Privacy Policy
I. Name and address of the responsible party
The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
Vogel as Prophet - Association for the Promotion of Artistic Piano Playing e. V.
II. General information on data processing
1. Scope of processing personal data.
We generally process our users' personal data only to the extent necessary for providing a functional website and our content and services. The processing of our users' personal data regularly only occurs with the user's consent. An exception applies in cases where obtaining prior consent is not possible for practical reasons and the processing of the data is permitted by law.
2. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing operations involving personal data, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data necessary for the performance of a contract (e.g., club membership) to which the data subject is a party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations necessary for carrying out pre-contractual measures.
Insofar as the processing of personal data is necessary for compliance with a legal obligation to which our association is subject, Article 6(1)(c) GDPR serves as the legal basis.
In the event that the processing of personal data is necessary to protect the vital interests of the data subject or of another natural person, Article 6(1)(d) GDPR serves as the legal basis.
If processing is necessary for the purposes of the legitimate interests pursued by our association or by a third party, and the interests or fundamental rights and freedoms of the data subject do not override those interests, then Article 6(1)(f) GDPR serves as the legal basis for the processing.
3. Data deletion and storage period
The personal data of the data subject will be erased or blocked as soon as the purpose of storage no longer applies. Storage may also take place if this is provided for by European or national legislation in EU regulations, laws, or other provisions to which the controller is subject. Data will also be blocked or erased when a storage period prescribed by the aforementioned regulations expires, unless further storage of the data is necessary for the conclusion or performance of a contract.
III. Provision of the website and creation of log files
1. Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
The following data is collected:
Information about the browser type and version used
The user's operating system
Date and time of access
Websites from which the user's system accessed our website
Websites accessed by the user's system via our website
The data is also stored in our system's log files. This does not include the user's IP address or other data that would allow the data to be linked to a specific user. This data is not stored together with other personal data of the user.
2. Legal basis for data processing
The legal basis for the temporary storage of the data is Art. 6 para. 1 lit. f GDPR.
3. Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable the delivery of the website to the user's computer. For this purpose, the user's IP address must be stored for the duration of the session.
These purposes also constitute our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f GDPR.
The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Therefore, there is no possibility for the user to object.
IV. Email Contact
1. Description and scope of data processing
You can contact us via the email address provided on our website. In this case, the personal data you transmit with your email will be stored. This data will not be shared with third parties. It will be used solely for processing your inquiry.
2. Legal basis for data processing
The legal basis for processing data transmitted via email is Article 6(1)(f) GDPR. If the email contact aims at concluding a contract, the additional legal basis for processing is Article 6(1)(b) GDPR.
3. Purpose of data processing
The processing of personal data from email contact is solely for the purpose of handling the contact request; this also constitutes the necessary legitimate interest in processing the data. The other personal data processed during the sending process serves to prevent misuse and ensure the security of our IT systems.
4. Storage duration
The data will be deleted as soon as it is no longer needed for the purpose for which it was collected. For personal data transmitted by email, this is the case when the respective conversation with the user has ended. A conversation is considered ended when it is clear from the circumstances that the matter in question has been resolved.
5. Right to object and have the matter removed
The user has the right to withdraw their consent to the processing of their personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.
You may withdraw your consent and object to the storage of your data at any time by contacting us via the provided email address. In this case, all personal data stored as a result of your contacting us will be deleted.
V. Rights of the data subject
If your personal data is being processed, you are a data subject within the meaning of the GDPR and you have the following rights against the controller:
1. Right to information
You can request confirmation from the controller as to whether personal data concerning you is being processed by us.
If such processing takes place, you can request the following information from the controller:
(1) the purposes for which the personal data are processed;
(2) the categories of personal data which are processed;
(3) the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
(4) the planned duration of the storage of personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period;
(5) the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
(6) the existence of a right to lodge a complaint with a supervisory authority;
(7) all available information about the source of the data if the personal data are not collected from the data subject;
(8) the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) GDPR and – at least in those cases – meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You have the right to request information as to whether your personal data is being transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Article 46 GDPR relating to the transfer.
