This Privacy statement clarifies the nature, scope and purpose of the use of personal data (hereinafter referred to as “data”) in the context of providing our services and within our online services and the associated websites, functions and content as well as external online presences, such as our Social Media Profile (hereinafter collectively referred to as “online service(s)”). With regard to the terms used, such as “processing” or “responsible person”, we refer you to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).
Benjamin Holm / Medical Volunteers International e.V.
22299 Hamburg, Germany
Email address: firstname.lastname@example.org
Board: Benjamin Holm, Kai Wittstock, Rosemarie Hansen, Till Gläser
Link to the legal notice: https://medical-volunteers.org/legal-notice/
Contact data protection officer: email@example.com
Types of data processed
– Inventory data (e.g., person database, names or addresses).
– Contact data (e.g., email, telephone numbers).
– Content data (e.g., content entries, photographs, videos).
– Usage data (e.g., websites visited, content preferences, access times).
– Meta/communication data (e.g., device information, IP addresses).
Categories of persons concerned
Visitors and users of these online services (hereinafter referred to collectively as “users”).
Purpose of data processing
– Providing the online offer, its functions and content.
– Answering contact requests and communicating with users.
– Security measures.
– Reach measurement/Marketing
The used terminology
“Personal data” refers to any information relating to an identified or identifiable natural person (hereinafter “data subject”); a natural person who can be identified, directly or indirectly, in particular by reference to an identification such as a name, an identification number, location data, online identification (e.g. a cookie) or to one or more specific characteristics which express the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person, is regarded as identifiable.
“Processing” means any operation or set of operations which is carried out with or without the aid of automated processes and which is related to personal data. The term is broad and covers practically every aspect of data management.
“Pseudonymization” means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the provision of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures ensuring that the personal data is not attributed to an identified or identifiable natural person.
“Profiling” means any automated processing of personal data which involves the use of this personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects of that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, whereabouts or movements.
The “responsible person ” is the natural or legal person, public authority, agency or other body which alone or jointly with others decides on the purposes and means by which personal data is processed.
” Data processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the responsible person.
Applicable legal framework
In accordance with Art. 13 of the GDPR we inform you of the legal basis of our data processing. For users from the area of jurisdiction of the data protection basic regulation (GDPR) act, i.e. the EU and the EEC, the following applies, if the legal basis is not mentioned in the data protection declaration:
The legal basis for obtaining consent is Art. 6 sec. 1 lit. a and Art. 7 GDPR;
The legal basis for the processing for the performance of our services and the implementation of contractual measures as well as the answering of inquiries is Art. 6 sec. 1 lit. b GDPR;
The legal basis for the processing for the compliance with our legal obligations is Art. 6 sec. 1 lit. c GDPR;
Art. 6 sec. 1 lit. d GDPR serves as the legal basis in the case that vital interests of the data subject or another natural person necessitate the processing of personal data.
The legal basis for the processing necessary to perform a task which is in the public interest or in the performance of official authority entrusted to the data controller is Art. 6 sec. 1 lit. e GDPR.
The legal basis for the processing to protect our legitimate interests is Art. 6 sec. 1 lit. f GDPR.
The processing of data for purposes other than those for which they were collected is regulated by Art. 6 sec 4 GDPR.
The processing of special categories of data (according to Art. 9 sec. 1 GDPR) is regulated by the provisions of Art. 9 sec. 2 GDPR.
We take appropriate technical and organisational measures in accordance with the legal requirements, taking into account the state of the technology, the implementation costs and the type, extent, circumstances and purposes of the processing as well as the different probabilities of occurrence and degree of risk to the rights and freedoms of natural persons, in order to ensure a level of protection adequate to the risk.
Measures shall include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to it, as well as access to it, input, transmission, availability and separation of data. In addition, we have established procedures to ensure the monitoring of data subjects’ rights, the deletion of data and the response to data threats. Furthermore, we take the protection of personal data into account as soon as we develop or select hardware, software and processes in accordance with the principle of data protection through technology design and data protection-friendly default settings.
Cooperation with contract data processors, joint managers and third parties
If we disclose data to other persons and companies (contract processors, jointly responsible persons or third parties) in the context of our processing, transfer them to them or otherwise grant them access to the data, this shall only take place on the basis of legal permission (e.g. if a transfer of the data to third parties, such as payment service providers, is necessary for the execution of the contract), if the user has consented, if a legal obligation requires this, or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).
