Data Protection Declaration

I. General information and legal bases

This data protection declaration informs you about the type of personal data we collect through this website as the controller, the purpose for which we collect it, and the extent to which it is made available to third parties

1. Controller:

Name /Fa.: Heinrich Brüning GmbH
Adress: Stenzelring 22 in 21107 Hamburg
USt-IdNr.: DE 118564859
Commercial register /no: HRB 32 049

USt-IdNr.: DE 258660718 (Suntree GmbH)
Handelsregister Nr.: HRB 10 3442 (Suntree GmbH)

CEO: Marc Brüning, Frank Rump
Phone: +49 40 7510 05-0

Data protection officer: Fabian Knoop
Company: netCo.privacy GmbH
Adress: Reimerstwiete 11 in 20457 Hamburg

Phone: 040 540 90 90-0

2. Legal bases for processing

Personal data has to be processed in accordance with a legal basis. We would like to explain this to you below.
Article 6 (1) lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis when processing personal data after we have obtained the data subject’s consent.
Article 6 (1) lit. b of the GDPR serves as the legal basis when processing personal data required for the execution of a contract to which the data subject is a party. This also encompasses processing required in connection with any steps to be taken before concluding the contract.
Article 6 (1) lit. c of the GDPR serves as the legal basis when processing personal data in order to comply with a legal obligation to which our company is subject.
Article 6 (1) lit. f of the GDPR serves as the legal basis when personal data has to be processed in order to serve the legitimate interests of our company or a third party and the data subject’s interests and fundamental rights and freedoms do not override our interests or those of the third party. Our company's legitimate interests comprise the transaction of business and the analysis, optimisation, and security of our online services

I. Contact Form

If you contact us using the contact form, the data you provide there will be stored in order to process your request and in case of follow-up questions. This data is not passed on to third parties. If your request is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures, the processing of this data is based on Art. 6 Para. 1 lit. b GDPR. In all other cases, the processing of the data is based on your consent (Art. 6 Para. 1 lit. a GDPR). You can revoke this consent at any time. To do this, send us an email to: datenschutz (AT)
The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.

II. Log files

Data sent to us by the browser to serve our legitimate interests in analysis and security (so-called “log files”) is automatically stored in the server statistics
This data comprises the following:
▪ Language and version of browser software
▪ Operating system used together with its interface
▪ Referrer URL (the web page previously visited)
▪ Host name of the accessing computer (IP address)
▪ Date and time of server request
▪ Time zone difference from Greenwich Mean Time (GMT)
▪ Content of request (specific page)
▪ Data volume transmitted
▪ Access status/ HTTP status code.

As a rule, this data can not be assigned to specific persons. This data is not amalgamated with other data sources. Moreover, it is deleted within 7 days of being subjected to statistical evaluation. Data that must be retained for evidential purposes is not deleted until the respective situation has been clarified in full

III. Contractual processing

The personal data you provide, e.g. your name, address, or email address, is only used internally; it is processed for the purpose of responding to your queries, processing your orders, or enabling your access to certain information

IV. Cookies

This Site does not use any Cookies.

V. Rights of data subject

You have the right to information about which of your personal data we have stored. By law, you also have the right to have incorrect data rectified, to have your data blocked, to data portability, and to have your personal data erased. Just send us an email with the subject line “Data protection”. You also have the right to complain to a data protection supervisory authority if you believe that the processing of your personal data constitutes a violation of the law.
If you have issued a declaration of consent, you have the right to withdraw this at any time. This will not affect the lawfulness of any data processing that took place after you originally gave your consent and before you withdrew it.
By law, you are also entitled to object to the future processing of your personal data at any time. In particular, you may object to your personal data being processed for purposes of direct advertising.

VI. Personal data storage period

We store personal data for the period specified by law. Personal data is routinely erased after the storage period expires unless it has to be retained for the purpose of concluding or executing a contract. If your personal data is required for other, legally admissible purposes and is therefore not erased, the processing of this data will be restricted. The data will be blocked accordingly and will not be processed for any other purpose. This applies for example to user data that has to be retained on grounds specified in commercial or fiscal law

VII. Security information

We endeavour to implement all technical and organisational measures necessary to process your personal data in such a way that the provisions of data protection legislation are complied with, thus protecting your data. Our website and all communication with us through our website is encrypted using HTTPS.