Privacy policy
We stand for human
rights in the digital society and consider the protection of natural persons in
the processing of personal data a human right. For this reason, we take the
protection of your data very seriously and treat it confidentially and in accordance
with legal regulations. With the following privacy policy
we would like to inform you about what types of your personal data we process
for what purposes and to what extent. This privacy policy applies to all
processing of personal data carried out by us, both in the context of the
provision of our services and in particular on our website www.igfgreece.eu as well as within
external online presences, such as our social media profiles on Facebook, Instagram, YouTube and LinkedIn (collectively referred to as "online offer").
IGF
Greece organized under
the auspices the Institute
for Internet and the Just Society e.V., which
provides for the necessary infrastructure for the implementation of the
initiative. The Executive Committee acts independently on the
basis of decisions and guidelines set by the community and the
Multistakeholder Committee in accordance with the UN IGF standards. It consults
with the presidency about matters where legal responsibility may arise.
Imprint:
Institute for Internet and the Just
Society e.V.
c/o Konstantinos Tsakiliotis
Potsdamer Str. 63
10785 Berlin, Germany
Phone: +4915258475612
Email:
info@internetjustsociety.org
USt-IdNr.: DE334212579
Last updated: March 14,
2021
General information
Table of Contents
· Controller
· Changes & Update
· Copyright Notice
· Definitions
· Overview of processing operations
o Types of data processed
o Categories of affected persons
o Purposes of processing
· Relevant legal bases
· National data protection regulations in Germany
· Security
o SSL or TLS encryption
o Quantcast Choice
o Google ReCaptcha
o Transfer and disclosure of personal data
· Data processing in third countries
· Deletion of data
· Use of cookies
o Notes on legal bases
o General notices on revocation and opposition (opt-out):
o Processing of cookie data on the basis of consent
· Commercial and business services
· Payment
· Single sign-on login
· Blogs and publication media
· Content Creation
· Contact
· Surveys
· Videoconferencing, online meetings, webinars and screen sharing
· Provision of the online offer and web hosting
· Music and podcasts
· Workspace and Cloud services
· Newsletter and broad communication
· Sweepstakes and competitions
· Web analysis and optimization
· Online marketing
· Presences on social networks
· Plugins and embedded functions as well as content
Controller
Institute for Internet
and the Just Society e.V.
c/o Konstantinos
Tsakiliotis
Potsdamer Str. 63
10785 Berlin
Tel: +49 (0)
15258475612
Data Protection
Officer: Konstantinos Tsakiliotis
E-mail: dataprotection@internetjustsociety.org
Changes & Update
Due to new
technologies and the continuous development of this website, we can make
changes to this privacy policy, we recommend that you read the privacy policy
again at regular intervals. If we provide addresses and contact information of
companies and organizations in this Privacy Policy, please note that the
addresses may change over time and ask you to check the information before
contacting them.
Copyright Notice
The following privacy
policy was created using the free data protection generator provided by Dr.
Thomas Schwenke.
Definitions
This section provides
an overview of the terms used in this Privacy Policy. Many of the terms are
legal terms and are defined in particular in Article 4
of the General Data Protection Regulation, Regulation (EU) 2016/679
(hereinafter referred to as GDPR). The following explanations are primarily
intended to provide an easily understandable privacy policy.
Overview of processing operations
The following overview
summarises the types of data processed and the purposes of their processing and
refers to the data subjects.
Types of data processed
inventory data (e.g. names, addresses).
content data (e.g. text input, photographs, videos).
Contact details (e.g. e-mail, telephone numbers).
Meta/communication
data (e.g. device information, IP addresses).
Usage data (e.g. websites visited, interest in content, access times).
Location data (data
that indicates the location of an end-user's terminal).
Contract data (e.g. subject matter of the contract, term, customer
category).
Payment data (e.g. bank details, invoices, payment history).
Categories of affected persons
employees (e.g. employees, applicants, former employees).
members (candidate
members, applicants)
business and
contractual partners.
Interested parties in
communication.
Customers.
users (e.g. website visitors, users of online services).
Competition and market
participants.
Purposes of processing
Affiliate tracking.
Registration. Provision of our online offer and user-friendliness. Visiting
action evaluation. Administration and organizational procedures. Direct
marketing (e.g. by e-mail or postal). Execution of
competition research. Feedback (e.g. collecting
feedback via online form). Interest-based and behavioral marketing. Contact
requests and communication. Conversion measurement (measurement of the
effectiveness of marketing measures). Profiling. Remarketing. Range measurement
(e.g. access statistics, detection of returning
visitors). Security. Tracking (e.g.
interest/behavioural profiling, use of cookies). Contractual services and
services. Manage and respond to requests. Commercial and business services.
Payment. Single sign-on login. Blogs and publication media. Content Creation.
Contact Surveys Videoconferencing, online meetings, webinars and screen sharing
Provision of the online offer and web hosting Music and podcasts Workspace and
Cloud services Newsletter and broad communication Sweepstakes and competitions
Web analysis and optimization Online marketing Presences on social networks
Plugins and embedded functions as well as content
Relevant legal bases
In the following, we
provide the legal bases of the General Data Protection Regulation (GDPR), on the basis of which we process the personal data. Please
note that in addition to the provisions of the GDPR, the national data
protection laws may apply in your or our country of residence. Should more
specific legal bases be relevant in individual cases, we will inform you of
them in the data protection declaration.
Consent (Art. 6 sec. 1 p. 1 lit. a GDPR) - The data subject has given
his consent to the processing of the personal data concerning him or her for a
specific purpose or several specific purposes.
Performance of the
contract and pre-contractual enquiries (Art. 6 sec. 1 p. 1
lit. b. GDPR) - The processing is necessary for the performance of a contract
to which the data subject is a party or for the implementation of
pre-contractual measures, which take place at the request of the data subject.
Legal obligation (Art. 6 sec. 1 p. 1 lit. c. GDPR) - The processing is necessary
for the fulfilment of a legal obligation to which the controller is subject.
Protection of vital
interests (Art. 6 sec. 1 p. 1 lit. d. GDPR) -
Processing is necessary to protect the vital interests of the data subject or
another natural person.
Legitimate interests (Art. 6 sec. 1 p. 1 lit. f. GDPR) - The processing is necessary
to safeguard the legitimate interests of the controller or a third party,
unless the interests or fundamental rights and freedoms of the data subject,
which require the protection of personal data, prevail.
National data protection regulations in
Germany
In addition to the
data protection regulations of the General Data Protection Regulation
, national regulations on data protection apply in Germany. This
includes in particular the Act on the Protection
against Misuse of Personal Data in Data Processing (Federal Data Protection Act
– BDSG). In particular, the BDSG contains special provisions on the right to
information, the right to erasure, the right to object, the processing of
special categories of personal data, processing for other purposes and
transmission, as well as automated decision-making in individual cases,
including profiling. It also regulates data processing for the purposes of the
employment relationship (Section 26 of the BDSG), in particular with regard to the establishment, implementation or
termination of employment relationships as well as the consent of employees. In
addition, state data protection laws of the individual federal states can be
applied.
