Data Protection
Privacy Policy
Last updated: May 2026 · This policy applies to cocolean.com and all sub-pages operated by cocolean GmbH.
§ 1
Data Controller
The party responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:
cocolean GmbH
Heimstraße 5a
82152 Krailling
Germany
Email: info@cocolean.com
cocolean GmbH does not have a mandatory data protection officer under Art. 37 GDPR. For all data protection enquiries, please contact us directly at the address above.
§ 2
Server Log Files
When you visit this website, our hosting provider automatically collects and stores information in server log files that your browser transmits to us. This data includes:
- Browser type and version
- Operating system
- Referrer URL (the page you visited before arriving here)
- IP address of the requesting device
- Date and time of the request
- Name of the file accessed
This data is not merged with other data sources. It is processed on the basis of Art. 6(1)(f) GDPR — our legitimate interest in the technically error-free and secure provision of this website. Log data is deleted after a retention period of 7 days, unless a longer retention period is required for security investigation purposes.
Hosting provider: [Add your hosting provider name and address here, e.g. Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany — and link to their data processing agreement if applicable.]
§ 3
Adobe Fonts (Typekit)
This website uses web fonts provided by Adobe Inc. (345 Park Avenue, San Jose, CA 95110, USA) via the Adobe Fonts service (formerly Typekit). When you load a page, your browser establishes a connection to Adobe's servers to retrieve the font files. In doing so, your IP address is transmitted to Adobe.
This processing is carried out on the basis of Art. 6(1)(f) GDPR — our legitimate interest in a consistent and technically correct typographic presentation of the website. Adobe may transfer this data to the United States. Adobe Inc. is certified under the EU–US Data Privacy Framework, which provides an adequate level of protection for personal data transferred from the EU.
For more information on how Adobe handles your data, please refer to Adobe's privacy policy: adobe.com/privacy/policy.html
§ 4
Contact via Email
If you contact us by email, the data you provide (your email address, and any personal information included in your message) will be stored for the purpose of processing your enquiry and for any follow-up questions. This data is processed on the basis of Art. 6(1)(b) GDPR (processing necessary for the performance of a contract or pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in responding to enquiries).
We will not share this data with third parties without your consent. Data transmitted by email is deleted as soon as the enquiry has been conclusively resolved, unless statutory retention obligations require longer storage.
§ 5
Cookies and Tracking
This website does not use cookies for tracking, profiling, or advertising purposes. No analytics services, social media plugins, or remarketing tools are embedded on this site. The only third-party connection established on page load is the Adobe Fonts request described in § 3 above.
Should we introduce any analytics or cookie-based functionality in the future, this policy will be updated and, where required under the TTDSG, explicit consent will be obtained prior to any cookie being set.
§ 6
Your Rights
Under the GDPR, you have the following rights with respect to your personal data:
- Right of access (Art. 15 GDPR) — you may request confirmation of whether we process personal data about you, and if so, a copy of that data.
- Right to rectification (Art. 16 GDPR) — you may request correction of inaccurate or incomplete data.
- Right to erasure (Art. 17 GDPR) — you may request deletion of your personal data where no legal basis for continued processing exists.
- Right to restriction of processing (Art. 18 GDPR) — you may request that processing of your data be restricted in certain circumstances.
- Right to data portability (Art. 20 GDPR) — you may request that data you have provided be transferred to you or to a third party in a structured, machine-readable format.
- Right to object (Art. 21 GDPR) — you may object at any time to processing based on legitimate interests (Art. 6(1)(f) GDPR).
- Right to withdraw consent (Art. 7(3) GDPR) — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at info@cocolean.com. We will respond within the statutory period of one month.
§ 7
Right to Lodge a Complaint
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes the GDPR (Art. 77 GDPR).
The supervisory authority competent for cocolean GmbH is:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach
Germany
lda.bayern.de
§ 8
Data Security
This website uses SSL/TLS encryption for all data transmitted between your browser and our server. An encrypted connection is indicated by the padlock icon in your browser's address bar and by the https:// prefix in the URL. Data transmitted via an encrypted connection cannot be read by third parties in transit.
§ 9
Changes to This Policy
We may update this privacy policy from time to time to reflect changes in our practices or in applicable law. The current version will always be accessible at this URL. We recommend reviewing this page periodically.