UPDATED: 2019-01-22 A

Privacy Policy – Data Protection Declaration
Status: 2019-01-22 – subject to change without notice

Legal basis: General Data Protection Regulation of the European Union (EU-GDPR)

Preliminary remark

The operators of this website takes the protection of your personal data very seriously, not only out of legal obligation, but also out of personal conviction: The protection of personal data is a fundamental right!

Your personal data will therefore always be treated confidentially and in accordance with the legal data protection regulations. Details can be found in the following data protection declaration.

For all questions regarding data protection for this website, you can contact the person responsible for data protection at any time (1.1).

1   Overview of data protection for this website

The following general information provides a general overview of what happens to your personal data within the terms of the current data protection law on the basis of the EU-GDPR when you visit this website, to which this data protection declaration belongs.

Definition: Personal data in the terms of data protection law are all those data by which you can be identified directly or indirectly (e.g. also according to an exclusion procedure) personally as an individual person, i.e. can be inferred above all from your name.

1.1   Responsible for data collection and data protection on this website

The data processing on this website is carried out by the website owner:

Dr. Ulrich Leinhos-Heinke
Auf der Unter
D-55263 Ingelheim, Germany
Email: ULH at Brain-Mind-Blog dot De

who as a natural person alone or together with others decides on the purposes and means of processing your personal data and is also responsible for compliance with data protection.

Further contact data can be found in the imprint of this website.

A Supplementary Agreement for order processing pursuant to Art. 28 EU – DSGVO with the hoster netcup GmbH, Daimlerstr. 25, 76185 Karlsruhe exists and can be sent on request.

1.2 Collection of your data

On the one hand, your data will be collected by you communicating it to us voluntarily.
However, it can also be data that you send unsolicited. This could be information that you provide on the “Visitor Contributions” page.

Other data is automatically collected by the underlying IT systems when you access the website in your browser (the program you use to view internet pages). This involves technical data (e.g. internet browser, operating system or date/time of the page call, but in no case names).

1.3   Use of your data

Some of the data is collected in order to ensure error-free or user-friendly provision and presentation of the website. The other data is used to analyse your user behaviour (e.g. to find out which browsers are used, from which countries the website is accessed, which language is used, in which order the subpages of this website are accessed, etc.). Under no circumstances can you be identified as a person.

1.4   Own software tools and those of third parties for the analysis of data according to 1.2.2

When you visit this website, your behaviour as an Internet user can be statistically evaluated. This is done primarily with so-called cookies (see 3.3 below) and analysis software. Under no circumstances can you be identified as a person (1.2.2).

You can object to such an analysis at any time (1.1). You can also prevent the use of cookies yourself. You will find further information on this under 3.3.

1.5   Your rights regarding your data

In principle, you have the right, at any time and free of charge, to obtain information regarding your stored personal data about

  • origin,
  • receiver and
  • purpose

to receive.

You also have the right, in principle, at any time and free of charge, to

  • correction,
  • blocking,
  • deletion or
  • restriction of processing (Details: 3.2)

of these data.

1.6   Objection to data processing and revocation of your consent to data processing

The processing of your personal data in connection with this website requires in principle your express consent. You can therefore contact the data protection responsible at any time (1.1)
a) object to the processing of your personal data described above (2.2),
b) revoke a consent already given through the use of the website – the legality of the data processing carried out until the revocation remains unaffected by the revocation.

For this purpose, an informal notification by email to the data protection responsible (1.1) is sufficient.

1.7   Right of appeal

In addition, you always have the right to appeal to the competent supervisory authority by operation of law.

In Germany, the responsible supervisory authority for data protection issues is the data protection officer of the state of Baden-Württemberg, where where the operator of this website is based.

Outside Germany, you also have a right of appeal in the EU to a supervisory authority in the Member State of your habitual residence, workplace or place of presumed infringement in the event of infringements of the EU-GDPR.

The right of appeal always exists, i.e. without prejudice to other administrative or judicial remedies.

2   Legal bases

2.1   The legal basis for the processing of your personal data is Art. 6, 1 (a) and (f) EU-GDPR:

“1. Processing shall be lawful only if and to the extent that at least one of the following applies:
(a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes; […]
(f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.”
(Source:; 2018-12-14, 16:15)

2.2 The legal basis for your right to object (1.6 a) is Art. 21 EU-GDPR:

“1. The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point […] (f) of Article 6 (1), including profiling based on those provisions. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims. […]
4. At the latest at the time of the first communication with the data subject, the right referred to in paragraphs 1 […] shall be explicitly brought to the attention of the data subject and shall be presented clearly and separately from any other information.”
(Source:; 2018-12-14, 16:20)

3   Other necessary information

3.1   Right to data transferability

Pursuant to Art. 20 EU-GDPR, you have the additional right to have all of the above personal data processed by the operator of this website handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible person, this will only be done as far as it is technically feasible.

