storage
looks like.
Google Fonts (formerly Google Web Fonts) is a directory of over 800 fonts
that Google makes available to its users free of charge. Many of these fonts
are published under the SIL Open Font License, while others are published
under the Apache License. Both are free software licenses.
With Google Fonts I can use fonts on my own website, but I don't have to
upload them to my own server. Google Fonts is an important component to keep
the quality of my website high. All Google fonts are automatically optimized
for the web, which saves data volume and is a great advantage especially for
use with mobile devices. When you visit my site, the low file size ensures a
fast loading time. Furthermore, Google Fonts are secure web fonts. Different
image synthesis systems (rendering) in different browsers, operating systems
and mobile devices can lead to errors. Such errors can visually distort some
texts or entire web pages. Thanks to the fast Content Delivery Network
(CDN), there are no cross-platform problems with Google Fonts. Google Fonts
supports all major browsers (Google Chrome, Mozilla Firefox, Apple Safari,
Opera) and works reliably on most modern mobile operating systems, including
Android 2.2+ and iOS 4.2+ (iPhone, iPad, iPod). So we use Google Fonts to
make my entire online service as beautiful and consistent as possible.
When you visit my website, the fonts are reloaded via a Google server. This
external call transfers data to the Google servers. In this way Google also
recognises that you or your IP address are visiting my website. The Google
Fonts API was developed to reduce the use, storage and collection of end
user data to what is necessary for the proper provision of fonts. By the
way, API stands for "Application Programming Interface" and serves, among
other things, as a data transmitter in the software sector.
Google Fonts stores CSS and font requests securely at Google and is
therefore protected. Through the collected usage figures, Google can
determine how well the individual fonts are received. Google publishes the
results on internal analysis pages, such as Google Analytics. Google also
uses data from its own web crawler to determine which websites use Google
fonts. This data is published in Google Fonts' BigQuery database.
Entrepreneurs and developers use Google's BigQuery web service to examine
and move large amounts of data.
However, it should also be noted that each Google Font request automatically
sends information such as language settings, IP address, browser version,
browser screen resolution and browser name to the Google servers. Whether
this data is also stored cannot be clearly determined or is not clearly
communicated by Google.
Google stores requests for CSS assets for one day on its servers, which are
mainly located outside the EU. This allows us to use the fonts with the help
of a Google style sheet. A stylesheet is a style template that allows you to
easily and quickly change, for example, the design or font of a web page.
The font files are stored at Google for one year. Google's goal is to
improve the loading time of web pages. If millions of web pages link to the
same fonts, they are cached after the first visit and reappear immediately
on all other web pages visited later. Sometimes Google updates font files to
reduce file size, increase language coverage and improve design.
The data that Google stores for a day or a year cannot be easily deleted.
The data is automatically sent to Google when you view the page. To delete
this data prematurely, you must contact
Google support. In this case, you only prevent data storage if you do not visit my site.
Unlike other web fonts, Google allows us unlimited access to all fonts. This
means that I have unlimited access to a sea of fonts and can thus get the
best out of my website. You can find out more about Google Fonts and
other questions. Although Google addresses privacy issues there, it does not provide
really detailed information about data storage. It's relatively difficult to
get really detailed information about data storage from Google.
You can also read about what data
Google collects
and how it is used.
On my website I use Google fonts from Google Inc. The company Google Ireland
Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for
the European area. We have integrated the Google fonts locally, i.e. on my
web server - not on the servers of Google. This means that there is no
connection to Google servers and therefore no data transfer or storage.
In former times Google Fonts were also called Google Web Fonts. This is an
interactive directory with over 800 fonts, which Google provides free of
charge. With Google Fonts you could use fonts without uploading them to your
own server. But to prevent any information transfer to Google servers, I
have downloaded the fonts to my server. In this way, I act in accordance
with data protection laws and do not send any data to Google Fonts.
Unlike other web fonts, Google gives me unlimited access to all fonts. This
means I have unlimited access to a sea of fonts and can thus get the best
out of my website.
I integrate elements of social media services on my website to display
images, videos and text. When you visit pages that display these elements,
data is transferred from your browser to the respective social media service
and stored there. I have no access to this data. The following links will
take you to the pages of the respective social media services where it is
explained how they handle your data:
Instagram Privacy Policy
For YouTube the Google Privacy Policy applies
Facebook data policy
Twitter Privacy Policy