Security
We shall take into account the state of the art, the implementation
costs and the nature, scope, circumstances and purposes of the processing, as
well as the different probability of occurrence and the extent of the threats
to the rights and freedoms of natural persons, appropriate technical and
organisational measures to ensure a level of protection commensurate with the
risk. Measures include, in particular, ensuring the
confidentiality, integrity and availability of data by controlling physical and
electronic access to the data as well as access to, entry, disclosure and
safeguarding of data. availability and their separation. In addition, we have
established procedures that ensure the exercise of data subjects' rights, the
erasure of data and reactions to the risk of the data. Furthermore, we take into account the protection of personal data already in
the development or selection of hardware, software and procedures in accordance
with the principle of data protection, through technical design and through
data protection-friendly presets.
SSL or TLS encryption
For security reasons
and to protect the transmission of confidential content that you send to us as
a site operator, our website uses SSL or TLS encryption. This means that data
that you transmit via this website cannot be read by third parties. You can
recognize an encrypted connection by the "https://" address line of
your browser and by the lock icon in the browser line.
Quantcast Choice
We use Quantcast
Choice, a privacy-by-design tool from Quantcast Corporation, 795 Folsom Street,
San Francisco, CA 94107, USA, which builds on the IAB Europe Transparency &
Consent Framework and helps us provide you with information and choices regarding
the processing of your data. Quantcast Corp. may use tags, cookies, SDKs and plug-ins to store information about the privacy
policies you receive and the options you make. This is done in accordance with
the guidelines and technical specifications of the IAB Europe Transparency
& Consent Framework. Information collected by Quantcast Choice is not used
for any other purpose. For more information, see Quantcast Corp's Privacy
Policy: https://www.quantcast.com/de/datenschutz/
Google ReCaptcha
We use Google
ReCaptcha to protect against comment spam and other attacks on our website.
reCAPTCHA is a free service provided by Google that protects websites from spam
software and misuse by non-human visitors. By using reCAPTCHA, data is
transmitted to Google, which Google uses to determine whether you are really a
human being. Referrer URL (the address of the page from which the visitor
comes), IP address (e.g. 256.123.123.1), information
about the operating system (the software that allows the operation of your
computer). Well-known operating systems include Windows, Mac OS X or Linux),
cookies (small text files that store data in your browser), mouse and keyboard
behavior (any action you perform with the mouse or keyboard is saved), date and
language settings (which language or date you have preset on your PC stored),
all Javascript objects (JavaScript is a programming language that allows web
pages to adapt to the user. JavaScript objects can collect all sorts of data
under one name), screen resolution (shows how many pixels the image analysis
consists of).
Transfer and disclosure of personal data
In the context of our
processing of personal data, the data may be transferred to other bodies,
companies, legally independent organizational units or
persons or disclosed to them. Recipients of this data may include, for example,
payment institutions in the context of payment transactions, service providers
entrusted with IT tasks or providers of services and content that are
integrated into a website. In such a case, we comply with the legal
requirements and in particular conclude corresponding
contracts or agreements with the recipients of your data, which serve the
protection of your data.
Data processing in third countries
Insofar as we process
data in a third country (i.e., outside the European Union (EU), the European
Economic Area (EEA)) or the processing in the context of the use of third-party
services or the disclosure or transfer of data to other persons, jobs or companies, this is only done in accordance with the
legal requirements.
Subject to express
consent or transfer required by contract or by law, we will only process or
have the data processed in third countries with a recognised level of data
protection, which includes the US processors certified under the "Privacy
Shield", or on the basis of special guarantees, such as contractual
obligations by so-called standard protection clauses of the EU Commission, the
existence of certifications or binding internal data protection regulations (Articles
44 to 49 GDPR, information page of the European Commission:
https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de
).
Deletion of data
The data processed by
us will be deleted in accordance with the statutory requirements as soon as
their consents permitted for processing are revoked or other authorisations are
omitted (e.g. if the purpose of the processing of this
data has ceased or the purpose is not required).
Unless the data is
deleted because it is necessary for other and legally permissible purposes,
their processing will be limited to these purposes. This means that the data is
blocked and not processed for other purposes. This applies, for example, to
data that must be retained for commercial or tax reasons or whose storage for
the assertion, exercise or defence of legal claims or for the protection of the
rights of another natural or legal person required.
Further information on
the deletion of personal data can also be made within the framework of the
individual data protection notices of this data protection declaration.
Rights of data
subjects
As a data subject, you
are entitled to various rights under the GDPR, which arise in
particular from Articles 15 to 18 and 21 GDPR:
Right to object: For reasons arising from your particular
situation, you have the right to object at any time to the processing of
personal data concerning you, which is subject to Article 6 (1) e or f GDPR to
object; this also applies to profiling based on these provisions. If the
personal data concerning you is processed for direct marketing purposes, you
have the right to object at any time to the processing of personal data
concerning you for the purpose of such advertising; this also applies to
profiling in so far as it is related to such direct marketing.
Right of withdrawal in
the case of consent: You have the right
to revoke consents given at any time.
Right of access: You have the right to request confirmation as to whether the
data in question is being processed and to obtain information about this data
as well as to further information and copy of the data in accordance with the
legal requirements.
Right to rectification: You have the right to request the completion of the data
concerning you or the correction of the inaccurate data concerning you in
accordance with the legal requirements.
Right to erasure and
restriction of processing: You have the right
to request that you delete data concerning you immediately or alternatively to
demand a restriction of the processing of the data in accordance with the legal
requirements.
Right to data
portability: You have the right to receive data
concerning you that you have provided to us in a structured, common
and machine-readable format in accordance with the legal requirements or to
request their transmission to another controller.
Complaint to the
supervisory authority: You also have the
right to lodge a complaint with a supervisory authority, in
particular in the Member State of your habitual residence, workplace or place
of alleged infringement, in accordance with the legal requirements, if you
believe that the processing of personal data concerning you is in breach of the
GDPR.
The competent
supervisory authority for our organization is the Hellenic Data Protection
Authority.n.
