Data Privacy

Scope of Application

This data privacy statement explains to users the type, extent and purposes of the collection and use of personal data by Immanuel Gemeinde Leonberg e.V. on this website. The legal basis of data privacy are found in the EU General Data Protection Regulation (EU) 2016/679 (GDPR), in the Federal Data Privacy Law (Bundesdatenschutzgesetz, BDSG), the Tele Media Law (Telemediengesetz, TMG), as well as the Data Privacy Policy of Immanuel Gemeinde Leonberg e.V. (Datenschutzordnung, DSO of IGL).

Data Privacy at a Glance

General Information

The following information gives you a simple outline about what happens to your personal data if you visit our website. Personal data are all data with which you can be personally identified. Find detailed information on the topic of data privacy in our Data Privacy Statement beneath this text.

Data Collection on our Website

Who is responsible for collecting data on this website?

The processing of data on this website is done by the owner the website. You can find their contact data on the legal notice of this website.

How do we collect your data?

For one thing, your data will be collected if you communicate them to us. This can e.g. be data which you type into a contact form.

Other data will be recorded automatically by our IT systems when visiting the website. These are mainly technical data (e.g. internet browser, operating system or the time when the page was viewed). These data will be recorded automatically as soon as you access our website.

For what purposes do we use your data?

Some of the data will be collected to ensure the website is provided correctly. Other data can be used to analyze your user behaviour.

What rights do you have concerning your data?

At all times, you have the right to get information about the origin, recipient and purpose of your stored personal data free of charge. You also have the right to request the correction or deletion of these data. If you gave consent to data processing, you can revoke this consent for the future at any time. In addition, you have the right to request the processing of your personal data to be restricted under certain circumstances. Furthermore you have a right of appeal to the competent regulatory authority.

About this and further questions on the topic of data privacy you can always contact us under the address listed in the legal notice.

Hosting and Content Delivery Networks (CDN)

External Hosting

This website is hosted by an external service provider (host). Personal data which are gathered by this website are saved on servers of the host. Most notably, these can be IP addresses, contact requests, meta and communication data, contract data, contact data, names, website accesses, and other data which are generated by a website.

The host is used for the purpose of fulfilment of contract towards potential and existing customers (§ 5 (2) lit. c DSO of IGL, cf. Article 6(1)(b) GDPR) and in the interest of a safe, quick and efficient provision of our online offering by a professional provider (§ 5 (2) lit. g DSO of IGL, cf. Article 6(1)(f) GDPR).

Our host will process your data only insofar as it is necessary to fulfil their obligation to perform and will comply with our instructions in relation to these data.

We use the following host:

Strato AG
Pascalstraße 10
10587 Berlin

Execution of a Contract Data Processing Agreement

In order to guarantee processing in compliance with data protection regulations, we have concluded an order processing contract with our host.

General and Mandatory Information

Data Privacy

The owner of this website, Immanuel Gemeinde Leonberg, takes the protection of your personal data very seriously. We treat your personal data confidentially and according to statutory data protection regulations as well as this Data Privacy Statement.

If you use this website, miscellaneous personal data are collected. Personal data are data with which you can be personally identified. The present Data Privacy Statement explains what data we collect and why we use them. It also explains how and for what purpose this happens.

Please note that data transfer in the internet (e.g. communication via email) may be liable to security vulnerabilities. Complete protection against access by third parties is not possible.

Information About the Responsible Party

The responsible party for processing data on this website is:

Immanuel Gemeinde Leonberg e.V.
Böblinger Straße 13
71229 Leonberg
Telephone: +49 (0) 7152 948958
Email: office@immanuel-gemeinde.de

The responsible party is the individual or legal entity who, alone or together with others, decides about the purposes and ways of processing personal data (e.g. names, e-mail addresses or similar).

Storage Duration

Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for which they were collected no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data (e.g. tax or commercial law retention periods); in the latter case, the deletion will take place after these reasons cease to apply.

