Contact
Data protection
I. Name and address of the person responsible
The person responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
Vogel als Prophet - Association for the Promotion of Artistic Piano Playing e. V
II. General information on data processing
1. Scope of processing of personal data.
In principle, we only process the personal data of our users to the extent that this is necessary to provide a functional website and our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in such cases in which it is not possible to obtain prior consent for actual reasons and the processing of the data is permitted by statutory provisions.
2. Legal basis for processing personal data
Insofar as we obtain the consent of the data subject for the processing of personal data, Article 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
Article 6 (1) (b) GDPR serves as the legal basis for the processing of personal data required to fulfill a contract (e.g. membership in an association) to which the data subject is a party. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Insofar as processing of personal data is necessary to fulfill a legal obligation to which our association is subject, Article 6 (1) (c) GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6 Paragraph 1 lit. d GDPR serves as the legal basis.
If the processing is necessary to safeguard a legitimate interest of our association or a third party and if the interests, fundamental rights and fundamental freedoms of the person concerned do not outweigh the first interest, Article 6 Paragraph 1 Letter f GDPR serves as the legal basis for the processing.
3. Data Erasure and Storage Duration
The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
III. Provision of the website and creation of log files
1. Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
The following data is collected here:
Information about the browser type and version used
The user's operating system
Date and time of access
Websites from which the user's system accesses our website
Websites accessed by the user's system through our website
The data is also stored in the log files of our system. This does not affect the IP addresses of the user or other data that enable the data to be assigned to a user. This data is not stored together with other personal data of the user.
2. Legal basis for data processing
The legal basis for the temporary storage of the data is Article 6 (1) (f) GDPR.
3. Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the IP address of the user must remain stored for the duration of the session.
Our legitimate interest in data processing in accordance with Article 6 (1) (f) GDPR also lies in these purposes.
The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
IV. Email Contact
1. Description and scope of data processing
It is possible to contact us via the e-mail address provided on our website. In this case, the user's personal data transmitted with the e-mail will be stored. In this context, the data will not be passed on to third parties. The data will only be used to process the conversation.
2. Legal basis for data processing
The legal basis for the processing of data transmitted in the course of sending an email is Article 6 Paragraph 1 Letter f GDPR. If the e-mail contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.
3. Purpose of data processing
The processing of the personal data from an e-mail contact serves us solely to process the contact; this is also the necessary legitimate interest in the processing of the data. The other personal data processed during the sending process serve to prevent misuse and to ensure the security of our information technology systems.
4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is over when it can be inferred from the circumstances that the facts in question have been finally clarified.
5. Possibility of objection and elimination
The user has the option to revoke his consent to the processing of personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.
The revocation of the consent and the objection to the storage is possible at any time and can be expressed via the corresponding e-mail contact. All personal data that was saved in the course of making contact will be deleted in this case.
V. Rights of the data subject
If personal data is processed by you, you are the data subject within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:
1. Right to information
You can request confirmation from the person responsible as to whether personal data relating to you is being processed by us.
If such processing is present, you can request information from the person responsible for the following information:
(1) the purposes for which the personal data are processed;
(2) the categories of personal data being processed;
(3) the recipients or categories of recipients to whom your personal data has been or will be disclosed;
(4) the planned duration of the storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage duration;
(5) the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the person responsible or a right to object to this processing;
(6) the existence of a right of appeal to a supervisory authority;
(7) all available information about the origin of the data if the personal data are not collected from the data subject;
(8) the existence of automated decision-making including profiling in accordance with Art. 22 (1) and (4) GDPR and - at least in these cases - meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.
You have the right to request information as to whether your personal data is being transmitted to a third country or to an international organization. In this context, you can request to be informed of the appropriate guarantees pursuant to Art. 46 GDPR in connection with the transmission.
2. Right to Rectification
You have a right to correction and/or completion to the person responsible if the processed personal data concerning you is incorrect or incomplete. The person responsible must make the correction immediately.
3. Right to restriction of processing
Under the following conditions, you can request the restriction of the processing of your personal data:
(1) if you dispute the accuracy of the personal data concerning you, for a period enabling the controller to verify the accuracy of the personal data;
(2) the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
(3) the person responsible no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
(4) if you have lodged an objection to the processing pursuant to Art. 21 (1) GDPR and it has not yet been determined whether the legitimate reasons of the person responsible outweigh your reasons.
