Data privacy is not a choice, but beneficial for everyone.

Agency for Word template design

We respect personal data and comply with the requirements of the GDPR


Right from the start: We do not use cookies!

Our website does not require or store any cookies on your device – not even technically or temporarily necessary ones. What are cookies? When you visit a website, it can store personal or usage data on your device to identify you when you return and display customized content or advertising for you. And that’s exactly what we don’t do!


Secondly: We do not transfer data to third parties.

Our website does not send any personally identifiable information to third parties such as technology companies, social networks, and other online services. We protect your data and only process what you voluntarily provide to us. All other data, such as usage data when accessing our website, is anonymized without exception and only stored on our web server and regularly automatically deleted. Usage profiles are not created.


Thirdly: You have control over the use of your data.

If you have provided data to us, you have the right to know how we process it. After verifying your identity, we will inform you by mail (or alternatively by fax or email) about the type and extent of the data stored with us. After that, you have the right to change or permanently delete it.

A statement on our privacy policy


We welcome you to our website and appreciate your interest in our services. Protecting your personal data is very important to us. We treat personal data confidentially and in accordance with legal data protection regulations and this privacy policy. Below, we inform you about which data is collected when you visit our website and how it is used.

Name and contact of the responsible party according to Article 4 (7) of the GDPR

AFKUD Agentur für Kommunikation und Design GmbH & Co. KG
Waldenserstr. 2-4, 10551 Berlin, Germany
Telephone: +49 (0)30 – 2000 366 80
Telefax: +49 (0)30 – 2000 366 89
E-Mail: mail@afkud.de

According to the GDPR, due to the size of our business, we are not required to appoint a Data Protection Officer. If you have any questions about the processing of your personal data, you can always contact us in confidence.


Security and protection of your personal data

We consider it our top priority to maintain the confidentiality of the personal data provided by you and to protect it from unauthorized access. Therefore, we apply the utmost care and the latest security standards to ensure maximum protection of your personal data.

As a private company, we are subject to the regulations of the European General Data Protection Regulation (GDPR) and the provisions of the Federal Data Protection Act (BDSG). We have taken technical and organizational measures to ensure that data protection regulations are observed by both us and our external service providers.


Clarifying the meaning of terms

The law stipulates that personal data must be handled in a lawful, honest and clear way („lawfulness, fairness, transparency“). To ensure this, we will explain to you the specific legal definitions used in this privacy policy.

„Personal data“ refers to any information that relates to an identified or identifiable natural person (referred to as „data subject“); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

„Processing“ refers to any action or series of actions performed on personal data, whether with or without the use of automated means, including collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or other means of making it available, alignment or combination, restriction, erasure or destruction.

„Restriction of processing“ refers to the marking of stored personal data with the aim of limiting its future processing.

„Profiling“ refers to the automated processing of personal data to evaluate certain personal aspects related to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

„Pseudonymization“ is the processing of personal data in such a way that the personal data can no longer be attributed to a specific individual without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures that ensure that the personal data cannot be attributed to an identified or identifiable natural person.

„File system“ is a structured collection of personal data that is accessible according to certain criteria, regardless of whether the collection is kept centrally, decentralized or organised by functional or geographical criteria.

„Controller“ is a natural or legal person, authority, institution, or other body that alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

„Processor“ is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

„Recipient“ refers to a natural or legal person, authority, institution, or other entity to whom personal data is disclosed, regardless of whether it is a third party or not. However, authorities that may receive personal data in the context of a specific investigation under Union or Member State law shall not be considered as recipients; the processing of such data by those authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

„Third party“ refers to a natural or legal person, authority, institution or other entity other than the data subject, the controller, the processor and the persons who are under the direct authority of the controller or the processor, authorized to process personal data.

„Consent“ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.


Lawfulness of processing

The processing of personal data is only lawful if a legal basis for the processing exists. Legal basis for the processing can, according to Article 6, paragraph 1, letters a-f of the GDPR, include:

  • The data subject has given their consent to the processing of their personal data for one or more specific purposes;
  • the processing is necessary for the performance of a contract in which the data subject is a party, or for the performance of pre-contractual measures taken at the data subject’s request;
  • die Verarbeitung ist zur Erfüllung einer rechtlichen Verpflichtung erforderlich, der der Verantwortliche unterliegt;
  • the processing is necessary to fulfill a legal obligation to which the controller is subject to;
  • the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  • the processing is necessary for the protection of the legitimate interests of the controller or a third party, unless the interests or fundamental rights and freedoms of the data subject, which require protection of personal data, prevail, in particular if the data subject is a child.

