privacy Policy
Last updated: March 2, 2026
This privacy policy explains how personal data is collected and processed when you visit hermes.art, the website of Volker Hermes. The term "personal data" refers to any information that can be used to identify you personally.
1. Controller
The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:Volker Hermes
Kirchfeldstrasse 31
40217 Duesseldorf, GermanyPhone: +49 (0) 163 441 5720
Email: post@hermes.artThe controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.
1. Controller
The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:Volker Hermes
Kirchfeldstrasse 31
40217 Duesseldorf, GermanyPhone: +49 (0) 163 441 5720
Email: post@hermes.artThe controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data.
2. General Information
Data Protection
The operator of this website takes the protection of your personal data seriously. Your personal data is treated confidentially and in accordance with applicable data protection laws and this privacy policy.Please note that data transmission over the internet (for example, when communicating by email) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.
SSL/TLS Encryption
This website usesSSL or TLS encryption for security purposes and to protect the transmission of confidential content. You can recognize an encrypted connection by the "https://" prefix in your browser's address bar and the lock icon in the browser toolbar. When SSL or TLS encryption is active, the data you transmit to us cannot be read by third parties.
Data Retention
Unless a more specific retention period is stated elsewhere in this privacy policy, your personal data will remain with us until the purpose for which it was collected no longer applies. If you submit a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for retaining it (for example, retention periods required by tax or commercial law). In such cases, deletion will occur once those reasons no longer apply.
Legal Basis for Data Processing
Where we process your personal data on the basis of your consent, this is done pursuant to Art. 6(1)(a) GDPR. Where processing is necessary for the performance of a contract or pre-contractual measures, the legal basis is Art. 6(1)(b) GDPR. Where processing is necessary for compliance with a legal obligation, the basis is Art. 6(1)(c) GDPR. Where processing is based on our legitimate interests, the basis is Art. 6(1)(f) GDPR. The specific legal basis applicable to each type of processing is described in the relevant sections below.
Recipients of Personal Data
In the course of operating this website, we work with certain external service providers. Personal data is only shared with external parties where it is necessary for a contractual obligation, where we are legally required to do so, where we have a legitimate interest under Art. 6(1)(f) GDPR, or where another legal basis permits it. Where we use data processors, personal data is only shared on the basis of a valid data processing agreement.
Data Protection
The operator of this website takes the protection of your personal data seriously. Your personal data is treated confidentially and in accordance with applicable data protection laws and this privacy policy.Please note that data transmission over the internet (for example, when communicating by email) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.
SSL/TLS Encryption
This website usesSSL or TLS encryption for security purposes and to protect the transmission of confidential content. You can recognize an encrypted connection by the "https://" prefix in your browser's address bar and the lock icon in the browser toolbar. When SSL or TLS encryption is active, the data you transmit to us cannot be read by third parties.
Data Retention
Unless a more specific retention period is stated elsewhere in this privacy policy, your personal data will remain with us until the purpose for which it was collected no longer applies. If you submit a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for retaining it (for example, retention periods required by tax or commercial law). In such cases, deletion will occur once those reasons no longer apply.
Legal Basis for Data Processing
Where we process your personal data on the basis of your consent, this is done pursuant to Art. 6(1)(a) GDPR. Where processing is necessary for the performance of a contract or pre-contractual measures, the legal basis is Art. 6(1)(b) GDPR. Where processing is necessary for compliance with a legal obligation, the basis is Art. 6(1)(c) GDPR. Where processing is based on our legitimate interests, the basis is Art. 6(1)(f) GDPR. The specific legal basis applicable to each type of processing is described in the relevant sections below.
Recipients of Personal Data
In the course of operating this website, we work with certain external service providers. Personal data is only shared with external parties where it is necessary for a contractual obligation, where we are legally required to do so, where we have a legitimate interest under Art. 6(1)(f) GDPR, or where another legal basis permits it. Where we use data processors, personal data is only shared on the basis of a valid data processing agreement.
3. Your Rights Under the GDPR
Right of Access, Rectification, and ErasureYou have the right at any time to obtain free information about the personal data we hold about you, its origin, recipients, and the purpose of processing. You may also have the right to have this data corrected or deleted. You can contact us at any time using the contact information above.
Right to Restriction of Processing
You have the right to request the restriction of processing of your personal data in certain circumstances, including: if you contest the accuracy of the data (for the duration of verification), if the processing is unlawful and you oppose erasure, if we no longer need the data but you require it for the establishment or exercise of legal claims, or if you have objected to processing under Art. 21(1) GDPR pending verification of whether our legitimate grounds override yours.
Right to Data Portability
You have the right to receive any data that we process automatically on the basis of your consent or in fulfillment of a contract in a commonly used, machine-readable format. If you request the direct transfer of this data to another controller, this will only be done where technically feasible.
Right to Revoke Consent
If you have given your consent to data processing, you may revoke that consent at any time. The lawfulness of any processing carried out prior to your revocation remains unaffected.