If the processing of personal data concerning you has been restricted, this data - apart from its storage - may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State are processed.
If the restriction of processing has been restricted according to the above conditions, you will be informed by the person responsible before the restriction is lifted.
4. Right to erasure
a) Obligation to delete
You can request the person responsible to delete the personal data concerning you immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:
(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You revoke your consent on which the processing was based pursuant to Article 6 Paragraph 1 Letter a or Article 9 Paragraph 2 Letter a GDPR and there is no other legal basis for the processing.
(3) You object to the processing in accordance with Article 21 (1) GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing in accordance with Article 21 (2) GDPR.
(4) The personal data concerning you was processed unlawfully.
(5) The deletion of personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the person responsible is subject.
(6) The personal data concerning you was collected in relation to information society services offered pursuant to Article 8 (1) GDPR.
b) Information to third parties
If the person responsible has made the personal data relating to you public and is obliged to delete it in accordance with Art. 17 (1) GDPR, he shall take appropriate measures, including technical measures, to protect the person responsible for data processing, taking into account the available technology and the implementation costs , who process the personal data, that you, as the data subject, have requested them to delete all links to this personal data or copies or replications of this personal data.
c) Exceptions
The right to erasure does not exist if processing is necessary
(1) to exercise the right to freedom of expression and information;
(2) to fulfill a legal obligation that requires processing under Union or Member State law to which the controller is subject, or to perform a task that is in the public interest or in the exercise of official authority vested in the controller became;
(3) for reasons of public interest in the field of public health in accordance with Article 9 (2) lit. h and i and Article 9 (3) GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 (1) GDPR, insofar as the law mentioned under Section a) is likely to make it impossible or seriously impair the achievement of the objectives of this processing, or
(5) to assert, exercise or defend legal claims.
5. Right to Information
If you have asserted the right to correction, deletion or restriction of processing against the person responsible, he is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort.
You have the right to be informed about these recipients by the person responsible.
6. Right to data portability
You have the right to receive the personal data concerning you that you have provided to the person responsible in a structured, common and machine-readable format. In addition, you have the right to transmit this data to another person responsible without hindrance by the person responsible for providing the personal data, provided that
(1) the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR and
(2) the processing is carried out using automated procedures.
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one person responsible to another person responsible, insofar as this is technically feasible. The freedoms and rights of other people must not be impaired by this.
The right to data portability does not apply to processing of personal data that is required to perform a task that is in the public interest or in the exercise of official authority that has been assigned to the controller.
7. Right to Object
You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is based on Article 6 Paragraph 1 lit. e or f GDPR; this also applies to profiling based on these provisions.
The person responsible no longer processes the personal data relating to you unless he can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
In connection with the use of information society services, you have the option – notwithstanding Directive 2002/58/EC – to exercise your right to object by means of automated procedures that use technical specifications.
8. Right to revoke the declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation.
9. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged infringement, if you believe that the processing of your personal data is contrary to violates the GDPR.
The supervisory authority to which the complaint was lodged will inform the complainant about the status and the results of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.
VI. Update of the privacy policy
Automatic data storage
When you visit websites today, certain information is automatically created and stored, including on this website.
If you visit our website as you are right now, our web server (computer on which this website is stored) automatically saves data such as
the address (URL) of the accessed website, browser and browser version, the operating system used, the address (URL) of the previously visited page (referrer URL)
the host name and the IP address of the device from which access is made, date and time in files (web server log files).
As a rule, web server log files are stored for two weeks and then automatically deleted. We do not pass on this data, but cannot rule out that this data will be viewed in the event of illegal behavior.
According to Article 6 Paragraph 1 f GDPR (lawfulness of processing), the legal basis is that there is a legitimate interest in enabling the error-free operation of this website by recording web server log files.
cookies
Our website uses HTTP cookies to store user-specific data. In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.
What exactly are cookies? Whenever you surf the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies. One thing cannot be denied: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are other cookies for other areas of application. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder, which is basically the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified. Cookies store certain user data from you, such as language or personal page settings. When you visit our site again, your browser transmits the "user-related" information back to our site. Thanks to the cookies, our website knows who you are and offers you your usual default setting. In some browsers each cookie has its own file, in others such as Firefox all cookies are stored in a single file.
