BananaCoding Back

Privacy Notice

Last updated: April 3, 2026

1. Controller

The entity responsible for processing personal data on this website within the meaning of the General Data Protection Regulation (GDPR) and applicable German data protection law is:

BananaCoding

Germany

Email: hallo@bananacoding.de

Website: bananacoding.de

2. Processing in the Course of Core Business Activities

If you are a client, prospective client, or business partner of BananaCoding, the nature, scope, and purpose of the processing of your data is governed by the existing or pre-contractual relationship between us. The data processed includes all data you make available for the performance of agreed services or for handling your inquiry.

Unless stated otherwise in this notice, data will only be passed on to third parties where this is necessary to fulfil a contract, exercise legal rights, or comply with legal obligations.

Affected data categories

  • Master / identification data (e.g. name, address)
  • Contact data (e.g. email address, phone number)
  • Contract data (e.g. subject matter, duration, invoicing)
  • Communication content (emails, messages)
  • Traffic / usage data arising from electronic communication

Affected persons

Prospective clients, clients, and contractual / business partners.

Purpose of processing

Execution and settlement of contracts; responding to inquiries; fulfilment of pre-contractual obligations; internal organisational processes necessary for service delivery.

Legal basis

Art. 6(1)(b) GDPR β€” performance of or steps prior to a contract;
Art. 6(1)(c) GDPR β€” compliance with a legal obligation (e.g. retention of records for tax purposes);
Art. 6(1)(f) GDPR β€” legitimate interest in the secure operation of IT systems and the prevention of misuse.

3. Contact via Email

When you contact us by email, the personal data you provide (e.g. name, email address, message content) will be stored and processed solely for the purpose of handling your inquiry and any follow-up correspondence. This data will not be shared with third parties without your consent.

Affected data: Master data, contact data, content data (message text).

Affected persons: Prospective clients, clients, business partners.

Purpose: Communication and handling of enquiries; organisational procedures.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual or contractual measures) and/or Art. 6(1)(f) GDPR (legitimate interest in responding to enquiries).

4. Server Log Files & IP Addresses

To deliver this website to your browser, the hosting provider must temporarily store your IP address. Server-level logs are retained for up to 14 days to ensure error-free server operation and to detect and prevent attacks on the technical infrastructure. This data is not merged with other data sources.

Log files may contain the following data:

  • Browser type and version
  • Operating system
  • Referrer URL
  • Hostname / IP address of the accessing device
  • Date and time of the request

Legal basis: Art. 6(1)(f) GDPR β€” legitimate interest in the secure and efficient operation of this website.

5. Cookies & Tracking

This website does not use cookies, tracking pixels, analytics tools, or any other third-party data collection technologies. No personal data is collected automatically beyond the server log files described in section 4.

6. Data Retention & Deletion

We delete or restrict your personal data as soon as the purpose for which it was collected no longer applies and no statutory retention obligation prevents deletion. Specifically, data is deleted when:

  • the legal basis for processing ceases to exist (e.g. after the end of a contractual relationship, Art. 6(1)(a) GDPR, or after the legitimate interest lapses, Art. 6(1)(f) GDPR);
  • you exercise your right to withdraw consent and no other legal basis applies;
  • you exercise your right to object and there are no overriding legitimate grounds for continued processing.

Where data must be retained to comply with statutory obligations (generally 6 years for business correspondence, 10 years for accounting records under German law) or to establish, exercise, or defend legal claims (up to 4 years), processing is restricted to those purposes until the respective retention period expires.

7. Your Rights under the GDPR

You may assert the following rights against us at any time by contacting us at the address given in section 1:

  • a) Right of access (Art. 15 GDPR)
    You may request information about whether and which personal data we process about you.
  • b) Right to rectification (Art. 16 GDPR)
    You may request correction of inaccurate or completion of incomplete data.
  • c) Right to erasure (Art. 17 GDPR)
    You may request the deletion of your personal data where the conditions of Art. 17 GDPR are met.
  • d) Right to restriction of processing (Art. 18 GDPR)
    In certain cases you may request that we restrict processing to specific, limited purposes.
  • e) Right to data portability (Art. 20 GDPR)
    You may request that we transmit your data to you or to another controller in a structured, commonly used, machine-readable format.
  • f) Right to withdraw consent (Art. 7(3) GDPR)
    Where processing is based on your consent, you may withdraw that consent at any time with effect for the future. Withdrawal does not affect the lawfulness of processing carried out prior to the withdrawal.
  • g) Right to object (Art. 21 GDPR)
    You may object at any time to processing of your personal data that is based on our legitimate interest (Art. 6(1)(f) GDPR). If you exercise this right, we will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defence of legal claims.
    You also have an unconditional right to object to processing for direct marketing purposes at any time.
  • h) Right to lodge a complaint (Art. 77 GDPR)
    You have the right to lodge a complaint with a data protection supervisory authority. The competent authority is that of your habitual residence, your place of work, or our place of business. In Germany you may also contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI):
    Der Bundesbeauftragte fΓΌr den Datenschutz und die Informationsfreiheit
    Graurheindorfer Str. 153, 53117 Bonn
    Email: poststelle@bfdi.bund.de

To exercise any of the above rights send your request to hallo@bananacoding.de.

8. Security Measures

We implement appropriate technical and organisational security measures in accordance with the state of the art to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction, or unauthorised access by third parties (Art. 32 GDPR). Our security measures are continuously reviewed and updated in line with technological developments.

9. No Automated Decision-Making

We do not use automated individual decision-making or profiling processes as defined in Art. 22 GDPR that produce legal effects concerning you or similarly significantly affect you.

10. Changes to This Notice

We reserve the right to amend this privacy notice at any time with effect for the future to reflect changes in legal requirements or our services. The current version is always available at this URL. We recommend checking this page periodically.