Information about the collection of personal data

  • In the following, we inform you about the collection of personal data when using our website. Personal data include, for example, name, address, email addresses, user behavior.
  • When you contact us via email or through a contact form, the data you provide (your email address, possibly your name and telephone number) will be stored by us in order to answer your questions. We delete the data that arises in this context after storage is no longer necessary or restrict the processing if there are legal retention obligations.

Collection of personal data when visiting our website

When you visit our website for informational purposes only, meaning you do not register or otherwise provide us with information, we collect only the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data that is technically necessary for us to display our website to you and ensure stability and security (legal basis is Art. 6 para. 1 s. 1 lit. f GDPR):

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transmitted each time
  • Website from which the request originates
  • Browser
  • Operating system and interface
  • Language and version of the browser software.

Further functions and services provided by our website

  • In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do this, you usually have to provide additional personal data, which we use to provide the respective service and for which the previously mentioned principles for data processing apply.
  • For some data processing, we use external service providers. These have been carefully selected and commissioned by us, are bound by our instructions, and are regularly monitored.
  • Additionally, we may also share your personal information with third parties if we collaborate with partners to offer actions, contests, contract completions, or similar services. Detailed information regarding this can be obtained when you provide your personal information or in the description of the offer below.
  • If our service providers or partners are located in a state outside the European Economic Area (EEA), we inform you about the consequences of this fact in the description of the offer.

Minors / children

Our services are mainly intended for adults. Individuals under 18 years old, and in some countries even older, depending on their location, should not transmit any personal data to us without the consent of their parents or guardians.


Rights of affected individuals

According to Article 15 Paragraph 1 GDPR, concerned individuals have the right to request confirmation from responsible parties on whether personal data concerning them is being processed. If that is the case, the concerned individuals have the right to receive information about these data and additional information on their processing.

If the processing of personal data is based on consent given, you have the right to revoke your consent at any time. Revoking the consent does not affect the legality of processing based on the consent until the revocation.

To exercise the right of revocation, you may contact us at any time.

You have the right to request confirmation from the controller as to whether we are processing personal data concerning you. You can request confirmation at any time using the contact details mentioned above.

You have the right to request information about any personal data processed, as well as the following information:

  • the purposes of processing;
  • the categories of personal data being processed;
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, particularly in third countries or international organizations;
  • the planned duration for which the personal data will be stored, or if this is not possible, the criteria for determining this duration;
  • the existence of the right to rectification or erasure of the personal data concerning you or to restriction of processing by the controller, or to object to such processing;
  • the existence of a right to file a complaint with a supervisory authority;
  • if the personal data is not collected from the affected person, all available information about the origin of the data;
  • the existence of automated decision making including profiling according to Article 22 paragraphs 1 and 4 of the GDPR and – at least in these cases – meaningful information about the involved logic, as well as the scope and intended effects of such processing for the affected person.

If personal data is transferred to a third country or an international organization, you have the right to be informed about the appropriate safeguards according to Article 46 of the GDPR in connection with the transfer. We will provide a copy of the personal data that is the subject of processing. For any additional copies you request, we may charge a reasonable fee based on administrative costs. If you make the request electronically, the information must be provided in a commonly used electronic format, unless otherwise specified. The right to receive a copy under paragraph 3 must not prejudice the rights and freedoms of others.

You have the right to demand the immediate correction of incorrect personal data concerning you from us. Taking into account the purposes of the processing, you have the right to demand the completion of incomplete personal data, even by means of a supplementary statement.

You have the right to request that the controller delete personal data concerning you without delay, and the controller is obligated to delete such personal data without delay if any of the following reasons apply:

  • The personal data is no longer necessary for the purposes for which it was collected or processed in any other manner.
  • The affected person revokes their consent, on which the processing was based according to Article 6 Paragraph 1 Letter a or Article 9 Paragraph 2 Letter a of the GDPR, and there is no other legal basis for the processing.
  • The affected person files an objection to the processing according to Article 21 Paragraph 1 of the GDPR and there are no overriding legitimate grounds for the processing, or the affected person files an objection to the processing according to Article 21 Paragraph 2 of the GDPR.
  • The personal data has been processed illegally.
  • The deletion of personal data is required to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
  • The personal data was collected in relation to services offered by the information society according to Article 8 (1) of the GDPR.