Statutory Data Protection Officer

We have appointed a data protection officer for our church:

Ralf Tumat
Wolfsklingenweg 15
71364 Winnenden
Telephone: +49 (0) 162 7511498
Email: ralf.tumat@rtq-beratung.de

Information on Data Transfer to the USA

Among other things, our website uses tools from companies based in the USA. If these tools are active, your personal information may be transferred to the US servers of these companies. We must point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are required to release personal data to security authorities without you as the data subject being able to take legal action against this. The possibility cannot therefore be excluded that US authorities (e.g. intelligence services) may process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence over these processing activities.

Revocation of Your Consent to Data Processing

Many data-processing operations are only possible with your explicit consent. You can always revoke previously granted consent. The legality of data processing prior to the revocation remains unaffected by it.

Right of Objection Against Data Collection in Special Cases and Against Direct Advertising (§ 16 DSO of IGL, cf. Article 21 GDPR)

If the processing of data happens on the basis of § 5 (2) lit. a DSO of IGL (cf. Article 6(1)(e) GDPR) or § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f) GDPR), you have the right to appeal against the processing of your personal data for reasons that ensue from your particular situation at all times; this also applies to profiling based on these provisions. Find the respective legal basis upon which the processing rests in this data privacy statement. If you appeal, we will cease to process your personal data unless we can establish compelling reasons for processing worthy of protection which outweigh your interests, rights and freedoms or the processing serves the assertion, exercise or defence of legal claims (appeal according to § 16 DSO of IGL, cf. Article 21(1) GDPR).

If your personal data are processed for direct advertising, you have the right to appeal against the processing for the purpose of such advertising of personal data concerning yourself; this also applies to profiling as far as it is related with such direct advertising. If you appeal, we will subsequently cease to use your personal data for direct advertising (appeal according to § 16 DSO of IGL, cf. Article 21(2) GDPR).

Right to Appeal to the Competent Regulatory Authority

In the case of violations of privacy laws, affected persons have the right to appeal to the responsible regulatory authority. The responsible regulatory authority for data privacy questions is the Data Privacy Council of Immanuel Gemeinde Leonberg e.V. You can reach it as follows:

Datenschutzrat
Immanuel Gemeinde Leonberg e.V.
Böblinger Straße 13
71229 Leonberg
Telephone: +49 (0) 7152 948958
Email: datenschutz@immanuel-gemeinde.de

Right to Data Portability

You have the right to have data, which we process automatically on the basis of your consent or to execute a contract, handed over to yourself or a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible person, it will only be done as far as it is technically feasible.

SSL/TLS Encryption

For security reasons and to protect the transfer of confidential content, like for instance orders or inquiries, which you send to us as operators of the website, this site uses SSL/TLS encryption. You can recognize an encrypted connection by the change from ”http://” to “https://” in the address bar of your browser and by the lock symbol in your browser line.

If SSL/TLS encryption is activated, data you transfer to us can’t be read by third parties.

Information, Deletion and Correction

As part of the existing statutory provisions, you have, at all times, the right, free of charge, to information about your stored personal data, their origin, recipient and purpose for processing it, as well as, if applicable, the right to correction or deletion of these data. To this and further questions, you can always contact us via the address listed in the legal notice.

Right to Restrict Processing

You have the right to request the restriction of the processing of your personal data. For this, contact us via the address listed in the legal notice. The right to restrict processing exists in the following cases:

If you have restricted the processing of your personal data, apart from their retention these data may only be processed with your consent or to assert, exercise or defend legal claims or to protect the rights of another individual or legal entity or for reasons of a substantial public interest of the European Union or a member state.

Objection to Promotional Emails

Hereby we object to the use of contact data published in line with the compulsory legal notice to transmit not explicitly requested advertising and informational material. The owners of this site explicitly reserve the right to legal steps in the case of unsolicited sending of promotional information, for instance by spam emails.

Data Collection on our Website

Cookies

Our internet pages use so-called cookies. Cookies are small text files and don’t harm your device. They will be stored on your device, either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies will be deleted automatically after the end of your visit. Permanent cookies remain stored on your device until you remove them yourself or deletion is performed automatically by your browser.

