1. Basic Information
1.1. Data Controller
The data controller responsible for data processing within the scope of this website in accordance with Article 4 No. 7 GDPR is:
Tanja Kerner
Niemoellerallee 12
81739 Munich
contact@tanjakerner.com
1.2. General Information
This privacy policy informs you about the type, scope, and purpose of the collection and use of personal data in connection with this website. Definitions of the terms used (e.g., "personal data" or "processing") can be found in Article 4 of the GDPR.
2. Collection and Use of Personal Data
On this website, personal data is only collected, used and disclosed where permitted by law or if you have consented to the collection of such data.
In general, you can visit this website without providing any personal information. Anonymised access data may be recorded, to operate and improve the website. Such data does not allow any conclusions to be drawn about your identity.
Details about the data collected are provided below.
2.1. Website Provision
Web hosting and web analytics are provided by:
Framer B.V.
Rozengracht 207B
1016 LZ Amsterdam
Netherlands
Website: https://www.framer.com/
Processed Data:
IP address (hashed daily on a rotating basis, not permanently stored)
Technical information such as device type, operating system, browser type and version, date and time, and transferred data volume
Aggregated usage statistics such as region of origin, language, referring website, pages visited, and time spent on the site
Purpose of Processing: Provision and improvement of the website
Legal Basis: Article 6(1)(f) of the GDPR (provision of a secure, high-performance and stable website)
Storage Period:No personal data is stored. Anonymous usage data is used in aggregated form, is not personally identifiable and stored for a maximum of 90 days.
Further Information:
Privacy Policy: https://www.framer.com/legal/privacy-statement/
Analytics Details: https://www.framer.com/help/articles/gdpr-and-cookies/
2.2. Video Delivery
To deliver the videos on this website, BunnyCDN (Content Delivery Network) and Bunny Stream are employed, provided by:
BunnyWay d.o.o.
Dunajska c. 165
1000 Ljubljana
Slovenia
Website: https://bunny.net/
Processed Data:
Server logs store data such as anonymized IP address, date and time, region, data volume, and the URL of the accessed file.
Aggregated video statistics include the number of video views, viewing duration, region, and data volume.
Purpose of Processing: Delivery and display of video content.
Legal Basis: Article 6(1)(f) of the GDPR (provision of a secure, high-performance and stable website)
Storage Period: No personal data is stored. Anonymous usage data is used in aggregated form and is not personally identifiable. Video statistics are retained indefinitely. Server logs are stored for a maximum of 3 days.
Further Information:
Privacy Policy: https://bunny.net/privacy/
GDPR Statement: https://bunny.net/gdpr/
2.3. Contacting
A contact form and an email address are available on this website for contacting me. If you contact me, the data you provide will be transmitted via email and stored in the email provider's mailbox. The data may also be transferred to a local PC or mobile device for processing.
The email provider is:
IONOS SE
Elgendorfer Str. 57
56410 Montabaur
Website: https://www.ionos.de/
Processed Data:
Name
Email address
Subject
Message text
Attachments
Purpose of Processing: Solely for processing your inquiry.
Legal Basis: Art. 6(1)(f) GDPR (Legitimate interest in responding to enquiries)
Storage Period: The data will be deleted once the enquiry has been fully processed, provided there are no legal retention obligations to the contrary.
Further Information:
Privacy Policy: https://www.ionos.de/datenschutzerklaerung
2.4. Cookies
This website does not use cookies.
2.5 Google Fonts
This website uses Google Fonts, which are hosted locally. These do not establish a connection to Google’s servers and do not transmit any data.
3. Data Transfer to Third Countries
Framer, BunnyWay, and IONOS SE primarily process data within the EU. If data is processed outside the EU/EEA, the providers state that they ensure appropriate safeguards are in place in accordance with Article 46 of the GDPR.
4. Data Security
Appropriate technical and organisational measures are in place to protect personal data against loss, destruction, unauthorised access or unlawful processing. These include, for example, TLS/SSL encryption for the website, access restrictions to email accounts, and regular software updates.
The service providers used by this website employ industry-standard technical and organisational security measures to protect data, including encrypted data transmission and documented data protection processes.
5. Rights of Data Subjects
Under the GDPR, you have the following rights:
The right of access (Art. 15 GDPR): Right to confirmation and information about which personal data is being processed.
The right to rectification (Art. 16 GDPR): Right to rectification of inaccurate or incomplete data.
The right to erasure (Art. 17 GDPR): Right to erasure, provided that no statutory retention periods or other legal obligations prevent this.
The right to restriction of processing (Art. 18 GDPR): Right to restrict processing under certain conditions (e.g., contested accuracy, review of objections).
The right to data portability (Art. 20 GDPR): Right to receive data in a commonly used, machine-readable format, provided that the processing is based on consent or contract and is carried out by automated means.
The right to object (Art. 21 GDPR): Right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you where the legal basis is legitimate interest.
