Privacy Policy

1. Data Protection at a Glance

**General Information**

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally. Detailed information on data protection can be found in our full privacy policy below.

**Data Collection on This Website**

**Who is responsible for data collection on this website?**

Data processing on this website is carried out by the website operator. You can find their contact details in the section "Notice Concerning the Responsible Party" below.

**How do we collect your data?**

Your data is collected in part when you provide it to us, such as by filling out a contact form.

Other data is collected automatically or with your consent when you visit the website. This includes technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter the site.

**What do we use your data for?**

Some data is collected to ensure the proper functioning of the website. Other data may be used to analyze user behavior. If contracts can be initiated or concluded via the website, the transmitted data may be processed for offers, orders, or other service requests.

**What rights do you have regarding your data?**

You have the right at any time to request information about the origin, recipient, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can withdraw this consent at any time with effect for the future. Under certain conditions, you have the right to request restriction of the processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority.

You can contact us at any time with questions about data protection.

2. Hosting

**Hosting Provider: IONOS**

The provider is IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany. When you visit our website, IONOS collects various log files, including IP addresses. For details, please refer to IONOS's privacy policy:

[https://www.ionos.de/terms-gtc/terms-privacy](https://www.ionos.de/terms-gtc/terms-privacy)

The use of IONOS is based on Art. 6(1)(f) GDPR. We have a legitimate interest in a reliable presentation of our website. If consent has been requested, processing will be based exclusively on Art. 6(1)(a) GDPR and § 25(1) TDDDG, provided the consent includes the storage of cookies or access to user device information (e.g., device fingerprinting). Consent can be revoked at any time.

**Data Processing Agreement**

We have entered into a Data Processing Agreement (DPA) with the above provider. This legally required contract ensures that IONOS processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

3. General Notes and Mandatory Information

**Data Protection**

We take the protection of your personal data seriously. We treat your personal data confidentially and in accordance with legal data protection regulations and this privacy policy.

When using this website, various personal data may be collected. This privacy policy explains what data we collect, how we collect it, and what we use it for.

Please note that data transmission over the internet (e.g., communication via email) may have security gaps. Complete protection of data from third-party access is not possible.

**Notice Concerning the Responsible Party**

The responsible party for data processing on this website is:

**HYPERDREAM AI Studio**

Owner: Stefanie Steckhan

Professor-Brix-Weg 7

22767 Hamburg

Germany

Phone: +49 176 20927507

Email: [contact@hyperdream.studio](mailto:contact@hyperdream.studio)

The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).

**Storage Period**

Unless a more specific storage period is stated in this privacy policy, your personal data will remain with us until the purpose for the data processing no longer applies. If you make a legitimate deletion request or revoke consent, your data will be deleted unless we have other legally permissible reasons for retaining it (e.g., tax or commercial retention periods); in the latter case, deletion occurs after these reasons cease to apply.

**Legal Bases for Data Processing**

If you have consented to data processing, we process your personal data based on Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR if special categories of data are processed. If you have expressly consented to data transfer to third countries, processing is also based on Art. 49(1)(a) GDPR. If you consented to the storage of cookies or access to information on your device, processing is also based on § 25(1) TDDDG. Consent is revocable at any time.

If your data is necessary for contract performance or pre-contractual measures, processing is based on Art. 6(1)(b) GDPR. If required to fulfill a legal obligation, we process your data on Art. 6(1)(c) GDPR. Processing may also occur based on our legitimate interest under Art. 6(1)(f) GDPR. You will find specific legal bases mentioned in the relevant sections below.

**Recipients of Personal Data**

We work with various external parties. Data is only shared with third parties if necessary for contract performance, if legally required, if we have a legitimate interest (Art. 6(1)(f) GDPR), or if another legal basis applies. When using processors, personal data is only shared based on a valid Data Processing Agreement. If processing is joint, a Joint Processing Agreement is concluded.

**Revocation of Your Consent to Data Processing**

Many data processing operations are only possible with your express consent. You may revoke your consent at any time. The legality of the data processing carried out before the revocation remains unaffected.

**Right to Object to Data Collection in Special Cases and to Direct Marketing (Art. 21 GDPR)**

If data processing is based on Art. 6(1)(e) or (f) GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation. This also applies to profiling based on these provisions. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms or the processing serves the assertion, exercise, or defense of legal claims (objection under Art. 21(1) GDPR).

If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, including profiling related to direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (objection under Art. 21(2) GDPR).

**Right to Lodge a Complaint with the Supervisory Authority**

If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your habitual residence, place of work, or the location of the alleged violation.

**Right to Data Portability**

You have the right to receive personal data we process based on your consent or in performance of a contract in a commonly used, machine-readable format. If you request the direct transfer of data to another controller, this will only take place if it is technically feasible.

**Right to Access, Rectification, and Erasure**

You have the right to access your stored personal data, its origin and recipients, and the purpose of data processing at any time free of charge. You also have the right to correct or delete this data. You can contact us at any time with questions about your rights.

