1. Information on processing your personal data
  2. Visiting our website
  3. SSL encryption
  4. Cookies
  5. Contact possibilities with us
  6. Customer account
  7. Your orders
  8. Registration for workshops an other events
  9. Private email list
  10. Facebook, Instagram, LinkedIn, YouTube
  11. Blog
  12. Your rights


We are very delighted that you show interest in Atelier SommerKunst. Data protection is of a particularly high priority for the management of Atelier SommerKunst. The use of the Internet pages of Atelier SommerKunst is possible without any indication of personal data; however, if a data subject wants to use special enterprise services via our website, processing of personal data could become necessary.

The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations in Germany that are applicable to us.

The data controller on this website is:

Seona Sommer

Lindlarer Str. 28

D-51109 Cologne


Phone: +49 one seven three  6387214

Email: mail[at]

The duration of the storage of personal data is determined on the basis of the respective legal basis, the purpose of processing and additionally on the basis of the respective statutory retention period (e.g. in the case of retention periods under commercial and tax law).

Our website and services are constantly expanded and revised. Consequently, we regularly update our privacy policy. Please keep yourself informed about the changes on this page.


For our website, we use the services of the German provider and German-based web hosting company Strato. We have concluded a contract with the provider for order data processing in accordance with § 28 of the GDPR. The TÜV certification of the data centers at Strato according to ISO 27001 create special data security.

We use the hoster for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO).

The website collects a series of general data and information when a data subject or automated system calls up the website. This general data and information are stored in the server log files. Collected may be

  • the browser types and versions used
  • the operating system used by the accessing system
  • the website from which an accessing system reaches our website (so-called referrers)
  • the sub-websites
  • the date and time of access to the Internet site
  • an Internet protocol address (IP address)
  • the Internet service provider of the accessing system
  • any other similar data and information that may be used in the event of attacks on our information technology systems.

Further information on data protection at Strato can be found in the company's general data protection declaration:

Among other things, tools from companies based in the USA are integrated on our website. If these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to point out that the USA is not a safe third country in the sense of EU data protection law. US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.


We have implemented SSL encryption for our website. This is how we insure that no third party can access the communication process. You can recognize an encrypted connection by the string "https://" and the lock symbol in your browser bar.


Our website uses so-called cookies. These are small text files that are stored on your end device with the help of the browser. They do not cause any damage. We use cookies to provide the users of this website with more user-friendly services that would not be possible without the cookie setting. Some cookies remain stored on your end device until you delete them. They enable us to recognize your browser on your next visit.

You may, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If you deactivate the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.


If you contact us by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject for a maximum of 6 months. There is no transfer of this personal data to third parties.


According to Art. 6 para. 1 lit. b GDPR, personal data will continue to be collected and processed to the extent necessary in each case if you provide us with this information when opening a customer account. By sending us a written message (e.g. by email), you can request the deletion of your customer account at any time. Your data will be deleted as soon as all contracts concluded with us have been fully processed, there are no longer any legal retention periods and we have no other legitimate interest in continuing to store it.


Soweit für die Vertragsabwicklung zu Liefer- und Zahlungszwecken erforderlich, werden die von uns erhobenen personenbezogenen Daten gemäß Art. 6 Abs. 1 lit. b DSGVO an das beauftragte Transportunternehmen und das beauftragte Kreditinstitut weitergegeben.

Zur Abwicklung Ihrer Bestellung arbeiten wir mit den nachstehenden Dienstleistungsunternehmen zusammen, die uns bei der Durchführung geschlossener Verträge unterstützen. An diese Dienstleister werden nach Maßgabe der folgenden Informationen gewisse personenbezogene Daten übermittelt.

a) PayPal

When paying via PayPal, credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "installment payment" via PayPal, we pass on your payment data to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing. The transfer takes place in accordance with Art. 6 para. 1 lit. b GDPR and only insofar as this is necessary for the payment processing.

PayPal reserves the right to conduct a credit check for the payment methods credit card via PayPal, direct debit via PayPal or - if offered - "purchase on account" or "installment payment" via PayPal. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 para. 1 lit. f GDPR on the basis of PayPal's legitimate interest in determining your solvency. PayPal uses the result of the credit check with regard to the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method.

For further information on data protection, including information on the credit agencies used, please refer to PayPal's privacy policy:

You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for the contractual processing of payments

b) Stripe

If you choose a payment method of the payment service provider Stripe, the payment will be processed by the payment service provider Stripe Payments Europe Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. We pass on to them the information you provided during the ordering process, together with information about your order (name, address, account number, bank code, any credit card number, invoice amount, currency and transaction number) in accordance with Art. 6 Para. 1 lit. b GDPR.

