Privacy Policy

1. Data Controller

The data controller for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:

Schrall IT & event GmbH
Erlenweg 1a
82538 Geretsried
Germany

Managing Director: Patrick Schrall
Phone: +49 8171 234 899 0
Email: info@schrall.com
Commercial Register: HRB 155451, Amtsgericht Wolfratshausen
VAT ID: DE814288039

2. Overview of Data Processing

This website collects and processes as little personal data as possible. No analytics or tracking services are used. All resources (fonts, CSS frameworks, JavaScript libraries) are hosted locally on our server — no requests are made to external CDNs or third-party services. This means no IP addresses are transmitted to third parties.

3. Hosting

This website is hosted on a server in Germany. When you visit the website, your browser automatically establishes a connection to the server and transmits technically necessary data (see Section 6: Server Log Files). The hosting provider processes this data on our behalf based on Art. 6(1)(f) GDPR and, where applicable, a data processing agreement pursuant to Art. 28 GDPR.

4. Contact Form

When you contact us via the contact form, the data you enter (name, email address, message) is processed to handle your inquiry. The data is exclusively forwarded to us by email and is not stored in a database. The legal basis is Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in responding to inquiries). Emails are deleted once the inquiry has been fully processed and no statutory retention obligations apply.

5. Cookies and Technically Necessary Technologies

This website uses only technically necessary cookies. No marketing, tracking, or analytics cookies are used.

Antiforgery Cookie: When submitting the contact form, an antiforgery cookie is set. This protects against Cross-Site Request Forgery (CSRF) attacks and is required for the secure operation of the form. It does not contain personal data and is deleted at the end of the browser session.

Blazor Connection: For interactive features, this website uses a WebSocket connection (SignalR). A technical connection ID is processed, which does not contain personal data and is discarded when the page is closed.

The legal basis for the use of technically necessary cookies and technologies is Art. 6(1)(f) GDPR (legitimate interest in the secure and functional provision of the website).

6. Server Log Files

The hosting provider automatically collects and stores information in server log files that your browser automatically transmits when visiting the site. This includes:

• IP address of the requesting device
• Date and time of the request
• Name and URL of the requested file
• Amount of data transferred
• Notification of successful retrieval (HTTP status code)
• Browser type and version
• Operating system used
• Referrer URL (previously visited page)

This data is not merged with other data sources. Processing is carried out on the basis of Art. 6(1)(f) GDPR (legitimate interest in ensuring trouble-free operation and improving our offering). Log files are automatically deleted after 14 days.

7. Legal Basis

The processing of personal data on this website is based on the following legal grounds under the GDPR:

Art. 6(1)(b) GDPR: Processing for the performance of a contract or pre-contractual measures (e.g., contact inquiries).
Art. 6(1)(f) GDPR: Processing based on legitimate interests (e.g., technical operation of the website, security, server logs).

8. Your Rights

You have the following rights regarding your personal data:

Right of Access (Art. 15 GDPR): You may request information about your personal data stored by us.
Right to Rectification (Art. 16 GDPR): You may request the correction of inaccurate data.
Right to Erasure (Art. 17 GDPR): You may request the deletion of your data, provided no statutory retention obligations apply.
Right to Restriction (Art. 18 GDPR): You may request the restriction of processing of your data.
Right to Data Portability (Art. 20 GDPR): You may request that we provide your data in a structured, commonly used format.
Right to Object (Art. 21 GDPR): You may object to the processing of your data based on Art. 6(1)(f) GDPR at any time.

To exercise your rights, you can contact us at any time at: info@schrall.com

You also have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data. The supervisory authority responsible for us is:

Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18
91522 Ansbach, Germany
https://www.lda.bayern.de

9. Currency and Changes to This Privacy Policy

This privacy policy is currently valid as of February 2026. Due to the further development of our website or changes in legal or regulatory requirements, it may become necessary to amend this privacy policy.

Rejoining the server...

Rejoin failed... trying again in seconds.

Failed to rejoin.
Please retry or reload the page.

The session has been paused by the server.

Failed to resume the session.
Please reload the page.