Our Privacy Policy

1. Information of Data Processing

Thank you for visiting our website. Safeguarding your privacy and protecting your personal data is of utmost importance to us.

As defined in Article 4 No. 1 of the General Data Protection Regulation (GDPR), personal data encompasses any information that can be attributed to an identified or identifiable natural person. This includes, but is not limited to, details such as your name, address, telephone number, email address, and IP address.

Data that cannot be linked to your identity, suDch as through anonymization, is not considered personal data. Processing activities, as outlined in Article 4 No. 2 of the GDPR, always necessitate a legal basis or your consent. Personal data is to be erased once its purpose has been fulfilled, and no further legal retention obligations exist.

This document elucidates how we handle your personal data during your visit to our website. To facilitate the functionalities and services of our website, it is imperative for us to collect certain personal data from you.

We provide details concerning the nature and scope of data processing, the purposes, the legal bases, and the corresponding retention periods.

Please note that this privacy policy solely pertains to this website. It does not extend to other websites that may be linked via hyperlinks. We cannot assume responsibility for the confidential treatment of your personal data on these third-party websites, as we have no control over whether these entities comply with data protection regulations. We recommend familiarizing yourself with their respective privacy policies directly on their websites.

Below, you will find the contact information for the data controller and the data protection officer.

2. Data Protection Officer

If you have any questions or concerns about our Privacy Policy or the handling of your personal information, please contact to the following person.

Name: Tauseef Nauman

Phone no: +49 (0) 30 809 230 38

Email: info (at) ornatesol.com

3. Utilization and Operation of the Website/Server Log Files

a) Nature and Extent of Data Processing

When you use this website without submitting data to us through other means (such as registration or using the contact form), we automatically collect technically necessary data via server log files. This data includes:

  • IPaddress
  • Date and time of the request
  • Name and URL of the accessed file
  • Website from which the access originated (referrer URL)
  • Access status/HTTP status code
  • Browser type

b) Purpose and Legal Basis

This data processing is essential for the technical operation of our website and to ensure its security and stability. Therefore, it is necessary for us to provide you with access to our website.

The legal basis for this processing is Article 6(1)(f) of the General Data Protection Regulation (GDPR). Processing the mentioned data is required for website provision and serves the legitimate interests of our company.

c) Storage Duration

Once the personal data is no longer necessary for website display purposes, it will be deleted. The collection of data for website provision and its storage in log files are obligatory for website operation. Therefore, users cannot object to this aspect. Additional storage may occur in specific cases if mandated by law.

4. Cookie Usage

a) Nature, Scope, and Purpose of Data Processing

We utilize cookies, small files sent to your device’s browser during website visits and stored there. Certain website functions rely on technically necessary cookies, while others enable various analyses. Cookies can identify your browser upon return visits, transmitting diverse information to us. They enhance website usability and effectiveness, aiding in user-friendly experiences and preference settings (e.g., language and country settings). Although third parties may process information via cookies, they do not harm your device, run programs, or contain viruses. Our website employs various cookie types, each serving distinct functions.

Temporary Cookies / Session Cookies

Our website utilizes temporary or session cookies, automatically deleted upon browser closure. These cookies record session IDs, allowing requests from your browser to be associated with a common session and recognizing your device during subsequent visits. Session cookies expire once the session ends.

Persistent Cookies

We also use persistent cookies, stored in your browser for extended periods and capable of transmitting information. Storage periods vary per cookie type. You can independently delete persistent cookies via your browser settings.

Third-Party Cookies

We employ analytical cookies to monitor anonymized user behaviour on our website. Additionally, advertising cookies are utilized to track user behaviour for advertising and targeted marketing purposes. Social media cookies enable you to connect to your social networks and share content from our website within your networks.

For a comprehensive list of the cookies we use, along with descriptions of their purposes and further information, please visit: [Cookie Settings] (https://tikitaka.digital/cookie-einstellungen-andern/).

Information regarding the website tools we utilize, particularly those utilizing cookies, can be found later in the “Our Website Tools” section.

Browser Settings Configuration

Upon your initial visit to our website, you can accept or reject individual or all cookies separately. You can also manage your preferences at any time in our cookie banner by selecting or deselecting the appropriate checkboxes and then clicking “OK”.

Please note that your settings made in the cookie banner are stored on your computer or mobile device. Therefore, you will need to adjust them again if you delete your browsing history, switch to another device, or use a different internet browser.

