This data protection declaration informs you about the type, scope and purpose of the processing of
personal data (hereinafter referred to as “data”) within our online offering and the
websites, functions and content associated with it as well as external online presences, such as
our social media profile (hereinafter collectively referred to as the “online offer”). As well as
the handling of personal data within the community/local group. With regard to
the terms used, such as “processing” or “person responsible”, we refer to
the definitions in Article 4 of the General Data Protection Regulation (GDPR).
Handling of personal data within the community/local group
This data protection declaration applies to both the responsible body and the local
community/local group. This is subject to data protection-compliant handling in the same way as that
of the parent association.
Data protection officer / responsible body:
Jürgen Golda
c/o P2 Consult
Wilhelm-Bläser-Str. 3c
D- 59174 Kamen
T. 02307.28744.88
M:
W: www.p2consult.de
Association for Mission and Diakonie eV
Data protection coordinator
Christian Nicko
c/o Foundation of the Brethren
Neustraße 18
35685 Dillenburg
Telephone: +49 (0) 2771-360079-22
Email:
1. Basics
1.1. Types of data processed:
• Inventory data (e.g., names, addresses).
• Contact details (e.g., email, telephone numbers).
• Content data (e.g., text entries, photographs, videos).
• Usage data (e.g., websites visited, interest in content, access times).
• Meta/communication data (e.g., device information, IP addresses).
1.2. Categories of affected people
Members and friends of the community/local group. Visitors and users of the
online offering (hereinafter we refer to the affected persons collectively
as “users”).
Board of Directors:
Horst-Peter Hohage
Volker Loh
Jörg Erbach
Association register:
Wetzlar District Court VR 2702
Bank details:
IBAN; DE94 6005 0101 7406
5059 20
BIC: SOLADEST600
BW-Bank Heilbronn
1.3. Purpose of processing
· Maintaining contacts and birthday lists to maintain the community
• Managing financial accounting
• Providing the online offer, its functions and content.
• Responding to contact requests and communicating with users.
· Safety measures.
• Range measurement
1.4. Legal basis
In accordance with Article 13 GDPR, we will inform you of the legal basis for our
data processing
. If the legal basis is not stated in the data protection declaration, the following applies: The
legal basis for obtaining consent is Article 6 Paragraph 1 Letter a and Article 7 GDPR, the
legal basis for processing to fulfill our services and implement
contractual
measures as well Answering inquiries is Art. 6 Para. 1 lit. b GDPR, the legal basis for
processing to fulfill our legal obligations is Art. 6 Para. 1 lit. c GDPR, and
the legal basis for processing to protect our legitimate interests is Art 6 Paragraph
1 Letter F GDPR. In the event that the vital interests of the data subject or
another natural person require the processing of personal data,
Article 6 (1) (d) GDPR serves as the legal basis.
1.5. We take appropriate security measures
in accordance with Art. 32 GDPR, taking into account the state of the art, the
implementation costs and the type, scope, circumstances and purposes of the processing
as well as the different probability of occurrence and severity of the risk to the rights and
freedoms of natural persons technical and organizational measures to
ensure a level of protection appropriate to the risk.
The measures include, in particular, ensuring the confidentiality, integrity and
availability of data by controlling physical access to the data, as well as the
access, input, distribution, ensuring availability and its separation.
We have also set up procedures to
ensure that the rights of those affected are exercised, data are deleted and data are at risk. We also take
the protection of personal data into account when developing or selecting hardware,
software and procedures, in accordance with the principle of data protection through technology design and
data protection-friendly default settings (Art. 25 GDPR).
