Data Privacy Statement

Any collection, processing and use (hereinafter “use”) of data is solely for the purpose of providing our services. The services of bleech GmbH (“bleech”) have been designed to use as little personal information as possible. For that matter, “personal data” is understood as all individual details about a person or factual circumstances of an identifiable natural person (so-called “affected person”).

The following statements on data protection describe what types of data are collected when accessing our website, what happens with these data and how you may object to data usage.

Person Responsible (controller)

Responsible within the meaning of the EU General Data Protection Regulation (GDPR) is:

bleech GmbH
Pfuelstraße 5
10997 Berlin
[email protected]

Data Security Officer

The data security officer is:

Steffen Bewersdorff

If you have questions about data protection, you can contact us at the following e-mail address:

[email protected]

or by mail:

bleech GmbH
– Datenschutz –
Pfuelstr. 5
D-10997 Berlin

Which data will be used

When visiting our website, our web servers temporarily store every access in a log file. The following data is collected and stored until automated deletion:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Transmitted amount of data
  • Message if the retrieval was successful
  • Detection data of the browser and operating system used
  • Website from which access is made
  • Name of your Internet access provider

The processing of this data serves: the purpose of enabling the use of the website (connection establishment), the system security, the technical administration of the network infrastructure, as well as to optimize the Internet site. The IP address is evaluated only in case of attacks on our network infrastructure or the network infrastructure of our Internet provider.

Furthermore, no input of your personal data is required to use our website.

Protection of your data

We have taken technical and organizational measures to ensure that the requirements of the EU General Data Protection Regulation (GDPR) are met by us, as well as, by external service providers working for us.

If we work with other companies in order to provide our services, such as email and server providers, this will only be done after an extensive selection process. In this selection process, each individual service provider is carefully selected for its suitability in terms of technical and organizational data protection skills. This selection procedure will be documented in writing and an agreement on the order processing of data (order processing contract) will only be concluded if the third party complies with the requirements of Art. 28 GDPR.

Your information will be stored on specially protected servers. Access to it is only possible for a few specially authorized persons. If you send us data via web forms, the data is always transmitted via an encrypted connection (128-bit TLS).

Service providers from third countries

In order to be able to provide our services, we use the support of service providers from third party countries (non EU countries). In order to ensure the protection of your personal data in this case, we conclude with each – carefully selected – service provider special order processing contracts.

We use the support of the following providers:

  • Email service provider of bleech
  • Storage service provider of bleech

Use of cookies

a) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive assigned to the browser you use. Through this the stored information flows to bleech or the party that sets the cookie. Cookies cannot run programs or transmit viruses to your computer. Cookies are used to analyze the use of in anonymized or pseudonymized form. Also cookies enable personalized advertisements on this website.

This website uses the following types of cookies. The extend and function of which are explained below:

  • Transient cookies (see b)
  • Persistent cookies (c)

b) Transient cookies are automatically deleted when you close the browser. These include session cookies. Transient cookies store your session ID, with which various requests from your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.

c) Persistent cookies are automatically deleted after a specified period of time, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time. Please be aware that you may not be able to use all features of this site, when deleting the cookies from your browser history. The setting of cookies can be prevented by appropriate settings in the user’s Internet browser at any time.

Deletion of personal data

bleech processes the personal data only as long as necessary. As soon as the purpose of the data processing is fulfilled, deletion of the data is carried out according to the standards of the deletion concept, unless legal regulations oppose this.

Legal basis for the processing of personal data

The processing of personal data requires a legal basis. The GDPR names different legal bases in Art. 6 GDPR.

A legal basis for processing personal data is, for example, Art. 6 (1) (a) GDPR. This refers to the consent given by the user. The consent is earmarked. Processing personal data is also allowed in order to fulfill a contract acc. Art. 6 (1) (b) GDPR. However, Art. 6 (1) (b) GDPR must be interpreted broadly, since the initiation of a contractual relationship regarding data processing is also included. This applies in particular to those cases in which the user uses the contact form of bleech in order to receive a non-binding offer. Art. 6 (1) (c) GDPR describes the legal basis of data processing in cases involving a legal obligation to process data. Processing personal data may in exceptional cases be based on Art. 6 (1) (d) GDPR. This requires the vital interests of the affected person or other natural person to be protected. This refers to cases which would lead to injury or impairment of life, limb and health. For the initiation of assistance personal data such as the name, contact details and possibly health insurance would be required to be handed over. It is also possible that processing personal data is based on the legal basis of Art. 6 (1) (f) GDPR. The so-called “legitimate interest” is standardized in this basis, which is to be read with reference to the addendum reason 47 of the GDPR. In the legal sense, Article 6 (1) (f) of the GDPR is a so-called “standard of interception”, which applies unless other legal bases than those described above apply. When the standard of interception is applied, weighting the specific interests – that of the affected person or that of the data processor – takes place.


Through the website it is possible to obtain a non-binding offer. This will require processing different data to answer the request, which will be automatically saved for this purpose. A transfer of the data to third parties does not take place, unless the user has given his consent.


