GOSSERT

Privacy Policy

1. General Information and Mandatory Notices

The protection of your personal data is very important to me. This privacy policy informs you about the data I collect on my website gossertwatches.com, how I process it, and your rights under the General Data Protection Regulation (GDPR).
This website is hosted by WordPress.com, a service provided by Automattic, Inc.

2. Data Controller

The controller responsible for data processing on this website is:

Mariano Gossert
Rehfeld 14, 15324 Letschin
Brandenburg
Germany

E-Mail: gossertwatches@protonmail.com

Since I work independently and do not employ any staff, the appointment of a Data Protection Officer is not required under Article 37 GDPR.

3. Collection and Processing of Personal Data

I collect and process personal data only when you voluntarily provide it to me, for example, when you contact me by email or via social media.

a) Data collected:

  • Email address (when contacting me)
  • Name (if provided)
  • Content of your inquiry

b) Purpose of processing:

Your data is used exclusively for handling your inquiry, such as answering questions or fulfilling requests.

c) Legal bases:

  • Article 6(1)(b) GDPR (performance of a contract or pre-contractual measures)
  • Article 6(1)(a) GDPR (your voluntary consent)

d) Storage duration:

Your data will be deleted once the purpose for storage no longer applies, usually within six months after the conclusion of communication.

Statutory retention obligations (e.g., six or ten years under tax law) may require a longer storage period.

4. Use of Cookies

My website uses only technically necessary cookies required for the operation of the WordPress.com site (e.g., session cookies, language setting cookies).
These cookies do not require consent under Article 6(1)(f) GDPR (legitimate interest).
WordPress.com (Automattic, Inc.) may also set additional cookies for analytics, security, or advertising purposes, over which I have no direct control.
Details about these cookies can be found in Automattic’s Cookie Policy: https://automattic.com/cookies/.

Note: You can disable or delete cookies through your browser settings. However, this may impact the functionality of the website.

5. Server Log Files

When you access my website, WordPress.com automatically collects data in server log files that are necessary for the technical provision, system security, and misuse prevention. These include:

  • IP address (anonymized where technically possible)
  • Date and time of access
  • Browser type and version
  • Operating system
  • Referrer URL

Legal basis: Article 6(1)(f) GDPR (legitimate interest in the secure operation of the website).

Storage duration: Log files are generally deleted within 30 days.

More information is available in Automattic’s Privacy Policy: https://automattic.com/privacy/.

6. Contacting Me

If you contact me via email or through my profiles on Instagram, TikTok, or YouTube, the data you provide will be stored solely for the purpose of processing your inquiry.
Please note that these platforms have their own privacy policies that apply when you use them.
Your data will only be shared with third parties if necessary to respond to your inquiry.

7. Sharing of Data

Your data will only be shared with third parties:

  • for the fulfillment of contractual obligations (Article 6(1)(b) GDPR),
  • based on your explicit consent (Article 6(1)(a) GDPR), or
  • if legally required (Article 6(1)(c) GDPR).

There is no sharing of your data for other purposes.

8. Data Processing by Third Parties

My website is hosted by WordPress.com (Automattic, Inc., 60 29th Street #343, San Francisco, CA 94110, USA).
Automattic acts as a data processor under Article 28 GDPR.
For details, please refer to Automattic’s Privacy Policy: https://automattic.com/privacy/.

9. International Data Transfers

As part of hosting by WordPress.com, data may be transferred to the United States or other third countries.
Since the U.S. does not offer an adequate level of data protection according to the GDPR, Automattic relies on appropriate safeguards such as Standard Contractual Clauses (SCCs) pursuant to Article 46 GDPR and additional security measures (e.g., encryption).

More information can be found at: https://automattic.com/privacy/.

10. Technical and Organizational Measures

I implement appropriate technical and organizational measures to protect your data, including:

  • SSL/TLS encryption (visible by “https://” and the lock symbol)
  • Secure passwords and access restrictions
  • Encrypted email communication (where supported by your email provider)

11. External Links and Social Media

My website contains links to external websites and to my profiles on Instagram, TikTok, and YouTube.
I am not responsible for the data protection practices of these platforms.
Please review their respective privacy policies:

  • Instagram Privacy Policy
  • TikTok Privacy Policy
  • YouTube/Google Privacy Policy

Please note that these platforms may collect data (e.g., through tracking technologies) when you visit their pages, even without direct interaction.

12. Your Rights

You have the following rights regarding your personal data:

  • Right of access (Article 15 GDPR)
  • Right to rectification (Article 16 GDPR)
  • Right to erasure (Article 17 GDPR)
  • Right to restriction of processing (Article 18 GDPR)
  • Right to data portability (Article 20 GDPR)
  • Right to withdraw consent (Article 7(3) GDPR)
  • Right to lodge a complaint with a supervisory authority (Article 77 GDPR)

Supervisory authority responsible:

Landesbeauftragte für Datenschutz und für das Recht auf Akteneinsicht Brandenburg
Stahnsdorfer Str. 76, 14532 Kleinmachnow, Germany

Website: https://www.lda.brandenburg.de

Please feel free to contact me using the details above to exercise your rights.

13. Changes to This Privacy Policy

I reserve the right to update this Privacy Policy if there are legal or technical changes.
Significant changes will be announced on this website.

Effective Date: April 2025