1.6. Cooperation with processors and third parties
If, as part of our processing, we
disclose data to other people and companies (processors or third parties), transmit it to them or otherwise
grant them access to the data, this only takes place on the basis of legal permission (e.g. if a
Transfer of data to third parties, such as payment service providers,
is necessary for the fulfillment of the contract
in accordance with Art.
web hosts,
etc.). The basis is Art. 28 GDPR
1.7. Transfers to third countries
If we process data in a third country (i.e. outside the European Union (EU) or the
European Economic Area (EEA) or if this occurs in the context of using
third-party services
or disclosing or transferring data to third parties, this only occurs if it is to
fulfill our (pre-)contractual obligations, based on your consent, based on a
legal obligation or based on our legitimate interests.
Subject to legal or contractual permissions, we will only process or leave the data in
a third country if the special requirements are met 44 ff. GDPR
, i.e. the
processing takes place, for example, on the basis of an agreement or the standard contractual clauses.
1.8. Rights of the data subjects
• Right of access: You have the right to information about the
personal data processed and used. Please always make inquiries in writing with clear
identification. • Data correction or restriction: You have the right to have
incorrect data corrected during processing or to request that it be restricted. • Objection: You can object to the processing or additionally granted consent at any time in the future and thereby withdraw it. • Data deletion: You have the right to have your data deleted. Unless there are other retention requirements, the data will be deleted or, if necessary , blocked using appropriate measures until deletion can take place. • Right to complain. You have the right to complain about data processing to a supervisory authority. • Data transmission. You have the right to have your data handed over to you in a common data format, provided it is technically and organizationally possible.
1.9. Hosting
The hosting services we use serve to provide the
following services: infrastructure and platform services, computing capacity, storage space
and database services, security services and technical maintenance services, which we
use for the purpose of operating this online offering.
In doing so, we, or our hosting provider, process inventory data, contact data, content data,
contract data, usage data, meta and communication data from customers, interested parties and
visitors to this online offering based on our legitimate interests in the
efficient and secure provision of this online offering in accordance with Art. 6 Para. 1 lit. f GDPR
in conjunction with Art. 28 GDPR (conclusion of order processing contract).
1.10. Collection of access data and log files We, or our hosting provider, collect data about every access to the server on which this service is located (so-called server log files)
based on our legitimate interests within the meaning of
Art. 6 Para. 1 lit. f. GDPR.
Section 25 Paragraph 2 TTDSG (Telecommunications Telemedia
Data Protection Act) also applies with regard to browser data that
is automatically transmitted through its use. The access data includes the name of the website accessed, file,
date and time of access, amount of data transferred, notification of successful access,
browser type and version, the user's operating system, referrer URL (the previously visited page),
IP address and the requesting provider . Log file information is stored for security reasons (e.g.
to investigate acts of abuse or fraud) for a maximum of 7 days
and then deleted. Data whose further storage
is necessary for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified
.
2. Processing
2.1. Cookies and the right to object to direct advertising Our website uses cookies to offer
you effective and user-friendly handling.
This makes the use of cookies necessary
and justifies our legitimate interest in using this technology. Most browsers
offer you the functionality to display the cookies used.
However, if you would like to generally prevent the use of cookies,
your browser has the option of
preventing the acceptance and storage of new cookies. To find out how this works with your browser, please use
the help function of the respective browser. If cookies are used that
track user behavior, personal data is usually processed that
falls under both the GDPR and the TTDSG. Therefore, Section 25 Paragraph 1 TTDSG also applies here in relation to the GDPR.
By law we may store cookies on your device if they
are strictly necessary for the operation of this site. For all other types of cookies we need your
permission. This site uses different types of cookies. Some cookies are
placed by third parties that appear on our sites.
When you access our site, you will be given a choice of any necessary consent. You
can read this at your leisure and make your decision (opt-in). If you want to change or withdraw your consent
, delete the cookies in your browser and reset the
consent.
2.2. Storage period, deletion of data
The data processed is retained in accordance with the statutory retention periods or
stored in accordance with the processing specifications.