3.2   Right to restriction of processing

According to Art. 18 EU-GDPR, you have the right to demand the restriction of the processing of your personal data. Pursuant to Art. 18 1., the right to restrict the processing only exists if at least one of the following conditions is met, namely that:
“(a) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
(b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
(c) the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;
(d) the data subject has objected to processing pursuant to Article 21(1) [EU-GDPR, 2.2] pending the verification whether the legitimate grounds of the controller override those of the data subject.”

This shall continue to apply:
“2. Where processing has been restricted under paragraph 1, such personal data shall, with the exception of storage, only be processed with the data subject’s consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
3. A data subject who has obtained restriction of processing pursuant to paragraph 1 shall be informed by the controller before the restriction of processing is lifted.”
(Source:; 2018-12-14, 9:25)

3.3   Cookies

“Cookies” are digital text files that are stored on your IT system via your browser when you visit a website. Cookies do not contain any malware and cannot cause any damage to your IT system – for technical reasons alone, cookies cannot transfer or execute viruses, trojans or other malware, read your hard drive, read your email address or send unauthorised emails.

This website also stores cookies on your IT system; the right of the website owner to do so derives from Art. 6 1. (f) EU-GDPR; see also 2.1. Among other purposes, they serve to ensure user-friendly provision and presentation of this website (1.2.2, 1.4). Some cookies remain stored on your IT system even after you have left the website.

You can set your browser to control how your IT system handles cookies. This includes, among others, that

  • you will always be informed about the setting of cookies,
  • you must agree to the storage of cookies individually,
  • the storage of cookies is generally prevented or
  • that when closing the browser all cookies are always deleted automatically.

Further information: see Appendix and the website About Cookies, which may provide updated instructions for all recent browsers.

However, if you prevent cookies from being stored, you must be aware that certain functions of this website may be restricted – this cannot be avoided for technical reasons.

3.4   Server log files

The provider of the storage space where this website is stored automatically collects and stores information in so-called server log files, which your browser automatically transmits to us; the right of the website owner to do so results from Art. 6 1. (f) EU-GDPR; see also 2.1.

These data are:

  • browser type, version and language,
  • operating system, host name and IP address (Internet address) of the IT system with which you access this website,
  • date, time and time zone difference (to Greenwich Mean Time, GMT) of access to the server on which this website is stored,
  • which webpage of the website was requested,
  • amount of data transferred,
  • transmission status,
  • referrer URL (the Internet address of the website from which you accessed this website),
  • coordinates and route options for routing requests.

In principle, this data is not combined with other data sources; under no circumstances can you be identified as a person – unless tracing via the IP address is ordered as part of criminal prosecution, e.g. for contributions and comments from users of the website who violate applicable criminal law.

The data will be deleted within 4 weeks. However, data whose further storage should be necessary for proof purposes are excluded from deletion until the respective case has been finally clarified.

4   Warning against misuse of the contact data stated in this data protection declaration and the imprint of the website

The owner of this website hereby expressly objects to any use of published contact data for the purpose of sending unsolicited advertisements, information material or the like (“spam”) and expressly reserves the right to take legal action in the event of misuse.

5   Additional information for your protection

5.1   SSL or TLS encryption

This website generally uses SSL (Secure Sockets Layer) or TLS (Transport Layer Security) encryption for security reasons and to protect the transmission of confidential content. You can always recognize an encrypted connection by the fact that the entry at the beginning of the browser’s address line changes from “http:” to “https:” (Hypertext Transfer Protocol Secure), and (in recent browsers) by the lock symbol in front of the address.

If SSL or TLS encryption is enabled, the data you transmit to the website operator cannot be read by third parties.

However, if the “https” indicator does not appear or your browser warns you in some other way of an unencrypted connection, you should be aware of the risks of a further visit to the website, not enter any personal or otherwise confidential data or leave the website. You should also inform the site owner (1.1).

Since typos when typing the website address in the browser can also lead to such errors, you should always first check whether you have entered the address correctly.

5.2   Basic caution

As a precaution, we would like to point out that any data transmission on the Internet (e.g. communication by email) can in principle be subject to security gaps, and a complete protection of your data against access by third parties is technically impossible due to security reasons.

Appendix: Managing Cookies

(These are literal translations – please look for the analogous wording in the browser of your language.)

Microsoft Internet Explorer™:
“Extras – Internet Options – Privacy – Internet Zone Security Settings”

Mozilla Firefox™:
“Extras – Settings – Privacy – create according to user-defined settings”

Google Chrome™
Chrome toolbar menu: “Settings – Show advanced settings – Privacy – Content settings – Cookies”.

Microsoft Edge Browser™:
3-point icon: “Settings – Show advanced settings”.

If you are using a different browser, please use its help function.

Back to top of page!