2. Right to rectification
You have the right to rectification and/or completion from the data controller if the processed personal data concerning you is inaccurate or incomplete. The data controller must carry out the rectification without undue delay.
3. Right to restriction of processing
Under the following conditions, you can request the restriction of the processing of your personal data:
(1) if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
(2) the processing is unlawful and you object to the erasure of the personal data and request the restriction of their use instead;
(3) the controller no longer needs the personal data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims, or
(4) if you have objected to the processing pursuant to Article 21(1) GDPR and it is not yet clear whether the legitimate grounds of the controller override your grounds.
If the processing of your personal data has been restricted, this data – apart from being stored – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
4. Right to erasure
a) Obligation to delete
You can request that the controller erase your personal data without undue delay, and the controller is obliged to erase such data without undue delay where one of the following grounds applies:
(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You withdraw your consent on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR, and there is no other legal basis for the processing.
(3) You object to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) GDPR.
(4) Your personal data has been processed unlawfully.
(5) The erasure of personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.
(6) The personal data concerning you were collected in relation to information society services offered pursuant to Article 8(1) GDPR.
b) Information to third parties
If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Article 17(1) GDPR, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you, as the data subject, have requested the erasure of all links to, or copies or replications of, that personal data.
c) Exceptions
The right to erasure does not apply insofar as the processing is necessary.
(1) to exercise the right to freedom of expression and information;
(2) for compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) for reasons of public interest in the area of public health pursuant to Article 9(2)(h) and (i) and Article 9(3) GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR, insofar as the right referred to in point (a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
(5) for the establishment, exercise or defense of legal claims.
5. Right to information
If you have asserted your right to rectification, erasure or restriction of processing against the controller, the controller is obliged to communicate this rectification or erasure of data or restriction of processing to all recipients to whom the personal data concerning you have been disclosed, unless this proves impossible or involves disproportionate effort.
They have the right to be informed about these recipients by the data controller.
6. Right to data portability
You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. Furthermore, you have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, provided that
(1) the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR and
(2) processing is carried out using automated procedures.
In exercising this right, you also have the right to have your personal data transmitted directly from one controller to another, where technically feasible. This must not adversely affect the rights and freedoms of others.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) of the GDPR, including profiling based on those provisions.
The controller will no longer process your personal data unless they can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims.
You have the option, in connection with the use of information society services – notwithstanding Directive 2002/58/EC – to exercise your right to object by means of automated procedures using technical specifications.
8. Right to withdraw consent under data protection law
You have the right to withdraw your consent to data processing at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
9. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant of the progress and outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 GDPR.
VI. Update of the Privacy Policy
Automatic data storage
When you visit websites these days, certain information is automatically generated and stored, including on this website.
When you visit our website, as you are doing now, our web server (the computer on which this website is stored) automatically saves data such as…
the address (URL) of the accessed website, browser and browser version, the operating system used, the address (URL) of the previously visited page (referrer URL)
the hostname and IP address of the device from which access is made, date and time in files (web server log files).
Web server log files are typically stored for two weeks and then automatically deleted. We do not share this data, but we cannot rule out the possibility that it may be accessed in the event of unlawful activity.
The legal basis according to Article 6 paragraph 1 f GDPR (lawfulness of processing) is that there is a legitimate interest in enabling the error-free operation of this website by collecting web server log files.
Cookies
Our website uses HTTP cookies to store user-specific data. Below we explain what cookies are and why they are used, so that you can better understand the following privacy policy.
What exactly are cookies? Whenever you browse the internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies. There's no denying it: cookies are really useful tools. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are other types of cookies for different applications. HTTP cookies are small files that our website stores on your computer. These cookie files are automatically placed in the cookie folder, essentially the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified. Cookies store certain user data, such as your language or personal website settings. When you revisit our site, your browser sends this user-related information back to us. Thanks to cookies, our website knows who you are and offers you your usual default settings. In some browsers, each cookie has its own file, while in others, such as Firefox, all cookies are stored in a single file.