The data we process will be deleted or
its processing will be restricted in accordance with Articles 17 and 18 of the GDPR. Unless expressly
stated in this data protection declaration, the data stored by us will be deleted as soon as they
are no longer required for their intended purpose and the deletion does not
conflict with any legal retention obligations. Unless the data is deleted because it
is required for other legally permissible purposes, its processing will be restricted. This means that the data is blocked and
not processed for other purposes. This applies, for example, to data that
must be retained for commercial or tax reasons.
2.3. Establishing contact
When contacting us (e.g. via contact form, email, telephone or via social media),
the user's information is processed to process the contact request and process it in accordance with
Article 6 Paragraph 1 Letter b) GDPR. User information can
be stored and processed in different systems. We delete the requests if they
are no longer necessary. We review the necessity every two years; The statutory
archiving obligations also apply.
2.4. Newsletter
With the following information we inform you about the contents of our newsletter as well as the
registration, shipping and statistical evaluation procedures as well as your rights to object.
By subscribing to our newsletter, you agree to its receipt and the
procedures described.
Content of the newsletter: We only send newsletters, emails and other electronic
notifications with promotional information (hereinafter “newsletter”) with the
consent
of the recipient or legal permission.
If the contents are specifically described when registering for the newsletter, they are
decisive for the user's consent. Our newsletters also contain information about our services and us.
Double opt-in and logging: Registration for our newsletter takes place using a so-called
double opt-in procedure. This means that after you register you will receive an email asking you to
confirm your registration. This confirmation is necessary so that no one
can log in with someone else's email address. Registrations for the newsletter are logged
in order to be able to provide evidence of the registration process in accordance with legal requirements.
This includes storing the registration and confirmation times as well as the IP address.
Changes to your data stored by the shipping service provider are also
logged. Registration data: To register for the newsletter, it is sufficient to
provide your email address. Optionally, we ask you to provide a name so that you can be addressed personally in the
newsletter.
The newsletter is sent and the associated measurement of success is based on the
consent of the recipient in accordance with Article 6 Paragraph 1 Letter a, Article 7 GDPR in conjunction with Section 7 Paragraph 2 No. 3 UWG or on the
basis of the Legal permission in accordance with Section 7 Paragraph 3 UWG.
The registration process is logged on the basis of our legitimate interests
in accordance with Article 6 Paragraph 1 Letter f of the GDPR. Our interest is in using a user-friendly
and secure newsletter system that serves our business interests,
meets the expectations of users and also allows us to provide evidence of consent.
Termination/revocation – You can terminate your receipt of our newsletter at any time, i.e.
revoke your consent. You will find a link to unsubscribe from the newsletter at the end of each
newsletter. We can store the unsubscribed email addresses for up to three years based on our
legitimate interests before deleting them in order to
be able to prove that consent was previously given. The processing of this data is limited to the purpose of possible defense
against claims. An individual request for deletion is possible at any time, provided that
the previous existence of consent is confirmed at the same time.
2.5. Newsletters are created by the named provider of a local group.
The provider mentioned is used on the basis of our legitimate interests in accordance with Article 6 Paragraph 1 Letter f
of the GDPR and an order processing agreement in accordance with Article 28 Paragraph 3 Sentence 1 of the GDPR.
The provider mentioned can
use the recipient's data in pseudonymous form, ie without assigning it to a user, to optimize or improve its own services, e.g. to
technically optimize the dispatch and presentation of the newsletter or for statistical
purposes. However, the shipping service provider does not use the data of our newsletter recipients
to write to them itself or to pass the data on to third parties.
3. Evaluations/Tools
Below you will find detailed descriptions of the possible use of tools on our
website. The legal basis for analyzing the usage behavior of our website arises
from the legitimate interest in accordance with Article 6 Paragraph 1 Letter f of the GDPR. Browser data or header
information that is inevitably collected and
transmitted through the browser settings of the end device falls under Section 25 Paragraph 2 TTDSG. However, it cannot be assumed 1:1 that
all tools will be used on our website. Due to ongoing adjustments, it may
happen that tools mentioned here are not in use. If the tools
are used, they will also be asked for cookie consent.
