Data Controller
The data controller within the meaning of the GDPR is:
Ecstasy Dark
c/o BesD e.V.
Odenwaldstraße 72
D – 51105 Köln, Germany
E-Mail: domina@ecstasydark.de
Phone: +49 1522 1421819
Website: www.ecstasydark.de
General Information on Data Processing
his Privacy Policy informs you about the nature, scope and purpose of the processing of personal data on this website. Personal data means any information that can be used to identify you personally.
Legal bases for processing:
– Consent: Art. 6(1)(a) GDPR
– Performance of a contract: Art. 6(1)(b) GDPR
– Legal obligation: Art. 6(1)(c) GDPR
– Legitimate interests: Art. 6(1)(f) GDPR
Hosting & Technical Operation
This website is hosted by:
Strato AG
Pascalstraße 10
D – 10587 Berlin, Germany
Website: www.strato.de
When you visit this website, technical access data is automatically stored in server log files. This includes:
– IP address of the requesting device
– Date and time of access
– Name and URL of the requested file
– Website from which access was made (referrer URL)
– Browser used and, if applicable, operating system
This data is processed exclusively to ensure smooth operation and to improve our website. It is not merged with other data sources.
A data processing agreement pursuant to Art. 28 GDPR has been concluded with Strato AG.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure operation of the website)
SSL Encryptiong (HTTPS)
This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser bar.
When SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Age Verification (Age Gate)
This website is exclusively intended for persons aged 18 and over. When first accessing the website, you are required to confirm your age (Age Gate).
Technical implementation:
The age confirmation is stored as a session cookie in your browser and expires automatically when the browser is closed. No personal data is stored permanently or transmitted to third parties.
Youth protection file (age-de.xml):
For automated recognition by parental control software, a youth protection file pursuant to §5(3) JMStV (German Interstate Treaty on the Protection of Minors in the Media) is stored on this website at www.ecstasydark.de/age-de.xml. This file contains exclusively technical metadata for the age classification of the website and no personal data whatsoever.
Youth Protection Officer pursuant to §7(1) JMStV:
Johanna Weber (Verena Johannsen)
c/o BesD e.V., Odenwaldstraße 72, D – 51105 Köln, Germany
johanna@besd-ev.de
Legal basis: Art. 6(1)(c) GDPR in conjunction with §4 JuSchG and §5 JMStV
Cookies
This website uses cookies. Cookies are small text files stored on your device.
Technically necessary cookies:
These cookies are required for the operation of the website and cannot be deactivated. They do not store any personal data.
– Session cookie for the Age Gate (deleted when the browser is closed)
– Language preference cookie (Polylang)
– WordPress session cookies
Optional cookies:
For all cookies that are not technically necessary, we obtain your consent via our cookie consent tool, which appears on your first visit to the website. You may withdraw your consent at any time.
Legal basis: Art. 6(1)(a) GDPR (consent) and Art. 6(1)(f) GDPR (legitimate interests for technically necessary cookies)
Technologies & Plugins used
WordPress & Elementor
This website is based on the content management system WordPress. The page builder Elementor is used for the design of the pages. Both systems process technical data (IP address, browser information) when the page is accessed, exclusively for the purpose of displaying the website.
Providers: Automattic Inc. (WordPress) / Elementor Ltd. (Elementor)
Polylang & Polylang Elementor Connector
To provide this website in German and English, we use the plugin Polylang and the associated Elementor Connector. These plugins store your language preference as a technically necessary cookie and enable correct language selection when the page is accessed. No personal data is transmitted to third parties.
Provider: WP Syntex, France
Envira Gallery
We use the plugin Envira Gallery to display our image gallery. All images are hosted locally on our server at Strato. No connection to external servers takes place.
Provider: Envira Gallery, LLC
Google Fonts (locally hosted)
This website uses Google Fonts for consistent display of typefaces. The font files are stored entirely on our own server at Strato and are served locally. No connection to Google servers takes place and no data is transmitted to Google.
Gwolle Guestbook
The guestbook page of this website uses the plugin Gwolle Guestbook.
When submitting a guestbook entry, the following data is collected and stored:
– Name (required)
– E-mail address (optional, will not be published)
– Text of the entry
– IP address and time of submission (retained for 7 days for spam prevention)
Entries are reviewed by us before publication. We reserve the right to edit, delete or not publish entries. The e-mail address is used solely for internal identification and is not published or passed on to third parties.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in moderating user-generated content)
Provider: Gwolle Guestbook, open-source plugin (wordpress.org)
Limit Login Attempts
To protect our website from unauthorized access, we use the Limit Login Attempts plugin. The plugin logs failed login attempts, IP addresses, and timestamps in order to detect brute-force attacks and temporarily block login attempts. These data are used solely for security purposes and are not shared with third parties.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in securing the website)
Provider: Limit Login Attempts Reloaded, open-source plugin (wordpress.org)
WP Statistics – Website Analytics
This website uses WP Statistics to analyse visitor traffic. WP Statistics is a self-hosted analytics plugin and does not transfer any data to external servers.
The following data is collected and stored locally on our server:
– Pages and URLs visited
– Approximate location (country/city, based on IP address)
– Browser type and operating system
– Referrer (source page)
– Date and time of visit
The IP address is anonymised (hashed) before storage and cannot be traced back to individual persons. No cookies are set.
The legal basis is Art. 6 para. 1 lit. f GDPR (legitimate interest in analysing and improving our website).
Data is automatically deleted after 365 days. No data is shared with third parties.
Contact Form & Enquiries
If you contact us by e-mail or contact form, the data you provide (name, e-mail address, message) will be stored for the purpose of processing your enquiry and in case of follow-up questions. We do not pass on this data without your consent.
Processing is carried out on the basis of Art. 6(1)(b) GDPR (pre-contractual measures) and Art. 6(1)(f) GDPR (legitimate interest in responding to enquiries).
Transfers to third Countries
Where services based outside the EU/EEA are used on this website, this is done only on the basis of appropriate safeguards pursuant to Art. 44 et seq. GDPR. The safeguards used include in particular the EU Commission’s Standard Contractual Clauses and the EU-US Data Privacy Framework, where the respective provider has joined it.
Note: Google Fonts are served exclusively locally on this website. No data transfer to Google takes place.
Your Rights as a Data Subject
You have the following rights regarding your personal data:
– Right of access (Art. 15 GDPR)
– Right to rectification (Art. 16 GDPR)
– Right to erasure (Art. 17 GDPR)
– Right to restriction of processing (Art. 18 GDPR)
– Right to data portability (Art. 20 GDPR)
– Right to object (Art. 21 GDPR)
– Right to withdraw consent (Art. 7(3) GDPR)
To exercise your rights, please contact: domina@ecstasydark.de
You also have the right to lodge a complaint with the competent data protection supervisory authority.
Retention and Deletion of Data
Personal data will be deleted as soon as the purpose for which it was stored no longer applies and no statutory retention obligations prevent deletion. Data relevant under commercial and tax law will be retained for 6 or 10 years respectively pursuant to §§ 147 AO, 257 HGB.
Dispute Resolution
We are neither willing nor obliged to participate in dispute resolution proceedings before a consumer arbitration board.
Updates to this Privacy Policy
This Privacy Policy is currently valid as of February 2026. Due to the further development of our website or changes in legal requirements, it may be necessary to amend this Privacy Policy.