Berliner Beauftragte
für Datenschutz und Informationsfreiheit
Friedrichstr. 219
10969 Berlin DE
Tel.: +49 30 13889-0
Fax: +49 30 2155050
E-mail:
mailbox@datenschutz-berlin.de
Purposes of
Processing
Use of cookies
Cookies are text files
that contain data from websites or domains visited and are stored by a browser
on the user's computer. A cookie is primarily used to store the information
about a user during or after his visit within an online offer. The stored
information may include, for example, the language settings on a website, the
login status, a shopping cart or the location where a
video was viewed. The term cookies also includes other
technologies that perform the same functions as cookies (e.g. when user
information is stored on the basis of pseudonymous online identifiers, also
known as "user IDs") The following types of cookies and functions are
distinguished:
Temporary cookies (also session cookies): Temporary cookies are deleted at the
latest after a user has left an online offer and closed his browser.
Permanent cookies: Permanent cookies remain stored even after closing the
browser. For example, the login status can be saved or
preferred content can be displayed directly when the user visits a website
again. Similarly, the interests of users used for range measurement or
marketing purposes may be stored in such a cookie.
First-party cookies: First-party cookies are set by us.
Third-party cookies (also: third-party cookies): Third-party cookies are mainly
used by advertisers (so-called third parties) to process user information.
Necessary cookies: Cookies may be absolutely necessary for the operation of a
website (e.g. to store logins or other user entries or
for reasons of security).
Statistics, marketing
and personalization cookies: In addition, cookies are usually also used in the
context of range measurement and when the interests of a user or his behaviour
(e.g. viewing certain content, benefits of functions,
etc.) are stored on individual websites in a user profile. Such profiles are
used to display to users, for example, content that corresponds to their
potential interests. This procedure is also referred to as "tracking",
i.e. tracking the potential interests of users. .
Insofar as we use cookies or "tracking" technologies, we will inform
you separately in our privacy policy or in the context of obtaining consent.
Notes on legal bases
On what legal basis we
process your personal data with the help of cookies depends on whether we ask
you for your consent. If this is the case and you consent to the use of
cookies, the legal basis for the processing of your data is the declared
consent. Otherwise, the data processed by cookies will be processed on the
basis of our legitimate interests (e.g. in the
business operation of our online offer and its improvement) or, if the use of
cookies is necessary, in order to fulfil our contractual obligations.
General notices on revocation and opposition (opt-out):
Depending on whether
the processing is based on consent or legal permission, you have the
possibility at any time to revoke a given consent or to object to the
processing of your data by cookie technologies (collectively,
"opt-out"). You can first declare your objection by means of the
settings of your browser, e.g. by disabling the use of
cookies (whereby the functionality of our online offer may also be limited). An
objection to the use of cookies for online marketing purposes can also be
explained by means of a variety of services, especially in the case of
tracking, through the websites https://optout.aboutads.info and
https://www.youronlinechoices.com/.
In addition, you can
receive further notices of objection within the scope of the information on the
service providers and cookies used.
Processing of cookie data on the basis of
consent
Before we process or
process data in the context of the use of cookies, we ask users to have their
consent to Quantcast Choice, a privacy-by-design tool from Quantcast Corp (see
above on security measures). Until consent has been given, cookies that are
necessary for the operation of our online offer will be used. Their use is
based on our interest and the interest of the users in the expected
functionality of our online offer.
Types of data
processed: usage data (e.g.
websites visited, interest in content, access times), meta/communication data
(e.g. device information, IP addresses).
Affected persons: users (e.g. website visitors, users of
online services).
Legal bases: Consent (Art. 6 sec. 1 p. 1 lit. a GDPR), legitimate interests
(Art. 6 sec. 1 p. 1 lit. f. GDPR).
Commercial and business services
We process data of our
contractual and business partners, e.g. customers and
interested parties (collectively referred to as "contractors") in the
context of contractual and comparable legal relationships as well as related
measures and within the framework of the Communication with the contractual
partners (or pre-contractual), e.g. to answer inquiries.
We process this data
for the purpose of fulfilling our contractual obligations, for the protection
of our rights and for the purposes of the administrative tasks associated with
this information as well as the business organization. Within the scope of the
applicable law, we only pass on the data of the contractual partners to third
parties to the extent that this is necessary for the aforementioned purposes or
for the fulfilment of legal obligations or is carried out with the consent of
the contractual partners (e.g. to participating
parties). telecommunications, transport and other
auxiliary services as well as subcontractors, banks, tax and legal advisers,
payment service providers or tax authorities). The contractual partners will be
informed about other forms of processing, e.g. for marketing purposes, within
the framework of this data protection declaration.We
will inform the contracting parties before or within the scope of the data
collection, e.g. in online forms, by means of special marking (e.g. colours) or
symbols (e.g. asterisks or similar), or in person.
We delete the data
after expiry of statutory time limitation and comparable obligations, i.e. basically after 4 years, unless the data is stored in a
customer account, e.g. as long as it is stored for legal reasons of archiving
(e.g. for tax purposes usually 10 years). Data disclosed to us in the context
of an order by the contractual partner, we delete in accordance with the
specifications of the order, in principle after the end of the order. Insofar
as we use third-party providers or platforms to provide our services, the terms
and conditions and privacy notices of the respective third parties or platforms
apply in the relationship between the users and the providers.
Types of data
processed: inventory data (e.g.
names, addresses), payment data (e.g. bank details, invoices, payment history),
contact details (e.g. e-mail, telephone numbers), contract data (e.g. subject
matter of the contract, term, customer category).
Affected persons: interested parties, business and
contractual partners.
Purposes of
processing: Contractual services and services, contact requests and
communication, office and organizational procedures, management
and response of enquiries.
Legal bases: Performance of the contract and pre-contractual enquiries (Art.
6 sec. 1 p. 1 lit. b. GDPR), legal obligation (Art. 6 sec. 1 lit. c. GDPR),
legitimate interests (Art. 6 sec. 1 s. 1 lit. f. GDPR).
Payment
In the context of
contractual and other legal relationships, due to legal obligations or
otherwise on the basis of our legitimate interests, we
offer the data subjects efficient and secure payment options and use banks and
credit institutions (collectively, "payment service providers").
The data processed by
the payment service providers includes inventory data, such as name and
address, bank details such as account numbers or credit card numbers,
passwords, TANs and checksums, as well as contract,
total and recipient-related information. The information is required to carry
out the transactions. However, the data entered will only be processed and
stored by the payment service providers. This means that we do not receive any
account or credit card-related information, but only information with
confirmation or negative information of the payment. The data may be
transmitted by payment service providers to business information agencies. The
purpose of this transmission is to verify identity and creditworthiness. For
this purpose, we refer to the terms and conditions and data protection notices
of the payment service providers.
The terms and
conditions and the data protection notices of the respective payment service
providers apply to the payment transactions, which are available within the
respective websites or transaction applications. We also refer to these for
further information and the assertion of rights of revocation, information and other data subjects.
Types of data
processed: inventory data (e.g.
names, addresses), payment data (e.g. bank details, invoices, payment history),
contract data (e.g. contract subject matter, term, customer category), usage
data (e.g. visited websites, interest in content, access times),
meta/communication data (e.g. device information, IP addresses), contact data
(e.g. e-mail, telephone numbers).
