Privacy Policy
The protection of your personal data is important to us. Below we inform you about the collection and use of your personal data when using our website.
1. Controller
Short Statured People of Australia (SSPA)
QLD Gold Coast
Australia
E-Mail: info@wdg2027.com
Data Protection Officer:
Marib Aldoais
Leimbergerstraße 43a
91052 Erlangen
Germany
E-Mail: marib.aldoais@gmail.com
2. Collection and Use of Personal Data
Personal data is information that relates to an identified or identifiable natural person.
Server Log Files
The provider automatically collects and stores information in server log files that your browser transmits: browser type and version, operating system, referrer URL, hostname of the accessing device, time of the server request, IP address. This data is not merged with other sources. Processing serves to ensure a smooth connection, system security and stability, and further administrative purposes, which also constitutes our legitimate interest. Legal basis: Art. 6(1)(f) GDPR.
Contact via Email or Phone
When you contact us by email or phone, your details are stored to process your enquiry and are not shared without your consent. The legal basis is Art. 6(1)(b) GDPR where your enquiry relates to the initiation or performance of a contract, otherwise our legitimate interest in responding to your enquiry pursuant to Art. 6(1)(f) GDPR.
Contact Form
When you use our contact form, the data entered is processed to handle your enquiry. A valid email address is required. The legal basis for processing is our legitimate interest in responding to and handling your enquiry pursuant to Art. 6(1)(f) GDPR. Where your enquiry relates to the conclusion or performance of a contract, Art. 6(1)(b) GDPR additionally applies as the legal basis. Your data will be deleted once it is no longer required for the processing of your enquiry. As a rule, we delete your enquiry no later than six months after its final processing, unless statutory retention obligations apply or the data is necessary for the establishment, exercise, or defence of legal claims. To protect the form against abuse we use Cloudflare Turnstile; for details see section 3.3.
Retention Period
Unless a specific retention period is stated, your data will remain with us until the purpose for processing no longer applies.
3. Disclosure of Data
We do not generally share your personal data with third parties. Exceptions apply only where necessary for the technical operation of the website.
3.1 Platform Operator
We use an external service provider to operate our website. Legal basis: Art. 6(1)(b) and (f) GDPR. The operator will only process your data as required to fulfil its service obligations.
Our website is operated by:
Marib Aldoais
Leimbergerstraße 43a
91052 Erlangen
Germany
3.2 Hosting
This website is hosted externally. Personal data collected on this website is stored on the hoster's servers. Legal basis: Art. 6(1)(b) and (f) GDPR.
We use the following hosting provider:
Hetzner Online GmbH
Industriestraße 25
91710 Gunzenhausen
Germany
3.3 Spam Protection (Cloudflare Turnstile)
To protect our contact form we use Cloudflare Turnstile, a service of Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. The service detects automated access (e.g. by bots) and protects the form from abuse and spam. In doing so, information about your browser and device as well as your IP address is processed and transmitted to Cloudflare servers in the USA. The legal basis is our legitimate interest in the security and abuse-free operation of our online forms pursuant to Art. 6(1)(f) GDPR. For transfers of personal data from the European Economic Area, Switzerland, or the United Kingdom to the United States, Cloudflare relies on its certifications under the EU-U.S. Data Privacy Framework, the Swiss-U.S. Data Privacy Framework, and the UK Extension to the EU-U.S. DPF. Should these certifications lapse or become otherwise invalidated, Cloudflare relies on the EU standard contractual clauses, including supplementary measures as necessary. Cloudflare also uses standard contractual clauses for other international transfers from the EEA, Switzerland, or the United Kingdom. You have the right to object to this processing for reasons arising from your particular situation (Art. 21 GDPR); in that case, use of the contact form is not technically possible.
4. Use of Cookies
Our website uses only technically necessary cookies required for the website to function properly. These cannot be disabled. Our legitimate interest lies in the technically error-free provision of our website. Legal basis: Art. 6(1)(f) GDPR.
5. Your Rights as a Data Subject
You have the right:
- to request information under Art. 15 GDPR about your personal data processed by us. In particular, you may request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data (where not collected by us), and the existence of automated decision-making including profiling and, where applicable, meaningful information about its details;
- to request, under Art. 16 GDPR, the rectification, without undue delay, of inaccurate personal data or the completion of your personal data stored by us;
- to request, under Art. 17 GDPR, the erasure of your personal data stored by us, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defence of legal claims;
- to request, under Art. 18 GDPR, the restriction of the processing of your personal data, where the accuracy of the data is contested by you, the processing is unlawful but you object to erasure and we no longer need the data while you require it for the establishment, exercise or defence of legal claims, or you have objected to processing under Art. 21 GDPR;
- to receive, under Art. 20 GDPR, your personal data that you have provided to us in a structured, commonly used and machine-readable format, or to request its transmission to another controller;
- to withdraw your once-given consent at any time under Art. 7(3) GDPR. As a consequence, we may no longer continue the data processing based on this consent for the future; and
- to lodge a complaint with a supervisory authority under Art. 77 GDPR. As a rule, you may contact the supervisory authority of your habitual place of residence or work, or of our registered office.
6. Right to Object
Where your personal data is processed on the basis of legitimate interests pursuant to Art. 6(1)(f) GDPR, you have the right to object, under Art. 21 GDPR, to the processing of your personal data, where there are grounds relating to your particular situation, or where the objection is directed against direct marketing. In the latter case, you have a general right to object which we will implement without you having to state a particular situation.
To exercise your right of withdrawal or objection, an email to the data protection officer is sufficient.
7. Data Security
During website visits, we use the widely used TLS (Transport Layer Security) procedure in combination with the highest level of encryption supported by your browser. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed padlock symbol in the address or status bar of your browser.
We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
8. External Links
This website contains links to third-party websites. If you follow a link to one of the websites outside our responsibility, we point out that these websites have their own privacy policies and that we accept no responsibility or liability for these policies. Please review these privacy policies before voluntarily disclosing personal data to these websites.
There are two types of external links on this website:
- External links marked with an icon: these are indicated by a symbol.
- Links with consent via a pop-up: especially for external links embedded behind images, a notice window appears before the link is opened, in which you are explicitly asked for your consent to be forwarded.
Only when you click an external link or actively consent is data transmitted to the link target. This is technically necessary due to the underlying internet protocol (TCP/IP). The data transmitted includes, among others:
- your IP address
- the time at which you clicked the link
- the operating system of your device
- the browser version of your device
9. Changes to this Privacy Policy
We reserve the right to update this privacy policy as necessary to comply with current legal requirements. The updated policy will apply to future visits.
Last updated: 24/06/2026