By operating our website (hereinafter referred to as "website"), we process personal data. We treat this data confidentially and process it in accordance with the applicable laws - in particular the German Data Protection Regulation (DSGVO) and the German Federal Data Protection Act (BDSG-neu). With our data protection regulations, we want to inform you which personal data we collect from you, for what purposes and on what legal basis we use it and, if applicable, to whom we disclose it. Furthermore, we will explain to you which rights you are entitled to in order to protect and enforce your data protection.

2.         NOTES

Our data protection regulations contain technical terms that are in the DSGVO and the BDSG-neu. For your better understanding, we would like to explain these terms in simple terms in advance:

2.1       Personal Data
"Personal data" means any information relating to an identified or identifiable person (Art. 4 No. 1 GDPR). Information of an identified person can be, for example, the name or the e-mail address. However, personal data is also data for which the identity is not immediately apparent, but can be determined by combining one's own information or that of others and thus finding out who it is. A person becomes identifiable, for example, by providing his or her address or bank details, date of birth or user name, IP addresses and/or location data. Relevant here is all information that in any way allows a conclusion to be drawn about a person.

2.2       Processing
Article 4 No. 2 of the GDPR defines "processing" as any operation related to personal data. This relates in particular to the collection, recording, organisation, arrangement, storage, adaptation or alteration, retrieval, consultation, use, disclosure, transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data.


3.         RESPONSIBLE

Responsible for data processing is:

Company:                               Cream Communication ("we")
Legal representative:             Anne Bettina Leutner (owner)
Address:                                 Schauenburger Straße 37, 20095 Hamburg, Germany
Phone:                                    +49 40 401 13 10 10
Fax:                                         +49 40 401 13 10 11


We have appointed an external data protection representative for our company. You can reach him under: 

Name:                                     Arne Platzbecker
Address:                                 HABEWI GmbH & Co. KG, Palmaille 96, 22767 Hamburg, Germany
Phone:                                    +49 40 18189800
Fax:                                         +49 40 181898099



Within the framework of the website with the URL, we process the personal data from you listed in detail below under points 6-8. We only process data from you that you actively provide on our website (e.g. by filling out forms) or that you automatically provide when using our offer.

Your data will only be processed by us and will not be sold, lent or passed on to third parties. If we use the help of external service providers to process your personal data, this is done within the framework of so-called order processing, in which we as the client are authorised to issue instructions to our contractors. For the operation of our website, we use external service providers for hosting, as well as for maintenance, care and further development. If further external service providers are used for individual processing operations listed in sections 6-8, they will be named there.

Data transfer to third countries does not take place and is not planned. We will provide information on exceptions to this principle in the processing operations described below.



6.1       Description of the processing
Each time you access the website, we automatically record information that your browser transmits to our server. This information is also stored in the so-called log files of our system. This is the following data:

  • Your IP address
  • the browser software you use, as well as its version and language
  • the operating system you are using
  • the website from which you came to our website (so-called referrer)
  • the sub-pages you have accessed on our website
  • the date and time of your visit to our website
  • your internet service provider
  • the amount of data transferred
  • country and place from which you visited our website
  • your length of stay on our website

The temporary storage of your IP address by the system is necessary in order to be able to deliver our website to a user's terminal device. For this purpose, the user's IP address must remain stored for the duration of the session. However, your IP address is not recorded in our log files.

6.2       Purpose
The processing is carried out to enable the website to be called up and to ensure its stability and security. Furthermore, the processing serves the statistical evaluation and improvement of our online offer. 

6.3       Legal basis
The processing is necessary to protect the overriding legitimate interests of the controller (Art. 6 para. 1 lit. f DSGVO). Our legitimate interest lies in the purpose named in section 6.2.

6.4       Storage period
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. 


7.1       Description of the processing
You can also contact us via the e-mail addresses provided on the website. In this case, the user's personal data transmitted with the e-mail will be processed by us.

7.2       Purpose
The data transmitted with your e-mail will be used exclusively for the purpose of processing and responding to your request. 

7.3       Legal basis
The processing is necessary to protect the overriding legitimate interests of the controller (Art. 6 para. 1 lit. f DSGVO). Our legitimate interest lies in the purpose named in section 7.2. If the e-mail contact is aimed at the conclusion or fulfilment of a contract, the data processing is carried out for the fulfilment of the contract (Art. 6 para. 1 lit. b DSGVO).