There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, since each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other "pests". Cookies also cannot access information on your PC. For example, cookie data can look like this: Name: _ga Expiry time: 2 years Use: Differentiation of website visitors
Sample value: GA1.2.1326744211.152311108786 in the browser should support the following minimum sizes: A cookie should be able to contain at least 4096 bytes
At least 50 cookies should be stored per domain. A total of at least 3000 cookies should be able to be stored. What types of cookies are there?
The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies. There are 4 types of cookies:
Strictly Necessary Cookies: These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed if a user puts a product in the shopping cart, then continues surfing on other pages and only goes to the checkout later. These cookies do not delete the shopping cart, even if the user closes their browser window. Functional cookies: These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and behavior of the website in different browsers. Targeting cookies: These cookies ensure a better user experience. For example, entered locations, font sizes or form data are saved. Advertising cookies: These cookies are also called targeting cookies. They are used to provide the user with individually tailored advertising. This can be very useful, but also very annoying. Usually, when you visit a website for the first time, you will be asked which of these types of cookies you would like to allow. And of course this decision is also stored in a cookie. How can I delete cookies? You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option of deleting cookies, only partially allowing them or deactivating them. For example, you can block third-party cookies but allow all other cookies.
If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings: Chrome: Delete, activate and manage cookies in Chrome. Safari: Managing Cookies and Website Data with Safari. Firefox: Clear cookies to remove data websites have placed on your computer. Internet Explorer: Delete and manage cookies. Microsoft Edge: Deleting and managing cookies
If you generally do not want any cookies, you can set up your browser so that it always informs you when a cookie is to be set. You can decide for each individual cookie whether you allow the cookie or not. The procedure differs depending on the browser. It is best to search the instructions in Google with the search term “delete cookies Chrome” or “disable cookies Chrome” in case of a Chrome browser or replace the word “Chrome” with the name of your browser, e.g. Edge, Firefox, Safari.
What about my data protection?
The so-called “Cookie Guidelines” have been in place since 2009. It states that the storage of cookies requires the consent of the website visitor (i.e. you). Within the EU countries, however, there are still very different reactions to these directives. In Germany, the cookie guidelines have not been implemented as national law. Instead, this guideline was largely implemented in Section 15 (3) of the Telemedia Act (TMG).
If you want to know more about cookies and don't shy away from technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called "HTTP State Management Mechanism".
storage of personal data
Personal data that you transmit to us electronically on this website, such as name, e-mail address, address or other personal information when submitting a form or comments on the blog, will be stored by us together with the time and the IP Address used only for the purpose stated, kept safe and not passed on to third parties.
We therefore only use your personal data for communication with those visitors who expressly request contact and for the processing of the services and products offered on this website. We do not pass on your personal data without your consent, but we cannot rule out that this data will be viewed in the event of illegal behavior.
If you send us personal data by e-mail - thus outside of this website - we cannot guarantee a secure transmission and the protection of your data. We recommend that you never send confidential data unencrypted by e-mail.
According to Article 6 paragraph 1 a GDPR (lawfulness of processing), the legal basis is that you give us your consent to process the data you have entered. You can revoke this consent at any time - an informal e-mail is sufficient, you will find our contact details in the imprint.
Rights under the General Data Protection Regulation
According to the provisions of the GDPR, you have the following rights:
Right to rectification (Article 16 GDPR)
Right to erasure (“right to be forgotten”) (Article 17 GDPR)
Right to restriction of processing (Article 18 GDPR)
Right to notification – obligation to notify in connection with rectification or erasure of personal data or restriction of processing (Article 19 GDPR)
Right to data portability (Article 20 GDPR)
Right to object (Article 21 GDPR)
Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR)
If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
TLS encryption with https
We use https to transmit data securely on the Internet (data protection through technology design Article 25 paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this protection of data transmission by the small lock symbol in the top left corner of the browser and the use of the https scheme (instead of http) as part of our Internet address.
Google Fonts Privacy Policy
We use Google Fonts from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website.
You do not need to register or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, typefaces/fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you don't have to worry about your Google account data being transmitted to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. How the data storage looks exactly, we will look at in detail.
What are Google Fonts?
Google Fonts (formerly Google Web Fonts) is an interactive directory with more than 800 fonts provided by Google LLC for free use.
