Privacy policy.

01 Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws is:

02 Hosting & server logfiles

This website is hosted by an external service provider. The hosting provider processes personal data of our visitors only to the extent necessary to fulfil its service obligations and follows our instructions regarding this data.

When you visit the website, the provider records the following data in so-called server logfiles:

• Anonymised IP address
• Date and time of access
• Page / file requested
• Amount of data transferred
• Notification of successful retrieval (HTTP status code)
• Browser type and version, operating system
• Referrer URL (page previously visited)

Legal basis: Art. 6 (1)(f) GDPR. Our legitimate interest lies in technically error-free provision and optimisation of this website and ensuring IT security.
Retention period: typically 7 to 30 days. This data is not combined with other data sources.

03 Contact via email

If you contact us by email, your information (email address, name, content of the message) will be stored for the purpose of processing your enquiry and in case of follow-up questions. We do not share this data without your consent.

Legal basis: Art. 6 (1)(b) GDPR (pre-contractual measures) or Art. 6 (1)(f) GDPR (legitimate interest in efficient processing).
Retention period: messages are deleted as soon as the purpose of the enquiry has been fulfilled and no statutory retention obligations apply.

04 Fonts

This website uses system fonts (Inter, Georgia) and does not load any external font files from third parties. No corresponding data transfer takes place.

Should we ever switch to external webfonts (e.g. Google Fonts), this section will be updated accordingly.

05 Vimeo (embedded videos)

This website embeds at least one Vimeo video (provider: Vimeo Inc., 555 West 18th Street, New York, NY 10011, USA). When you visit a page containing a Vimeo video, a connection is established with Vimeo's servers. Among other things, your IP address, the page accessed, and the timestamp are transmitted to Vimeo.

If you are logged into your Vimeo account, Vimeo can directly attribute your browsing behaviour to your profile. If you do not want this, please log out of Vimeo before visiting this site.

Legal basis: Art. 6 (1)(f) GDPR — legitimate interest in an appealing presentation of our reel.
Vimeo privacy policy: vimeo.com/privacy

06 Cookies

This website uses only strictly necessary cookies and equivalent storage mechanisms. No tracking, marketing, or analytics cookies that would require explicit consent are deployed.

If embedded third parties (e.g. Vimeo) set their own cookies, their respective data protection policies apply.

07 Your rights

As a data subject, the GDPR grants you the following rights:

• Access to the data stored about you (Art. 15 GDPR)
• Rectification of inaccurate data (Art. 16 GDPR)
• Erasure of your data ("right to be forgotten", Art. 17 GDPR)
• Restriction of processing (Art. 18 GDPR)
• Data portability (Art. 20 GDPR)
• Objection to processing (Art. 21 GDPR)
• Withdrawal of consent already given (Art. 7 (3) GDPR)

To exercise these rights, an informal email to hello@mcbstudio.de is sufficient.

08 Right to lodge a complaint

You have the right to lodge a complaint with a data protection supervisory authority about our processing of your personal data. The competent authority for our seat in Bavaria is:

09 Changes to this policy

We reserve the right to adapt this privacy policy so that it always meets current legal requirements or to reflect changes in our services. The most recent version applies for your next visit.

Version of this policy: April 2026.