In the case that we disclose, transmit or otherwise grant access to data to other companies of our consortium, this is done in particular for administrative purposes as a legitimate interest and additionally on the basis of legal requirements.
Transfers to non-EU countries
If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA) or the Swiss Confederation) or if this is done in the context of the use of third party services or disclosure / transfer of data to other persons or companies, this will only occur if it is done to fulfil our (pre)contractual obligations, on the basis of your consent, a legal obligation or on the basis of our legitimate interests. With the exception of legal or contractual permissions, we only process or leave the data in a third country if the legal requirements are met. This means, for example, that the processing takes place on the basis of special guarantees, such as the officially recognised establishment of a data protection level corresponding to the EU (e.g. for the USA through the “Privacy Shield”) or compliance with officially recognised special contractual obligations.
Rights of data subjects
You have the right to request confirmation, whether or not the data in question will be processed and to obtain information about this data, as well as to obtain further information and a copy of the data in accordance with the legal regulations.
You have the right, in accordance with the law, to request the completion of the data or the rectification of the inaccurate data concerning you.
In accordance with the statutory provisions, you have the right to demand that the data concerned can be immediately deleted or, alternatively, to demand that the processing of the data be restricted in accordance with the legal regulations.
You have the right to demand that the data concerning you, which you have provided to us, is received in accordance with the legal regulations and that it is transferred to other responsible parties.
You also have the right to file a complaint with the competent supervisory authority in accordance with the legal regulations.
You have the right to withdraw any consent you have given with effect for the future.
Right of objection
You may object at any time to the future processing of the data concerning you in accordance with the legal regulations. In particular, you may object to the processing of your data for the purposes of direct marketing.
Cookies and rights of objection in the case of direct advertising
“Cookies” are small files that are stored on the user’s computer. Different data can be stored within the cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after the user’s visit to an online service. Temporary cookies, or “session cookies” or “transient cookies”, are cookies that are deleted after a user leaves an online offer and closes his browser. The content of a shopping basket in an online shop or a login status, for example, can be stored in such a cookie. Cookies are referred to as “permanent” or “persistent” and remain stored even after the browser is closed. For example, the login status can be saved if users visit it after several days. The interests of the users who are used for measuring the reach or for marketing purposes can also be stored in such a cookie. “Third party cookies” are cookies that are offered by providers other than the person responsible for operating the online service (otherwise, if they are only the latter’s cookies, they are referred to as “first party cookies”).
We may use temporary and permanent cookies and explain this in our Privacy statement.
If users do not wish cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of your browser. The exclusion of cookies can lead to functional restrictions of this online offer.
The data processed by us will be deleted in accordance with the legal regulations or their processing will be restricted. Unless explicitly stated in this data protection declaration, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.
If the data is not deleted, because they it is necessary for other legitimate and legally permitted purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax reasons.
Changes and updates of the Privacy statement
We ask you to inform yourself regularly about the content of our data protection declaration. We will adapt the data protection declaration as soon as the changes to the data processing that we carry out necessitate this. We will inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.
Performance of our legal and business services
We process the data of our members, supporters, stakeholders, customers or other persons in accordance with Art. 6 sec.1 lit. b. GDPR, provided that we offer them contractual services or act within the framework of an existing business relationship, e.g. with members, or if we ourselves are recipients of services and benefits. Otherwise, we process the data of data subjects in accordance with Art. 6 sec. 1 lit. f. GDPR on the basis of our legitimate interests, e.g. in the case of administrative tasks or public relations work.
The data processed, the type, scope and purpose as well as the necessity of its processing is determined by the underlying contractual relationship. This basically includes the inventory and personal data of the persons (e.g., name, address, etc.), as well as the contact data (e.g., email address, telephone, etc.), the contract data (e.g., services used, content and information communicated, names of contact persons) and, insofar as we offer chargeable services or products, payment data (e.g., bank details, payment history, etc.).
We delete data that is no longer required for the performance of our legal and business purposes. This is determined according to the respective tasks and contractual relationships. In the event of business processing, we shall retain the data for as long as it is relevant to the business transaction and also with regard to any existing warranty or liability obligations. The necessity of storing the data is reviewed every three years; otherwise the legal storage obligations apply.