Stripe reserves the right to perform a credit check in order to protect the legitimate interest in determining the solvency of the user.

Nähere Informationen zum Datenschutz von Stripe finden Sie unter der URL

Sie können dieser Verarbeitung Ihrer Daten jederzeit durch eine Nachricht an Stripe widersprechen. Jedoch bleibt Stripe ggf. weiterhin berechtigt, Ihre personenbezogenen Daten zu verarbeiten, sofern dies zur vertragsgemäßen Zahlungsabwicklung erforderlich ist.

c) If you do not collect your goods from us yourself, we will also pass on your name and delivery address and, if applicable, your telephone number to a shipping company selected by us for the delivery of the goods Art. 6 Para. 1 lit. b GDPR.


When you register for our workshops or other events, we also need your full name, postal address and (mobile) telephone number. We use this information in order to offer you full service before, during and after the workshop, and for billing you. After the end of the workshop, we may store your information for 6 months to bring up or answer follow-up questions, or to send you information on upcoming workshops.


When you subscribe to our private email list for direct marketing we ask for your email address. A confirmation e-mail will be sent to the e-mail address registered by a data subject for the first time for newsletter shipping, for legal reasons, in the double opt-in procedure. This confirmation e-mail is used to prove whether the owner of the e-mail address as the data subject is authorized to receive the newsletter.

The personal data collected as part of a registration for the newsletter will only be used to send our newsletter. You can find more information on the contents of our newsletter in our Terms & Conditions.

We use the service provider Brevo (formerly Sendingblue) for sending our newsletter. Within the scope of this registration, you agree that your entered data will be transmitted to Sendinblue GmbH. Please note the privacy policy and general terms and conditions of Brevo.

Our newsletter contains so-called tracking pixels. A tracking pixel is a miniature graphic embedded in such e-mails, which are sent in HTML format to enable log file recording and analysis. This allows a statistical analysis of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, we may see if and when an e-mail was opened by a data subject, and which links in the e-mail were called up by data subjects.

Such personal data collected in the tracking pixels contained in the newsletters are stored and analyzed by the controller in order to optimize the shipping of the newsletter, as well as to adapt the content of future newsletters even better to the interests of the data subject.

These personal data will not be passed on to third parties. Data subjects are at any time entitled to revoke the respective separate declaration of consent issued by means of the double-opt-in procedure. After a revocation, these personal data will be deleted by the controller.

The newsletter also contains links to third-party websites ("external links"). These links usually lead to further information on the topics presented in the newsletter. For example, we announce an exhibition participation and you can find the general information of the exhibition organizer under the link. Where third party websites are involved, they are subject to the liability of their respective operators.

The subscription to our newsletter may be terminated by the data subject at any time. The consent to the storage of personal data, which the data subject has given for shipping the newsletter, may be revoked at any time. For the purpose of revocation of consent, a corresponding link („Abmelden“) is found in each newsletter. It is also possible to unsubscribe from the newsletter at any time directly on the website of the controller, or to communicate this to the controller in a different way.


We do not use Social Plugins of the above listed social networks Facebook, Instagram, XING, YouTube. The embedded logos on the start page are static links which work like any other regular link leading to other websites after clicking on them. Once you click these links, you leave our website and it’s area of responsiblity, and are being transferred to the other website. You can find the privacy policies of those social networks here:


Blog ( and our main website ( have got equal high standards of protecting your data. Our Privacy Policy on both website are indentical.


Each data subject shall have the following granted by the European legislator:

  • to obtain from the controller the confirmation as to whether or not personal data concerning him or her are being processed
  • to obtain from the controller free information about his or her personal data stored at any time
  • to obtain from the controller without undue delay the rectification of inaccurate or completion of incomplete personal data concerning him or her
  • to obtain from the controller the erasure of personal data concerning him or her without undue delay
  • to obtain from the controller restriction of processing
  • to receive the personal data concerning him or her, which was provided to a controller
  • to object, on grounds relating to his or her particular situation, at any time, to processing of personal data concerning him or her
  • to withdraw his or her consent to processing of his or her personal data at any time

If you believe your rights have been violated, please contact the supervisory authority:

Landesbeauftragte für Datenschutz und Informationsfreiheit
Postfach 20 04 44
40102 Düsseldorf

tel.: 0211/38424-0
fax: 0211/38424-10

Seona Sommer

Lindlarer Str. 28

D-51109 Cologne



Mobil: +49 - zero one seven three – 638 72 14

Copyright notice: This privacy policy and is protected by copyright. The German version was created with the assistance of specialist lawyers from the IT law firm (

(last updated: 11 May 2023)

© Seona Sommer