Affected persons: customers, interested parties.
Purposes of
processing: Contractual services and services, contact
requests and communication, affiliate tracking.
Legal bases: Performance of the contract and pre-contractual enquiries (Art.
6 sec. 1 p. 1 lit. b. GDPR), Legitimate interests (Art. 6 sec. 1 p. 1 lit. f.
GDPR).
Services and service
providers used:
Single sign-on login
"Single
sign-on" or "single sign-on" or "authentication" means
methods that allow users to use a user account with a single sign-on provider (e.g. a social network), including our online offer, to
register. The prerequisite for single sign-on authentication is that the users
are registered with the respective single sign-on provider and enter the
required access data in the online form provided for this purpose, or already
with the single sign-on provider and confirm the single sign-on registration
via the button.
Authentication is done
directly with the respective single sign-on provider. In the context of such
authentication, we receive a user ID with the information that the user is
logged in to the respective single sign-on provider under this user ID and an
ID that is no longer usable for us for other purposes (so-called "User
Handle"). Whether additional data is transmitted to us depends solely on
the single sign-on procedure used, on the data releases selected in the context
of authentication and also on the data users have used
in the privacy or other settings of the user account. with the single sign-on
provider. Depending on the single sign-on provider and the choice of users,
different data can be, usually the email address and the user
name. The password entered by the single sign-on provider as part of the
single sign-on procedure is not visible to us, nor is it stored by us.
Users are asked to
note that their data stored by us can be automatically compared with their user
account with the single sign-on provider, but this is not always possible or actually done. For example, if the e-mail addresses of the
users change, they must change them manually in their user account with us.
If agreed with the
users, we may use the single sign-on application within the scope of or prior
to the performance of the contract, insofar as the users have been requested to
process it within the scope of a consent and otherwise set it on the basis of the legitimate interests on our part and the
interests of users in an effective and secure registration system.
Should users decide to
stop linking their user account with the single sign-on provider for the single
sign-on procedure, they must disconnect from the single sign-on provider within
their user account. If users wish to delete their data with us, they must
cancel their registration with us.
Types of data
processed: inventory data (e.g.
names, addresses), contact details (e.g. e-mail, telephone numbers).
Affected persons: users (e.g. website visitors, users of
online services).
Purposes of
processing: contractual services and services, registration procedure.
Legal basis: Consent (Art. 6 sec. 1 p. 1 lit. a GDPR), fulfilment of the
contract and pre-contractual enquiries (Art. 6 sec. 1 p. 1 lit. b. GDPR),
legitimate interests (Art. 6 sec. 1 s. 1 lit. f. GDPR).
Services and service
providers used:
Facebook
Single-Sign-On: Authentication Service; Service providers:
https://www.facebook.com, FacebookIreland Ltd., 4 Grand Canal Square, Grand
Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo
Park, CA 94025, USA; Website: https://www.facebook.com; Privacy Policy:
https://www.facebook.com/about/privacy; Privacy Shield:
https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active;
Opt-out: https://www.facebook.com/settings?tab=ads.
Blogs and publication media
We use blogs or
similar means of online communication and publication (hereinafter
"publication medium"). The data of the readers are processed for the
purposes of the publication medium only to the extent that it is necessary for
its presentation and communication between authors and readers or for reasons
of security. In addition, we refer to the information on the processing of
visitors to our publication medium within the framework of these data
protection notices.
Comments and Posts:
When users leave comments or other posts, their IP addresses may be stored
based on our legitimate interests. This is done for our safety if someone
leaves illegal content in comments and posts (insults, forbidden political
propaganda, etc.). In this case, we ourselves can be prosecuted for commentor
or post and are therefore interested in the identity of the author.
Furthermore, we
reserve the right to process the information of the users for spam detection on the basis of our legitimate interests.
On the same legal
basis, we reserve the right to store the IP addresses of users for their
duration in the case of surveys and to use cookies in order
to avoid multiple votes.
The information
provided in the context of the comments and contributions about the person, any
contact and website information as well as the content information will be
stored permanently by us until the user objects.
Types of data
processed: inventory data (e.g.
names, addresses), contact data (e.g. e-mail, telephone numbers), content data
(e.g. text entries, photographs, videos), usage data (e.g. websites visited,
interest in content, access times), meta/communication data (e.g. device
information, IP addresses).
Affected persons: users (e.g. website visitors, users of
online services).
Purposes of
processing: Contractual services and services, feedback (e.g. collecting feedback via online form), security
measures, management and answering of enquiries.
Legal bases: performance of the contract and pre-contractual enquiries (Art.
6 sec. 1 p. 1 lit. b. GDPR), legitimate interests (Art. 6 sec. 1 p. 1 lit. f.
GDPR), consent (Art. 6 sec. 1 p. 1 lit. a GDPR), protection of vital interests
(Art. 6 sec. 1 s. 1 lit. d. GDPR).
Content Creation
We process personal
data when creating content for educational and marketing purposes. For example,
we include the name, a profile picture and the affiliation of a guest speaker
to our events in promotional content (e.g. banners),
or for example the name and quote of our members in the designated presentation
webpage.
Types of data
processed: inventory data (e.g.
names, addresses), contact data (e.g. e-mail, telephone numbers), content data
(e.g. text entries, photographs, videos)
Affected persons: employees, former employees, members, former members, guest
speakers, event participants
Purposes of processing: Contractual services and services, feedback (e.g. collecting feedback via online form), security
measures, management and answering of enquiries.
Legal bases:
legitimate interests (Art. 6 sec. 1 p. 1 lit. f. GDPR), consent (Art. 6 sec. 1
p. 1 lit. a GDPR)
Services and service
providers used:
Contact
When contacting us (e.g. via contact form, e-mail, telephone or via social
media), the information of the requesting persons will be processed, insofar as
this is necessary to answer the contact requests and any necessary measures
requested.
The answer to contact
requests in the context of contractual or pre-contractual relationships is made
in order to fulfil our contractual obligations or to
respond to (pre)contractual enquiries and, moreover, on the basis of the
legitimate interests in the Answering the questions.
Types of data
processed: inventory data (e.g.
names, addresses), contact details (e.g. e-mail, telephone numbers), content
data (e.g. text entries, photographs, videos).
Affected persons: communication partners.
Purposes of
processing: contact requests and communication.
Legal bases: Performance of the contract and pre-contractual enquiries (Art.
6 sec. 1 p. 1 lit. b. GDPR), Legitimate interests (Art. 6 sec. 1 p. 1 lit. f.
GDPR).
Services and service
providers used:
We use Messenger for communication purposes and therefore ask
you to observe the following instructions on the functionality of Messenger,
encryption, the use of the metadata of the communication and your possibilities
of objection.