Right to Object
(Art. 21 GDPR)Where data processing is based on Art. 6(1)(e) or (f) GDPR, you have the right at any time to object to the processing of your personal data on grounds relating to your particular situation. This also applies to profiling based on these provisions. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.Where personal data is processed for the purposes of direct marketing, you have the right to object at any time to the processing of your personal data for such marketing, including profiling to the extent that it is related to such direct marketing.
Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory data protection authority, in particular in the EU member state of your habitual residence, your place of work, or the place of the alleged infringement.
4. Hosting
Webflow
This website is hosted by Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA ("Webflow"). When you visit this website, Webflow collects various log files including your IP address.Webflow is a website building and hosting platform. Webflow may store cookies or similar technologies that are necessary for the display of the site, for the provision of certain website functions, and for security purposes (strictly necessary cookies).The use of Webflow is based on Art. 6(1)(f) GDPR (legitimate interest in a reliable presentation of the website).Data transfers to the United States are supported by the EU Standard Contractual Clauses. Webflow is certified under the EU-US Data Privacy Framework (DPF). More information is available at: https://www.dataprivacyframework.gov/participant/6365For more details, see Webflow's privacy policy: https://webflow.com/legal/eu-privacy-policyA data processing agreement is in place with Webflow as required by the GDPR.
Server Log Files
When you access this website, your browser automatically transmits certain technical data to the web server. This includes: your IP address, the date and time of access, the page requested, the referring URL (the page you visited before), your browser type and version, and your operating system.This data is collected automatically by the hosting provider for the purpose of ensuring the secure and stable operation of the website. The legal basis for this processing is Art. 6(1)(f) GDPR (legitimate interest in the secure operation of the website). Server log files are typically deleted automatically after a short period.
5. Cookies
This website does not use analytics tools, tracking technologies, or any form of user registration. No personal data is collected through forms, sign-ups, or similar mechanisms.
However, the hosting infrastructure (Webflow/Cloudflare) may set a technically necessary cookie called _cfuvid. This cookie is used by Cloudflare for bot detection and rate limiting to protect the website from malicious traffic. It is a strictly necessary cookie that does not track your behavior or collect personal data for marketing purposes. The legal basis for this cookie is Art. 6(1)(f) GDPR (legitimate interest in the secure operation of the website).
For more information, please see Cloudflare's Privacy Policy: https://www.cloudflare.com/privacypolicy/
Right of Access, Rectification, and ErasureYou have the right at any time to obtain free information about the personal data we hold about you, its origin, recipients, and the purpose of processing. You may also have the right to have this data corrected or deleted. You can contact us at any time using the contact information above.
Right to Restriction of Processing
You have the right to request the restriction of processing of your personal data in certain circumstances, including: if you contest the accuracy of the data (for the duration of verification), if the processing is unlawful and you oppose erasure, if we no longer need the data but you require it for the establishment or exercise of legal claims, or if you have objected to processing under Art. 21(1) GDPR pending verification of whether our legitimate grounds override yours.
Right to Data Portability
You have the right to receive any data that we process automatically on the basis of your consent or in fulfillment of a contract in a commonly used, machine-readable format. If you request the direct transfer of this data to another controller, this will only be done where technically feasible.
Right to Revoke Consent
If you have given your consent to data processing, you may revoke that consent at any time. The lawfulness of any processing carried out prior to your revocation remains unaffected.
Right to Object
(Art. 21 GDPR)Where data processing is based on Art. 6(1)(e) or (f) GDPR, you have the right at any time to object to the processing of your personal data on grounds relating to your particular situation. This also applies to profiling based on these provisions. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.Where personal data is processed for the purposes of direct marketing, you have the right to object at any time to the processing of your personal data for such marketing, including profiling to the extent that it is related to such direct marketing.
Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory data protection authority, in particular in the EU member state of your habitual residence, your place of work, or the place of the alleged infringement.
4. Hosting
Webflow
This website is hosted by Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA ("Webflow"). When you visit this website, Webflow collects various log files including your IP address.Webflow is a website building and hosting platform. Webflow may store cookies or similar technologies that are necessary for the display of the site, for the provision of certain website functions, and for security purposes (strictly necessary cookies).The use of Webflow is based on Art. 6(1)(f) GDPR (legitimate interest in a reliable presentation of the website).Data transfers to the United States are supported by the EU Standard Contractual Clauses. Webflow is certified under the EU-US Data Privacy Framework (DPF). More information is available at: https://www.dataprivacyframework.gov/participant/6365For more details, see Webflow's privacy policy: https://webflow.com/legal/eu-privacy-policyA data processing agreement is in place with Webflow as required by the GDPR.
Server Log Files
When you access this website, your browser automatically transmits certain technical data to the web server. This includes: your IP address, the date and time of access, the page requested, the referring URL (the page you visited before), your browser type and version, and your operating system.This data is collected automatically by the hosting provider for the purpose of ensuring the secure and stable operation of the website. The legal basis for this processing is Art. 6(1)(f) GDPR (legitimate interest in the secure operation of the website). Server log files are typically deleted automatically after a short period.