While most web browsers are set to accept cookies automatically, you can configure your browser to accept only certain cookies or none at all. However, please be aware that this may limit the functionality of our website.

You can delete cookies already stored in your browser via your browser settings and configure your browser to notify you before cookies are stored. As different browsers have varying functionalities, please refer to the help menu of your browser for specific configuration options.

Disabling the use of cookies may necessitate the storage of a permanent cookie on your computer. If you delete this cookie afterward, you will need to deactivate it again.

b) Legal Basis

The processing described is essential for displaying our website, ensuring its security and stability, and complying with legal obligations. Data collection is necessary for website provision, safeguarding our legitimate interests. Legal bases for processing are provided under Articles 6(1)(c) and 6(1)(f) of the GDPR.

If you have consented to cookie usage based on our website’s cookie banner, further data processing is governed by Article 6(1)(a) of the GDPR.

c) Storage Period

Once data transmitted via cookies is no longer needed for the outlined purposes, it is promptly deleted. Additional storage may occur as required by law.

d) Cookie Categories

Here are the following cookies categories:

i. Essential Cookies

Essential cookies ensure the proper functioning of our website, allowing users to access its features as intended. These indispensable cookies, such as those maintaining user login sessions across various sub-pages, are categorized as first-party cookies, exclusively utilized by us. Consent is not required for these cookies, though you have the option to disable them in your browser settings.

ii. Analytics Cookies

Analytics cookies gather data on website usage to enhance its appeal, content, and functionality. They collect information such as page views, duration of visits, page sequence, search terms leading to our site, geographical location of users, and the proportion of visits from mobile devices. Additionally, they help identify areas of particular interest to visitors. By anonymously collecting and reporting data, analytics cookies aid website owners in understanding user interactions.

iii. Personalization Cookies

Personalization cookies enable our website to retain information provided by users (e.g., registered names, language preferences, location) to offer enhanced and tailored features based on this data. Only anonymized information is processed through these cookies.

iv. Marketing Cookies

Marketing cookies track user activity on websites to deliver interest-based advertisements. They also regulate ad frequency and gauge advertising campaign effectiveness. These cookies record website visitation and may share acquired information with third parties, such as advertisers. Often linked to third-party site functionalities, these cookies aim to present users with relevant and engaging ads, benefiting publishers and advertisers alike.

5. Social Networks

On this website, we provide links to our social network profiles or incorporate social plugins such as “share” or “like” buttons. No data is transmitted to the respective social network operator upon accessing our website; data transmission occurs only when you actively follow the link to our profile or interact with the social plugin.

The following data categories are processed by the respective social network:

  • IP address
  • Date and time
  • Visited website

If you are logged into your user account on the social network when accessing our profile, the network operator may associate the collected information with your personal account.

Interactions via “Share” or “Like” buttons may also be linked to your user account and published.

To prevent data collected from being directly linked to your user account, log out of the social network before accessing our profile or using the social plugin. You can also adjust settings in your social network user account accordingly.

Upon accessing our social network profile, the network operator may set cookies on your device, regardless of whether you have an account or are logged in. Cookies are used primarily for personalized advertising, including displaying ads from network advertising partners based on users’ previous website visits. Additionally, cookies help compile usage statistics for our profile page (e.g., page views, user demographics). Any statistical analyses provided to us by the network operator are anonymized beforehand, preventing us from associating usage data with individual users.

Our processing of your data on our social network profile aims to provide information about our offerings and services and respond to inquiries. The legal basis for this processing is Article 6(1)(f) of the GDPR, as it aligns with our legitimate interests in public relations. If you utilize a social plugin integrated by us, your consent under Article 6(1)(a) of the GDPR serves as the legal basis.

We remove private messages sent to us via social networks after [insert time period, e.g., “3 months”] following our last communication with you. Public posts, such as those on our Timeline, generally remain published indefinitely unless explicitly requested for deletion.

We do not control the data collected and transmitted by social network operators, nor do we dictate third-party recipients or the duration of data storage by these operators. Please refer to the privacy policy of the respective social network for more information.

We reserve the right to delete any illegal content, such as copyright infringements or criminally relevant statements, published by users on our profile page on the social network.