The right to lodge a complaint (Art. 77 GDPR): You have the right to lodge a complaint with the responsible supervisory authority if you suspect a violation of your data protection rights. The responsible supervisory authority is the one in your place of habitual residence, your place of work, or the place of the alleged infringement.
To exercise your rights, please contact me by email. Barring unforeseen circumstances, inquiries are generally answered within one month. In complex cases, this period may be extended by two months.
6. Right to Withdraw Consent
You have the right to withdraw any consent you have given at any time without giving a reason. This does not affect the lawfulness of any processing carried out prior to the withdrawal.
7. Automated Decision-Making and Profiling
No automated decision-making within the meaning of Article 22 of the GDPR and no profiling takes place.
8. Maintaining Profiles on Third-Party Platforms
My presence on social networks and platforms serves to facilitate better, active communication with my customers and potential clients. I use these platforms to showcase my work and provide information about my services. In doing so, I utilize the technical platforms and services of the respective providers.
8.1. Data Processing by the Platforms
I would like to expressly point out that these services store their users' data (e.g., personal information, IP addresses, etc.) in accordance with their own data usage policies and often use it for commercial purposes, including market research and advertising. This may also be the case even if you do not have an account with the respective platform. To collect data, the platforms often use cookies, which are stored on your device and remain there until you delete them.
I have no control over the data collection and its further use by the social networks. There is no reliable information about:
to what extent, where, and for how long the data is stored;
to what extent the respective networks comply with existing deletion obligations;
what analyses and connections are carried out with the data; and
to whom the data is transferred to.
Most of the platforms in question process your data worldwide, particularly in the USA. This transfer to a third-country outside the EU entails risks regarding the exercise of your data protection rights.
If you wish to avoid this, please do not contact me via such platforms. You use these services and their functions at your own risk. This applies in particular to the public use of interactive functions (e.g., commenting, sharing, rating) of the platforms.
8.2. Data Processing by Me
Through my various social media profiles, you have the option to provide personal data yourself (for example, by commenting, participating in surveys, sharing, or rating). This data is stored and may be published by the provider of the respective platform. I reserve the right to delete content if necessary and technically possible. If a platform has a sharing function, I may share your content on my corresponding profile.
If you contact me directly via a platform (for example, through direct messages), the personal data you provide, such as your username and message text, will be used exclusively to process your enquiry. I may refer you to a secure communication channel to answer your request in order to ensure the confidentiality of your personal data. Provided this is technically feasible and no statutory retention periods prevent it, the data will be deleted after your request has been fully processed.
Platform operators typically provide statistics by default, which can only be partially disabled. These are usually aggregated and anonymized statistics on user behavior on my social media pages. The data is used to improve the content and cannot be linked to any individual.
Where possible, your personal data will be deleted in the event that the relevant social media pages are closed.
The legal basis for communicating with you and using anonymized statistics is generally Article 6(1)(f) GDPR.
8.3. Exercising Your Rights
In accordance with Article 26 of the GDPR, I am jointly responsible with the platforms for data processing on my public profiles. Agreements regarding this responsibility exist with the platforms, which are defined in more detail on their respective websites.
To exercise your data subject rights, you may contact either me or the relevant platform provider. Where I am not responsible, I will refer you to the platform. Should information from the other party be required, your enquiry will be forwarded to the relevant partner.
Please note that, despite sharing responsibility with the platform operators, I do not have complete control over the platforms’ data processing operations. My options are largely determined by the corporate policy of the respective provider.
8.4. Platforms
Below you will find the platforms on which I operate profiles and links to their respective privacy policies.
8.4.1. LinkedIn
Operated by:
LinkedIn Ireland Unlimited Company
Wilton Plaza
Wilton Place
Dublin 2
Ireland
Website: https://www.linkedin.com
Privacy Policy: https://www.linkedin.com/legal/privacy-policy
8.4.2. Artstation
Operated by:
Epic Games Commerce GmbH
Platz 10
6039 Root D4
Switzerland
Website: https://www.artstation.com/
Privacy Policy: https://www.artstation.com/privacy
8.4.3. Vimeo
Betrieben durch:
Vimeo.com, Inc.
330 West 34th Street, 10th Floor
New York, New York 10001
USA
Website: https://vimeo.com/
Privacy Policy: https://vimeo.com/legal/privacy/policy
8.4.4. Behance
Operated by:
Adobe Systems Software Ireland Limited
4-6 Riverwalk
Citywest Business Campus
Dublin 24
Ireland
Website: https://www.behance.net/
Privacy Policy: https://www.adobe.com/de/privacy.html
8.4.5. The Rookies
Operated by:
The Rookies
PO Box 1052
Adelaide SA 5045
Australia
Website: https://www.therookies.co/
Privacy Policy: https://www.therookies.co/privacy-policy
9. Changes to the Privacy Policy
This Privacy Policy is current as of March 2026. I reserve the right to amend this policy in the event of changes to the website, the introduction of new services or changes to legal requirements. The latest version will be published on the website.