**Right to Restrict Processing**

You have the right to request the restriction of processing of your personal data under certain conditions:

* If you contest the accuracy of your data stored with us, we usually need time to verify this. During the verification period, you have the right to request the restriction of processing.

* If the processing is unlawful, you may request the restriction of use instead of deletion.

* If we no longer need your personal data but you require it to exercise, defend, or assert legal claims, you have the right to request restriction.

* If you have objected pursuant to Art. 21(1) GDPR, a balancing of interests must be conducted. Until it is determined whose interests prevail, you have the right to request restriction of processing.

If processing has been restricted, this data – apart from its storage – may only be processed with your consent or to assert, exercise, or defend legal claims or to protect the rights of another natural or legal person or for important public interest reasons of the EU or a member state.

**SSL or TLS Encryption**

This site uses SSL or TLS encryption for security and to protect the transmission of confidential content, such as inquiries you send to us. You can recognize an encrypted connection by the change in the browser's address line from "http\://" to "https\://" and by the lock symbol in your browser line.

4. Data Collection on This Website

**Cookies**

Our website uses "cookies." Cookies are small text files that do not harm your device. They are either temporary (session cookies) or persistent. Session cookies are deleted automatically after your visit. Persistent cookies remain stored until you delete them or your browser does so automatically.

Cookies may be set by us (first-party) or by third-party providers. They serve various purposes: some are technically essential (e.g., shopping cart function, video display), others for analytics or advertising.

Essential cookies are stored based on Art. 6(1)(f) GDPR unless another legal basis applies. We have a legitimate interest in storing essential cookies for the technically error-free and optimized provision of services. If consent has been obtained, processing is based on Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be revoked at any time.

You can configure your browser to inform you about cookie use, allow cookies only in specific cases, reject them in general, or enable automatic deletion when the browser is closed. Disabling cookies may limit website functionality.

**Contact via Email, Phone or Fax**

If you contact us via email, phone or fax, your inquiry including all resulting personal data (e.g., name, inquiry) is stored and processed to handle your request. We do not share this data without your consent.

Data processing is based on Art. 6(1)(b) GDPR if your inquiry relates to contract performance or pre-contractual actions. Otherwise, processing is based on our legitimate interest in effectively handling inquiries (Art. 6(1)(f) GDPR) or your consent if requested (Art. 6(1)(a) GDPR).

We retain data sent via contact requests until you request deletion, revoke your consent, or the purpose for storage no longer applies. Mandatory legal provisions – especially retention periods – remain unaffected.

5. Social Media

**Instagram**

This website integrates functions of Instagram, provided by Meta Platforms Ireland Ltd., Merrion Road, Dublin 4, Ireland.

If the social media element is active, a direct connection to Instagram’s servers is established. Instagram is informed that you visited this website.

If logged into your Instagram account, clicking the Instagram button links content from this site to your profile, allowing Instagram to associate your visit with your account. We have no control over the data transmitted to Instagram.

Use of this service is based on your consent under Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent can be revoked at any time.

If personal data is collected via Instagram tools and shared with Meta Platforms, we and Meta are joint controllers (Art. 26 GDPR) limited to the collection and transfer of data. Further processing by Meta is not our responsibility. Agreement text: [https://www.facebook.com/legal/controller\_addendum](https://www.facebook.com/legal/controller_addendum)

Meta ensures compliance with EU standards via the EU-US Data Privacy Framework (DPF):

[https://www.dataprivacyframework.gov/participant/4452](https://www.dataprivacyframework.gov/participant/4452)

Privacy policy: [https://privacycenter.instagram.com/policy/](https://privacycenter.instagram.com/policy/)

6. Plugins and Tools

**Vimeo**

This site uses plugins from Vimeo (Vimeo Inc., 555 West 18th Street, New York, NY 10011, USA).

When you visit a page with a Vimeo video, a connection to Vimeo’s servers is established. Vimeo is informed which page you visited and receives your IP address, even if you’re not logged in.

If you're logged into your Vimeo account, your browsing behavior can be linked to your profile. You can prevent this by logging out of Vimeo.

Vimeo uses cookies or similar technologies (e.g., device fingerprinting) to recognize users.

Use of Vimeo is in the interest of an attractive website presentation and is based on Art. 6(1)(f) GDPR. If consent was given, processing is based on Art. 6(1)(a) GDPR and § 25(1) TDDDG. Consent is revocable.

Data transfer to the USA is based on standard contractual clauses and Vimeo’s stated legitimate business interests. Details: [https://vimeo.com/privacy](https://vimeo.com/privacy)

Vimeo participates in the EU-US Data Privacy Framework (DPF): [https://www.dataprivacyframework.gov/participant/5711](https://www.dataprivacyframework.gov/participant/5711)

Source: [https://www.e-recht24.de](https://www.e-recht24.de)