The controller has publicly disclosed the personal data and is obligated to delete it under paragraph 1, they shall take reasonable measures, including technical measures, to inform data processors processing the personal data, of the fact that the affected person has requested the deletion of all links to these personal data, or copies or replications of such personal data, taking into consideration the available technology and implementation costs.

The right to erasure (“right to be forgotten”) does not apply where processing is necessary:

  • to exercise the right of freedom of expression and information;
  • to comply with a legal obligation that requires processing under the law of the Union or of the Member States to which the controller is subject, or to perform a task in the public interest or in the exercise of official authority assigned to the controller;
  • for reasons of public interest in the area of public health as per Article 9 (2) letters h and i and Article 9 (3) of the GDPR;
  • for archival purposes in the public interest, scientific or historical research purposes, or statistical purposes, according to Article 89 (1) of the GDPR, to the extent that the right referred to in paragraph 1 is likely to render the realization of the purposes of this processing impossible or seriously impair it; or
  • to assert, exercise or defend legal claims.

You have the right to request from us the restriction of the processing of your personal data if one of the following conditions is met:

  • the accuracy of the personal data is disputed by the data subject for a period of time that allows the controller to verify the accuracy of the personal data;
  • the processing is unlawful and the data subject refuses the deletion of the personal data and instead requests the restriction of its use;
  • the controller no longer needs the personal data for the purposes of processing, but the data subject needs it for the enforcement, exercise or defense of legal claims, or
  • the data subject has lodged an objection against the processing in accordance with Article 21 (1) GDPR, as long as it has not yet been established whether the legitimate grounds of the controller outweigh those of the data subject.

If the processing has been restricted according to the above conditions, these personal data – with the exception of storage – may only be processed with the data subject’s consent or for the enforcement, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of a substantial public interest of the Union or a Member State.

To assert the right to restriction of processing, the data subject may contact us at any time using the contact information provided above.

You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format, and you have the right to transmit this data to another controller without obstruction from the controller to whom the personal data was provided, if:

  • the processing is based on consent under Article 6 (1) (a) or Article 9 (2) (a) or on a contract under Article 6 (1) (b) of the GDPR; and
  • the processing is carried out by automated means.

When exercising the right to data portability under paragraph 1, you have the right to have personal data transmitted directly from one controller to another, where technically feasible. The exercise of the right to data portability shall not affect the right to erasure (“right to be forgotten”). This right shall not apply to processing that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you based on Article 6 (1) (e) or (f) of the GDPR; this also applies to profiling based on these provisions. The controller shall no longer process the personal data unless they can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.

If personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for such marketing, including profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.

In connection with the use of information society services, you may exercise your right of objection through automated means using technical specifications, regardless of Directive 2002/58/EC.

You have the right to object, on grounds relating to your particular situation, to the processing of personal data concerning you for scientific or historical research purposes or for statistical purposes in accordance with Article 89 (1), unless the processing is necessary for the performance of a task carried out in the public interest.

You may exercise your right of objection at any time by contacting the respective controller.

You have the right not to be subjected to a decision based solely on automated processing, including profiling, which has legal effect on you or similarly significantly affects you. This does not apply if the decision:

  • is necessary for the conclusion or performance of a contract between the data subject and the controller,
  • is lawful under Union or Member State law to which the controller is subject and which provides appropriate measures to protect the rights, freedoms and legitimate interests of the data subject or
  • is made with the express consent of the data subject.

The controller takes appropriate measures to protect the rights, freedoms and legitimate interests of the data subject, including at least the right to obtain the intervention of a person on the part of the controller, to express his or her point of view and to contest the decision.

The data subject may exercise this right at any time by contacting the relevant controller.

In addition, without prejudice to any other administrative or judicial remedy, you have the right to complain to a supervisory authority, in particular in the member state of your residence, your place of work or the place where the alleged infringement occurred, if the affected person considers that the processing of their personal data violates this regulation.

You have the right to an effective judicial remedy, regardless of any available administrative or non-judicial remedy, including the right to complain to a supervisory authority under Article 77 of the GDPR, if you believe that your rights under this Regulation in relation to the processing of your personal data have been violated due to processing that is not in compliance with this Regulation.


Processor (as a third-party contractor)

We use external service providers (processors) e.g. for shipping goods, accounting or processing payments. Separate data processing contracts are concluded with the service providers in order to ensure the protection of your personal data.

Professionally crafted Word templates

We look forward to your inquiry or direct order.