You can also contact us via alternative means, e.g. by phone or e-mail. Please use the contact options
provided to you or the contact options provided within our online offer.
In the case of end-to-end encryption of content (i.e., the
content of your message and attachments), we would like to point out that the
communication content (i.e., the content of the message and attached images) is
encrypted from end to end. This means that the content of the messages is not
visible, not even by the messenger providers themselves. You should always use
an up-to-date version of Messenger with encryption enabled to ensure that the
message contents are encrypted.
However, we also point out to our communication partners that
while messenger providers do not view the content, they can find out that and
when communication partners communicate with us and provide technical
information about the used communication partner's device and location
information (so-called metadata) is processed, depending on the settings of
their device.
Notes on legal bases: If we ask communication partners for
permission before communicating with them via Messenger, the legal basis of our
processing of their data is their consent. Otherwise, if we do not ask for
consent and they contact us on their own initiative, we use Messenger in relation
to our contractual partners as well as in the context of the initiation of the
contract as a contractual measure and in the case of other interested parties
and communication partners based on our legitimate interests in a fast and
efficient communication and fulfillment of the needs of our communication
partner in communication via Messenger.
Revocation, opposition and
cancellation: You can revoke your consent at any time and object to
communication with us via Messenger at any time. In the case of communication
via Messenger, we delete the messages in accordance with our general deletion
guidelines (e.g. as described above, after the end of
contractual relations, in the context of archiving specifications, etc.) and
otherwise, as soon as we can assume that we have answered any information
provided by the communication partners, if no recourse to a previous
conversation is to be expected and the deletion is not contrary to legal
retention obligations.
Reservation of reference to other means of communication:
Finally, we would like to point out that for your safety we reserve the right
not to answer requests via Messenger. This is the case, for example, if
contract internals require special confidentiality or a reply via Messenger
does not meet the formal requirements. In such cases, we refer you to more
adequate communication channels.
Types of data processed: contact data (e.g.
e-mail, telephone numbers), usage data (e.g. websites visited, interest in
content, access times), meta/communication data (e.g. device information, IP
addresses), content data (e.g. text entries, photographs, videos).
Affected persons: communication partners.
Purposes of processing: contact enquiries and communication,
direct marketing (e.g. by e-mail or postal).
Legal bases: Consent (Art. 6 sec. 1 p. 1 lit. a GDPR),
legitimate interests (Art. 6 sec. 1 p. 1 lit. f. GDPR).
Surveys
The surveys conducted
by us (hereinafter "Surveys") are evaluated anonymously. Processing
of personal data is only carried out to the extent that this is necessary for
the provision and technical execution of the surveys (e.g.
processing of the IP address in order to display the survey in the user's
browser or by means of a temporary cookie (session cookie) to allow the survey
to resume) or users have consented.
Notes on legal bases: If we ask the participants to give their consent to the
processing of my data, this legal basis is the processing, otherwise the
processing of the data of the participants takes place on the
basis of our legitimate interests in conducting an objective survey.
Types of data
processed: contact data (e.g.
e-mail, telephone numbers), content data (e.g. text input, photographs,
videos), usage data (e.g. websites visited, interest in content, access times),
meta/communication data (e.g. device information, IP addresses).
Affected persons: communication partners, users (e.g.
website visitors, users of online services).
Purposes of
processing: contact requests and communication, direct
marketing (e.g. by e-mail or postal), tracking (e.g.
interest/behavioural profiling, use of cookies), feedback (e.g. collecting
feedback via online form), profiling (creating user profiles).
Legal bases: Consent (Art. 6 sec. 1 p. 1 lit. a GDPR), legitimate interests
(Art. 6 sec. 1 p. 1 lit. f. GDPR).
Services and service
providers used:
Videoconferencing, online meetings, webinars and screen sharing
We use third-party
platforms and applications (hereinafter referred to as "Third
Parties") for the purpose of conducting video and audio conferencing,
webinars, and other types of video and audio meetings. When selecting
third-party providers and their services, we comply with the legal
requirements. Within this framework, data of the communication participants are
processed and stored on the servers of the third-party providers, insofar as
these are part of communication processes with us. This data may include, in particular, login and contact details, visual and vocal
posts, as well as entries in chats and shared screen content.
Where users are
referred to the third parties, their software or
platforms in the context of communication, business or other relationships with
us, the third parties may use usage data and metadata for security purposes,
service optimization or processing for marketing purposes. We therefore ask you
to observe the privacy policy of the respective third parties.
Notes on legal bases: If we ask the users for their consent to the use of third-party
providers or certain functions (e.g. consent to a
recording of conversations), the legal basis of the processing is the consent.
Furthermore, their use may be part of our (pre)contractual services, provided
that the use of the third-party providers has been agreed within this
framework. Otherwise, the data of the users will be processed on the basis of our legitimate interests in an efficient and
secure communication with our communication partners. In this context, we would
also like to refer you to the information on the use of cookies in this privacy
policy.
Types of data
processed: inventory data (e.g.
names, addresses), contact data (e.g. e-mail, telephone numbers), content data
(e.g. text entries, photographs, videos), usage data (e.g. websites visited,
interest in content, access times), meta/communication data (e.g. device
information, IP addresses).
Affected persons: communication partners, event participants, guest speakers,
users (e.g. website visitors, users of online
services).
Purposes of processing: Contractual services and services, contact requests and
communication, office and organizational procedures.
Legal basis: Consent (Art. 6 sec. 1 p. 1 lit. a GDPR), fulfilment of the
contract and pre-contractual enquiries (Art. 6 sec. 1 p. 1 lit. b. GDPR),
legitimate interests (Art. 6 sec. 1 s. 1 lit. f. GDPR).
Services and service
providers used:
Provision of the online offer and web
hosting
In order to be able to
provide our online offer securely and efficiently, we use the services of the
web hosting provider, “Papaki”, Enartia
A.E., S Street, Heraklion Area, Greece. from whose servers
(or servers managed by them) the online offer can be accessed. For these
purposes, we may use infrastructure and platform services, computing capacity,
storage space and database services, as well as security and technical
maintenance. Enartia A.E.
processes your data as a processor on the basis of a
contract concluded in accordance with Art. 28 GDPR. You can access the data
protection regulations applicable by domainfactory GmbH here: https://www.papaki.com/el/privacy-policy.htm
The data processed in
the context of the provision of the hosting offer may include all information
concerning the users of our online offer that is incurred in the context of use
and communication. This regularly includes the IP address necessary to deliver
the contents of online offers to browsers and all entries made within our
online offer or from websites.
