Privacy Policy

1. Introduction
This Privacy Policy explains how Lunex Webdesign (“we”, “us”, “our”) collects, uses and protects your personal data when you visit our website or contact us.

We are committed to handling your data in accordance with applicable data protection laws, in particular the General Data Protection Regulation (GDPR) where it applies. By using this website, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Data Controller
The data controller responsible for this website is:

Lunex Webdesign
Hamburg, Germany
E-Mail: contact@lunex-webdesign.com

If you have any questions about this Privacy Policy or our data practices, you can contact us using the details above.

3. What data we collect
We may collect and process the following categories of personal data:

  • Contact data: name, e-mail address, phone number, company name, and any other information you choose to provide when you contact us.

  • Website usage data: information about how you use our website (e.g. pages viewed, time spent on pages, clicks, referring URLs).

  • Technical data: IP address, browser type and version, device information, operating system, language settings, time and date of access and other technical information transmitted by your browser.

  • Communication data: information contained in or relating to any communication you send to us (e-mails, contact form messages, project requests, etc.).

We do not intentionally collect data from children under the age of 16. If you believe that a child has provided us with personal data, please contact us so that we can delete it.

4. How we collect your data
We collect personal data in the following ways:

  • When you fill out our contact form or send us an e-mail.

  • When you request a quote, offer or project.

  • When you browse our website, and certain technical/usage data is automatically collected by cookies or similar technologies.

5. Purposes and legal bases for processing
We process your personal data for the following purposes and on the following legal bases (where GDPR applies):

  • To respond to inquiries and communicate with you

    • e.g. when you contact us via form or e-mail, request a quote or ask questions about our services.

    • Legal basis: Art. 6(1)(b) GDPR (contract or steps prior to entering a contract) and Art. 6(1)(f) GDPR (legitimate interest in responding to requests).

  • To provide and improve our website and services

    • e.g. to ensure the website works correctly, is secure and optimised for users.

    • Legal basis: Art. 6(1)(f) GDPR (legitimate interest in operating a secure and user-friendly website).

  • To comply with legal obligations

    • e.g. storage obligations under commercial or tax law.

    • Legal basis: Art. 6(1)(c) GDPR.

  • For analytics and statistics (if used)

    • e.g. understanding how visitors use our site so we can improve design and content.

    • Legal basis: Art. 6(1)(a) GDPR (consent via cookie banner) or Art. 6(1)(f) GDPR (legitimate interest), depending on the tool and implementation.

6. Cookies and similar technologies
Our website may use cookies or similar technologies (such as local storage or analytics scripts) to:

  • enable basic website functionality,

  • save certain settings,

  • analyse traffic and usage patterns.

Where required by law, we will ask for your consent before placing non-essential cookies (e.g. analytics or marketing cookies). You can manage or withdraw your consent at any time via your browser settings or (if implemented) our cookie banner / cookie settings tool.

You can configure your browser to reject cookies, accept only certain cookies, or delete cookies that have already been stored. Please note that disabling cookies may limit the functionality of our website.

7. Contact form and e-mail communication
When you contact us via contact form or e-mail, we process the data you provide (such as name, e-mail address, company name, message content) in order to handle your request.

We store these communications as long as necessary to process your request and, if applicable, for the duration of any business relationship, plus additional retention periods where required by law.

8. Hosting and service providers
Our website is hosted by external service providers. These providers may process personal data on our behalf to deliver the website and related services (e.g. hosting, security, maintenance, analytics, e-mail delivery).

We only work with service providers that provide appropriate technical and organisational measures to protect your personal data. Where required by law, data processing agreements (DPAs) are in place.

9. Data sharing and recipients
We only share your personal data with third parties if:

  • it is necessary for the performance of our services (e.g. sub-contractors or freelancers working on your project),

  • we are legally obliged to do so,

  • you have given your explicit consent, or

  • we have a legitimate interest that is not overridden by your interests or fundamental rights.

Possible recipients include:

  • IT and hosting service providers,

  • e-mail and communication providers,

  • analytics providers (if in use),

  • professional advisors (e.g. tax consultants, legal advisors) where necessary.

10. International data transfers
If personal data is transferred to service providers or partners outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as:

  • an adequacy decision by the European Commission, or

  • standard contractual clauses (SCCs) approved by the European Commission, or

  • other suitable legal mechanisms.

You may contact us for more information about the safeguards in place for specific transfers.

11. Data retention
We store personal data only for as long as necessary for the purposes described in this Privacy Policy or as required by applicable law. Retention periods may depend on:

  • the duration of our business relationship with you,

  • legal retention obligations (e.g. commercial and tax laws),

  • our legitimate interest in maintaining evidence in case of legal disputes.

When data is no longer required, it will be deleted or anonymised in accordance with our internal policies.

12. Your rights under data protection law
Where the GDPR applies, you have the following rights (subject to legal requirements):

  • Right of access – to obtain confirmation whether we process your personal data and receive a copy of that data.

  • Right to rectification – to request correction of inaccurate or incomplete data.

  • Right to erasure – to request deletion of your data, where legal grounds for this exist.

  • Right to restriction of processing – to request limited processing of your data in certain cases.

  • Right to data portability – to receive the data you provided in a structured, commonly used and machine-readable format, and to transmit it to another controller where technically feasible.

  • Right to object – to object to processing based on legitimate interests or direct marketing at any time.

  • Right to withdraw consent – where processing is based on your consent, you may withdraw it at any time with effect for the future.

To exercise your rights, please contact us at: contact@lunex-webdesign.com.

You also have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work or place of the alleged infringement.

13. Security of your data
We take appropriate technical and organisational measures to protect your personal data from loss, misuse, unauthorised access, disclosure, alteration or destruction.

However, no method of transmission over the internet or method of electronic storage is completely secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee absolute security.

14. Links to other websites
Our website may contain links to external websites that are not operated by us. We have no control over the content and privacy practices of these third-party sites and cannot accept responsibility or liability for their policies. We recommend that you review the privacy policies of any external websites you visit.

15. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our data practices, legal requirements or the functionality of our website.

The latest version of this Privacy Policy is always available on this page and is indicated by the “Last updated” date below.

Last updated: 2025