Das Logo der Glücksmacherei. Eine Lebensblume in feinen Strukturen mit Sonne und Mond.

GLÜCKSMACHEREI 

Murnau / Munich

Privacy Policy

1. General Information and Controller

This Privacy Policy informs you about the type, scope, and purpose of the processing of personal data (hereinafter referred to as „data“) on our website. The processing is carried out in accordance with the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG).

The parties responsible for data processing are:
Alma Lang and Dirk Mauz
Johannis Street 7
82418 Murnau 

For questions regarding data protection, please feel free to contact us using the provided contact details.

2. Collection and storage of personal data as well as the type and purpose of its use

a) When visiting the website When you visit our website, the browser on your device automatically sends information to our website server. This information is temporarily stored in a log file. The following details are collected without any action on your part and stored until automatic deletion:

  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the retrieved file,
  • Website from which access occurs (referrer URL),
  • browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

The data mentioned will be processed by us for the following purposes:

  • Ensuring a smooth connection setup to the website,
  • Ensuring comfortable use of our website,
  • Evaluation of system security and stability as well as
  • for further administrative purposes.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the above-mentioned purposes for data collection. In no case do we use the collected data for the purpose of drawing conclusions about your person.

No further analysis or tracking of user data takes place. 

b) When using our contact options For contacting us (e.g. by email, Telegram, WhatsApp or Signal), personal data is collected. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for the processing of the data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aimed at concluding a contract (e.g. booking a massage), the additional legal basis is Art. 6 para. 1 lit. b GDPR.

Your data will be deleted after final processing of your inquiry, unless legal retention obligations apply. We do not maintain a customer database and do not store your data permanently. Communication via messenger services (Telegram, WhatsApp, Signal) is subject to the data protection policies of the respective providers. We recommend not transmitting sensitive data through these channels.

3. Cookies

We do not use cookies on our website. Neither session cookies nor persistent cookies are set to store user data or track user behavior.

4. Integration of External Services

Google Maps On our contact page, a widget from Google Maps (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) is embedded to display location information (e.g., addresses in Murnau, Munich, or Dornach). When using Google Maps, data about your use of the map functions is transmitted to Google servers in the USA. This includes your IP address, the page accessed, and possibly location data.

Google Maps is only loaded after your explicit consent (via consent banner). Until then, you will only see a placeholder. The processing is carried out on the basis of Article 6(1)(f) GDPR (legitimate interest in the user-friendly presentation of locations). Google is certified under the EU-US Data Privacy Framework, which ensures an adequate level of data protection. Further information on data protection at Google can be found at: https://policies.google.com/privacy.

No further external services (e.g., social media plugins, analysis tools) are embedded.

5. Disclosure of Data

A transfer of your personal data to third parties for purposes other than those listed below does not take place. We only pass on your personal data to third parties if:

  • You have given your express consent to this (Art. 6 Para. 1 S. 1 lit. a GDPR),
  • the disclosure pursuant to Art. 6 Para. 1 S. 1 lit. f GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data,
  • there is a legal obligation for the disclosure pursuant to Art. 6 Para. 1 S. 1 lit. c GDPR, as well as
  • this is legally permissible and necessary pursuant to Art. 6 Para. 1 S. 1 lit. b GDPR for the processing of contractual relationships with you.

6. Rights of the data subject

You have the right:

  • in accordance with Art. 15 GDPR to request information about your personal data processed by us;
  • in accordance with Art. 16 GDPR to request the immediate rectification of inaccurate data or completion of your personal data stored by us;
  • in accordance with Art. 17 GDPR to request the erasure of your personal data stored by us;
  • in accordance with Art. 18 GDPR to request the restriction of processing of your personal data;
  • pursuant to Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request its transmission to another controller;
  • pursuant to Art. 7 para. 3 GDPR, to withdraw your consent once given to us at any time;
  • pursuant to Art. 77 GDPR, to lodge a complaint with a supervisory authority. As a rule, you may contact the supervisory authority of your habitual residence, place of work, or our registered office for this purpose (Bavarian State Office for Data Protection Supervision).

7. Right to object

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right, pursuant to Art. 21 GDPR, to object to the processing of your personal data, provided that there are reasons arising from your particular situation. The objection may be made informally and should be addressed to the contact address mentioned above whenever possible.

8. Data Security

We use the common SSL procedure (Secure Socket Layer) during your visit to the website, in conjunction with the highest encryption level supported by your browser. You can recognize whether an individual page of our website is transmitted in encrypted form by the closed key or lock symbol in the lower status bar of your browser. In addition, we employ appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties.

9. Currency and Amendment of this Privacy Policy

This privacy policy is currently valid and is as of January 2026. Due to the ongoing development of our website and the services offered through it, or due to changes in legal or regulatory requirements, it may become necessary to amend this privacy policy. The current version of the privacy policy can be accessed and printed by you at any time on this website.