There are both first-party and third-party cookies. First-party cookies are created directly by our website, while third-party cookies are created by partner websites (e.g., Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies from a few minutes to several years. Cookies are not software programs and do not contain viruses, Trojans, or other malware. Cookies cannot access information on your computer. For example, cookie data might look like this: Name: _ga Expiration time: 2 years Purpose: Differentiating website visitors
Example value: GA1.2.1326744211.152311108786. Browsers should support the following minimum sizes: A cookie should be able to contain at least 4096 bytes.
At least 50 cookies should be able to be stored per domain. A total of at least 3000 cookies should be able to be stored. What types of cookies are there?
The specific cookies we use depend on the services used and are explained in the following sections of the privacy policy. Here, we would like to briefly discuss the different types of HTTP cookies. There are four main types of cookies:
Strictly necessary cookies: These cookies are essential for the basic functionality of the website. For example, they are needed when a user adds a product to their shopping cart, continues browsing other pages, and only later proceeds to checkout. These cookies ensure the shopping cart is not emptied, even if the user closes their browser window. Functional cookies: These cookies collect information about user behavior and whether the user receives any error messages. They also measure loading times and the website's performance across different browsers. Performance cookies: These cookies improve user experience. For example, they save entered locations, font sizes, or form data. Advertising cookies: These cookies, also known as targeting cookies, are used to deliver personalized advertising to the user. This can be very convenient, but also very annoying. Typically, you will be asked which of these cookie types you wish to allow the first time you visit a website. This decision is, of course, also stored in a cookie. How can I delete cookies? You decide how and whether you want to use cookies. Regardless of the service or website the cookies originate from, you always have the option to delete cookies, allow them only partially, or disable them entirely. For example, you can block third-party cookies but allow all others.
If you want to see which cookies have been stored in your browser, or if you want to change or delete cookie settings, you can find this information in your browser settings: Chrome: Delete, enable, and manage cookies in Chrome. Safari: Manage cookies and website data with Safari. Firefox: Clear cookies to remove data that websites have stored on your computer. Internet Explorer: Delete and manage cookies. Microsoft Edge: Delete and manage cookies.
If you generally don't want to allow cookies, you can configure your browser to always notify you when a cookie is about to be set. This allows you to decide whether to allow each individual cookie. The procedure varies depending on the browser. The best way to find instructions is to search on Google using the keywords "delete cookies Chrome" or "disable cookies Chrome" if you are using Chrome, or replace "Chrome" with the name of your browser, such as Edge, Firefox, or Safari.
What about my data privacy?
Since 2009, the so-called "Cookie Directive" has been in effect. This directive stipulates that storing cookies requires the consent of the website visitor (i.e., you). However, reactions to this directive vary considerably across EU countries. In Germany, the Cookie Directive was not implemented as national law. Instead, it was largely implemented through Section 15 Paragraph 3 of the Telemedia Act (TMG).
If you would like to learn more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Internet Engineering Task Force (IETF) Request for Comments entitled “HTTP State Management Mechanism”.
Storage of personal data
Personal data that you submit to us electronically on this website, such as name, email address, address or other personal information when submitting a form or comments on the blog, will be used by us together with the date and time and IP address only for the stated purpose, stored securely and not passed on to third parties.
We therefore only use your personal data to communicate with visitors who expressly request contact and to process the services and products offered on this website. We will not share your personal data without your consent, but we cannot rule out the possibility that this data may be accessed in the event of unlawful activity.
If you send us personal data via email – that is, outside of this website – we cannot guarantee secure transmission and the protection of your data. We recommend that you never send confidential data unencrypted via email.
The legal basis for processing your data, according to Article 6 Paragraph 1 a GDPR (Lawfulness of processing), is your consent to the processing of the data you have entered. You can withdraw this consent at any time – an informal email is sufficient; you can find our contact details in the legal notice.
Rights under the General Data Protection Regulation
According to the provisions of the GDPR, you are generally entitled to the following rights:
Right to rectification (Article 16 GDPR)
Right to erasure (“right to be forgotten”) (Article 17 GDPR)
Right to restriction of processing (Article 18 GDPR)
Right to notification – obligation to notify in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR)
Right to data portability (Article 20 GDPR)
Right to object (Article 21 GDPR)
Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR)
If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been infringed, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
TLS encryption with https
We use HTTPS to transmit data securely over the internet (data protection by design, Article 25 Paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the internet, we can ensure the protection of confidential data. You can recognize this secure data transmission by the small padlock icon in the top left corner of your browser and the use of the HTTPS protocol (instead of HTTP) as part of our web address.