According to the European Court of Justice, we share joint responsibility with social network operators for ensuring compliance with data protection regulations regarding our profile page or social plugin operation. While social network operators primarily handle data processing on their platforms, you can also assert your legal rights against us, and we will forward your requests to the social network operator.

For US-based providers (Facebook, Twitter, YouTube, Instagram, LinkedIn), data is transferred to the USA, and these providers adhere to the EU-US Privacy Shield framework, ensuring a data protection standard comparable to the European one.

We include links to the following social networks on our website:

6. Data Collection for Pre-contractual Measures and Contract Fulfilment

a) Nature and Extent of Data Processing

During pre-contractual negotiations and contract conclusion, we collect your personal data, including but not limited to first and last name, address, email address, telephone number, and bank details.

b) Purpose and Legal Basis for Data Processing

We solely collect and process this data to execute the contract or fulfill pre-contractual obligations. The legal basis for this processing is Article 6(1)(b) of the GDPR. If you have provided consent, the additional legal basis is Article 6(1)(a) of the GDPR.

c) Storage Duration

Data is deleted once it’s no longer necessary for processing purposes. Additionally, legal retention obligations may apply, such as those mandated by commercial or tax laws under the German Commercial Code (HGB) or the German Fiscal Code (AO). If such obligations exist, we will block or delete your data at the end of the retention period.

7. Data Transmission

We only disclose your personal information to third parties under the following circumstances:

a) Your explicit consent has been provided in accordance with Article 6(1)(a) of the GDPR.

b) Data sharing is legally permissible and necessary for fulfilling contractual obligations with you or implementing pre-contractual measures, as per Article 6(1)(b) of the GDPR.

c) There is a legal obligation for data transmission under Article 6(1)(c) of the GDPR. This includes obligations to state authorities such as tax authorities, social insurance carriers, health insurance companies, supervisory authorities, and law enforcement agencies.

d) Disclosure is necessary for the protection of legitimate business interests, as well as for asserting, exercising, or defending legal claims, as per Article 6(1)(f) of the GDPR, provided there are no overriding interests on your part that warrant data non-disclosure.

e) We engage external service providers, known as data processors, under Article 28 of the GDPR, who are bound to handle your data with care. These service providers operate in areas such as IT, logistics, telecommunications, distribution, and marketing.

When transferring data to external entities in third countries (outside the EU or EEA), we ensure that they treat your personal data with the same level of care as within the EU or EEA. We only transfer personal data to third countries where the EU Commission has confirmed an adequate level of protection or where we ensure careful handling of personal data through contractual agreements or other suitable guarantees.

8. Application Procedure

a) Nature and Extent of Data Processing

You have the option to apply through our website or via email. During the application process, we collect and retain the information provided in the input form or via email.

Please refer to our privacy policy for detailed information on our application process.

b) Purpose and Legal Basis

We process your data solely for the purpose of managing your application. Your data will not be shared with third parties. The legal basis for processing is Article 88(1) of the GDPR in conjunction with Section 26 of the BDSG, and additionally Article 6(1)(b) of the GDPR.

If you consent to inclusion in our applicant pool, the legal basis is Article 6(1)(a) of the GDPR.

c) Storage Duration

If we are unable to offer you a position, we will retain your data for a maximum of six months following the conclusion of the application process, as per Section 61b(1) of the ArbGG in conjunction with Section 15 of the AGG. The countdown begins upon receipt of the rejection letter.

If you consent to inclusion in our applicant pool, your data will be retained for a maximum of two years.

d) Data Transfer

Your data will only be disclosed to relevant decision-making departments (HR or specialized departments, management, works council).

Additionally, we are obligated to disclose your data to public authorities and institutions (e.g., public prosecutor’s office, police, regulatory bodies, tax office, social security institutions, etc.).

Other recipients of your data may include entities for which you have provided consent for data transfer.

9. Commenting Feature

a) Nature and Extent of Data Processing

Our website allows users to comment on blog posts. When you comment, we collect and retain the information you provide in the input form. Along with your comment, we store details such as the time of submission and your chosen username (pseudonym). Additionally, the IP address assigned by your Internet service provider (ISP) is recorded. We do not share this data with third parties.

b) Purpose and Legal Basis

The data you provide, including your IP address, is primarily used for security purposes and in cases where a user violates third-party rights or posts unlawful content in their comment.

We do not disclose this collected personal data to third parties, unless required by law or necessary for legal defense.