Partly, cookies can be stored by third party contractors on your device if you visit our website (third party cookies). These allow us or you the use of certain services of the third party (e.g. cookies for the processing of payment services).

Cookies have various functions. Many cookies are technically necessary, because certain website functions wouldn't work (e.g. shopping cart functions or showing videos). Other cookies are used to analyze user behaviour or display advertisments.

Cookies which are needed to perform the electronic communication process (necessary cookies) or to provide certain functions requested by you (functional cookies, e.g. for a shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) are stored on the basis of § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f) GDPR), if no other legal basis is specified. The operator of the website has a legitimate interest in storing cookies to offer their services in a technically correct and optimized way. If the agreement to store cookies was requested, then storing them takes place exclusively on the basis of this agreement (§ 5 (2) lit. b DSO of IGL, cf. Article 6(1)(a) GDPR), this agreement can be revoked at any time.

You can configure your browser so that it informs you about cookies being set and to allow cookies only on a case-by-case basis, to preclude the acceptance of cookies in certain cases or generally, as well as activate the deletion of cookies at the closing of your browser. The deactivation of cookies can limit the functionality of this website.

As far as cookies by third party contractors or for purposes of analysis are used, we will inform you separately within this privacy statement and, if applicable, request your agreement.

Server Log Files

The provider of the website automatically gathers and stores information which your browser transmits to us automatically in so-called server log files. These are:

An aggregation of these data with other data sources won’t be performed.

The collection of these data happens on the basis of § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f), GDPR). The owner of the website has a legitimate interest in a technically correct presentation and optimization of their website, server log files have to be recorded for this purpose.

Contact Forms

If you submit inquiries to us via contact forms, your information from the inquiry form including the contact data supplied by you will be stored with us in order to process the inquiry and for the case of followup questions. We won’t pass on these data without your consent.

The processing of these data happens on the basis of § 5 (2) lit. c DSO of IGL (cf. Article 6(1)(b) GDPR) if your inquiry is related to the execution of a contract or necessary to conduct precontractual measures. In all other cases, the processing is based on our legitimate interest in efficiently processing the inquiries addressed to us (§ 5 (2) lit. g DSO of IGL, cf. Article 6(1)(f) GDPR) or your consent (§ 5 (2) lit. b DSO of IGL, cf. Article 6(1)(a) GDPR) if it was requested.

The data you submit in contact forms stay with us until you ask us for their deletion, you appeal your consent to their storage or the purpose of their retention lapses (e.g. after handling of your request is completed). Mandatory statutory provisions—especially legal retention periods—remain unaffected.

Inquiries by Email, Telephone or Fax

If you contact us via email, telephone or telefax, your inquiry will be stored and processed with us, including all personal data arising from it, for the purpose of handling your concerns. We won’t pass on these data without your consent.

The processing of these data happens on the basis of § 5 (2) lit. c DSO of IGL (cf. Article 6(1)(b) GDPR) if your inquiry is related to the execution of a contract or necessary to conduct precontractual measures. In all other cases, the processing is based on our legitimate interest in efficiently processing the inquiries addressed to us (§ 5 (2) lit. g DSO of IGL, cf. Article 6(1)(f) GDPR) or your consent (§ 5 (2) lit. b DSO of IGL, cf. Article 6(1)(a) GDPR) if it was requested.

The data you send to us via contact inquiries stay with us until you ask us for their deletion, you appeal your consent to their storage or the purpose of their retention lapses (e.g. after handling of your concerns is completed). Mandatory statutory provisions—especially legal retention periods—remain unaffected.

Registration on This Website

You can register on this website to use additional functionality. We will use data submitted for it only for the purpose of using the respective offering or service for which you have registered. Mandatory information requested upon registration have to be supplied completely, otherwise we will reject the registration.

For important changes, for instance regarding the extent of our offerings or technically necessary modifications, we will use the email address supplied at registration to contact you this way. The processing of data supplied at registration happens for the purpose of performing the service relationship established by the registration and, if applicable, the initiation of additional contracts (§ 5 (2) lit. c DSO of IGL, cf. Article 6(1)(b) GDPR).

The data collected at registration will be stored by us as long as you are registered on this website and will be deleted afterwards. Legal retention periods remain unaffected.

Plugins and Tools

YouTube

This website embeds videos by the website YouTube. Operator of the website is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

If you visit one of our websites on which YouTube is embedded, a connection to the servers of YouTube will be established. In doing so, which of our pages you visited is disclosed to the YouTube server.

Furthermore, YouTube can store various cookies on your device. With these cookies, YouTube can get information about visitors of this website. This information will be used among other things to gather video statistics, to improve user-friendliness, and to guard against fraud attempts. These cookies remain on your device until you delete them.

If you are logged into you YouTube account, you make it possible for YouTube to directly correlate your surfing behaviour to your personal profile. You can prevent that by logging out of your YouTube account.

The use of YouTube happens in the interest of an appealing presentation of our online offerings. This constitutes a legitimate interest according to § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f) GDPR). If a corresponding agreement was requested, then processing takes place exclusively on the basis of this agreement (§ 5 (2) lit. b DSO of IGL, cf. Article 6(1)(a) GDPR), this agreement can be revoked at any time.

Find further information about the handling of user data in the YouTube Privacy Statement.

Google Web Fonts

For the purpose of a consistent display of typefaces, this website uses so-called web fonts which are provided by Google. If you access a page, your browser loads the required web fonts into the cache of your browser, to display texts and typefaces correctly.

For this purpose, the browser used by you has to contact the servers of Google. Through this, Google acquires knowledge that our website was accessed from your IP address. Using Google web fonts happens in the interest of a consistent and appealing presentation of our online offerings. This constitutes a legitimate interest according to § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f) GDPR).

If your browser doesn’t support web fonts, a default typeface of your computer will be used.

Find further information about Google web fonts in the FAQs for Google web fonts and in the Google Privacy Statement.

Google Maps

This website uses the map service Google Maps via an API. Its provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To use the functions of Google Maps it is necessary to store your IP address. This information will usually be transmitted to a server of Google in the United States of America and stored there. The operator of this website doesn’t have an influence on this transmission.

The use of Google Maps happens in the interest of an appealing presentation of our online offerings and an easier discoverability of places listed on the website. This constitutes a legitimate interest according to § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f) GDPR). If a corresponding agreement was requested, then processing takes place exclusively on the basis of this agreement (§ 5 (2) lit. b DSO of IGL, cf. Article 6(1)(a) GDPR), this agreement can be revoked at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found in the “Google Controller-Controller Data Protection Terms” and “Google Controller-Controller Data Protection Terms: Standard Contractual Clauses” documents.

Find further information about the handling of user data in the Google Privacy Statement.

ChurchTools

We use the platform ChurchTools for our internal organisation and management.

For some functions, like registering for small groups through this website, we link to the ChurchTools service or embed it via an API. Its provider is ChurchTools Innovations GmbH (“ChurchTools”), Erbprinzenstraße 20, 76133 Karlsruhe, Germany.

For this purpose, the browser used by you has to contact the servers of ChurchTools. Through this, ChurchTools acquires knowledge that our website was accessed from your IP address. If you use functions implemented this way, data supplied by you will likewise become known by ChurchTools. Using the ChurchTools service happens so we can offer the respective functions and integrate them with our internal processes. This constitutes a legitimate interest according to § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f) GDPR).

Find further information about the handling of user data using the ChurchTools platform in our privacy statement there.

Javascript and CSS Libraries

For certain functions, we embed Javascript and CSS libraries from external providers.

For this purpose, the browser used by you has to contact the servers of the provider of the external resource. Through this, the respective provider acquires knowledge that our website was accessed from your IP address. Using these external resources happens in the interest of optimizing access to our website. This constitutes a legitimate interest according to § 5 (2) lit. g DSO of IGL (cf. Article 6(1)(f) GDPR).