Many of these fonts are released under the SIL Open Font License, while others are released under the Apache License. Both are free software licenses. So we can use them freely without paying license fees. Why do we use Google Fonts on our website?
With Google Fonts we can use fonts on our own website and do not have to upload them to our own server. Google Fonts is an important component in keeping the quality of our website high. All Google fonts are automatically optimized for the web and this saves data volume and is a great advantage especially for use with mobile devices. When you visit our site, the small file size ensures fast loading time. Furthermore, Google Fonts are so-called secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can partially distort texts or entire websites. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all major browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2 and iOS 4.2 (iPhone, iPad, iPod). So we use Google Fonts so that we can present our entire online service as beautifully and uniformly as possible. According to Art. 6 Para. 1 f lit. F GDPR, this already represents a "legitimate interest" in the processing of personal data legal system are recognized.
Which data is stored by Google? When you visit our website, the fonts are reloaded via a Google server. This external call transmits data to the Google servers. In this way, Google also recognizes that you or your IP address is visiting our website. The Google Fonts API was designed to reduce the collection, storage and use of end-user data to what is necessary for efficient font delivery. Incidentally, API stands for "Application Programming Interface" and serves, among other things, as a data transmitter in the software sector. Google Fonts securely stores CSS and font requests with Google and is therefore protected. Google can determine the popularity of the fonts from the collected usage figures. Google publishes the results on internal analysis pages, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the Google Fonts BigQuery database. BigQuery is a web service from Google for companies that want to move and analyze large amounts of data. It should be noted, however, that with every Google Font request, information such as IP address, language settings, browser screen resolution, browser version and browser name is automatically transmitted to the Google servers. Whether this data is also stored cannot be clearly determined or is not clearly communicated by Google. How long and where is the data stored? Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This enables us to use the fonts using a Google style sheet. A style sheet is a template that you can use to change the design or font of a website, for example, quickly and easily. The font files are stored by Google for one year. Google is thus pursuing the goal of fundamentally improving the loading time of websites. When millions of websites refer to the same fonts, they are cached after the first visit and immediately reappear on all other websites visited later. Sometimes Google updates font files to reduce file size, increase language coverage, and improve design. How can I delete my data or prevent data storage?
The data that Google stores for a day or a year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. In order to be able to delete this data prematurely, you must contact Google Support at https://support.google.com/?hl=de&tid=311108786. In this case, you only prevent data storage if you do not visit our site.
Unlike other web fonts, Google allows us unlimited access to all fonts. So we have unlimited access to a sea of fonts and thus get the best out of our website. You can find more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=311108786. Although Google addresses data protection issues there, it does not contain really detailed information about data storage. It is relatively difficult (almost impossible) to get really precise information about stored data from Google.
You can also read about what data Google collects and what this data is used for at https://www.google.com/intl/de/policies/privacy/.
Google Maps Privacy Policy
We use Google Maps from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website.
By using the functions of this map, data is transmitted to Google. You can read about which data is collected by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/.
Facebook Privacy Policy
We use functions from Facebook on this website, a social media network operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland. You can read about which functions (social plug-ins) Facebook provides at https://developers.facebook.com/docs/plugins/.
By visiting our website, information can be transmitted to Facebook. If you have a Facebook account, Facebook can associate this data with your personal account. If you do not want this, please log out of Facebook.
The data protection guidelines, which information Facebook collects and how they use it can be found at https://www.facebook.com/policy.php.
We are pleased that you are interested in our website. Protecting your privacy is very important to us.
We have written this data protection declaration (version 06/02/2019-311108786) in order to explain to you in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 what information we collect, how we use data and what decision-making options you have as a visitor to this website .
Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible when creating them. Below we inform you in detail about the handling of your data.
Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible when creating them. Below we inform you in detail about the handling of your data.
The person responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
Vogel als Prophet - Association for the Promotion of Artistic Piano Playing e. V
Beethovenstr. 29, 54329 Conc
Represented by the chairman: Winfried Manns
Email address: info@konzmusikfestival.deII. General information on data processing
1. Scope of processing of personal data.
In principle, we only process the personal data of our users to the extent that this is necessary to provide a functional website and our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in such cases in which it is not possible to obtain prior consent for actual reasons and the processing of the data is permitted by statutory provisions.
