Privacy Policy
1. General Information
We take the protection of your personal data seriously. This Privacy Policy explains how we collect, use, and protect personal data when you visit our website or contact us.
Personal data means any information relating to an identified or identifiable natural person.
2. Controller
The controller responsible for data processing on this website is:
horvART
Siedlerweg 4
83088 Kiefersfelden
Germany
Email: info@horvart.de
Phone: +49 15569397981
3. Data We Collect
When you use our website, we may collect the following categories of personal data:
contact details, such as your name, email address, and phone number
communication data you provide when contacting us
technical data, such as IP address, browser type, device information, operating system, referrer URL, and access time
usage data, such as pages visited and interactions on the website
any other personal data you voluntarily provide
4. Purposes and Legal Bases of Processing
We process personal data only where permitted by applicable law. In particular, we process your data for the following purposes:
to provide and operate the website
to respond to inquiries and communicate with you
to ensure the security and stability of the website
to comply with legal obligations
to improve our website and services
where applicable, to send newsletters or marketing communications based on your consent
The legal bases for processing may include:
Article 6(1)(a) GDPR – consent
Article 6(1)(b) GDPR – performance of a contract or pre-contractual measures
Article 6(1)(c) GDPR – compliance with a legal obligation
Article 6(1)(f) GDPR – legitimate interests
These legal bases come directly from the GDPR framework.
5. Server Log Files
When you visit our website, the hosting provider may automatically collect information in so-called server log files. This may include:
IP address
browser type and version
operating system
referrer URL
hostname of the accessing device
time of the server request
This data is processed in order to ensure the technical functionality, security, and stability of the website. The legal basis is our legitimate interest pursuant to Article 6(1)(f) GDPR.
6. Contact Form / Email Contact
If you contact us by email or via a contact form, we will process the data you provide in order to handle your request and any follow-up communication.
The legal basis is:
Article 6(1)(b) GDPR, if your request is related to a contract or pre-contractual measures
Article 6(1)(f) GDPR, for our legitimate interest in handling general inquiries
7. Cookies and Similar Technologies
Our website may use cookies and similar technologies. Some cookies are technically necessary for the operation of the website. Others are used only with your consent, for example for analytics or marketing purposes.
Where consent is required, the legal basis is Article 6(1)(a) GDPR. For technically necessary cookies, the legal basis is Article 6(1)(f) GDPR, insofar as we have a legitimate interest in the secure and functional provision of our website.
You can manage your cookie preferences at any time through [your cookie banner / consent tool].
8. Analytics and Third-Party Services
If we use analytics tools, embedded content, maps, videos, or other third-party services, personal data may be transferred to the respective provider. This may include your IP address and usage data.
Such services are only used:
on the basis of your consent, where required, or
on the basis of our legitimate interests, where legally permissible
Please list each service you actually use here, for example:
Google Analytics
Google Maps
YouTube embeds
Meta Pixel
reCAPTCHA
Newsletter provider
International transfers require special GDPR safeguards when data is sent outside the EU/EEA. The BfDI notes that transfers to third countries must meet both the general GDPR requirements and the additional requirements of Chapter V GDPR.
9. Recipients of Data
We only share personal data with third parties where this is legally permitted. Recipients may include:
hosting providers
IT service providers
communication service providers
analytics or marketing providers
public authorities, where required by law
Where service providers process data on our behalf, this is done under applicable data processing agreements.
10. Storage Period
We retain personal data only for as long as necessary for the purposes for which it was collected, or as long as we are legally required to retain it.
Once the purpose no longer applies and no legal retention obligations exist, the data will be deleted.
11. Your Rights
Under the GDPR, you have the following rights, subject to the applicable legal requirements:
the right of access
the right to rectification
the right to erasure
the right to restriction of processing
the right to data portability
the right to object to processing
the right to withdraw consent at any time with effect for the future
the right to lodge a complaint with a supervisory authority
These rights are part of the GDPR’s core protections for data subjects.
12. Right to Object
Where we process your personal data on the basis of legitimate interests pursuant to Article 6(1)(f) GDPR, you have the right to object to such processing on grounds relating to your particular situation.
If your personal data is processed for direct marketing purposes, you have the right to object at any time to such processing.
13. Data Security
We implement appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
14. Changes to This Privacy Policy
We reserve the right to update this Privacy Policy from time to time in order to reflect legal, technical, or business developments. The current version published on this website shall apply.
Last updated: March, 2026