The legal basis for processing personal data through the comment function is Art. 6(1)(a) of the GDPR, provided you have given consent. You may withdraw this consent at any time without affecting the legality of processing carried out prior to withdrawal.

Furthermore, Art. 6(1)(f) of the GDPR serves as an additional legal basis. This is because we have a legitimate interest in processing data if third-party rights are infringed or illegal content is posted.

c) Storage Duration

Comments and associated data (including IP addresses) are stored on our website until the relevant content is completely removed or comments must be deleted for legal reasons.

10. Contact Form

a) Nature and Extent of Data Processing

Our website offers a contact form for reaching out to us. By using this form and submitting your inquiry, you are directed to this privacy policy to obtain your consent.

When you utilize the contact form, the following personal data is processed:

  • Salutation
  • Name
  • Email address
  • Phone number
  • Subject
  • Message content

b) Purpose and Legal Basis

Your email address is used solely to respond to your inquiry via email. Personal data provided through the contact form is not shared with third parties.

The legal basis for processing is your consent under Article 6(1)(a) of the GDPR, which is based on your voluntary and revocable declaration of consent.

c) Storage Duration

Data submitted through the contact form will be retained until you request its deletion, withdraw your consent for storage, or when the purpose for data storage is no longer applicable (e.g., after completion of your inquiry).

Mandatory legal requirements, such as retention periods outlined in the German Commercial Code (HGB) or the German Fiscal Code (AO), remain unaffected by this.

11. Contacting Us via Email

a) Nature and Extent of Data Processing

You can reach us via email through our website. Our data collection is limited to the email address from which you contact us, as well as any personal data you provide in the course of your email communication.

b) Purpose and Legal Basis

The purpose of processing this data is to respond appropriately to your inquiry. The legal basis for this is Article 6(1)(f) of the GDPR. There is a legitimate interest in processing the aforementioned personal data to effectively address your inquiry.

c) Storage Duration

The duration of data storage depends on the context of your communication. Your personal data will be routinely deleted when the purpose of communication ceases to exist, and storage is no longer necessary. This may occur, for instance, upon completion of addressing your inquiry.

12. Newsletter Subscription

a) Nature and Extent of Data Processing

You have the option to subscribe to our free newsletter on our website. To send you the newsletter regularly, we require your email address.

In order to dispatch the newsletter, your data will be forwarded to our newsletter service provider, Plan.Net Connect GmbH, located at Brienner Str. 45 a-d, Munich, 80333. No further disclosure to third parties occurs.

We utilize the double opt-in procedure for newsletter subscriptions. This means that we will only send you an email newsletter after you have explicitly confirmed your consent to receive it. Subsequently, we will send you a confirmation email asking you to confirm your desire to receive future newsletters by clicking on a provided link.

This process ensures that only you, as the owner of the specified email address, can subscribe to the newsletter. Your confirmation must be promptly made after receiving the confirmation email, otherwise your newsletter subscription will be automatically deleted from our database.

When you subscribe to the newsletter, we collect and store the data you provide in the input form (e.g., last name, first name, email address). Additionally, upon newsletter registration, we store your IP address provided by your Internet service provider (ISP), as well as the date and time of registration, to trace any potential misuse of your email address at a later stage. Furthermore, in the confirmation email sent for verification purposes (double opt-in email), we store the date and time of the click on the confirmation link, along with the IP address provided by the Internet service provider (ISP).

b) Purpose and Legal Basis

The data collected during newsletter registration is exclusively used to address you in an advertising manner via the newsletter.

The processing of your email address for newsletter dispatch is based on Article 6(1)(a) of the GDPR and § 7(2) No. 3 of the UWG (Unfair Competition Act), relying on the voluntarily submitted consent below, which can be revoked at any time for the future.

Furthermore, processing is based on Article 6(1)(f) of the GDPR, owing to our legitimate interest in documenting proof of the requisite consent.

c) Storage Period

Your email address will be retained for as long as you remain subscribed to the newsletter. Upon unsubscribing from the newsletter mailing, your email address will be deleted unless you have expressly consented to its further use.

13. Data Security and Backup Protocols

Our paramount commitment is to safeguard your privacy and maintain the confidentiality of your personal information. To achieve this, we implement extensive technical and organizational security measures, which are routinely assessed and adjusted to align with technological advancements.

