We are committed to the protection of your personal data and adhere strictly to the rules of data protection laws. The following statement provides an overview of how we ensure this protection, what type of data is collected, and for what purpose.


The person responsible for the collection, processing, and use of your personal data within the meaning of the General Data Protection Regulation (GDPR) is:


Thilo Westermann
PO Box 311552
Berlin, 10645, Germany
www.thilowestermann.com

1. Collection and Storage of Personal Data
a. Website Visit
When you visit our website, the browser you use automatically sends information to our server. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automated deletion:

  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the retrieved file,
  • Website from which access is made (referrer URL),
  • Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider.

The aforementioned data is processed for the following purposes:

  • Ensuring a smooth connection setup of the website,
  • Ensuring comfortable use of our website,
  • Evaluating system security and stability, and
  • Other administrative purposes.

The legal basis for data processing is Art. 6(1)(f) GDPR. Our legitimate interest follows from the purposes listed above for data collection. Under no circumstances do we use the collected data for the purpose of drawing conclusions about you.


b. Contact Form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.


Data processing for the purpose of contacting us is based on your voluntarily given consent per Art. 6(1)(a) GDPR.


c. Newsletter
If you subscribe to our newsletter, the contact data you provided via the subscription form will be stored by us for the purpose of informing you about our activities, such as exhibitions, fairs, and publications.

We collect and store the IP address of the device used for subscription, along with the date and time of subscription, to help detect and prevent misuse of your email address. Our newsletters are sent via MailChimp, operated by The Rocket Science Group, LLC, based in Atlanta, GA, and may include tracking pixels that help us analyze the success of our newsletter campaigns. MailChimp is certified under the EU-US Privacy Shield and complies with GDPR requirements. Your data will not be shared with third parties or sold. You can unsubscribe at any time, which will also revoke your consent to store personal data for newsletter purposes.

2. Data Sharing
Your personal data will not be transferred to third parties for purposes other than those listed below.
We only share your personal data with third parties if:

  • You have given your explicit consent per Art. 6(1)(a) GDPR,
  • The disclosure is required per Art. 6(1)(f) GDPR for asserting, exercising, or defending legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
  • There is a legal obligation for disclosure per Art. 6(1)(c) GDPR, and
  • It is legally permissible and required per Art. 6(1)(b) GDPR for the processing of contractual relationships with you.

In some cases, your personal information is transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country. Our third-party service providers and partners operate around the world. We have selected our service providers carefully. Where we transfer your personal data outside the EEA, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Policy.

For more information on the appropriate safeguards that we have implemented, you can contact us using the details provided above.

3. Cookies
Our website uses cookies. Cookies are small files that your browser automatically creates and stores on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not harm your device and do not contain viruses, Trojans, or other malicious software.

a. Types of Cookies
We use the following types of cookies:

  • Essential Cookies: Necessary for the operation of the website.
  • Performance Cookies: Collect information about how visitors use our website.
  • Functional Cookies: Enable improved functionality and personalization.
  • Targeting Cookies: Record your visit to our website, the pages you have visited, and the links you have followed.

b. Managing Cookies
You can configure your browser settings to refuse some or all cookies or to alert you when websites set or access cookies. Please note that disabling cookies may limit the functionality of our website.

4. Analytics Tools

We use tracking tools to ensure the continuous optimization of our website. These tools analyze user behavior and help us improve the design of our online offering. These tools operate on the basis of Art. 6(1)(f) GDPR.

5. Rights of the Data Subject
You have the following rights:

  • Right to Access (Art. 15 GDPR): You can request information about your personal data processed by us.
  • Right to Rectification (Art. 16 GDPR): You can request the correction of incorrect or incomplete data.
  • Right to Erasure (Art. 17 GDPR): You can request the deletion of your personal data.
  • Right to Restriction of Processing (Art. 18 GDPR): You can request the restriction of processing your personal data.
  • Right to Data Portability (Art. 20 GDPR): You can receive your personal data in a structured, commonly used, and machine-readable format or request transfer to another controller.
  • Right to Object (Art. 21 GDPR): You can object to the processing of your data based on legitimate interests.
  • Right to Withdraw Consent (Art. 7(3) GDPR): You can withdraw your consent at any time.
  • Right to Lodge a Complaint (Art. 77 GDPR): You can lodge a complaint with a supervisory authority.

6. Data Retention and Deletion
We retain personal data only as long as necessary to fulfill the purpose for which it was collected or as required by law. Once these conditions no longer apply, the data is routinely deleted.

7. Automated Decision-Making and Profiling
We do not engage in automated decision-making or profiling activities.

8. Updates to this Privacy Policy
This Privacy Policy is effective as of December 19, 2024. We reserve the right to update or modify this Privacy Policy at any time to reflect changes to our website, business practices, or legal and regulatory requirements. Updates will be posted here, and the “Last Updated” date will be revised accordingly.

Reverse Glass Paintings
Photomontages
Colored Pencil Drawings
Exhibitions & News
Texts
Publications
Newsletter
FacebookInstagram
Copyright © {year} Thilo Westermann. All rights reserved. Privacy PolicyImprint
Privacy Policy
Imprint