5. Cookies
This website does not use analytics tools, tracking technologies, or any form of user registration. No personal data is collected through forms, sign-ups, or similar mechanisms.
However, the hosting infrastructure (Webflow/Cloudflare) may set a technically necessary cookie called _cfuvid. This cookie is used by Cloudflare for bot detection and rate limiting to protect the website from malicious traffic. It is a strictly necessary cookie that does not track your behavior or collect personal data for marketing purposes. The legal basis for this cookie is Art. 6(1)(f) GDPR (legitimate interest in the secure operation of the website).
For more information, please see Cloudflare's Privacy Policy: https://www.cloudflare.com/privacypolicy/
6. Data Collection on This Website
Contact by Email, Phone, or Fax
If you contact us by email, phone, or fax, your inquiry and all personal data arising from it (such as your name, email address, and the content of your inquiry) will be stored and processed by us for the purpose of handling your request. We will not share this data without your consent.The processing of this data is based on Art. 6(1)(b) GDPR if your inquiry is related to the performance of a contract or pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries directed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if this has been requested. Consent may be revoked at any time.The data you send to us via contact inquiries will remain with us until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies (for example, after your inquiry has been fully handled). Mandatory legal provisions, in particular statutory retention periods, remain unaffected.
7. Plugins and Tools
Google Fonts
This website uses fonts provided by Google LLC ("Google Fonts") for a consistent display of typefaces. When you load a page on this website, your browser establishes a connection to Google's servers to retrieve the font files. In doing so, your IP address is transmitted to Google. Google may process this data in the United States.
The use of Google Fonts is based on Art. 6(1)(f) GDPR (legitimate interest in a consistent and visually appealing presentation of the website). Please note that some German data protection authorities and courts consider the use of externally loaded Google Fonts to require user consent. If you wish to prevent this data transfer, you may use a browser extension that blocks connections to Google's font servers.
Google is certified under the EU-US Data Privacy Framework (DPF).
More information is available at: https://www.dataprivacyframework.gov/participant/5780For more information on how Google handles your data, please see:
https://developers.google.com/fonts/faq and https://policies.google.com/privacy
8. External Links
This website contains links to external websites, including social media platforms and video content hosted by third parties. Clicking these links will take you to websites operated by other parties. Once you leave hermes.art, this privacy policy no longer applies. Please review the privacy policies of those external websites for information on how they handle your data.
9. Data Transfer to Third Countries
As described above, data may be transferred to the United States through the website's hosting provider (Webflow) and through the use of Google Fonts. These transfers are supported by the EU Standard Contractual Clauses and, where applicable, the EU-US Data Privacy Framework. In the case of explicit consent to the transfer of personal data to third countries, processing is also carried out on the basis of Art. 49(1)(a) GDPR.
Contact by Email, Phone, or Fax
If you contact us by email, phone, or fax, your inquiry and all personal data arising from it (such as your name, email address, and the content of your inquiry) will be stored and processed by us for the purpose of handling your request. We will not share this data without your consent.The processing of this data is based on Art. 6(1)(b) GDPR if your inquiry is related to the performance of a contract or pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries directed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if this has been requested. Consent may be revoked at any time.The data you send to us via contact inquiries will remain with us until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies (for example, after your inquiry has been fully handled). Mandatory legal provisions, in particular statutory retention periods, remain unaffected.
7. Plugins and Tools
Google Fonts
This website uses fonts provided by Google LLC ("Google Fonts") for a consistent display of typefaces. When you load a page on this website, your browser establishes a connection to Google's servers to retrieve the font files. In doing so, your IP address is transmitted to Google. Google may process this data in the United States.
The use of Google Fonts is based on Art. 6(1)(f) GDPR (legitimate interest in a consistent and visually appealing presentation of the website). Please note that some German data protection authorities and courts consider the use of externally loaded Google Fonts to require user consent. If you wish to prevent this data transfer, you may use a browser extension that blocks connections to Google's font servers.
Google is certified under the EU-US Data Privacy Framework (DPF).
More information is available at: https://www.dataprivacyframework.gov/participant/5780For more information on how Google handles your data, please see:
https://developers.google.com/fonts/faq and https://policies.google.com/privacy
8. External Links
This website contains links to external websites, including social media platforms and video content hosted by third parties. Clicking these links will take you to websites operated by other parties. Once you leave hermes.art, this privacy policy no longer applies. Please review the privacy policies of those external websites for information on how they handle your data.
9. Data Transfer to Third Countries
As described above, data may be transferred to the United States through the website's hosting provider (Webflow) and through the use of Google Fonts. These transfers are supported by the EU Standard Contractual Clauses and, where applicable, the EU-US Data Privacy Framework. In the case of explicit consent to the transfer of personal data to third countries, processing is also carried out on the basis of Art. 49(1)(a) GDPR.