7.4       Storage period
We delete the data as soon as it is no longer required to achieve the purpose for which it was collected. This is usually the case when the respective communication with you has ended. The communication is terminated when it can be inferred from the circumstances that your concern has been conclusively clarified. If legal retention periods prevent deletion, the data will be deleted immediately after the legal retention period has expired.

8.         COOKIES

8.1       Description of the processing
Our website uses cookies. Cookies are small text files that are stored on the user's terminal device when visiting a website. Cookies contain information that enables the recognition of a terminal device and possibly certain functions of a website. In most cases, we only use so-called "session cookies". These are automatically deleted when you end your internet session and close the browser. Other cookies remain stored on your terminal device for a longer period of time. We use the following cookies on our website:

Name Value                           qtrans_cookie_test qTranslate+Cookie+Test
Path Flags Expiry date           / At end of session

8.2       Purpose
We use cookies to make our website more user-friendly and to offer the functions described in section 8.1. 

8.3       Legal basis
The processing is necessary to protect the overriding legitimate interests of the controller (Art. 6 para. 1 lit. f DSGVO). Our legitimate interest lies in the purpose named in section 10.2.

8.4       Storage period  
Cookies are automatically deleted at the end of a session or when the specified storage period expires. Since cookies are stored on your terminal device, you as a user also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transfer of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, individual functions of our website cannot be used or can only be used to a limited extent.


To protect your personal data from unauthorised access, we have provided our website with an SSL or TLS certificate. SSL stands for "Secure Sockets Layer" and TLS for "Transport Layer Security" and encrypts the communication of data between a website and the user's end device. You can recognise active SSL or TLS encryption by a small lock logo that is displayed on the far left of the browser's address bar.



With regard to the data processing by our company described above, you are entitled to the following data subject rights:

10.1     Information (Art. 15 GDPR)
You have the right to request confirmation from us as to whether we are processing personal data relating to you. If this is the case, you have a right to information about this personal data and to the further information listed in Article 15 of the GDPR under the conditions set out in Article 15 of the GDPR.

10.2     Rectification (Art. 16 GDPR)
You have the right to demand that we correct any inaccurate personal data relating to you without delay and, if necessary, to complete any incomplete personal data.

10.3     Deletion (Art. 17 GDPR)
You have the right to demand that we delete personal data relating to you without delay if one of the reasons listed in detail in Article 17 of the GDPR applies, e.g. if your data is no longer required for the purposes we are pursuing.

10.4     Restriction of data processing (Art. 18 GDPR)
You have the right to request that we restrict processing if one of the conditions listed in Art. 18 of the GDPR applies, e.g. if you dispute the accuracy of your personal data, data processing will be restricted for the period of time that allows us to verify the accuracy of your data. 

10.5     Data portability (Art. 20 GDPR)
You have the right, under the conditions set out in Art. 20 of the GDPR, to request the return of the data concerning you in a structured, common and machine-readable format.

10.6     Withdrawal of consent (Art. 7 para. 3 GDPR)  
You have the right to withdraw your consent at any time in the case of processing based on consent. The revocation applies from the time it is asserted. In other words, it is effective for the future. The processing therefore does not become unlawful retroactively as a result of the withdrawal of consent.

10.7     Complaint (Art. 77 GDPR)
If you believe that the processing of personal data concerning you infringes the GDPR, you have the right to lodge a complaint with a supervisory authority. You can exercise this right with a supervisory authority in the EU Member State of your residence, workplace or the place of the alleged infringement. 

10.8     Prohibition of automated decisions/profiling (Art. 22 GDPR)
Decisions which have legal effects concerning you or which significantly affect you must not be based solely on automated processing of personal data, including profiling. We inform you that we do not use automated decision-making, including profiling, with regard to your personal data.
10.9     Objection (Art. 21 GDPR)
If we process your personal data on the basis of Art. 6 (1) f of the GDPR (for the protection of overriding legitimate interests), you have the right to object to this under the conditions listed in Art. 21 of the GDPR. However, this only applies insofar as there are reasons arising from your particular situation. After an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms. We also do not have to stop processing if it serves the assertion, exercise or defence of legal claims. In any case - also irrespective of a specific situation - you have the right to object to the processing of your personal data for direct marketing at any time.


Status: May 2022