Data protection information in the application process
We process the applicant data only for the purpose and within the framework of the application procedure in accordance with the legal regulations. The processing of the applicant data is carried out to fulfil our (pre)contractual obligations within the scope of the application procedure as defined in Art. 6 sec. 1 letter b. GDPR and in Art. 6 sec. 1 lit. f. GDPR
The application procedure requires that applicants provide us with applicant data. If we offer an online form, the necessary applicant data is marked, otherwise it results from the job descriptions and basically includes the personal details, postal and contact addresses and the documents belonging to the application, such as cover letters, curriculum vitae and certificates. In addition, applicants may voluntarily provide us with additional information.
By submitting their application to us, applicants consent to the processing of their data for the purposes of the application procedure in accordance with the type and scope set out in this data protection declaration.
If special categories of personal data within the meaning of Art. 9 sec. 1 GDPR are voluntarily provided as part of the application process, they will also be processed in accordance with Art. 9 sec. 2 lit. b GDPR (e.g. health data, such as severely disabled status or ethnic origin). Insofar as special categories of personal data within the meaning of Art. 9 sec. 1 GDPR are requested from applicants as part of the application procedure, their processing will also be carried out in accordance with Art. 9 sec. 2 lit. a GDPR (e.g. health data, if these are necessary for the practice of the profession).
If provided, applicants can submit their applications via an online form on our website. The data will be transmitted to us encrypted according to the state of the newest technology.
Applicants can also send us their applications by email. Please note, however, that emails are generally not sent in encrypted form and the applicants themselves must ensure that they are encrypted. We therefore cannot assume any responsibility for the transmission path of the application between the sender and the recipient of the application on our server and therefore recommend using an online form or postal delivery. Instead of applying by online form and email, applicants still have the option of sending their application by post.
In the event of a successful application, the data provided by the applicants can be further processed by us for the purposes of the employment relationship. Otherwise, if the application for a job offer is not successful, the applicant’s data will be deleted. Applicant data will also be deleted if an application is withdrawn, which applicants are always authorised to do.
Deletion will take place, subject to justified cancellation by the applicants, after a period of six months, so that we can respond to any follow-up questions regarding the application and meet our obligations to provide evidence under the Equal Treatment Act. Invoices for any reimbursement of travel expenses will be archived in accordance with the regulations of tax law.
As part of the application process, we offer applicants the opportunity to be included in our “talent pool” for a period of two years on the basis of consent as defined in Art. 6 sec. 1 lit. a. and Art. 7 GDPR.
The application documents in the talent pool will be processed solely within the framework of future job advertisements and employee searches and will be destroyed at the latest upon expiry of the deadline. Applicants are informed that their consent to inclusion in the talent pool is voluntary, has no influence on the current application procedure and that they can revoke this consent at any time for the future and declare objections within the meaning of Art. 21 GDPR.
Contact with us
When contacting us (e.g. via contact form, email, telephone or via social media), the user’s details are used to process the contact enquiry and to process it in accordance with Art. 6 sec. 1 lit. b. (within the framework of contractual/pre-contractual relationships), and Art. 6 sec. 1 lit. f. (other inquiries) according to GDPR. The user data can be stored in a customer relationship management system (“CRM system”) or comparable inquiry mechanism.
We delete the requests if they are no longer necessary. We check the necessity every two years; furthermore, the legal archiving obligations apply.
CRM-System of salesforce
We use the CRM system of the provider salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich, Germany, in order to be able to process user queries faster and more efficiently (justified interest according to Art. 6 sec. 1 lit. f. GDPR).
salesforce is certified under the Privacy Shield Agreement and thus offers an additional guarantee to comply with European data protection law, if data is processed in the USA. (https://www.privacyshield.gov/participant?id=a2zt0000000KzLyAAK&status=Active).
salesforce only uses user data for the technical processing of inquiries and does not pass it on to third parties. To use salesforce, you must provide at least a correct email address. A pseudonymous use is possible. In the course of processing user service requests, it may be necessary to collect additional data (name, address).
If users do not agree to the collection and storage of data in salesforce’s external system, we offer them alternative contact options for submitting service requests such as email, telephone, fax, or mail.