Google Fonts Privacy Policy
We use Google Fonts from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website.
You don't need to register or provide a password to use Google Fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you don't need to worry about your Google account data being transmitted to Google while using Google Fonts. Google collects data on the usage of CSS (Cascading Style Sheets) and the fonts used, and stores this data securely. We will examine the specifics of this data storage in more detail later.
What are Google Fonts?
Google Fonts (formerly Google Web Fonts) is an interactive directory with more than 800 fonts that Google LLC provides for free use.
Many of these fonts are released under the SIL Open Font License, while others are released under the Apache License. Both are free software licenses. Therefore, we can use them freely without paying any license fees. Why do we use Google Fonts on our website?
With Google Fonts, we can use fonts on our own website without having to upload them to our own server. Google Fonts is an important component for maintaining the high quality of our website. All Google fonts are automatically optimized for the web, which saves data volume and is a significant advantage, especially for use on mobile devices. When you visit our site, the small file size ensures fast loading times. Furthermore, Google Fonts are considered reliable web fonts. Different rendering systems in various browsers, operating systems, and mobile devices can lead to errors. These errors can sometimes distort text or even entire web pages. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2 and iOS 4.2 (iPhone, iPad, iPod). We use Google Fonts to ensure our entire online service is displayed as attractively and consistently as possible. According to Article 6(1)(f) of the GDPR, this already constitutes a "legitimate interest" in processing personal data. In this context, "legitimate interest" encompasses legal, economic, and non-material interests recognized by the legal system.
What data does Google store? When you visit our website, the fonts are loaded from a Google server. This external request transmits data to Google's servers. This allows Google to recognize that you, or rather your IP address, have visited our website. The Google Fonts API was developed to minimize the collection, storage, and use of end-user data to only what is necessary for the efficient delivery of fonts. API stands for "Application Programming Interface" and serves, among other things, as a data transmitter in the software field. Google Fonts securely stores CSS and font requests with Google and is therefore protected. The collected usage statistics allow Google to determine the popularity of the fonts. Google publishes the results on internal analytics pages, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google Fonts. This data is published in the Google Fonts BigQuery database. BigQuery is a web service from Google for companies that want to move and analyze large amounts of data. It's important to remember that every Google Font request automatically transmits information such as IP address, language settings, browser screen resolution, browser version, and browser name to Google servers. Whether this data is also stored is unclear and not explicitly communicated by Google. How long and where is the data stored? Google stores requests for CSS assets on its servers, primarily located outside the EU, for one day. This allows us to use the fonts with a Google stylesheet. A stylesheet is a formatting template that allows you to easily and quickly change, for example, the design or font of a website. The font files themselves are stored by Google for one year. Google's goal is to improve website loading times. When millions of websites reference the same fonts, they are cached after the first visit and appear immediately on all subsequent visits. Google sometimes updates font files to reduce file size, increase language coverage, and improve design. How can I delete my data or prevent data storage?
The data that Google stores for a day or a year cannot be easily deleted. This data is automatically transmitted to Google when you visit our website. To delete this data prematurely, you must contact Google Support at https://support.google.com/?hl=de&tid=311108786. In this case, you can only prevent data storage by not visiting our website.
Unlike other web fonts, Google Fonts grants us unrestricted access to all its fonts. This means we can access a vast array of fonts and choose the perfect one for our website. You can find more information about Google Fonts and answers to frequently asked questions at https://developers.google.com/fonts/faq?tid=311108786. While Google addresses data privacy issues there, truly detailed information about data storage is not included. Obtaining precise information from Google about the data they store is relatively difficult (almost impossible).
You can also read about what data Google collects and what this data is used for at https://www.google.com/intl/de/policies/privacy/.
Google Maps Privacy Policy
We use Google Maps from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website.
By using the features of this map, data will be transmitted to Google. You can find out what data Google collects and what it is used for at https://www.google.com/intl/de/policies/privacy/.