3.1. Google Analytics
Based on our legitimate interests (i.e. interest in the analysis,
optimization and economic operation of our online offering within the meaning of Art. 6 Para. 1 lit. f.
GDPR), we use Google Analytics, a web analysis service from Google LLC (“Google”) a. Google uses
cookies. The information generated by the cookie about
users' use of the online offering is usually transferred to a Google server in the USA and
stored there. Details: https://support.google.com/analytics/answer/6004245?hl=de
Google will use this information on our behalf to
evaluate the use of our online offering by users, to
compile reports on the activities within this online offering and in order
to provide us with further services related to the use of this online offer and internet use.
Pseudonymous user profiles can be created from the processed data.
We only use Google Analytics with IP anonymization activated. This means that the user's IP address
is shortened by Google within member states of the European Union or in other
contracting states to the Agreement on the European Economic Area. Only in
exceptional cases will the full IP address be transmitted to a Google server in the USA and
shortened there.
The IP address transmitted by the user's browser is not merged with other Google data
. Users can
prevent the storage of cookies by setting their browser software accordingly; Users can also prevent
Google from collecting the data generated by the cookie and relating to their use of the online offering
and from processing this data by Google by
downloading and installing the browser plug-in available at the following link:
http://tools .google.com/dlpage/gaoptout?hl=de.
Further information on data usage by Google, settings and
objection options can be found in Google's data protection declaration
(https://policies.google.com/technologies/ads)
and in the settings for the display of advertising by Google
(https:// adssettings.google.com/authenticated).
Users' personal data will be deleted or anonymized after 14 months.
3.2. Evaluation with Matomo
This website uses MATOMO (formerly Piwik), an open source software for the
statistical evaluation of visitor access. MATOMO uses so-called “cookies”,
text files that are stored on your computer and which
enable your use of the website to be analyzed. When the websites are accessed, the following
data is collected:
a) The website accessed
b) The website from which the user accessed the website accessed (so-called referrer)
c) The sub-pages that are accessed from the website accessed
d) The Duration of stay on the website
e) The frequency of accessing the website
f) The shortened IP address (shortened to 2 bytes)
The information from or through the cookies is
stored on the servers of our website in Germany/the European Union. The data
will not be passed on to third parties. You can prevent the installation of cookies by setting
your browser software accordingly. However, we would like to point out that in this case you
may not be able to fully use all of the functions of this website.
3.3. Font Awesome
Our website uses icons provided by Fonticons, Inc. (for the uniform
display of fonts or icons). When you access a page, your browser loads the required web
fonts or icons into your browser cache in order to display them correctly.
For this purpose, the browser you use must connect to the Fonticons,
Inc. servers. Fonticons, Inc. thereby becomes aware that our
website was accessed via your IP address. The use of Font Awesome is in the interest of a uniform
and attractive presentation of our online offerings. This represents a legitimate interest within the
meaning of Article 6 Paragraph 1 Letter f of the GDPR.
If your browser does not support the font, a standard font will be used. For more
information about Font Awesome, please visit https://fontawesome.com/help and
Fonticons, Inc.'s privacy policy: https://fontawesome.com/privacy .
3.4. Google Fonts and Maps
Some of our pages contain embedded fonts (fonts) and maps (Google
Maps) from Google Inc. For the map view of Google Maps we need your
consent in accordance with Art. 6 Para. 1 lit. a GDPR Combination with Section 25 Paragraph 1 TTDSG. When you simply
access a page from our website with integrated Google Fonts or
Google Maps, no personal data, with the exception of the IP address, is
transmitted. The IP address is
transmitted to Google Inc., 600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). By using this website, you agree
to the collection, processing and use of the automatically collected data and
the data you enter by Google, one of its representatives, or third-party providers
.