These measures encompass various strategies, including the utilization of established encryption protocols such as SSL or TLS. However, data transmitted in unencrypted formats, such as through unsecured emails, may be susceptible to interception by third parties. While we endeavor to uphold robust security practices, we acknowledge that we have limited control over such circumstances.

It remains the responsibility of each user to safeguard the data they provide against potential misuse by employing encryption or other suitable methods. We encourage proactive measures to ensure the protection of sensitive information.

14. Revision of the Privacy Policy

We retain the prerogative to amend this statement as deemed necessary at any given time.

15. Your Rights

Here are your rights concerning your personal data, as outlined in Articles 7 and 15-22 of the GDPR. You can direct your inquiries to the responsible department (para. 2) or the data protection officer (sec. 3).

a) Right to Withdraw Consent (Art. 7 para. 3 DS-GVO)

You have the right to revoke your consent for the processing of your personal data at any time, affecting future processing. However, this does not impact the legality of processing prior to revocation.

b) Right of Access (Art. 15 DS-GVO)

You have the right to confirm whether your personal data is being processed and to obtain details about it, including the purposes of processing, categories of personal data, recipients, and storage duration criteria.

c) Right to Rectification and Completion (Art. 16 DS-GVO)

You can request the correction of incorrect data and completion of incomplete data, considering the processing purposes.

d) Right to Erasure (“Right to be Forgotten”) (Art. 17 DS-GVO)

You have the right to request the deletion of your data if it’s no longer necessary, you’ve revoked consent, or if the data was unlawfully processed.

e) Right to Restriction of Processing (Art. 18 DS-GVO)

You can request the restriction of processing, especially if you believe the data is inaccurate.

f) Right to Data Portability (Art. 20 DS-GVO)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format.

g) Right to Object (Art. 21 DS-GVO)

You can object to the processing of your personal data, especially for direct marketing purposes, including profiling.

h) Automated Decision Making (Art. 22 DS-GVO)

You have the right not to be subject to decisions based solely on automated processing, including profiling.

i) Complaint to Data Protection Authority (Art. 77 DS-GVO)

You have the right to lodge a complaint with a data protection supervisory authority if you believe that data processing doesn’t comply with regulations.

Competent Supervisory Authority of Berlin:

Mail Address:

Berlin Commissioner for Data Protection and Freedom of Information

Friedrichstr. 219, 10969 Berlin, Germany

Phone Number: +49 (0)30 13889-0

Fax: +49 (0)30 2155050

Email Address: mailbox@datenschutz-berlin.de

16: Our website tools

17: Legal bases of data processing

The processing of personal data of Ornate Solutions GmbH employees is based on Article 6, paragraph 1, letter b) of the General Data Protection Regulation (GDPR).

18: Recipient / passing on of data

Personal data associated with participation in online webinars will not be shared with third parties unless explicitly authorized to do so.

19: Data processing outside the European Union

Data processing for some of the video conferencing systems occurs in the USA, constituting processing in a third country. We’ve established processing agreements with each provider, adhering to the standards outlined in Article 28 of the GDPR.

Adequate data protection is ensured through “Privacy Shield” certification and the implementation of EU standard contractual clauses.

20: Your rights as a data subject

You are entitled to request information regarding your personal data at any time. Should your inquiry not be in writing, we may ask for verification of your identity for security purposes.

Additionally, you possess the right to rectify, delete, or restrict processing of your data in accordance with applicable laws. You also have the right to object to processing within legal parameters.

Furthermore, under data protection regulations, you have the right to data portability.

21: Deletion of data

We typically delete personal data once it’s no longer necessary for storage purposes. However, data may be retained if it’s required for contractual obligations, warranty claims, or to comply with statutory retention periods. Deletion is then considered after the relevant retention period has expired.

22: Right of complaint to a supervisory authority

You are entitled to lodge a complaint regarding the processing of your personal data by us with a data protection supervisory authority.

23: Changes of this privacy notice

We update this privacy notice whenever there are changes to data processing or other circumstances that require it. You can always find the latest version on this website.

Responsible Person

If you have any questions or concerns about our Privacy Policy or the handling of your personal information, please contact to the following person.

Name: Tauseef Nauman

Phone no: +49 (0) 30 809 230 38

Email: info (at) ornatesol.com

By using our website or services, you agree to the terms of this Privacy Policy. Please review this Privacy Policy periodically for any updates or changes.