Spatial Architecture
Language/Sprache

Privacy policy

Back to portfolio

Last updated: 26 March 2026

1. Controller

The controller responsible for personal data on this website is:

Dr.-Ing. Patrick Saalfeld
Robert-Koch-Straße 10
39108 Magdeburg
Germany

Email: info@spatial-architecture.io

2. General information on processing

We process personal data only insofar as this is necessary to provide a functional website and our content and services. Processing is carried out in accordance with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and, where applicable, the German Telecommunications Telemedia Data Protection Act (TTDSG).

3. Hosting and processing on our behalf

This website is hosted by an external provider (web hosting). Personal data collected when you visit the site is processed on the provider's servers (including IP addresses used to deliver content).

Processor (hosting):
ALL-INKL.COM – Neue Medien Münnich, proprietor: René Münnich, Hauptstraße 68, D-02742 Friedersdorf, Germany.
Website: all-inkl.com

Data processing agreement (Article 28 GDPR): We have the agreement offered by All-Inkl for “contract terms on processing in the web hosting contract” (data processing agreement; version effective as of 19 September 2022, current version as amended). The full text can be downloaded as a PDF in the customer area (MembersArea) at All-Inkl and was included in or can be concluded as part of the hosting contract. Among other things, the annexes cover the type of processing, technical and organisational measures, and approved sub-processors (e.g. “Neue Medien Münnich GmbH” under Annex IV of that contract).

Legal basis: Article 6(1)(f) GDPR (legitimate interest in secure and efficient provision of our online offering). Where a contract with you exists or is being negotiated, Article 6(1)(b) GDPR also applies.

4. Server log files

When you access this website, the provider automatically collects data in server log files that your browser transmits. This may include: IP address, date and time of the request, requested file, amount of data transferred, message on successful retrieval, browser type and version, operating system, referrer URL (previously visited page).

Data is stored for security reasons (e.g. to investigate misuse) for a limited period and is then deleted or anonymised unless statutory retention obligations require otherwise.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in the stability and security of the website).

5. Contact form and email

When you send us a message via the contact form, we process the data you enter (e.g. name, email address, subject, message) in order to handle and respond to your enquiry. Transmission is encrypted (HTTPS).

Messages are processed technically on the server using a script and forwarded to us by email. We retain the data in emails and, if applicable, mailboxes insofar as this is necessary to deal with your enquiry and meet statutory retention periods.

Legal basis: Article 6(1)(b) GDPR (contract initiation or pre-contractual steps at your request) where the contact relates to business enquiries; otherwise Article 6(1)(f) GDPR (legitimate interest in responding to requests).

Retention: Data is deleted once it is no longer needed for the purpose and no statutory retention obligations apply (typically after communication has ended if no business relationship arises; longer periods may apply to business correspondence).

6. Interactive hero animation

The home page includes an interactive 3D illustration. If you complete it fully (you have touched all highlighted elements), the server triggers an automatic email notification to us at most once every six hours per IP address. This processing includes the time of the event, your IP address and the browser user agent string.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in technical feedback on use of the interactive feature).

7. No tracking cookies or web analytics

At present, this website does not use first-party cookies for tracking or marketing and does not use analytics tools such as Google Analytics. If we add analytics or similar tools later, we will update this policy and obtain consent where required.

8. Links to profiles (LinkedIn, XING)

This site contains links to profiles on LinkedIn and XING. You only reach those providers after clicking the link; we do not embed social plugins that transmit data to third parties on page load.

Processing on the linked sites is governed by the privacy policies of the respective platform.

9. Your rights

Subject to the statutory requirements, you have the right to:

  • access personal data concerning you (Article 15 GDPR),
  • rectify inaccurate data (Article 16 GDPR),
  • erasure (“right to be forgotten”) (Article 17 GDPR),
  • restriction of processing (Article 18 GDPR),
  • data portability (Article 20 GDPR),
  • object to processing (Article 21 GDPR) where processing is based on Article 6(1)(f) GDPR.

You also have the right to lodge a complaint with a supervisory authority (Article 77 GDPR). The authority responsible depends on your place of residence; for Saxony-Anhalt, Germany, this is the Landesbeauftragte für Datenschutz Sachsen-Anhalt (state data protection office).

10. SSL/TLS encryption

For security and to protect confidential content, this site uses SSL/TLS encryption. You can recognise an encrypted connection by “https://” in the browser address bar and the padlock icon where shown.