2. Legal basis for processing personal data
Insofar as we obtain the consent of the data subject for the processing of personal data, Article 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
Article 6 (1) (b) GDPR serves as the legal basis for the processing of personal data required to fulfill a contract (e.g. membership in an association) to which the data subject is a party. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Insofar as processing of personal data is necessary to fulfill a legal obligation to which our association is subject, Article 6 (1) (c) GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6 Paragraph 1 lit. d GDPR serves as the legal basis.
If the processing is necessary to safeguard a legitimate interest of our association or a third party and if the interests, fundamental rights and fundamental freedoms of the person concerned do not outweigh the first interest, Article 6 Paragraph 1 Letter f GDPR serves as the legal basis for the processing.
3. Data Erasure and Storage Duration
The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
III. Provision of the website and creation of log files
1. Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
The following data is collected here:
Information about the browser type and version used
The user's operating system
Date and time of access
Websites from which the user's system accesses our website
Websites accessed by the user's system through our website
The data is also stored in the log files of our system. This does not affect the IP addresses of the user or other data that enable the data to be assigned to a user. This data is not stored together with other personal data of the user.
2. Legal basis for data processing
The legal basis for the temporary storage of the data is Article 6 (1) (f) GDPR.
3. Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the IP address of the user must remain stored for the duration of the session.
Our legitimate interest in data processing in accordance with Article 6 (1) (f) GDPR also lies in these purposes.
4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
5. Possibility of objection and eliminationThe collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
IV. Email Contact
1. Description and scope of data processing
It is possible to contact us via the e-mail address provided on our website. In this case, the user's personal data transmitted with the e-mail will be stored. In this context, the data will not be passed on to third parties. The data will only be used to process the conversation.
2. Legal basis for data processing
The legal basis for the processing of data transmitted in the course of sending an email is Article 6 Paragraph 1 Letter f GDPR. If the e-mail contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.
3. Purpose of data processing
The processing of the personal data from an e-mail contact serves us solely to process the contact; this is also the necessary legitimate interest in the processing of the data. The other personal data processed during the sending process serve to prevent misuse and to ensure the security of our information technology systems.
4. Duration of storage
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is over when it can be inferred from the circumstances that the facts in question have been finally clarified.
5. Possibility of objection and elimination
The user has the option to revoke his consent to the processing of personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.
The revocation of the consent and the objection to the storage is possible at any time and can be expressed via the corresponding e-mail contact. All personal data that was saved in the course of making contact will be deleted in this case.
V. Rights of the data subject
If personal data is processed by you, you are the data subject within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:
1. Right to information
You can request confirmation from the person responsible as to whether personal data relating to you is being processed by us.
If such processing is present, you can request information from the person responsible for the following information:
(1) the purposes for which the personal data are processed;
(2) the categories of personal data being processed;
(3) the recipients or categories of recipients to whom your personal data has been or will be disclosed;
(4) the planned duration of the storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage duration;
(5) the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the person responsible or a right to object to this processing;
(6) the existence of a right of appeal to a supervisory authority;
(7) all available information about the origin of the data if the personal data are not collected from the data subject;
(8) the existence of automated decision-making including profiling in accordance with Art. 22 (1) and (4) GDPR and - at least in these cases - meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.
You have the right to request information as to whether your personal data is being transmitted to a third country or to an international organization. In this context, you can request to be informed of the appropriate guarantees pursuant to Art. 46 GDPR in connection with the transmission.
2. Right to Rectification
You have a right to correction and/or completion to the person responsible if the processed personal data concerning you is incorrect or incomplete. The person responsible must make the correction immediately.
3. Right to restriction of processing
Under the following conditions, you can request the restriction of the processing of your personal data:
(1) if you dispute the accuracy of the personal data concerning you, for a period enabling the controller to verify the accuracy of the personal data;
(2) the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
(3) the person responsible no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
(4) if you have lodged an objection to the processing pursuant to Art. 21 (1) GDPR and it has not yet been determined whether the legitimate reasons of the person responsible outweigh your reasons.
If the processing of personal data concerning you has been restricted, this data - apart from its storage - may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State are processed.
If the restriction of processing has been restricted according to the above conditions, you will be informed by the person responsible before the restriction is lifted.