For more information, please see salesforce’s Privacy statement: https://www.salesforce.com/de/company/privacy/.
With the following information we inform you about the content of our newsletter as well as the registration, mailing and statistical evaluation procedures and your rights of objection. By subscribing to our newsletter, you declare your agreement with the reception and the described procedures.
Content of the newsletter: We send newsletters, emails and other electronic notifications with promotional information (hereinafter referred to as “newsletter”) only with the consent of the recipient or a legal permission. If the contents of the newsletter is specifically described within the framework of registration, it is decisive for the consent of the user. In addition, our newsletters contain information about our services and us.
Double-Opt-In and logging: The registration to our newsletter takes place in a so-called Double-Opt-In procedure. This means that after registration you will receive an email in which you will be asked to confirm your registration. This confirmation is necessary, to ensure that nobody can register with external email addresses. The registrations for the newsletter are logged in order to be able to prove the registration process according to the legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address. Likewise the changes of your data stored with the service provider are recorded.
Registration data: To subscribe to the newsletter, it is sufficient to enter your email address. Optionally, we ask you to enter a name in the newsletter for the purpose of addressing you personally.
The sending of the newsletter and the performance measurement associated with it are based on the consent of the recipients according to Art. 6 sec. 1 lit. a, Art. 7 GDPR in conjunction with § 7 sec. 2 No. 3 UC or, if consent is not required, based on our legitimate interests in direct marketing according to Art. 6 sec. 1 lt. f. GDPR in connection with § 7 sec. 3 UC.
The registration procedure is recorded on the basis of our legitimate interests in accordance with Art. 6 sec. 1 lit. f GDPR. Our interest is directed towards the use of a user-friendly and secure newsletter system, which serves our business interests as well as the expectations of the users and furthermore allows us to provide evidence of consent.
Cancellation/revocation – You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. We may store the unsubscribed email addresses for up to three years on the basis of our legitimate interests, before deleting them, in order to be able to prove that we have previously given our consent. The processing of this data is limited to the purpose of a possible defence against claims. An individual request for deletion is possible at any time, provided that the former existence of a consent is confirmed at the same time.
Newsletter – CleverReach
The newsletter will be sent by CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany. You can view the Privacy statement of the service provider here: https://www.cleverreach.com/de/datenschutz/. The service provider will be informed on the basis of our legitimate interests in accordance with Art. 6 sec. 1 lit. f. GDPR and a contract processing agreement in accordance with Art. 28 sec. 3 sentence 1 GDPR.
The service provider can use the recipient’s data in pseudonymous form, i.e. without allocation to a user, to optimise or improve its own services, e.g. for technical optimisation of sending and displaying the newsletter or for statistical purposes. However, the service provider does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties.
Newsletter – performance measurement
The newsletters contain a so-called “web-beacon”, i.e. a file the size of a pixel, which is retrieved from our server when the newsletter is opened or, if we use a dispatch service provider, from its server. Within the scope of this download, technical information, such as information about the browser and your system, as well as your IP address and time of the download are collected.
This information is used to technically improve the services based on the technical data or the target groups and their reading behaviour using their access locations (which can be determined with the help of the IP address) or access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. It is, however, neither our intention nor, if used, that of the dispatch service provider, to monitor individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
A separate cancellation of the performance measurement is unfortunately not possible, and in this case the entire newsletter subscription must be cancelled.
Hosting and Email dispatch
The hosting services used by us serve the provision of the following services: Infrastructure and platform services, computing capacity, storage space and database services, email dispatch, security services and technical maintenance services, which we use for the purpose of operating our online services.
For this purpose, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors to this online service, respectively, on the basis of our legitimate interests in the efficient and safe delivery of this online service in accordance with Art. 6 sec. 1 lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of an order processing contract).
Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law. (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google will use this information on our behalf to evaluate the use of our online services by users, to compile reports on the activities within this online service and to provide us with other services associated with the use of this online service and the use of the internet. Pseudonymous user profiles can be created from the processed data.
We use Google Analytics only with activated IP anonymization. This means, the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.
Further information on the use of data by Google, setting and objection options can be found in Google’s data protection declaration (https://policies.google.com/privacy) and in the settings for the display of advertising by Google (https://adssettings.google.com/authenticated).