Google's privacy policy can be found here:
https://policies.google.com/privacy?hl=de
3.5. WordPress tools
Retrieval of icons, smilies, etc. Our website uses Wordpress with its blog
functionalities. Graphical icons (emojis, etc.) are used that
are obtained from external servers. As far as is known, the IP address is collected here. This is necessary so that the
icons can be transmitted to the users' browsers. The service is offered by Automattic
Inc., 60 29th Street #343, San Francisco, CA 94110, USA. Automattic data protection information
: https://automattic.com/privacy/. The server domain used is https://sworg
and/or https://gmpg.org, a so-called content delivery network service that
deletes users' personal data after transmission. The use of the emojis is based on
our legitimate interests, i.e. interest in an attractive design of our
online offering in accordance with Art. 6 Para. 1 lit. f. GDPR.
3.6. PayPal donation button
Our website has integrated the PayPal donation button. If you have a PayPal account
, you can send a donation to us using it. When you execute the PayPal
donation button, data is transferred to PayPal (at least the IP address or other data
if you were previously logged in to PayPal in your browser). We would like to point out that,
as the provider of our pages, we
have no knowledge of the content of the data transmitted or its use by PayPal.
Detailed data protection information from PayPal can be found here:
https://www.paypal.com/de/webapps/mpp/ua/privacy-full Address of the data protection officer:
PayPal (Europe) S.à.rl et Cie., SCA, 22- 24 Boulevard Royal L-2449, Luxembourg
3.7. Online meetings via ZOOM We use the “ZOOM” tool, a service from Zoom Video Communications, Inc., USA,
to conduct online meetings, telephone conferences and webinars . The ZOOM program
was booked with a server location in Germany. Through this use, data is processed, both from the participants and through the data processed in the deployment. Therefore, limiting the data within a meeting should be limited to the bare minimum. When using “Zoom” different types of data are processed. The extent of the data also depends on what information you provide before or when participating in an “online meeting”. We expressly recommend reducing the data to the bare minimum. In order to take part in an “online meeting” or enter the “meeting room”, you must at least provide information about your name. Which data is processed: • User information: first name, last name • Meeting metadata: topic, description (optional), participant IP addresses, device/hardware information • For recordings (optional): the respective mp4 or mp3 data • When dialing in by telephone: phone number, country name, start and end time, IP of the device if applicable • When using chat: Content from chat usage Participants can decide for themselves during the meeting whether the microphone and/or the camera is activated. If meetings are to be recorded, everyone's consent must be obtained at the beginning and the start must be explicitly stated. In online seminars, it must be clarified with participants whether their contributions may be recorded. If you have booked a ZOOM account, evaluations of the meetings will be available to you up to one month after they took place. Zoom's privacy policy can be found at : https://zoom.us/de-de/privacy.html
3.8. Vimeo
Our website uses videos via the Vimeo platform: Vimeo LLC, 555 West 18th Street,
New York 10011
If you access our website that contains a Vimeo video, your browser automatically
connects to Vimeo and transmits information, even without it Vimeo
to be logged in. This information (including your IP address) is
transmitted from your browser directly to a Vimeo server in the USA and stored there.
Vimeo can connect the data to your Vimeo account if you
are previously logged in to Vimeo. Information from this can then also be published on your Vimeo account
. If you do not want to, you must log out of Vimeo before visiting our
website.
Vimeo also calls up the Google Analytics tracker via an iFrame in which the video is viewed
. This is Vimeo's own tracking, which we
do not have access to. You can prevent tracking by Google Analytics by
using the deactivation tools that Google offers for some Internet browsers. Users
can also prevent
Google from collecting the data generated by Google Analytics and related to their use of the website (including your IP address) and from
processing this data by Google by using the
browser plug-in available under the following link Download and install:
http://tools.google.com/dlpage/gaoptout?hl=de
For more information, see
Vimeo's privacy policy (https://vimeo.com/privacy).