Facebook Privacy Policy
We use features from Facebook, a social media network operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, on this website. You can find information about the features (social plugins) provided by Facebook at https://developers.facebook.com/docs/plugins/.
By visiting our website, information may be transmitted to Facebook. If you have a Facebook account, Facebook can associate this data with your personal account. If you do not wish this to happen, please log out of Facebook.
The privacy policy, which details what information Facebook collects and how it uses it, can be found at https://www.facebook.com/policy.php.
We appreciate your interest in our website. Protecting your privacy is very important to us.
We have prepared this privacy policy (version 02.06.2019-311108786) to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679, what information we collect, how we use data and what choices you have as a visitor to this website.
Unfortunately, it's inherent in the nature of these explanations that they sound very technical; however, we have made every effort to describe the most important points as simply and clearly as possible. Below, we provide you with detailed information about how we handle your data.
Unfortunately, it's inherent in the nature of these explanations that they sound very technical; however, we have made every effort to describe the most important points as simply and clearly as possible. Below, we provide you with detailed information about how we handle your data.
The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
Vogel as Prophet - Association for the Promotion of Artistic Piano Playing e. V.
Beethovenstr. 29, 54329 Konz
Represented by the Chairman: Winfried Manns
Email address: info@konzmusikfestival.deII. General information on data processing
1. Scope of processing personal data.
We generally process our users' personal data only to the extent necessary for providing a functional website and our content and services. The processing of our users' personal data regularly only occurs with the user's consent. An exception applies in cases where obtaining prior consent is not possible for practical reasons and the processing of the data is permitted by law.
2. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing operations involving personal data, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data necessary for the performance of a contract (e.g., club membership) to which the data subject is a party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations necessary for carrying out pre-contractual measures.
Insofar as the processing of personal data is necessary for compliance with a legal obligation to which our association is subject, Article 6(1)(c) GDPR serves as the legal basis.
In the event that the processing of personal data is necessary to protect the vital interests of the data subject or of another natural person, Article 6(1)(d) GDPR serves as the legal basis.
If processing is necessary for the purposes of the legitimate interests pursued by our association or by a third party, and the interests or fundamental rights and freedoms of the data subject do not override those interests, then Article 6(1)(f) GDPR serves as the legal basis for the processing.
3. Data deletion and storage period
The personal data of the data subject will be erased or blocked as soon as the purpose of storage no longer applies. Storage may also take place if this is provided for by European or national legislation in EU regulations, laws, or other provisions to which the controller is subject. Data will also be blocked or erased when a storage period prescribed by the aforementioned regulations expires, unless further storage of the data is necessary for the conclusion or performance of a contract.
III. Provision of the website and creation of log files
1. Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
The following data is collected:
Information about the browser type and version used
The user's operating system
Date and time of access
Websites from which the user's system accessed our website
Websites accessed by the user's system via our website
The data is also stored in our system's log files. This does not include the user's IP address or other data that would allow the data to be linked to a specific user. This data is not stored together with other personal data of the user.
2. Legal basis for data processing
The legal basis for the temporary storage of the data is Art. 6 para. 1 lit. f GDPR.
3. Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable the delivery of the website to the user's computer. For this purpose, the user's IP address must be stored for the duration of the session.
These purposes also constitute our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f GDPR.
4. Storage duration
The data will be deleted as soon as it is no longer needed for the purpose for which it was collected. In the case of data collected for the provision of the website, this is the case when the respective session has ended.
5. Right to object and have the matter removedThe collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Therefore, there is no possibility for the user to object.
IV. Email Contact
1. Description and scope of data processing
You can contact us via the email address provided on our website. In this case, the personal data you transmit with your email will be stored. This data will not be shared with third parties. It will be used solely for processing your inquiry.
2. Legal basis for data processing
The legal basis for processing data transmitted via email is Article 6(1)(f) GDPR. If the email contact aims at concluding a contract, the additional legal basis for processing is Article 6(1)(b) GDPR.
3. Purpose of data processing
The processing of personal data from email contact is solely for the purpose of handling the contact request; this also constitutes the necessary legitimate interest in processing the data. The other personal data processed during the sending process serves to prevent misuse and ensure the security of our IT systems.