The personal data of the users will be deleted or anonymized after 14 months.
Google AdWords and conversion measurement
On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer as defined in Art. 6 sec. 1 lit. f. GDPR), we make use of the services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).
Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
We use the Google “AdWords” online marketing process to place ads on the Google advertising network (e.g., in search results, videos, websites, etc.) so that they are displayed to users who have a potential interest in the ads. This allows us to display ads for and within our online offerings in a more targeted manner, in order to present users only with ads that potentially match their interests. If, for example, a user is shown ads for products, in which he or she showed interest in other online offers, this is referred to as “remarketing”. For these purposes, when our and other websites, on which the Google advertising network is active, are accessed, a code is executed directly by Google and so-called (re)marketing tags (invisible graphics or code, also known as “web beacons”) are integrated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user’s device (comparable technologies can also be used instead of cookies). This file records which websites the user visits, what content he is interested in and what offers the user has clicked, as well as technical information on the browser and operating system, referring websites, visit times and other information on the use of the online service.
Furthermore, we receive an individual “conversion cookie”. The information obtained with the help of the cookie is used by Google to compile conversion statistics for us. However, we only know the anonymous total number of users who clicked on our ad and were redirected to a page with a conversion tracking tag. However, we do not receive any personally identifiable information.
User information is processed pseudonymously within the Google Advertising Network. This means, for example, that Google does not store and process the user’s name or e-mail address, but processes the relevant data cookie-related within pseudonymous user profiles. This means that, from Google’s point of view, the ads are not administered and displayed for a specifically identified person, but for the cookie holder, regardless of who this cookie holder is. This does not apply, if a user has expressly permitted Google to process the data without this pseudonymisation. The information collected about users is transmitted to Google and stored on Google’s servers in the United States.
Further information on the use of data by Google, settings and objection options can be found in Google’s data protection declaration (https://policies.google.com/technologies/ads) and in the settings for the display of advertising by Google (https://adssettings.google.com/authenticated).
Online presence in social media
We maintain an online presence within social networks and platforms in order to be able to communicate with customers, interested parties and users who are active there and to inform them about our services.
We would like to point out that user data may be processed outside the European Union. This may entail risks for users, e.g. by making it more difficult to enforce users’ rights. With respect to US vendors certified under the Privacy Shield, we would like to point out that they are committed to complying with EU privacy standards.
Furthermore, user data is usually processed for market research and advertising purposes. For example, user profiles can be created on the basis of user behaviour and the resulting interests of users. The user profiles can also be used, for example, to place advertisements inside and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the user’s computer, in which the user’s usage behaviour and interests are stored. Furthermore, data can be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
The processing of users’ personal data is carried out on the basis of our legitimate interests in providing users with effective information and communicating with them in accordance with Art. 6 sec. 1 lit. f. GDPR. If the users are requested by the respective providers of the platforms to give their consent to the described data processing, the legal basis for the processing is Art. 6 sed. 1 lit. a., Art. 7 GDPR.
For a detailed representation of the respective processing and the possibilities of objection (Opt-Out), we refer to the following linked information of the providers.
Also in the case of requests for information and the enforcement of user rights, we point out that these can be asserted most effectively with the providers. Only the providers have access to the data of the users and can directly take appropriate measures and provide information. If you still need help, please do not hesitate to contact us.
– Facebook, Pages, Groups, (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) on the basis of a joint processing agreement – Privacy statement: https://www.facebook.com/about/privacy/,
speziell für Seiten: https://www.facebook.com/legal/terms/information_about_page_insights_data , Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.
– Google/ YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) – Privacy statement: https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
– Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) –
Privacy statement/ Opt-Out: http://instagram.com/about/legal/privacy/.
– Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) –
Privacy statement: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
– Pinterest (Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA) – Privacy statement / Opt-Out: https://about.pinterest.com/de/privacy-policy.
– LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) –
Privacy statement https://www.linkedin.com/legal/privacy-policy , Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.
– Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany – Privacy statement / Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung.
– Wakalet (Wakelet Limited, 76 Quay Street, Manchester, M3 4PR, United Kingdom) – Privacy statement / Opt-Out: https://wakelet.com/privacy.html.
– Soundcloud (SoundCloud Limited, Rheinsberger Str. 76/77, 10115 Berlin, Germany) – Privacy statement / Opt-Out: https://soundcloud.com/pages/privacy.
Incorporation of third-party services and content
Within the framework of our online offer, we act on the basis of our legitimate interests (i.e. interest regarding the analysis, optimisation and economic operation of our online offer as defined in Art. 6 sec. 1 lit. f. GDPR) and use third parties services in order to integrate their content and products into our website.
This always presupposes that the third-party providers of this content perceive the IP address of the user, since they would not be able to send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. We strive to use only this content, of which the respective provider uses the IP address only for the delivery of the content. Third parties may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may include technical information about the browser and operating system, referring websites, visit times and other information about the use of our website, as well as may be linked to other information from other similar sources.
We can integrate the videos of the platform “Vimeo” of the provider Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA. Privacy statement: https://vimeo.com/privacy. We point out that Vimeo may use Google Analytics and refer to the Privacy statement (https://policies.google.com/privacy) as well as opt-out options for Google Analytics (http://tools.google.com/dlpage/gaoptout?hl=en) or the settings of Google for data use for marketing purposes (https://adssettings.google.com/).
We integrate the videos of the platform “YouTube” of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy statement: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
We integrate the fonts (“Google Fonts”) of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy statement: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
We integrate the function for recognition of bots, e.g. for entries in online forms (“ReCaptcha”) of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy statement: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
We integrate the maps of the service “Google Maps” of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The data processed may include, in particular, IP addresses and location data of users, which are not collected without their consent (usually within the framework of the settings of their mobile devices). The data can be processed in the USA. Privacy statement: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
We integrate the maps of the service “OpenStreetMap” (https://www.openstreetmap.de), which are offered based on the Open Data Commons Open Database License (ODbL) by the OpenStreetMap Foundation (OSMF). Privacy statement: https://wiki.openstreetmap.org/wiki/Privacy_Policy.
To the best of our knowledge, OpenStreetMap uses user data solely for the purpose of displaying map functions and temporarily storing the selected settings. This data may include, in particular, IP addresses and location data of users, which are not collected without their consent (usually within the framework of the settings of their mobile devices).
The data can be processed in the USA. Further information can be found in the OpenStreetMap Privacy statement: https://wiki.openstreetmap.org/wiki/Privacy_Policy.
Typekit fonts from Adobe
On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer as defined in Art. 6 sec. 1 lit. f. GDPR), we integrate external “Typekit” fonts from Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland. Adobe is certified under the Privacy Shield Agreement, which guarantees compliance with European privacy laws (https://www.privacyshield.gov/participant?id=a2zt0000000TNo9AAG&status=Active).
This website uses the donation form of twingle GmbH, Prinzenallee 74, 13357 Berlin. The twingle GmbH provides the technical platform for the donation process for this donation form. The data you enter when making a donation (e.g. address, bank details, etc.) will only be stored by twingle on servers in Germany for the purpose of processing the donation.
We have concluded a contract with twingle for the processing of order data and when using the twingle donation form, we fully implement the strict requirements of the EU data protection regulation (GDPR) and the German data protection authorities.
Your data will be transmitted on the basis of Art. 6 sec. 1 lit. a GDPR (consent) and Art. 6 sec. 1 lit. b GDPR (processing for the fulfillment of a contract). If you have given your consent for data processing, you can revoke your consent at any time. A revocation does not affect the effectiveness of past data processing operations.
Use of Matomo
In the donation form of twingle, data is collected and stored in accordance with Art. 6 sec. 1 lit. f GDPR by using the web analysis service software Matomo (www.matomo.org), a service of the provider InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, (“Matomo”). The data is stored on the basis of twingle’s legitimate interest in the statistical analysis of user behaviour for optimization purposes in accordance with Art. 6 sec. 1 lit. f GDPR. From this data, pseudonymised user profiles can be created and evaluated for the same purpose. In this case cookies can be used. Cookies are small text files that are stored locally in the cache of the Internet browser of the page visitor. The cookies enable, among other things, the recognition of the Internet browser. The data collected using Matomo technology (including your pseudonymised IP address) is processed on twingle servers. The information generated by the cookie in the pseudonymous user profile is not used to personally identify the visitor of the website and is not merged with personal data about the holder of the pseudonym.