Collection of access
data and log files: We ourselves (or Enartia A.E.)
collect data for every access to the server (so-called server log files). The
server log files may include the address and name of the retrieved websites and
files, the date and time of the retrieval, the amount of data transferred, the
notification of successful retrieval, the browser type and version, the user's
operating system, referrer URL (the previously visited page) and, as a rule, IP
addresses and the requesting provider.
The server log files
can be used for security purposes, e.g. to avoid
overloading the servers (especially in the case of abusive attacks, so-called
DDoS attacks) and, on the other hand, to reduce the load on the servers and
their stability. Ensure.
Types of data
processed: content data (e.g.
text input, photographs, videos), usage data (e.g. websites visited, interest
in content, access times), meta/communication data (e.g. device information, IP
addresses).
Affected persons: users (e.g. website visitors, users of
online services).
Legal bases: Legitimate interests (Art. 6 sec. 1 p. 1 lit. f. GDPR).
Music and podcasts
We use hosting and
analysis services from service providers to provide our audio content for
listening to or downloading and to obtain statistical information on how to
retrieve the audio content.
Types of data
processed: usage data (e.g.
websites visited, interest in content, access times), meta/communication data
(e.g. device information, IP addresses).
Affected persons: users (e.g. website visitors, users of
online services).
Purposes of
processing: range measurement (e.g.
access statistics, detection of returning visitors), visit action evaluation,
profiling (creating user profiles).
Services and service
providers used:
Workspace and Cloud services
We use software
services accessible over the Internet and running on their providers' servers
(so-called "cloud services", also referred to as "Software as a
Service") for the following purposes: document storage and administration,
calendar management, E-mail, spreadsheets and presentations, exchange of
documents, content and information with specific recipients, or publication of
websites, forms or other content and information, chats and participation in
audio and Video conferencing.
In this context,
personal data may be processed and stored on the servers of the providers,
insofar as these are part of communication processes with us or are otherwise processed
by us as set out in this data protection declaration. This data may include, in particular, master data and contact data of the users,
data on transactions, contracts, other processes and their contents. Cloud
service providers also process usage data and metadata they use for security
and service optimization purposes.
Insofar as we provide
documents and content to other users or publicly accessible websites, providers
may provide cookies on users' devices for the purpose of web analysis or to adjust
user preferences (e.g. in the case of media control).
Notes on legal bases: If we ask for consent to the use of cloud services, the legal
basis of the processing is consent. Furthermore, their use may be part of our
(pre)contractual services, provided that the use of the cloud services has been
agreed within this framework. Otherwise, the data of the users will be
processed on the basis of our legitimate interests
(i.e., interest in efficient and secure management and collaboration processes)
Types of data
processed: inventory data (e.g.
names, addresses), contact data (e.g. e-mail, telephone numbers), content data
(e.g. text entries, photographs, videos), usage data (e.g. websites visited,
interest in content, access times), meta/communication data (e.g. device
information, IP addresses).
Affected persons: customers, employees (e.g. employees,
applicants, former employees, members, former members of the organization),
interested parties, communication partners.
Purposes of
processing: office and organisational procedures.
Legal basis: Consent (Art. 6 sec. 1 p. 1 lit. a GDPR), fulfilment of the
contract and pre-contractual enquiries (Art. 6 sec. 1 p. 1 lit. b. GDPR),
legitimate interests (Art. 6 sec. 1 s. 1 lit. f. GDPR).
Services and service
providers used:
Newsletter and broad communication
We only send
newsletters, e-mails and other electronic
notifications (hereinafter "Newsletter") with the consent of the
recipients or a legal permission. If the contents of the newsletter are
specifically described in the context of a registration, they are decisive for
the consent of the users. For the rest, our newsletters contain information
about our services and us. In order to subscribe to
our newsletters, it is always sufficient if you provide your e-mail address.
However, we may ask you to provide a name so that we can personally address you
in the newsletter, or other information if required for the purposes of the
newsletter.
At
the same time, IGF Greece, with the aim of creating and strengthening a digital
community related to Internet Governance
in Greece,
provides a mailing list. The data collected
through the subscription form include your email address and optionally your
name. In addition, the registration date and time as well as the IP address can
also be saved. To successfully subscribe to the list, users must confirm an
invitation email and agree to the use of their data as part of the mailing
list. The email invitation provides more details about
data processing in relation to the mailing list.
If
you send messages to the mailing list, we will forward
your message to all other subscribers to this mailing list and we will collect
the contents of this post in the mailing list file along with the email address
and the name you originally signed up for. The mailing list file will be made
available to the public. In addition to this data, we may also collect post
metadata as contained in each email, such as IP address, date
and time the email was sent, email schedule, retransmission servers.
You
can unsubscribe from the mailing list at any time.
The
personal data available through the mailing list file are stored for an
indefinite period of time, for purposes related to
transparency and for the maintenance of the institutional file of IGF Greece.
Double opt-in
procedure: The registration for our newsletter and mailing
list is basically done in a so-called double opt-in procedure. This means that
you will receive an e-mail after registration asking you to confirm your
registration. This confirmation is necessary so that no one can log in with
foreign e-mail addresses. The registrations for the newsletter and mailing list
are logged in order to be able to prove the
registration process according to the legal requirements. This includes storing
the login and confirmation time as well as the IP address. The changes to your
data stored by the shipping service provider will also be logged.
Deletion and
restriction of processing: We may store the
e-mail addresses that have been processed for up to three years on the basis of our legitimate interests before deleting
them in order to be able to prove a previously given consent. The processing of
this data is limited to the purpose of a possible defense of claims. An
individual request for cancellation is possible at any time, provided that the
former existence of a consent is confirmed at the same time. In the case of
obligations to permanently observe contradictions, we reserve the right to
store the e-mail address in a block list (so-called "blacklist") for
this purpose alone.
The registration
procedure is logged on the basis of our legitimate
interests for the purpose of proving its proper conduct. Insofar as we
commission a service provider to send e-mails, this is based on our legitimate
interests in an efficient and secure shipping system.
Information on legal
bases: The sending of the newsletters and mailing list content is based on the
consent of the recipients or, if consent is not required, on the basis of our
legitimate interests in direct marketing, if and to the extent that this is
permitted by law, e.g. in the case of existing
customer advertising. Insofar as we commission a service provider to send
e-mails, this is done on the basis of our legitimate
interests. The registration process is recorded on the basis
of our legitimate interests to prove that it was conducted in accordance
with the law.
Content: Information about us, our services, promotions and offers.
Success measurement: The newsletter and mailing lists contain a so-called
"web-beacon", i.e. a pixel-sized file that
is retrieved from our server when opening the newsletter and mailing list from
our server or, if we use a shipping service provider, from its server. As part
of this retrieval, technical information such as information about the browser
and your system, as well as your IP address and the time of retrieval, are
collected first.