4. Right to erasure
a) Obligation to delete
You can request the person responsible to delete the personal data concerning you immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:
(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You revoke your consent on which the processing was based pursuant to Article 6 Paragraph 1 Letter a or Article 9 Paragraph 2 Letter a GDPR and there is no other legal basis for the processing.
(3) You object to the processing in accordance with Article 21 (1) GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing in accordance with Article 21 (2) GDPR.
(4) The personal data concerning you was processed unlawfully.
(5) The deletion of personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the person responsible is subject.
(6) The personal data concerning you was collected in relation to information society services offered pursuant to Article 8 (1) GDPR.
b) Information to third parties
If the person responsible has made the personal data relating to you public and is obliged to delete it in accordance with Art. 17 (1) GDPR, he shall take appropriate measures, including technical measures, to protect the person responsible for data processing, taking into account the available technology and the implementation costs , who process the personal data, that you, as the data subject, have requested them to delete all links to this personal data or copies or replications of this personal data.
c) Exceptions
The right to erasure does not exist if processing is necessary
(1) to exercise the right to freedom of expression and information;
(2) to fulfill a legal obligation that requires processing under Union or Member State law to which the controller is subject, or to perform a task that is in the public interest or in the exercise of official authority vested in the controller became;
(3) for reasons of public interest in the field of public health in accordance with Article 9 (2) lit. h and i and Article 9 (3) GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 (1) GDPR, insofar as the law mentioned under Section a) is likely to make it impossible or seriously impair the achievement of the objectives of this processing, or
(5) to assert, exercise or defend legal claims.
5. Right to Information
If you have asserted the right to correction, deletion or restriction of processing against the person responsible, he is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort.
You have the right to be informed about these recipients by the person responsible.
6. Right to data portability
You have the right to receive the personal data concerning you that you have provided to the person responsible in a structured, common and machine-readable format. In addition, you have the right to transmit this data to another person responsible without hindrance by the person responsible for providing the personal data, provided that
(1) the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR and
(2) the processing is carried out using automated procedures.
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one person responsible to another person responsible, insofar as this is technically feasible. The freedoms and rights of other people must not be impaired by this.
The right to data portability does not apply to processing of personal data that is required to perform a task that is in the public interest or in the exercise of official authority that has been assigned to the controller.
7. Right to Object
You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is based on Article 6 Paragraph 1 lit. e or f GDPR; this also applies to profiling based on these provisions.
The person responsible no longer processes the personal data relating to you unless he can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
In connection with the use of information society services, you have the option – notwithstanding Directive 2002/58/EC – to exercise your right to object by means of automated procedures that use technical specifications.
8. Right to revoke the declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation.
9. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged infringement, if you believe that the processing of your personal data is contrary to violates the GDPR.
The supervisory authority to which the complaint was lodged will inform the complainant about the status and the results of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.
VI. Update of the privacy policy
We reserve the right to change this data protection policy if this becomes necessary due to legal, technical or business developments. In these cases, we will also adapt our information on data protection accordingly. Therefore, please note the current version of our data protection declaration.
Automatic data storage
When you visit websites today, certain information is automatically created and stored, including on this website.
If you visit our website as you are right now, our web server (computer on which this website is stored) automatically saves data such as
the address (URL) of the accessed website, browser and browser version, the operating system used, the address (URL) of the previously visited page (referrer URL)
the host name and the IP address of the device from which access is made, date and time in files (web server log files).
As a rule, web server log files are stored for two weeks and then automatically deleted. We do not pass on this data, but cannot rule out that this data will be viewed in the event of illegal behavior.
According to Article 6 Paragraph 1 f GDPR (lawfulness of processing), the legal basis is that there is a legitimate interest in enabling the error-free operation of this website by recording web server log files.
cookies
Our website uses HTTP cookies to store user-specific data. In the following we explain what cookies are and why they are used so that you can better understand the following data protection declaration.
What exactly are cookies? Whenever you surf the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies. One thing cannot be denied: Cookies are really useful little helpers. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are other cookies for other areas of application. HTTP cookies are small files that are stored on your computer by our website. These cookie files are automatically stored in the cookie folder, which is basically the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified. Cookies store certain user data from you, such as language or personal page settings. When you visit our site again, your browser transmits the "user-related" information back to our site. Thanks to the cookies, our website knows who you are and offers you your usual default setting. In some browsers each cookie has its own file, in others such as Firefox all cookies are stored in a single file.
