Privacy Policy

Version 1 · Valid since 09.03.2026

This information provides a transparent view of the currently valid version and previous changes.

Version 1

Valid since 09.03.2026

Changes compared to the previous version Initial privacy policy baseline created.

Privacy Policy

1. Controller

DUMMY UNTERNEHMEN
DUMMYSTRAßE
99999 DUMMYSTADT
Deutschland
Email: DUMMY@Valcoran.de

2. Data Protection Contact

DATENSCHUTZ DUMMY
DATENSCHUTZDUMMY@valcoran.com
DUMMY DATENSCHUTZ

3. Hosting and Website Provision

The public Valcoran websites are provided via all-inkl.com. In this context, technically necessary connection and server log data may be processed.

4. Language Preference

The website may store the language selected by the user in order to restore the preferred language version during later visits.

5. Reviews and Moderation

When users submit reviews, the submitted content and related technical data may be processed for moderation, publication, traceability and abuse prevention.

6. Abuse Prevention / Blocklists

To prevent abuse, email addresses and IP addresses may be internally blocked in the event of policy violations or repeated abuse.

7. Locally Delivered Media

Public media assets are generally delivered locally. According to the current project baseline, external video or social embed services are not intended to be used.

8. Legal Bases

Where personal data is processed, this is done depending on the individual case on the basis of Art. 6(1)(f) GDPR, on the basis of consent or on another applicable legal basis.

9. Retention Period

The specific retention period depends on the respective processing context, technical requirements, accountability interests and internal retention rules.

10. Data Subject Rights

Subject to the applicable legal requirements, data subjects in particular have the right of access, rectification, erasure, restriction of processing, objection to processing and data portability.

11. Right to Lodge a Complaint

Data subjects have the right to lodge a complaint with a data protection supervisory authority.

Changes compared to the previous version

The first versioned privacy policy was structurally created based on the known project facts.

Initial versioned privacy policy created based on known project facts.

Processing Overview

Hosting and Server Log Files
When the public websites are accessed, technically necessary server log data is processed in order to ensure the operation, stability and security of the website.
Legal basis: Art. 6(1)(f) GDPR
Data categories: IP address, date and time of access, requested resource, status code, referrer, browser and system information
Recipients: Hosting provider and technical service providers
Retention period: The retention period depends on the actual server configuration and the necessity principle. It should be specified in the hosting section of the privacy policy.
Language Preference
The website stores the language selected by the user in a cookie so that the language version remains consistent on subsequent visits.
Legal basis: Art. 6(1)(f) GDPR
Data categories: Language preference
Recipients: No disclosure beyond the technically necessary provision
Retention period: Until the configured cookie period expires or until deleted by the user
Reviews and Submissions
When submitting reviews, the content entered by the user and related technical data may be processed. This includes moderation, publication and abuse prevention in particular.
Legal basis: Art. 6(1)(f) GDPR
Data categories: Username, email address, review content, rating, IP address, timestamp
Recipients: Internal moderation / responsible administrators
Retention period: The retention period depends on the purposes of moderation, publication, traceability and abuse prevention. Concrete retention periods should be defined internally.
Blocklists for Abuse Prevention
To prevent abuse, email addresses and IP addresses may be internally blocked in case of policy violations or repeated abuse incidents.
Legal basis: Art. 6(1)(f) GDPR
Data categories: Email address, IP address, block reason, timestamp, processing notes
Recipients: Internal moderation / responsible administrators
Retention period: The retention period depends on the abuse risk, traceability and internal policy. Concrete retention periods should be defined internally.
Local Delivery of Media
Images, videos and other public media assets are generally delivered locally from the own webspace and are not embedded through external video or social platforms.
Legal basis: Art. 6(1)(f) GDPR
Data categories: Access data such as IP address, timestamp and requested media file
Recipients: Hosting provider and technical service providers
Retention period: The retention period depends on the hosting and log setup.

Data Subject Rights

Data Subject Rights
Subject to the applicable legal requirements, data subjects in particular have the right of access, rectification, erasure, restriction of processing, objection to processing and data portability.
Right to Lodge a Complaint
Data subjects have the right to lodge a complaint with a data protection supervisory authority.
Withdrawal of Consent
Where processing is based on consent, such consent can be withdrawn with effect for the future.

Version History

Version 1 Valid since 09.03.2026

Initial privacy policy baseline created.