This information is
used to improve the technical aspects of our newsletter and mailing list on the basis of the technical data or the target groups and
their reading behaviour on the basis of their polling locations (which can be
determined by means of the IP address) or the access times. This analysis also
includes determining whether the newsletter and mailing lists are opened, when
they are opened and which links are clicked. For
technical reasons, this information can be assigned to the individual
recipients. However, it is neither our intention nor, if used, that of the
shipping service provider to observe individual users. Rather, the evaluations
serve us to recognize the reading habits of our users and to adapt our content
to them or to send different content according to the interests of our users.
The evaluation of the
newsletter and mailing list and the measurement of success are carried out,
subject to the express consent of the users, on the basis of
our legitimate interests for the purposes of the use of a user-friendly and
secure newsletter and mailing list system, which is both serves our business
interests as well as meets the expectations of our users.
A separate revocation
of the success measurement is unfortunately not possible, in this case the
entire newsletter and mailing list subscription must be cancelled or must be
contradicted.
Types of data
processed: inventory data (e.g.
names, addresses), contact data (e.g. e-mail, telephone numbers), meta/communication
data (e.g. device information, IP addresses), usage data (e.g. websites
visited, interest in content, access times).
Affected persons: communication partners.
Purposes of
processing: Direct marketing (e.g.
by e-mail or by post).
Legal bases: Consent (Art. 6 sec. 1 p. 1 lit. a GDPR), legitimate interests
(Art. 6 sec. 1 p. 1 lit. f. GDPR).
Possibility of
objection (opt-out): You can cancel the
receipt of our newsletter and mailing list at any time, i.e.
revoke your consents or object to further receipt. You can either find a link
to cancel the newsletter and mailing list at the end of each newsletter and
mailing list or otherwise use one of the above-mentioned contact options,
preferably e-mail.
Services and service
providers used:
Sweepstakes and competitions
We process personal
data of the participants of competitions and competitions only in compliance
with the relevant data protection regulations, insofar as the processing for
the provision, execution and processing of the competition is contractually
necessary participants have consented to the processing or the processing
serves our legitimate interests (e.g. in the security of the competition or the
protection of our interests against misuse by the possible collection of IP
addresses when submitting competition entries).
If entries of the
participants are published in the context of the Contests (e.g.
in the context of a vote or presentation of the Prize Entries or the Winners or
the Coverage of the Competition), we would like to point out that the names of
the participants are can also be published in this context. Participants can
object to this at any time.
If the sweepstakes
takes place within an online platform or a social network (e.g.
Facebook or Instagram, hereinafter referred to as the "Online
Platform", the terms of use and data protection of the respective
platforms shall also apply. In such cases, we would like to point out that we
are responsible for the information provided by the participants in the context
of the competition and that inquiries regarding the competition should be
directed to us.
The winners' data will
be deleted as soon as the competition or contest is completed
and the data is no longer required to inform the winners or because questions
about the competition are to be expected. In principle, the data of the participants
will be deleted no later than 6 months after the end of the competition.
Winners' data may be retained for longer, e.g. to
answer questions about the winnings or to fulfill the winnings; in this case,
the retention period depends on the type of profit and is, for example, up to
three years for items or services, in order to be able to handle warranty
cases, for example. In addition, the participants' data can be stored for
longer, e.g. in the form of reporting on the
competition in online and offline media.
If data has also been
collected for other purposes in the context of the competition, its processing
and retention period shall be governed by the data protection notices for this
use (e.g. in the case of a registration for the
newsletter in the context of a competition).
Types of data
processed: inventory data (e.g.
names, addresses), content data (e.g. text input, photographs, videos).
Persons affected: competition and competition participants.
Purposes of
processing: execution of sweepstakes and competitions.
Legal bases: Performance of the contract and pre-contractual enquiries (Art.
6 sec. 1 p. 1 lit. b. GDPR).
Web analysis and optimization
The web analysis (also
referred to as "range measurement") is used to evaluate the visitor
flows of our online offer and can be used as pseudonymous values for behaviour,
interests or demographic information about visitors,
such as age or gender. Include. With the help of the range analysis, we can,
for example, identify at what time our online offer or its functions or
contents are used most often or invite to reuse. We can also understand which
areas require optimization.
In addition to web
analysis, we can also use test methods to test and optimize different versions
of our online offer or its components, for example.
For these purposes,
so-called user profiles can be created and stored in a file (so-called
"cookie") or similar methods can be used for the same purpose. This
information may include, for example, content viewed, websites visited and elements and technical information used there,
such as the browser used, the computer system used and information on usage
times. If users have consented to the collection of their location data, these
can also be processed depending on the provider.
The IP addresses of
the users are also stored. However, we use an IP masking method (i.e.,
pseudonymization by shortening the IP address) to protect users. In general,
the web analysis, A/B testing and optimization do not store clear user data
(such as e-mail addresses or names), but pseudonyms. This means that we, as
well as the providers of the software used, do not know the actual identity of
the users, but only the information stored in their profiles for the purposes
of the respective procedures.
Notes on legal bases: If we ask the users for their consent to the use of the
third-party providers, the legal basis for the processing of data is the
consent. Otherwise, the data of the users will be processed on the basis of our
legitimate interests (i.e. interest in efficient,
economical and recipient-friendly services). In this context, we would also
like to draw your attention to the information on the use of cookies in this
privacy policy.
Types of data
processed: usage data (e.g.
websites visited, interest in content, access times).
Affected persons: users (e.g. website visitors, users of
online services).
Purposes of
processing: range measurement (e.g.
access statistics, detection of returning visitors), tracking (e.g.
interest/behavioural profiling, use of cookies), visit action evaluation,
profiling (creating user profiles), interest-based and behavioural marketing.
Security measures: IP masking (pseudonymization of the IP address).
Legal bases: Consent (Art. 6 sec. 1 p. 1 lit. a GDPR), legitimate interests
(Art. 6 sec. 1 p. 1 lit. f. GDPR).
Services and service
providers used:
Online marketing
We process personal
data for online marketing purposes, including in particular
the marketing of advertising space or the presentation of advertising
and other content (collectively referred to as "Content") based on
potential interests of users and measurement of their effectiveness.
For these purposes,
so-called user profiles are created and stored in a file (so-called
"cookie") or similar methods are used by which the information
relevant to the presentation of the aforementioned contents
about the user is stored. This information may include, for example, content
viewed, websites visited, online networks used, but also communication partners
and technical information, such as the browser used, the computer system used
and information on usage times. If users have consented to the collection of
their location data, these can also be processed.
The IP addresses of
the users are also stored. However, we use available IP masking methods (i.e.,
pseudonymization by shortening the IP address) to protect users. As a general rule, the online marketing process does not
store clear user data (such as e-mail addresses or names), but pseudonyms. This
means that we, as well as the providers of online marketing procedures, do not
know the actual identity of the users, but only the information stored in their
profiles.
