Privacy Policy

1. Privacy Overview

General Information

The following information provides a clear overview of what happens to your personal data when you visit this website. Personal data refers to any information that can be used to identify you personally. Detailed information on data protection can be found in the full privacy policy below.

Data Collection on This Website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operators. Their contact details can be found in the section “Information on the Data Controller” in this privacy policy.

How do we collect your data?

Some data is collected when you provide it to us, for example by filling out a contact form.

Other data is collected automatically or after your consent when you visit this website. This primarily includes technical information (e.g., browser type, operating system, time of page access). This data is collected automatically as soon as you enter our website.

How do we use your data?

Part of the data is used to ensure that the website functions properly. Other data may be used to analyze user behavior. If the website allows the initiation or conclusion of contracts, the data provided may also be processed for quotations, orders, or related contractual purposes.

What rights do you have regarding your data?

You have the right to request information about the origin, recipients, and purpose of your stored personal data at any time and free of charge. You also have the right to request the correction or deletion of this data. If you have consented to data processing, you may withdraw this consent at any time for the future. You may further request the restriction of the processing of your personal data under certain circumstances. Additionally, you have the right to lodge a complaint with the competent supervisory authority.

You may contact us at any time regarding these rights or any other questions related to data protection.

Analytics and Third-Party Tools

Your browsing behavior may be analyzed statistically when you visit this website. This is primarily done using analytics tools.

Detailed information regarding these analytics tools can be found in the privacy policy below.

2. Hosting

We host our website with the following provider:

Hetzner

The provider is Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany (“Hetzner”).

Details can be found in Hetzner’s privacy policy: https://www.hetzner.com/de/legal/privacy-policy/.

The use of Hetzner is based on Art. 6(1)(f) GDPR. We have a legitimate interest in ensuring a reliable presentation of our website. If your consent has been requested, processing is carried out solely based on Art. 6(1)(a) GDPR and §25(1) TDDDG, insofar as your consent covers the storage of cookies or access to information on your device. Consent may be withdrawn at any time.

Data Processing Agreement

We have entered into a Data Processing Agreement (DPA) with Hetzner. This contract ensures that your personal data is processed strictly in accordance with GDPR guidelines and only based on our instructions.

3. General Information and Mandatory Disclosures

Data Protection

We take the protection of your personal data very seriously. We handle your data confidentially and in accordance with statutory data protection regulations and this privacy policy.

Whenever you use this website, certain personal data will be collected. This privacy policy explains what information we collect, how we use it, and why it is needed.

We note that data transmission over the internet (e.g., email communication) can be subject to security gaps. Complete protection of data from third-party access is not possible.

Information on the Data Controller

The data controller responsible for processing on this website is:

Henrike Rettig & Thomas Anton Binder
Hildebrandstr. 11
80637 Munich, Germany
Email: info@youmecycling.com

The data controller is the natural or legal person who decides, alone or jointly with others, on the purposes and means of processing personal data.

Storage Period

Unless a more specific storage period is defined within this privacy policy, personal data remains with us until the purpose for data processing no longer applies. If you request deletion or withdraw your consent, your data will be deleted unless legal obligations (e.g., tax or commercial retention periods) require longer storage.

Legal Bases for Data Processing

If you have provided consent, we process your personal data according to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR (in cases involving special categories of data). If explicit consent for data transfer to third countries has been given, Art. 49(1)(a) GDPR applies. If data is required for contractual purposes or pre-contractual actions, processing is based on Art. 6(1)(b) GDPR. If data processing is legally required, we rely on Art. 6(1)(c) GDPR. Processing may also be based on our legitimate interest (Art. 6(1)(f) GDPR). Specific legal bases are outlined in each respective section of this privacy policy.

Data Transfers to Third Countries

We use tools from providers in countries outside the EU where data protection may not meet EU standards. When these tools are active, personal data may be transmitted abroad. Please note that these countries may not guarantee a level of data protection comparable to EU regulations.

The USA is considered a secure third country if the data recipient is certified under the EU–US Data Privacy Framework (DPF) or provides appropriate safeguards. Information regarding such transfers is outlined in the relevant sections of this policy.

Recipients of Personal Data

In the course of our activities, we may share personal data with external service providers when necessary for contractual, legal, or legitimate interest purposes. Data will only be shared with processors under valid Data Processing Agreements, or—when applicable—under Joint Controller Agreements.

Withdrawal of Consent

You may withdraw any consent you have previously given at any time. The legality of data processing performed before withdrawal remains unaffected.

Right to Object (Art. 21 GDPR)

If data processing is carried out on the basis of Art. 6(1)(e) or (f) GDPR, you have the right to object at any time on grounds relating to your particular situation. We will discontinue processing unless compelling legitimate grounds override your interests or the processing is necessary for legal claims.

If personal data is processed for direct marketing purposes, you may object at any time. Your data will then no longer be used for such purposes.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in your place of residence, workplace, or where the alleged violation occurred. This right exists without prejudice to any other administrative or judicial remedies.