There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, since each cookie stores different data. The expiry time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other "pests". Cookies also cannot access information on your PC. For example, cookie data can look like this: Name: _ga Expiry time: 2 years Use: Differentiation of website visitors
Sample value: GA1.2.1326744211.152311108786 in the browser should support the following minimum sizes: A cookie should be able to contain at least 4096 bytes
At least 50 cookies should be stored per domain. A total of at least 3000 cookies should be able to be stored. What types of cookies are there?
The question of which cookies we use in particular depends on the services used and is clarified in the following sections of the data protection declaration. At this point we would like to briefly discuss the different types of HTTP cookies. There are 4 types of cookies:
Strictly Necessary Cookies: These cookies are necessary to ensure basic functions of the website. For example, these cookies are needed if a user puts a product in the shopping cart, then continues surfing on other pages and only goes to the checkout later. These cookies do not delete the shopping cart, even if the user closes their browser window. Functional cookies: These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and behavior of the website in different browsers. Targeting cookies: These cookies ensure a better user experience. For example, entered locations, font sizes or form data are saved. Advertising cookies: These cookies are also called targeting cookies. They are used to provide the user with individually tailored advertising. This can be very useful, but also very annoying. Usually, when you visit a website for the first time, you will be asked which of these types of cookies you would like to allow. And of course this decision is also stored in a cookie. How can I delete cookies? You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option of deleting cookies, only partially allowing them or deactivating them. For example, you can block third-party cookies but allow all other cookies.
If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings: Chrome: Delete, activate and manage cookies in Chrome. Safari: Managing Cookies and Website Data with Safari. Firefox: Clear cookies to remove data websites have placed on your computer. Internet Explorer: Delete and manage cookies. Microsoft Edge: Deleting and managing cookies
If you generally do not want any cookies, you can set up your browser so that it always informs you when a cookie is to be set. You can decide for each individual cookie whether you allow the cookie or not. The procedure differs depending on the browser. It is best to search the instructions in Google with the search term “delete cookies Chrome” or “disable cookies Chrome” in case of a Chrome browser or replace the word “Chrome” with the name of your browser, e.g. Edge, Firefox, Safari.
What about my data protection?
The so-called “Cookie Guidelines” have been in place since 2009. It states that the storage of cookies requires the consent of the website visitor (i.e. you). Within the EU countries, however, there are still very different reactions to these directives. In Germany, the cookie guidelines have not been implemented as national law. Instead, this guideline was largely implemented in Section 15 (3) of the Telemedia Act (TMG).
If you want to know more about cookies and don't shy away from technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) called "HTTP State Management Mechanism".
storage of personal data
Personal data that you transmit to us electronically on this website, such as name, e-mail address, address or other personal information when submitting a form or comments on the blog, will be stored by us together with the time and the IP Address used only for the purpose stated, kept safe and not passed on to third parties.
We therefore only use your personal data for communication with those visitors who expressly request contact and for the processing of the services and products offered on this website. We do not pass on your personal data without your consent, but we cannot rule out that this data will be viewed in the event of illegal behavior.
If you send us personal data by e-mail - thus outside of this website - we cannot guarantee a secure transmission and the protection of your data. We recommend that you never send confidential data unencrypted by e-mail.
According to Article 6 paragraph 1 a GDPR (lawfulness of processing), the legal basis is that you give us your consent to process the data you have entered. You can revoke this consent at any time - an informal e-mail is sufficient, you will find our contact details in the imprint.
Rights under the General Data Protection Regulation
According to the provisions of the GDPR, you have the following rights:
Right to rectification (Article 16 GDPR)
Right to erasure (“right to be forgotten”) (Article 17 GDPR)
Right to restriction of processing (Article 18 GDPR)
Right to notification – obligation to notify in connection with rectification or erasure of personal data or restriction of processing (Article 19 GDPR)
Right to data portability (Article 20 GDPR)
Right to object (Article 21 GDPR)
Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR)
If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
TLS encryption with https
We use https to transmit data securely on the Internet (data protection through technology design Article 25 paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this protection of data transmission by the small lock symbol in the top left corner of the browser and the use of the https scheme (instead of http) as part of our Internet address.
Google Fonts Privacy Policy
We use Google Fonts from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website.