3.9. YouTube
We use the YouTube.com platform to link and, if necessary, display videos. YouTube
is the service of a third party that is not affiliated with us, namely YouTube LLC.
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland - Data protection declaration:
https://policies.google.com/privacy In principle, we
are not responsible for the content of websites to which links are linked. However, if you
follow a link on YouTube, we would like to point out that YouTube
stores its users' data (e.g. personal information, IP address) in accordance with its own data usage guidelines
and uses it for business purposes. We also embed YouTube videos directly. We use the
“extended data protection mode”, whereby data is only transferred when the video is clicked on
. As soon as you start playing an embedded video by clicking on it,
YouTube uses the extended data protection mode to only save cookies on your device that do not
contain any personally identifiable data, unless you are currently logged in to a Google service.
These cookies can be
prevented using appropriate browser settings and extensions. The start image may differ from the video image. This technique is also
called “framing”, whereby when the video starts, the connection to YouTube servers is established
and data can be transferred. If you are logged in to YouTube, YouTube can
connect the information to your account. If you do not wish this, you must
log out of YouTube or other YouTube LLC accounts before accessing the site.
You can access YouTube's privacy policy here :
https://www.youtube.com/static?gl=DE&template=terms&hl=de
4. Social media
4.1. FACEBOOK and INSTAGRAM PAGES
The website connects to the services of Facebook Ireland Ltd., 4 Grand Canal Square
Grand Canal
Harbour, Dublin 2, Ireland. We would like to point out that you use our Facebook page and
its functions at your own risk. This applies in particular to the use of
interactive functions (e.g. commenting, sharing, rating).
When you visit our Facebook page, Facebook/INSTAGRAM collects, among other things, your IP address and
other information that is available on your PC in the form of cookies. This
information is used to provide us, as operators of the Facebook/INSTAGRAM pages, with
statistical information about the use of the Facebook page
. (Details: http://de-de.facebook.com/help/pages/insights).
The data collected about you in this context is used by Facebook Ltd.
processed and, if necessary,
transferred to countries outside the European Union. What information Facebook receives and how it is used
is described in general terms in its data usage guidelines. There
you will also find information about contact options for Facebook and the
setting options for advertisements. The data usage guidelines are
available at the following link: http://de-de.facebook.com/about/privacy
You can find Facebook's full data guidelines here:
https://de-de.facebook.com/full_data_use_policy
In what way Facebook Data from visits to Facebook/INSTAGRAM pages
is used for our own purposes, to what extent activities on the Facebook page
are assigned to individual users, how long Facebook stores this data and whether data from
a visit to the Facebook page is passed on to third parties, is not
conclusively and clearly named by Facebook and is not known to us.
When you access a Facebook page, the IP address assigned to your device is
transmitted to Facebook. According to information from Facebook, this IP address is anonymized (for
“German” IP addresses). Facebook also stores information about
its users’ devices. If you are logged in to Facebook, there is
a cookie with your Facebook ID on your device. This is what Facebook is able to do
to understand that you have visited this site and how you have used it. This also applies
to all other Facebook pages. Using Facebook buttons integrated into websites
, Facebook is able to record your visits to these websites and
assign them to your Facebook profile. This data can be used to offer content or advertising
tailored to you. If you want to avoid this, you should
log out of Facebook or deactivate the "stay logged in" function,
delete the cookies on your device and close and restart your browser.
When you access interactive functions of the site (like, comment, share,
news, etc.), a Facebook login screen appears. After you have logged in,
you will again be recognized by Facebook as a specific user. Information
on how you can manage or delete existing information about you can be found
on the following Facebook support pages:
https://de-de.facebook.com/about/privacy
The data protection information for INSTAGRAM can be found here: https:// de-
de.facebook.com/help/instagram/519522125107875
5. Changes
We reserve the right to adapt this data protection declaration from time to time.
We therefore recommend that you review this declaration regularly.
Updated December 2023