Privacy Policy

Last updated: May 28, 2025

1. Privacy at a Glance

General Information

The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data are all data with which you can be personally identified. For detailed information on data protection, please refer to the privacy policy below this text.

Data Collection on This Website

Who is responsible for data collection on this website?

The data processing on this website is carried out by the website operator. You can find their contact details in the section “Note on the Responsible Entity” in this privacy policy.

How do we collect your data?

Your data is collected in two ways: firstly, by you providing it to us. This may be data you enter in a contact form, for example.

Other data is collected automatically or after your consent when visiting the website by our IT systems. These are mainly technical data (e.g., browser type, operating system, or time of page access). The collection of this data happens automatically as soon as you enter this website.

What do we use your data for?

Some of the data is collected to ensure the website is provided error-free. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right at any time to obtain free information about the origin, recipient, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time for the future. Furthermore, you have the right to demand restriction of the processing of your personal data under certain circumstances. Moreover, you have the right to lodge a complaint with the competent supervisory authority.

For this and other questions on the subject of data protection, you can contact us at any time.

2. Hosting

This website is externally hosted. The personal data collected on this website are stored on the servers of the host(s). This mainly includes IP addresses, contact inquiries, meta and communication data, contract data, contact details, names, website accesses, and other data generated via a website.

External hosting is carried out for the purpose of contract fulfillment towards our potential and existing customers (Art. 6 Para. 1 lit. b GDPR) and in the interest of a secure, fast, and efficient provision of our online offer by a professional provider (Art. 6 Para. 1 lit. f GDPR). If appropriate consent has been requested, processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TCDDG, insofar as the consent covers the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TCDDG. The consent is revocable at any time.

Our host(s) will process your data only to the extent necessary to fulfill their service obligations and follow our instructions regarding this data.

We use the following host:

Netlify, Inc.
512 2nd Street, Fl 2
San Francisco, CA 94107

3. General Notes and Mandatory Information

Data Protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data are collected. Personal data are data with which you can be personally identified. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose this happens.

We point out that data transmission on the internet (e.g., when communicating via e-mail) can have security vulnerabilities. A complete protection of data against access by third parties is not possible.

Note on the Responsible Entity

The responsible entity for data processing on this website is:

Christian Benedict Paling
IT-Dienstleistungen
Lönsstraße 24
92421 Schwandorf

Phone: +49 173 5680048
E-Mail: hello@railsmatic.com

The responsible entity is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g., names, e-mail addresses).

Storage Duration

Unless a more specific storage period is stated within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you make a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, deletion will occur after these reasons have lapsed.

General Information on the Legal Basis of Data Processing on this Website

If you have given consent to data processing, we process your personal data on the basis of Art. 6 Para. 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR if special categories of data according to Art. 9 Para. 1 GDPR are processed. In the case of express consent to the transfer of personal data to third countries, data processing is also based on Art. 49 Para. 1 lit. a GDPR. If you have consented to the storage of cookies or access to information on your terminal device (e.g., via device fingerprinting), data processing takes place additionally on the basis of § 25 Para. 1 TCDDG. The consent can be revoked at any time. If your data is required for contract fulfillment or to carry out pre-contractual measures, we process your data based on Art. 6 Para. 1 lit. b GDPR. Furthermore, we process your data if this is necessary to fulfill a legal obligation on the basis of Art. 6 Para. 1 lit. c GDPR. Data processing can also be based on our legitimate interest according to Art. 6 Para. 1 lit. f GDPR. The specific legal basis applicable in each case will be explained in the following sections of this privacy policy.

Recipients of Personal Data

Within the scope of our business activities, we cooperate with various external entities. This sometimes requires transferring personal data to these external entities. We only pass on personal data to external parties if this is necessary for contract fulfillment, if we are legally obliged to do so (e.g., handing data over to tax authorities), if we have a legitimate interest under Art. 6 Para. 1 lit. f GDPR in passing on the data, or if another legal basis permits data disclosure. When employing processors, we only pass on personal data of our customers based on a valid order processing contract. In the case of joint processing, a contract on joint processing is concluded.

Many data processing operations are only possible with your explicit consent. You can revoke an already given consent at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

IF THE DATA PROCESSING IS BASED ON ART. 6 PARA. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. YOU CAN FIND THE RELEVANT LEGAL BASIS UNDERLYING THE PROCESSING IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR THE PROCESSING SERVES THE ASSERTION, EXERCISE, OR DEFENSE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR SUCH MARKETING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS CONNECTED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR).

Right to Complain to the Competent Supervisory Authority

In the event of breaches of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, especially in the member state of their habitual residence, workplace, or place of the alleged infringement. The right to complain is without prejudice to other administrative or judicial remedies.

Right to Data Portability

You have the right to receive data that we process based on your consent or in fulfillment of a contract in a structured, commonly used, and machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

Information, Correction and Deletion

You have the right, under the applicable legal provisions, to obtain free information at any time about your stored personal data, their origin and recipients, and the purpose of the data processing, and if applicable, the right to have this data corrected or deleted. For this purpose and for further questions about personal data, you can contact us at any time.

Right to Restrict Processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time for this purpose. The right to restriction of processing exists in the following cases:

If you dispute the accuracy of your personal data stored with us, we generally need time to verify this. During the verification period, you have the right to request restriction of the processing of your personal data.
If the processing of your personal data is unlawful, you can request restriction of processing instead of deletion.
If we no longer need your personal data, but you need them to assert, exercise, or defend legal claims, you have the right to request restriction of processing instead of deletion.
If you have filed an objection pursuant to Art. 21 Para. 1 GDPR, a balancing of interests must be carried out between your interests and ours. As long as it is not yet clear whose interests prevail, you have the right to request restriction of the processing of your personal data.

If you have restricted the processing of your personal data, these data may – apart from their storage – only be processed with your consent or for the assertion, exercise, or defense of legal claims or to protect the rights of another natural or legal person or for important public interest reasons of the European Union or a member state.

SSL or TLS Encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator. You can recognize an encrypted connection by the change in the browser address line from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

4. Data Collection on This Website

Server Log Files

The provider of the site automatically collects and stores information in so-called server log files, which your browser transmits automatically to us. These are:

Browser type and browser version
Operating system used
Referrer URL
Hostname of the accessing computer
Time of the server request
IP address

A merging of these data with other data sources is not performed.

The collection of these data takes place based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – for this purpose, server log files must be recorded.

Contact Form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us to process the inquiry and for the case of follow-up questions. We do not share this data without your consent.

The processing of this data is based on Art. 6 Para. 1 lit. b GDPR if your inquiry is related to the fulfillment of a contract or to carry out pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling the inquiries addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if this was requested; the consent can be revoked at any time.

The data you have entered in the contact form will remain with us until you request us to delete the data, revoke your consent to storage, or the purpose for storing the data no longer applies (e.g., after completion of your inquiry). Mandatory statutory provisions – especially retention periods – remain unaffected.

Inquiry by Email, Phone or Fax

If you contact us by email, phone or fax, your inquiry, including all personal data resulting from the inquiry (name, inquiry), will be stored and processed by us to handle your request. We do not share this data without your consent.

The data you send to us via inquiries will remain with us until you request deletion, revoke your consent to storage or the purpose for storing the data no longer applies (e.g., after completion of your request). Mandatory statutory provisions – especially retention periods – remain unaffected.

Source:
https://www.e-recht24.de