Right to Data Portability

You have the right to receive data processed automatically based on your consent or a contract in a commonly used, machine-readable format, and to request direct transfer to another controller where technically feasible.

Right of Access, Rectification, and Erasure

You have the right to request information about your stored personal data, its origin, recipients, and purpose of processing at any time. You also have the right to request correction or deletion of your personal data under applicable legal provisions.

Right to Restrict Processing

You may request the restriction of processing of your personal data under certain conditions:

  • If you dispute the accuracy of your personal data, processing may be restricted while we verify your claim.
  • If processing is unlawful, you may request the restriction rather than deletion.
  • If we no longer need your data but you require it for legal claims.
  • If you have objected under Art. 21(1) GDPR and a balance of interests is pending.

When processing is restricted, your personal data will only be processed with your consent or for legal claims or public interest purposes.

SSL/TLS Encryption

This site uses SSL/TLS encryption to protect transmitted data (e.g., orders, inquiries). You can recognize encrypted connections by the lock icon and “https://” in the browser address bar.

When encryption is active, data transmitted to us cannot be read by third parties.

4. Data Collection on This Website

Cookies

Our website uses “cookies.” These are small text files stored on your device. Session cookies are deleted when you leave the site, while persistent cookies remain until manually removed or automatically deleted by your browser.

Cookies may be first-party (set by us) or third-party (set by external providers). Third-party cookies may enable services such as payment processing or analytics.

Technically necessary cookies are stored based on Art. 6(1)(f) GDPR. Other cookies are only set with your explicit consent (Art. 6(1)(a) GDPR and §25 TDDDG). Consent may be withdrawn at any time.

Your browser can be configured to inform you about cookie usage, block cookies entirely, or delete them automatically when closing the browser. However, disabling cookies may limit website functionality.

Details on the cookies and tools used on this site can be found in this privacy policy.

Comment Function

If you comment on content, we store your comment, the timestamp, and your chosen username (if not posted anonymously).

Storage Duration

Comments and associated data remain on the website until the related content is deleted or removal is required for legal reasons (e.g., offensive content).

Legal Basis

Comments are stored based on your consent (Art. 6(1)(a) GDPR). You may withdraw your consent at any time by contacting us via email. Processing before withdrawal remains lawful.

Server Log Files

The hosting provider automatically collects and stores information in server log files transmitted by your browser, including:

  • Browser type and version
  • Operating system
  • Referrer URL
  • Hostname of the accessing device
  • Time of server request
  • IP address

This data is not merged with other data sources.

The collection is based on Art. 6(1)(f) GDPR. We have a legitimate interest in ensuring technically error-free and optimized website performance, which requires server log files.

5. Plugins and Tools

Wordfence

We use Wordfence provided by Defiant Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA (“Wordfence”), to protect our website from unauthorized access and cyberattacks.

Our website establishes a continuous connection to Wordfence servers to compare access activity with their threat database and block potential attacks.

The use of Wordfence is based on Art. 6(1)(f) GDPR. If consent is required for cookies or device information, processing is based on Art. 6(1)(a) GDPR and §25(1) TDDDG. Consent may be withdrawn at any time.

Data transfers to the USA rely on EU Standard Contractual Clauses. Details can be found here: https://www.wordfence.com/help/general-data-protection-regulation/.

Mapbox

We use Mapbox API, a service provided by Mapbox Inc., 740 15th Street NW, 5th Floor, Washington, DC 20005, USA, to visually display geographic information.

When using Mapbox, data related to map interaction may be collected and processed, including IP addresses.

If cookies are set by Mapbox, you may disable them via your browser. However, this may limit site functionality.

More information can be found at: https://www.mapbox.com/privacy/

WP Statistics

We use WP Statistics, an analytics plugin developed specifically for WordPress sites, to gather simple usage statistics without cookies.

The plugin anonymizes all collected data, including IP addresses. No profiles are created, and users cannot be personally identified.

The following information may be collected when your browser connects to our server:

  • URL of visited pages
  • Browser type and version
  • Operating system
  • Referrer URL
  • Hostname and IP address (anonymized)
  • Date and time
  • Country/city information
  • Search engine sources
  • Session duration
  • Clicks on the site

All data is stored locally on our server, never shared or sold, and retained only as long as needed for the stated purpose.

More information can be found at: https://wp-statistics.com/privacy-and-policy/

6. Affiliate Links (AWIN)

Our website uses affiliate links from the AWIN network (AWIN AG, Eichhornstraße 3, 10785 Berlin, Germany). These links function as simple redirects and do not set cookies or execute tracking scripts on our website. Only when you click an affiliate link will you be redirected through AWIN’s servers, where technical data (e.g., IP address, browser information) may be processed for commission tracking and cookies may be set thereafter.
The legal basis is our legitimate interest in monetizing our content (Art. 6(1)(f) GDPR).
Further information can be found in AWIN’s privacy policy: https://www.awin.com/en/legal/privacy-policy