These providers have their respective own rules regarding the handling of personal data:

Our Social Media Presences

Data Processing by Social Networks

We maintain publicly available profiles in social networks. The individual social networks we use can be found below.

Social networks such as Facebook, Twitter etc. can generally analyse your user behaviour comprehensively if you visit their website or a website with integrated social media content (e.g. like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail:

If you are logged in to your social media account and visit our social media page, the operator of the social media portal can correlate this visit with your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.

Using the data collected in this way, operators of social media portals can create user profiles in which your preferences and interests are stored. This way you can be shown interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are or have been logged in to.

Please also note that we cannot retrace all processing operations on social media portals. Depending on the provider, additional processing operations may therefore be carried out by the operators of a social media portal. Details can be found in the terms of use and privacy policy of the respective social media portals.

Legal Basis

Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of § 5 (2) lit. g DSO of IGL (cf. Art. 6(1)(f) GDPR). The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g. consent within the meaning of § 5 (2) lit. b DSO of IGL, cf. Art. 6(1)(a), GDPR).

Responsible Party and Assertion of Rights

If you visit one of our social media presences (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle assert your rights (information, correction, deletion, limitation of processing, data portability and appeal) against us as well as against the operator of the respective social media portal (e.g. Facebook).

Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.

Storage Time

The data collected directly from us via the social media presence will be deleted from our systems as soon as the purpose for their storage lapses, you ask us to delete it, or revoke your consent to its storage. Stored cookies remain on your device until you delete them. Mandatory statutory provisions—in particular, retention periods—remain unaffected.

Individual Social Networks

Facebook

We have a profile on Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s statement the collected data will also be transferred to the USA and to other third party countries.

We have signed an agreement with Facebook on shared responsibility for the processing of data (Controller Addendum). This agreement determines which data processing operations we or Facebook are responsible for when you visit our Facebook page. This agreement can be viewed on the Facebook website.

You can customise your advertising settings independently in your Facebook user account.

Details can be found in the Facebook Data Policy.

Instagram

We have a profile on Instagram. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA. For details on how they handle your personal information, see the Instagram Data Policy.

Audio and Video Conferences

Data processing

We use online conference tools, among other things, for communication with our customers. The tools we use are listed in detail below. If you communicate with us by video or audio conference using the Internet, your personal data will be collected and processed by the provider of the respective conference tool and by us.

The conferencing tools collect all information that you provide/access to use the tools (email address and/or your phone number). Furthermore, the conference tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” related to the communication process (metadata).

Furthermore, the provider of the tool processes all the technical data required for the processing of the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.

Should content be exchanged, uploaded or otherwise made available within the tool, it is also stored on the servers of the tool provider. Such content includes, but is not limited to, cloud recordings, chat/ instant messages, voicemail uploaded photos and videos, files, whiteboards and other information shared while using the service.

Please note that we do not have complete influence on the data processing procedures of the tools used. Our possibilities are largely determined by the corporate policy of the respective provider. Further information on data processing by the conference tools can be found in the data protection declarations of the tools used, and which we have listed below this text.

Purpose and legal bases

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (§ 5 (2) lit. c DSO of IGL, cf. Article 6(1)(b) GDPR). Furthermore, the use of the tools serves to generally simplify and accelerate communication with us or our company (legitimate interest according to § 5 (2) lit. g DSO of IGL, cf. Article 6(1)(f) GDPR). Insofar as consent has been requested, the tools in question will be used on the basis of this consent; the consent may be revoked at any time with effect from that date.

Duration of storage

Data collected directly by us via the video and conference tools will be deleted from our systems immediately after you request us to delete it, revoke your consent to storage, or the reason for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal retention periods remain unaffected.

We have no influence on the duration of storage of your data that is stored by the operators of the conference tools for their own purposes. For details, please contact directly the operators of the conference tools.

Conference tools used

We employ the following conference tools:

Zoom

We use Zoom. The provider of this service is Zoom Communications Inc, San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. For details on data processing, please refer to Zoom’s privacy policy.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can also be found in Zoom’s privacy policy.

Created using eRecht24.