You do not need to register or enter a password to use Google fonts. Furthermore, no cookies are stored in your browser. The files (CSS, typefaces/fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you don't have to worry about your Google account data being transmitted to Google while using Google Fonts. Google records the use of CSS (Cascading Style Sheets) and the fonts used and stores this data securely. How the data storage looks exactly, we will look at in detail.
What are Google Fonts?
Google Fonts (formerly Google Web Fonts) is an interactive directory with more than 800 fonts provided by Google LLC for free use.
Many of these fonts are released under the SIL Open Font License, while others are released under the Apache License. Both are free software licenses. So we can use them freely without paying license fees. Why do we use Google Fonts on our website?
With Google Fonts we can use fonts on our own website and do not have to upload them to our own server. Google Fonts is an important component in keeping the quality of our website high. All Google fonts are automatically optimized for the web and this saves data volume and is a great advantage especially for use with mobile devices. When you visit our site, the small file size ensures fast loading time. Furthermore, Google Fonts are so-called secure web fonts. Different image synthesis systems (rendering) in different browsers, operating systems and mobile devices can lead to errors. Such errors can partially distort texts or entire websites. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all major browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2 and iOS 4.2 (iPhone, iPad, iPod). So we use Google Fonts so that we can present our entire online service as beautifully and uniformly as possible. According to Art. 6 Para. 1 f lit. F GDPR, this already represents a "legitimate interest" in the processing of personal data legal system are recognized.
Which data is stored by Google? When you visit our website, the fonts are reloaded via a Google server. This external call transmits data to the Google servers. In this way, Google also recognizes that you or your IP address is visiting our website. The Google Fonts API was designed to reduce the collection, storage and use of end-user data to what is necessary for efficient font delivery. Incidentally, API stands for "Application Programming Interface" and serves, among other things, as a data transmitter in the software sector. Google Fonts securely stores CSS and font requests with Google and is therefore protected. Google can determine the popularity of the fonts from the collected usage figures. Google publishes the results on internal analysis pages, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google fonts. This data is published in the Google Fonts BigQuery database. BigQuery is a web service from Google for companies that want to move and analyze large amounts of data. It should be noted, however, that with every Google Font request, information such as IP address, language settings, browser screen resolution, browser version and browser name is automatically transmitted to the Google servers. Whether this data is also stored cannot be clearly determined or is not clearly communicated by Google. How long and where is the data stored? Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. This enables us to use the fonts using a Google style sheet. A style sheet is a template that you can use to change the design or font of a website, for example, quickly and easily. The font files are stored by Google for one year. Google is thus pursuing the goal of fundamentally improving the loading time of websites. When millions of websites refer to the same fonts, they are cached after the first visit and immediately reappear on all other websites visited later. Sometimes Google updates font files to reduce file size, increase language coverage, and improve design. How can I delete my data or prevent data storage?
The data that Google stores for a day or a year cannot simply be deleted. The data is automatically transmitted to Google when the page is accessed. In order to be able to delete this data prematurely, you must contact Google Support at https://support.google.com/?hl=de&tid=311108786. In this case, you only prevent data storage if you do not visit our site.
Unlike other web fonts, Google allows us unlimited access to all fonts. So we have unlimited access to a sea of fonts and thus get the best out of our website. You can find more about Google Fonts and other questions at https://developers.google.com/fonts/faq?tid=311108786. Although Google addresses data protection issues there, it does not contain really detailed information about data storage. It is relatively difficult (almost impossible) to get really precise information about stored data from Google.
You can also read about what data Google collects and what this data is used for at https://www.google.com/intl/de/policies/privacy/.
Google Maps Privacy Policy
We use Google Maps from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) on our website.
By using the functions of this map, data is transmitted to Google. You can read about which data is collected by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/.
Facebook Privacy Policy
We use functions from Facebook on this website, a social media network operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland. You can read about which functions (social plug-ins) Facebook provides at https://developers.facebook.com/docs/plugins/.
By visiting our website, information can be transmitted to Facebook. If you have a Facebook account, Facebook can associate this data with your personal account. If you do not want this, please log out of Facebook.
The data protection guidelines, which information Facebook collects and how they use it can be found at https://www.facebook.com/policy.php.
Source: Created with the data protection generator from www.adsimple.at in cooperation with ilovevienna.at
