Data Privacy

Scope of Application

This data privacy statement explains to users the type, extent and purposes of the collection and use of personal data by Immanuel Gemeinde Leonberg e.V. on this website. The legal basis of data privacy are found in the EU General Data Protection Regulation (EU) 2016/679 (GDPR), in the Federal Data Privacy Law (Bundesdatenschutzgesetz, BDSG), the Telecommunications-Telemedia Data Protection Law (Telekommunikation-Telemedien-Datenschutz-Gesetz, TTDSG), as well as the Data Privacy Policy of Immanuel Gemeinde Leonberg e.V. (Datenschutzordnung, DSO of IGL).

Data Privacy at a Glance

General Information

The following information gives you a simple outline about what happens to your personal data if you visit our website. Personal data are all data with which you can be personally identified. Find detailed information on the topic of data privacy in our Data Privacy Statement beneath this text.

Data Collection on our Website

Who is responsible for collecting data on this website?

The processing of data on this website is done by the owner the website. You can find their contact data on the legal notice of this website.

How do we collect your data?

For one thing, your data will be collected if you communicate them to us. This can e.g. be data which you type into a contact form.

Other data will be recorded automatically by our IT systems when visiting the website. These are mainly technical data (e.g. internet browser, operating system or the time when the page was viewed). These data will be recorded automatically as soon as you access our website.

For what purposes do we use your data?

Some of the data will be collected to ensure the website is provided correctly. Other data can be used to analyze your user behaviour.

What rights do you have concerning your data?

At all times, you have the right to get information about the origin, recipient and purpose of your stored personal data free of charge. You also have the right to request the correction or deletion of these data. If you gave consent to data processing, you can revoke this consent for the future at any time. In addition, you have the right to request the processing of your personal data to be restricted under certain circumstances. Furthermore you have a right of appeal to the competent regulatory authority.

About this and further questions on the topic of data privacy you can always contact us under the address listed in the legal notice.

Hosting

We host the contents of our website at the following hoster:

Strato

The provider is Strato AG, Otto-Ostrowski-Straße 7, 10249 Berlin (hereafter “Strato”). If you visit our website, Strato collects various log data including your IP addresses.

Please find further information in the privacy policy of Strato.

Strato is used on the basis of § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f) GDPR). We have a legitimate interest in an as reliable as possible presentation of our website. If appropriate consent was requested, the processing takes place only on the basis of § 5 (2) lit. b DSO of IGL (cf. Article 6(1)(a) GDPR and § 25 (1) TTDSG), as far as the consent encompasses the storage of cookies or the access of information on the terminal device (e.g. device fingerprinting) according to TTDSG. This consent can be revoked at any time.

Contract Data Processing

We have concluded an order processing contract for use of the abovementioned service. This is a contract mandated for reasons of data protection which ensures that they process personal data of our website visitors only according to our instructions and in compliance with the DSO of IGL.

General and Mandatory Information

Data Privacy

The owner of this website, Immanuel Gemeinde Leonberg, takes the protection of your personal data very seriously. We treat your personal data confidentially and according to statutory data protection regulations as well as this Data Privacy Statement.

If you use this website, miscellaneous personal data are collected. Personal data are data with which you can be personally identified. The present Data Privacy Statement explains what data we collect and why we use them. It also explains how and for what purpose this happens.

Please note that data transfer in the internet (e.g. communication via email) may be liable to security vulnerabilities. Complete protection against access by third parties is not possible.

Information About the Responsible Party

The responsible party for processing data on this website is:

Immanuel Gemeinde Leonberg e.V.
Böblinger Straße 13
71229 Leonberg
Telephone: +49 (0) 7152 948958
Email: office@immanuel-gemeinde.de

The responsible party is the individual or legal entity who, alone or together with others, decides about the purposes and ways of processing personal data (e.g. names, e-mail addresses or similar).

Storage Duration

Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for which they were collected no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data (e.g. tax or commercial law retention periods); in the latter case, the deletion will take place after these reasons cease to apply.

General Information about the Legal Bases of Data Processing on This Website

If you consented to data processing, then we will process your personal data on the basis of § 5 (2) lit. b DSO of IGL (cf. Art. 6(1)(a) GDPR) or rather § 8 (2) lit. a DSO of IGL (cf. Art. 9(2)(a) GDPR) if special categories of data according to Art. 9(1) GDPR are processed. In the case of explicit consent to the transfer of personal data to third countries, data processing happens also on the basis of § 5 (2) lit. b DSO of IGL (cf. Art. 49(1)(a) GDPR). If you consented to the storage of cookies or the access of information on your terminal device (e.g. via device fingerprinting), then the processing of data happens also on the basis of § 25(1) TTDSG. This consent can be revoked at any time. If your data is necessary for contractual fulfilment or the implementation of pre-contractual measures, then we process your data on the basis of § 5 (2) lit. c DSO of IGL (cf. Art. 6(1)(b) GDPR). Furthermore, we process your data if these are necessary for compliance with a legal obligation on the basis of § 5 (2) lit. d DSO of IGL (cf. Art. 6(1)(c) GDPR). In addition, the processing of data can happen on the basis of our legitimate interest according to § 5 (2) lit. g DSO of IGL (cf. Art. 6(1)(f) GDPR). Information on the relevant legal basis in each individual case is provided in the following paragraphs of this data protection declaration.

Statutory Data Protection Officer

We have appointed a data protection officer for our church:

Ralf Tumat
Wolfsklingenweg 15
71364 Winnenden
Telephone: +49 (0) 162 7511498
Email: ralf.tumat@rtq-beratung.de

Note on data transfer to third countries that are not secure in terms of data protection law as well as transfer to US companies that are not DPF-certified

We use, among other things, tools from companies based in third countries that are not secure in terms of data protection law, as well as US tools whose providers are not certified according to the EU-US Data Privacy Framework (DPF). When these tools are active, your personal data may be transferred to and processed in these countries. We would like to point out that in third countries with uncertain data protection law, a level of data protection comparable to the EU cannot be guaranteed.

We would like to point out that the USA, as a safe third country, generally has a level of data protection comparable to the EU. Data transfer to the USA is then permitted if the recipient has certification under the “EU-US Data Privacy Framework” (DPF) or has appropriate additional guarantees. Information on transfers to third countries, including data recipients, can be found in this data protection declaration.

Recipients of Personal Data

As part of our business activities, we work with various external bodies. In some cases, it is also necessary to transmit personal data to these external bodies. We only pass on personal data to external bodies if this is necessary to fulfill a contract, if we are legally obliged to do so (e.g. passing on data to tax authorities), if we have a legitimate interest in accordance with § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f) GDPR) in the transfer or if another legal basis allows the data transfer. When using order processors, we only pass on our customers’ personal data on the basis of a valid order processing contract. In the case of joint processing, a joint processing contract is concluded.

Revocation of Your Consent to Data Processing

Many data-processing operations are only possible with your explicit consent. You can always revoke previously granted consent. The legality of data processing prior to the revocation remains unaffected by it.

Right of Objection Against Data Collection in Special Cases and Against Direct Advertising (§ 16 DSO of IGL, cf. Article 21 GDPR)

If the processing of data happens on the basis of § 5 (2) lit. a DSO of IGL (cf. Article 6(1)(e) GDPR) or § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f) GDPR), you have the right to appeal against the processing of your personal data for reasons that ensue from your particular situation at all times; this also applies to profiling based on these provisions. Find the respective legal basis upon which the processing rests in this data privacy statement. If you appeal, we will cease to process your personal data unless we can establish compelling reasons for processing worthy of protection which outweigh your interests, rights and freedoms or the processing serves the assertion, exercise or defence of legal claims (appeal according to § 16 DSO of IGL, cf. Article 21(1) GDPR).

If your personal data are processed for direct advertising, you have the right to appeal against the processing for the purpose of such advertising of personal data concerning yourself; this also applies to profiling as far as it is related with such direct advertising. If you appeal, we will subsequently cease to use your personal data for direct advertising (appeal according to § 16 DSO of IGL, cf. Article 21(2) GDPR).

Right to Appeal to the Competent Regulatory Authority

In the case of violations of privacy laws, affected persons have the right to appeal to the responsible regulatory authority. The responsible regulatory authority for data privacy questions is the Data Privacy Council of Immanuel Gemeinde Leonberg e.V. You can reach it as follows:

Datenschutzrat
Immanuel Gemeinde Leonberg e.V.
Böblinger Straße 13
71229 Leonberg
Telephone: +49 (0) 7152 948958
Email: datenschutz@immanuel-gemeinde.de

Right to Data Portability

You have the right to have data, which we process automatically on the basis of your consent or to execute a contract, handed over to yourself or a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible person, it will only be done as far as it is technically feasible.

SSL/TLS Encryption

For security reasons and to protect the transfer of confidential content, like for instance orders or inquiries, which you send to us as operators of the website, this site uses SSL/TLS encryption. You can recognize an encrypted connection by the change from ”http://” to “https://” in the address bar of your browser and by the lock symbol in your browser line.

If SSL/TLS encryption is activated, data you transfer to us can’t be read by third parties.

Information, Deletion and Correction

As part of the existing statutory provisions, you have, at all times, the right, free of charge, to information about your stored personal data, their origin, recipient and purpose for processing it, as well as, if applicable, the right to correction or deletion of these data. To this and further questions, you can always contact us via the address listed in the legal notice.

Right to Restrict Processing

You have the right to request the restriction of the processing of your personal data. For this, contact us via the address listed in the legal notice. The right to restrict processing exists in the following cases:

If you have restricted the processing of your personal data, apart from their retention these data may only be processed with your consent or to assert, exercise or defend legal claims or to protect the rights of another individual or legal entity or for reasons of a substantial public interest of the European Union or a member state.

Objection to Promotional Emails

Hereby we object to the use of contact data published in line with the compulsory legal notice to transmit not explicitly requested advertising and informational material. The owners of this site explicitly reserve the right to legal steps in the case of unsolicited sending of promotional information, for instance by spam emails.

Data Collection on our Website

Cookies

Our internet pages use so-called cookies. Cookies are small text files and don’t harm your device. They will be stored on your device, either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies will be deleted automatically after the end of your visit. Permanent cookies remain stored on your device until you remove them yourself or deletion is performed automatically by your browser.

Partly, cookies can be stored by third party contractors on your device if you visit our website (third party cookies). These allow us or you the use of certain services of the third party (e.g. cookies for the processing of payment services).

Cookies have various functions. Many cookies are technically necessary, because certain website functions wouldn't work (e.g. shopping cart functions or showing videos). Other cookies are used to analyze user behaviour or display advertisments.

Cookies which are needed to perform the electronic communication process (necessary cookies) or to provide certain functions requested by you (functional cookies, e.g. for a shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) are stored on the basis of § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f) GDPR), if no other legal basis is specified. The operator of the website has a legitimate interest in storing cookies to offer their services in a technically correct and optimized way. If the agreement to store cookies was requested, then storing them takes place exclusively on the basis of this agreement (§ 5 (2) lit. b DSO of IGL, cf. Article 6(1)(a) GDPR), this agreement can be revoked at any time.

You can configure your browser so that it informs you about cookies being set and to allow cookies only on a case-by-case basis, to preclude the acceptance of cookies in certain cases or generally, as well as activate the deletion of cookies at the closing of your browser. The deactivation of cookies can limit the functionality of this website.

As far as cookies by third party contractors or for purposes of analysis are used, we will inform you separately within this privacy statement and, if applicable, request your agreement.

Server Log Files

The provider of the website automatically gathers and stores information which your browser transmits to us automatically in so-called server log files. These are:

An aggregation of these data with other data sources won’t be performed.

The collection of these data happens on the basis of § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f), GDPR). The owner of the website has a legitimate interest in a technically correct presentation and optimization of their website, server log files have to be recorded for this purpose.

Contact Forms

If you submit inquiries to us via contact forms, your information from the inquiry form including the contact data supplied by you will be stored with us in order to process the inquiry and for the case of followup questions. We won’t pass on these data without your consent.

The processing of these data happens on the basis of § 5 (2) lit. c DSO of IGL (cf. Article 6(1)(b) GDPR) if your inquiry is related to the execution of a contract or necessary to conduct precontractual measures. In all other cases, the processing is based on our legitimate interest in efficiently processing the inquiries addressed to us (§ 5 (2) lit. g DSO of IGL, cf. Article 6(1)(f) GDPR) or your consent (§ 5 (2) lit. b DSO of IGL, cf. Article 6(1)(a) GDPR) if it was requested. This consent can be revoked at any time.

The data you submit in contact forms stay with us until you ask us for their deletion, you appeal your consent to their storage or the purpose of their retention lapses (e.g. after handling of your request is completed). Mandatory statutory provisions—especially legal retention periods—remain unaffected.

Inquiries by Email, Telephone or Fax

If you contact us via email, telephone or telefax, your inquiry will be stored and processed with us, including all personal data arising from it, for the purpose of handling your concerns. We won’t pass on these data without your consent.

The processing of these data happens on the basis of § 5 (2) lit. c DSO of IGL (cf. Article 6(1)(b) GDPR) if your inquiry is related to the execution of a contract or necessary to conduct precontractual measures. In all other cases, the processing is based on our legitimate interest in efficiently processing the inquiries addressed to us (§ 5 (2) lit. g DSO of IGL, cf. Article 6(1)(f) GDPR) or your consent (§ 5 (2) lit. b DSO of IGL, cf. Article 6(1)(a) GDPR) if it was requested. This consent can be revoked at any time.

The data you send to us via contact inquiries stay with us until you ask us for their deletion, you appeal your consent to their storage or the purpose of their retention lapses (e.g. after handling of your concerns is completed). Mandatory statutory provisions—especially legal retention periods—remain unaffected.

Newsletter

Newsletter Data

If you want to receive the newsletter offered on this website, we need your e-mail address as well as information which allows us to verify that you are the owner of the stated e-mail address and agree to receive the newsletter. Additional data will not be collected, or only on a voluntary basis. For the processing of newsletters we use newsletter service providers, which are described subsequently.

Rapidmail

This website uses Rapidmail for the distribution of newsletters. The provider is rapidmail GmbH, Augustinerplatz 2, 79098 Freiburg i. Br., Germany.

Rapidmail is a service which allows organizing and analyzing the distribution of newsletters. The data you supplied for the purpose of receiving newsletters are stored on servers of Rapidmail in Germany.

Data Analysis by Rapidmail

For the purpose of analysis, e-mails sent by Rapidmail contain a so-called “tracking pixel” which connects to the servers of Rapidmail when the e-mail is opened. This way it can be determined if a newsletter message was opened.

Furthermore, using Rapidmail we can determine whether and which links are clicked on in the newsletter message. All links in the e-mail are so-called tracking links with which your clicks can be counted. If you don’t want analysis by Rapidmail, you have to unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.

Learn more details about the analysis functions of Rapidmail on their website.

Legal Basis

The processing of these data happens on the basis of of your consent (§ 5 (2) lit. g DSO of IGL, cf. Article 6(1)(f) GDPR). You can revoke this consent at any time. The legality of prior data processing remains unaffected by the revocation.

Storage Duration

We store the data you supplied to us for the purpose of receiving newsletters until you unsubscribe from the newsletter with us or, as the case may be, the newsletter service provider and delete them from the newsletter distribution list after unsubscribing. Data which are stored for other purposes with us are unaffected.

After unsubscribing from the newsletter distribution list, your e-mail address will be stored in a black list with us or, as the case may be, the newsletter service provider to prevent future mailings, where required. The data from this black list are only used for this purpose and won’t be brought together with other data. This serves your interests as well as ours in staying compliant with legal requirements on the distribution of newsletters (legitimate interest according to § 5 (2) lit. g DSO of IGL, cf. Article 6(1)(f) GDPR). The retention in the black list isn’t limited in time. You can object to the retention if your interests outweigh our legitimate interests.

Please learn more details in the data privacy notice of Rapidmail.

Contract Data Processing

We have concluded an order processing contract with the above-mentioned provider. This is a contract required by data protection law, which ensures that they only process the personal data of our website visitors in accordance with our instructions and in compliance with the DSO of IGL.

Registration on This Website

You can register on this website to use additional functionality. We will use data submitted for it only for the purpose of using the respective offering or service for which you have registered. Mandatory information requested upon registration have to be supplied completely, otherwise we will reject the registration.

For important changes, for instance regarding the extent of our offerings or technically necessary modifications, we will use the email address supplied at registration to contact you this way. The processing of data supplied at registration happens for the purpose of performing the service relationship established by the registration and, if applicable, the initiation of additional contracts (§ 5 (2) lit. c DSO of IGL, cf. Article 6(1)(b) GDPR).

The data collected at registration will be stored by us as long as you are registered on this website and will be deleted afterwards. Legal retention periods remain unaffected.

Plugins and Tools

YouTube

This website embeds videos by the website YouTube. Operator of the website is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

If you visit one of our websites on which YouTube is embedded, a connection to the servers of YouTube will be established. In doing so, which of our pages you visited is disclosed to the YouTube server.

Furthermore, YouTube can store various cookies on your device. With these cookies, YouTube can get information about visitors of this website. This information will be used among other things to gather video statistics, to improve user-friendliness, and to guard against fraud attempts. These cookies remain on your device until you delete them.

If you are logged into you YouTube account, you make it possible for YouTube to directly correlate your surfing behaviour to your personal profile. You can prevent that by logging out of your YouTube account.

The use of YouTube happens in the interest of an appealing presentation of our online offerings. This constitutes a legitimate interest according to § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f) GDPR). If a corresponding agreement was requested, then processing takes place exclusively on the basis of this agreement (§ 5 (2) lit. b DSO of IGL, cf. Article 6(1)(a) GDPR), this agreement can be revoked at any time.

Find further information about the handling of user data in the YouTube Privacy Statement.

Google Web Fonts (locally hosted)

For the purpose of a consistent display of typefaces, this website uses so-called web fonts which are provided by Google. The web fonts are installed locally. No connection to Google servers is established for their use.

Google Maps

This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

In order to use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. If Google Maps is activated, Google can use Google Fonts for the purpose of uniform font display. When you access Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

The use of Google Maps is in the interest of an attractive presentation of our online offerings and to make it easy to find the places we indicate on the website. This represents a legitimate interest within the meaning of § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f) GDPR). If appropriate consent has been requested, processing is carried out exclusively on the basis of § 5 (2) lit. b DSO of IGL (cf. Article 6(1)(a) GDPR) and § 25 (1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the EU Commission’s standard contractual clauses. Details can be found in the “Google Controller-Controller Data Protection Terms” and “Google Controller-Controller Data Protection Terms: Standard Contractual Clauses” documents.

You can find more information on how user data is handled in the Google Privacy Policy.

The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider.

ChurchTools

We use the platform ChurchTools for our internal organisation and management.

For some functions, like registering for small groups through this website, we link to the ChurchTools service or embed it via an API. Its provider is ChurchTools Innovations GmbH (“ChurchTools”), Erbprinzenstraße 20, 76133 Karlsruhe, Germany.

For this purpose, the browser used by you has to contact the servers of ChurchTools. Through this, ChurchTools acquires knowledge that our website was accessed from your IP address. If you use functions implemented this way, data supplied by you will likewise become known by ChurchTools. Using the ChurchTools service happens so we can offer the respective functions and integrate them with our internal processes. This constitutes a legitimate interest according to § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f) GDPR).

Find further information about the handling of user data using the ChurchTools platform in our privacy statement there.

Javascript and CSS Libraries

For certain functions, we embed Javascript and CSS libraries from external providers.

For this purpose, the browser used by you has to contact the servers of the provider of the external resource. Through this, the respective provider acquires knowledge that our website was accessed from your IP address. Using these external resources happens in the interest of optimizing access to our website. This constitutes a legitimate interest according to § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f) GDPR).

These providers have their respective own rules regarding the handling of personal data:

Audio and Video Conferences

Data processing

We use online conference tools, among other things, for communication with our customers. The tools we use are listed in detail below. If you communicate with us by video or audio conference using the Internet, your personal data will be collected and processed by the provider of the respective conference tool and by us.

The conferencing tools collect all information that you provide/access to use the tools (email address and/or your phone number). Furthermore, the conference tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” related to the communication process (metadata).

Furthermore, the provider of the tool processes all the technical data required for the processing of the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.

Should content be exchanged, uploaded or otherwise made available within the tool, it is also stored on the servers of the tool provider. Such content includes, but is not limited to, cloud recordings, chat/ instant messages, voicemail uploaded photos and videos, files, whiteboards and other information shared while using the service.

Please note that we do not have complete influence on the data processing procedures of the tools used. Our possibilities are largely determined by the corporate policy of the respective provider. Further information on data processing by the conference tools can be found in the data protection declarations of the tools used, and which we have listed below this text.

Purpose and legal bases

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (§ 5 (2) lit. c DSO of IGL, cf. Article 6(1)(b) GDPR). Furthermore, the use of the tools serves to generally simplify and accelerate communication with us or our company (legitimate interest according to § 5 (2) lit. g DSO of IGL, cf. Article 6(1)(f) GDPR). Insofar as consent has been requested, the tools in question will be used on the basis of this consent; the consent may be revoked at any time with effect from that date.

Storage Duration

Data collected directly by us via the video and conference tools will be deleted from our systems immediately after you request us to delete it, revoke your consent to storage, or the reason for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal retention periods remain unaffected.

We have no influence on the duration of storage of your data that is stored by the operators of the conference tools for their own purposes. For details, please contact directly the operators of the conference tools.

Conference tools used

We employ the following conference tools:

Zoom

We use Zoom. The provider of this service is Zoom Communications Inc, San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. For details on data processing, please refer to Zoom’s privacy policy.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can also be found in Zoom’s privacy policy.

Contract Data Processing

We have concluded an order processing contract for the use of the above-mentioned service. This is a contract required by data protection law, which guarantees that the personal data of our website visitors will only be processed in accordance with our instructions and in compliance with the DSO of IGL.

Our Social Media Presences

This privacy policy applies to our following social media presences:

Data Processing by Social Networks

We maintain publicly available profiles in social networks. The individual social networks we use can be found below.

Social networks such as Facebook, Twitter etc. can generally analyse your user behaviour comprehensively if you visit their website or a website with integrated social media content (e.g. like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail:

If you are logged in to your social media account and visit our social media page, the operator of the social media portal can correlate this visit with your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.

Using the data collected in this way, operators of social media portals can create user profiles in which your preferences and interests are stored. This way you can be shown interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are or have been logged in to.

Please also note that we cannot retrace all processing operations on social media portals. Depending on the provider, additional processing operations may therefore be carried out by the operators of a social media portal. Details can be found in the terms of use and privacy policy of the respective social media portals.

Legal Basis

Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of § 5 (2) lit. g DSO of IGL (cf. Art. 6(1)(f) GDPR). The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g. consent within the meaning of § 5 (2) lit. b DSO of IGL, cf. Art. 6(1)(a), GDPR).

Responsible Party and Assertion of Rights

If you visit one of our social media presences (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle assert your rights (information, correction, deletion, limitation of processing, data portability and appeal) against us as well as against the operator of the respective social media portal (e.g. Facebook).

Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.

Storage Time

The data collected directly from us via the social media presence will be deleted from our systems as soon as the purpose for their storage lapses, you ask us to delete it, or revoke your consent to its storage. Stored cookies remain on your device until you delete them. Mandatory statutory provisions—in particular, retention periods—remain unaffected.

Individual Social Networks

Facebook

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereafter Meta). According to Meta’s statement the collected data will also be transferred to the USA and to other third party countries.

We have signed an agreement with Meta on shared responsibility for the processing of data (Controller Addendum). This agreement determines which data processing operations we or Meta are responsible for when you visit our Facebook page. This agreement can be viewed on the Facebook website.

You can customise your advertising settings independently in your Facebook user account.

Data transfer to the USA is based on the EU Commission’s standard contractual clauses. Details can be found in the “Meta European Data Transfer Addendum” and “What are Standard Contractual Clauses?” documents.

Details can be found in the Facebook Data Policy.

The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider.

Instagram

We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereafter Meta).

Data transfer to the USA is based on the EU Commission’s standard contractual clauses. Details can be found in the “Meta European Data Transfer Addendum”, Privacy Policy and “What are Standard Contractual Clauses?” documents.

YouTube

We have a profile on YouTube. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. You can find more information on how they handle user data in the Google Privacy Policy.

The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information on this can be obtained from the provider.

Created using eRecht24.