The information in the
profiles is usually stored in cookies or by similar procedures. These cookies
can later generally also be used on other websites that use the same online
marketing procedure, read out and analyzed for the purposes of displaying
content as well as supplemented with further data and on the server of the
online marketing process provider stored.
Exceptionally, clear
data can be assigned to the profiles. This is the case, for example, if the
users are members of a social network whose online marketing procedures we use and the network connects the profiles of the users with
the aforementioned information. We kindly ask you to note that users can make
additional agreements with the providers, e.g. by
consent in the context of registration.
In principle, we only
have access to aggregated information about the success of our advertisements.
However, in the context of so-called conversion measurements, we can check
which of our online marketing procedures have led to a so-called conversion,
i.e., for example, to a contract with us. Conversion measurement is used solely
to analyze the success of our marketing efforts.
Unless otherwise
stated, we ask you to assume that cookies used will be stored for a period of
two years.
Notes on legal bases: If we ask the users for their consent to the use of the
third-party providers, the legal basis for the processing of data is the
consent. Otherwise, the data of the users will be processed on the basis of our
legitimate interests (i.e. interest in efficient,
economical and recipient-friendly services). In this context, we would also
like to draw your attention to the information on the use of cookies in this
privacy policy.
Types of data
processed: usage data (e.g.
websites visited, interest in content, access times), meta/communication data
(e.g. device information, IP addresses).
Affected persons: users (e.g. website visitors, users of
online services).
Purposes of
processing: tracking (e.g.
interest/behavioural profiling, use of cookies), remarketing, visit action
evaluation, interest-based and behavioral marketing, profiling (creating user
profiles), conversion measurement (measurement of the effectiveness of
marketing measures).
Security measures: IP masking (pseudonymization of the IP address).
Legal bases: Consent (Art. 6 sec. 1 p. 1 lit. a GDPR), legitimate interests
(Art. 6 sec. 1 p. 1 lit. f. GDPR).
Possibility of
opposition (opt-out): We refer to the data protection
notices of the respective providers and the possibilities of objection
indicated to the providers (so-called "opt-out"). Unless an explicit
opt-out option has been specified, you may switch off cookies in your browser
settings. However, this may limit the functions of our online offer. We
therefore also recommend the following opt-out options, which are offered in
summary to each area: a) Europe: https://www.youronlinechoices.eu. b) Canada:
https://www.youradchoices.ca/choices. c) USA:
https://www.aboutads.info/choices. d) Cross-territorial: https://optout.aboutads.info.
Presences on social networks
We maintain online
presences within social networks and process users' data in this context in order to communicate with the users active there or to
offer information about us.
We would like to point
out that users' data can be processed outside the European Union. This can
create risks for users, as this could, for example, make it more difficult to
enforce users' rights. With regard to U.S. providers
that are certified under the Privacy Shield or offer similar guarantees of a
secure level of privacy, we would like to point out that they are committed to
complying with EU data protection standards.
Furthermore, users'
data within social networks are usually processed for market research and
advertising purposes. For example, user profiles can be created based on the
user behaviour and the resulting interests of the users. The user profiles can
in turn be used to display advertisements inside and outside the networks, for
example, which presumably correspond to the interests of the users. For these
purposes, cookies are usually stored on the users' computers, in which the user's
usage behaviour and the interests of the users are stored. Furthermore, data
may also be stored in the user profiles independently of the devices used by
the users (especially if the users are members of the respective platforms and
are logged in to them).
For a detailed
description of the respective processing methods and the opt-out, we refer to
the data protection declarations and information of the operators of the
respective networks.
We would also like to
point out that these can be asserted most effectively by the providers in the
case of requests for information and the assertion of data subjects' rights.
Only the providers have access to the data of the users and can take direct
action and provide information. If you still need help, you can contact us.
Types of data
processed: inventory data (e.g.
names, addresses), contact data (e.g. e-mail, telephone numbers), content data
(e.g. text entries, photographs, videos), usage data (e.g. websites visited,
interest in content, access times), meta/communication data (e.g. device
information, IP addresses).
Affected persons: users (e.g. website visitors, users of
online services).
Purposes of
processing: contact requests and communication, tracking
(e.g. interest/behavioural profiling, use of cookies),
remarketing, range measurement (e.g. access statistics, detection of returning
visitors).
Legal bases: Legitimate interests (Art. 6 sec. 1 p. 1 lit. f. GDPR).
Services and service
providers used:
Plugins and embedded functions as well
as content
We incorporate
functional and content elements from the servers of their respective providers
(hereinafter referred to as "Third Parties") in our online offering.
These may include graphics, videos, social media buttons, and posts
(hereinafter referred to as "Content").
The integration always
presupposes that the third parties of this content process the IP address of
the users, since they could not send the content to
their browser without the IP address. The IP address is therefore required for
the presentation of this content or functions. We make every effort to use only
those content whose respective providers use the IP address only for the
delivery of the content. Third parties may also use so-called pixel tags
(invisible graphics, also known as "web beacons") for statistical or
marketing purposes. The "pixel tags" can be used to evaluate
information such as visitor traffic on the pages of this website. The
pseudonymous information can also be stored in cookies on the user's device
and, among other things, technical information about the browser and operating
system, referencewebsites, the time of visit and other information on the use
of our online offer as well as to be associated with such information from
other sources.
Notes on legal bases: If we ask the users for their consent to the use of the
third-party providers, the legal basis for the processing of data is the
consent. Otherwise, the data of the users will be processed on the basis of our
legitimate interests (i.e. interest in efficient,
economical and recipient-friendly services). In this context, we would also
like to draw your attention to the information on the use of cookies in this
privacy policy.
Types of data
processed: usage data (e.g.
websites visited, interest in content, access times), meta/communication data
(e.g. device information, IP addresses), location data (data indicating the
location of an end-user's terminal), contact data (e.g. e-mail, telephone
numbers), content data (e.g. text input, photographs, videos), inventory data
(e.g.
Affected persons: users (e.g. website visitors, users of
online services), communication partners.
Purposes of
processing: provision of our online offer and
user-friendliness, contractual services and service, contact requests and
communication, direct marketing (e.g. by e-mail or
postal), tracking (e.g. interest/behavioural profiling, use of cookies),
interest-based and behavioural marketing, profiling (creating user profiles),
reach measurement (e.g. access statistics, recognition of returning visitors),
online form), security measures, management and response of requests.
Legal bases: Legitimate interests (Art. 6 sec. 1 s. 1 lit. f. GDPR), consent
(Art. 6 sec. 1 p. 1 lit. a GDPR), performance of the contract and
pre-contractual enquiries (Art. 6 sec. 1 s. 1 lit. b. GDPR).
Services and service
providers used: