Introduction
With the following data protection declaration, we would like to inform you about which types of your personal data (hereinafter also referred to as “data”) we process, for what purposes and to what extent. The data protection declaration applies to all processing of personal data carried out by us, both in the context of the provision of our services and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as “online offering”).
The terms used are not gender-specific.
As of: March 2, 2025
Responsible person
Lukas Beier
Seelingstraße 5
14059 Berlin
Authorized representatives:
Lukas Beier
E-mail address:
lukas@storyteller.business
Telephone:
015739030020
Imprint:
lukasbeier.de/imprint
Overview of processing
The following overview summarizes the types of data processed and the purposes of their processing and refers to the persons affected.
Types of data processed
Inventory data.
Contact data.
Content data.
Contract data.
Usage data.
Meta/communication data.
Categories of persons affected
Communication partners.
Users.
Purposes of processing
Provision of contractual services and customer service.
Contact inquiries and communication.
Security measures.
Direct marketing.
Administration and response to inquiries.
Feedback.
Provision of our online offer and user-friendliness.
Relevant legal bases
Below you will find an overview of the legal bases of the GDPR on the basis of which we process personal data. Please note that in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or domicile. If more specific legal bases are also relevant in individual cases, we will inform you of these in the data protection declaration.
Consent (Art. 6 Para. 1 S. 1 lit. a. GDPR) – The data subject has given their consent to the processing of personal data concerning them for a specific purpose or several specific purposes.
Contract fulfillment and pre-contractual inquiries (Art. 6 Para. 1 S. 1 lit. b. GDPR) – The processing is necessary for the fulfillment of a contract to which the data subject is a party or for the implementation of pre-contractual measures that are carried out at the request of the data subject.
Legal obligation (Art. 6 Para. 1 Clause 1 lit. c. GDPR) – Processing is necessary to fulfill a legal obligation to which the controller is subject.
Legitimate interests (Art. 6 Para. 1 Clause 1 lit. f. GDPR) – Processing is necessary to protect the legitimate interests of the controller or a third party, unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data prevail.
In addition to the data protection provisions of the General Data Protection Regulation, national data protection regulations apply in Germany. This includes in particular the law on protection against misuse of personal data in data processing (Federal Data Protection Act – BDSG). The BDSG contains in particular special provisions on the right to information, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes and transmission as well as automated decision-making in individual cases, including profiling. Furthermore, it regulates data processing for the purposes of the employment relationship (Section 26 BDSG), in particular with regard to the establishment, implementation or termination of employment relationships and the consent of employees. In addition, state data protection laws of the individual federal states may apply.
Security measures
In accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, we take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk.
The measures include in particular securing the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as the access, input, transfer, securing the availability and separation of the data. Furthermore, we have set up procedures that ensure the exercise of the rights of those affected, the deletion of data and reactions to the threat to the data. Furthermore, we take the protection of personal data into account already at