On the website we offer the opportunity to subscribe to our newsletter. When subscribing to the newsletter, personal data is requested for the purpose of processing the newsletter entry form. Input fields marked with a “*” are mandatory fields. These mandatory fields are necessary in order to send the affected person the newsletter. All other fields are to be filled voluntarily by the affected person, whereby it is expressly pointed out that these fields are not mandatory.

The newsletter has the function of informing the affected parties about offers and news from bleech at regular intervals. The newsletter will be sent via e-mail. On request, a newsletter may also be sent by post. The newsletter is only received after registration for the newsletter. In order to meet the requirements of the GDPR, we use DOI (Double Opt-In). If the person concerned signs up for our newsletter, he will receive a confirmation e-mail on the electronic mailbox which he has named in the entry field. This e-mail contains a confirmation link that the affected person must click on. Following this procedure, the affected person has successfully registered for the newsletter. To perform the procedure, the IP address, date and time of login are stored. This is done in order to prevent abuses. A transfer of the data to third parties does not take place, unless the affected person has given his/her consent.

The consent to processing personal data in order to receive the newsletter can be terminated at any time. For this purpose, the affected person can click on the integrated link in each newsletter to unsubscribe. It is also possible to inform bleech about the revocation of the consent in any other way, e.g. via post or e-mail.

Google Analytics

The website of bleech uses Google Analytics. This is a service for analyzing access to websites of Google Inc. (“Google”) and allows us to improve our website.

Responsible Person is:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland.

Cookies enable us to analyze your use of our website. The information collected by a cookie (IP address, access time, access duration) is transmitted to a Google server in the USA and stored there. The evaluation of your activities on our website is transmitted to us in the form of reports. Google may pass on the collected information to third parties, if required by law or if third parties process this data on behalf of Google. The Google tracking codes of our Internet offer use the function “_anonymizeIp ()”, thus IP addresses are processed only shortened, in order to exclude a possible direct personal link to you.

You can also prevent the installation of cookies from Google Analytics by setting your browser software accordingly. In this case, however, it may happen that you cannot fully use all the features of our website. Also through browser extensions e.g. Google Analytics can be disabled and controlled.


as well as under

you can find out more about the terms of use and privacy of Google Analytics.


bleech uses Twitter. The Twitter button can be found on the website at the bottom right.

Responsible Person is:

Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, United States.

If the user clicks on the Twitter button, the website is entered by Twitter. By entering the website of Twitter through the website of bleech, Twitter will be provided with the respective reference data of bleech. Twitter receives the information that the user has visited the website of bleech.

If, at the time of visiting the website, the user is logged in at the same time via a Twitter account (it does not matter if it is their own Twitter account), Twitter will receive further information, i.e. which pages the user has visited on the website. Twitter collects this information, so theoretically it is possible to assign this information to the Twitter account.

To prevent this, the user has the opportunity to log out on Twitter. To do this, the user must log out via the Twitter website.

For more information on privacy on Twitter, we refer to the following data policy from Twitter:


All E-mails, which are sent automatically, or E-mails that are not addressed to you individually (for example, newsletters for members of my membership programs) are sent via MailChimp.

MailChimp is a service of MailChimp, a service in the US that I also use to send my newsletter. The use of MailChimp on my website essentially ensures that emails are sent reliably and, above all, that they are more likely not to end up in your spam filter.

Especially with transactional E-mails it is extremely important for me that you receive these E-mails (for example, a purchase confirmation) as well.

For further information, we refer to the following data policy from MailChimp:

Your rights

You have the following rights with respect to the personal data concerning you:

  • Right to information,
  • Right to rectification or deletion,
  • Right to restriction of processing,
  • Right to object to the processing,
  • Right to data transfer,
  • Right on confirmation.

In the case of a request for information, you must provide sufficient information about your identity and provide proof that it is your personal data. The information relates to data that has been stored regarding your person, the origin of the data, the recipient or the categories of recipients to which data has been transmitted and the purpose of the storage. To exercise these rights, please contact our Privacy Officer, which is mentioned at the beginning of the Privacy Policy.

If you have given your consent to the processing of your data, you can revoke at any time. Such revocation will affect the admissibility of processing your personal data by us.

Insofar as we base the processing of your personal data on the weighting of interests, you may object to the processing. This is the case if processing your data is not required to fulfill a contract with you, which is explained in the following description of the functions. In the event of such a revocation, we ask you to explain the reasons why we should not process your personal data. In the case of your justified objection, we will examine the situation and will either stop processing your data, adapt the data processing or point out to you our compelling legitimate reasons on which we continue the processing.

Of course, you may object to the processing of your personal data for advertising and data analysis purposes at any time. You may contact us or our responsible data security officer via the contact details stated at the beginning of the Privacy Policy.

You also have the right to complain about our processing your personal data to a supervisory authority.

How you perceive these rights

To exercise these rights, please contact our data security officer:

Steffen Bewersdorff
[email protected]

or by mail:

bleech GmbH
– Datenschutz –
Pfuelstr. 5
D-10997 Berlin

Subject to change

We reserve the right to change this privacy policy in compliance with legal requirements.

May 2018