4. Storage duration
The data will be deleted as soon as it is no longer needed for the purpose for which it was collected. For personal data transmitted by email, this is the case when the respective conversation with the user has ended. A conversation is considered ended when it is clear from the circumstances that the matter in question has been resolved.
5. Right to object and have the matter removed
The user has the right to withdraw their consent to the processing of their personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.
You may withdraw your consent and object to the storage of your data at any time by contacting us via the provided email address. In this case, all personal data stored as a result of your contacting us will be deleted.
V. Rights of the data subject
If your personal data is being processed, you are a data subject within the meaning of the GDPR and you have the following rights against the controller:
1. Right to information
You can request confirmation from the controller as to whether personal data concerning you is being processed by us.
If such processing takes place, you can request the following information from the controller:
(1) the purposes for which the personal data are processed;
(2) the categories of personal data which are processed;
(3) the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
(4) the planned duration of the storage of personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period;
(5) the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
(6) the existence of a right to lodge a complaint with a supervisory authority;
(7) all available information about the source of the data if the personal data are not collected from the data subject;
(8) the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) GDPR and – at least in those cases – meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You have the right to request information as to whether your personal data is being transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Article 46 GDPR relating to the transfer.
2. Right to rectification
You have the right to rectification and/or completion from the data controller if the processed personal data concerning you is inaccurate or incomplete. The data controller must carry out the rectification without undue delay.
3. Right to restriction of processing
Under the following conditions, you can request the restriction of the processing of your personal data:
(1) if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
(2) the processing is unlawful and you object to the erasure of the personal data and request the restriction of their use instead;
(3) the controller no longer needs the personal data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims, or
(4) if you have objected to the processing pursuant to Article 21(1) GDPR and it is not yet clear whether the legitimate grounds of the controller override your grounds.
If the processing of your personal data has been restricted, this data – apart from being stored – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
4. Right to erasure
a) Obligation to delete
You can request that the controller erase your personal data without undue delay, and the controller is obliged to erase such data without undue delay where one of the following grounds applies:
(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You withdraw your consent on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR, and there is no other legal basis for the processing.
(3) You object to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) GDPR.
(4) Your personal data has been processed unlawfully.
(5) The erasure of personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.
(6) The personal data concerning you were collected in relation to information society services offered pursuant to Article 8(1) GDPR.
b) Information to third parties
If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Article 17(1) GDPR, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you, as the data subject, have requested the erasure of all links to, or copies or replications of, that personal data.
c) Exceptions
The right to erasure does not apply insofar as the processing is necessary.
(1) to exercise the right to freedom of expression and information;
(2) for compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) for reasons of public interest in the area of public health pursuant to Article 9(2)(h) and (i) and Article 9(3) GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR, insofar as the right referred to in point (a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
(5) for the establishment, exercise or defense of legal claims.
5. Right to information
If you have asserted your right to rectification, erasure or restriction of processing against the controller, the controller is obliged to communicate this rectification or erasure of data or restriction of processing to all recipients to whom the personal data concerning you have been disclosed, unless this proves impossible or involves disproportionate effort.
They have the right to be informed about these recipients by the data controller.
6. Right to data portability
You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. Furthermore, you have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, provided that
(1) the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR and
(2) processing is carried out using automated procedures.
In exercising this right, you also have the right to have your personal data transmitted directly from one controller to another, where technically feasible. This must not adversely affect the rights and freedoms of others.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) of the GDPR, including profiling based on those provisions.
The controller will no longer process your personal data unless they can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims.
You have the option, in connection with the use of information society services – notwithstanding Directive 2002/58/EC – to exercise your right to object by means of automated procedures using technical specifications.
8. Right to withdraw consent under data protection law
You have the right to withdraw your consent to data processing at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
9. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant of the progress and outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 GDPR.
VI. Update of the Privacy Policy
We reserve the right to amend this privacy policy as necessary due to legal, technical, or business developments. In such cases, we will also update our privacy notices accordingly. Please therefore refer to the most current version of our privacy policy.
Automatic data storage
When you visit websites these days, certain information is automatically generated and stored, including on this website.
When you visit our website, as you are doing now, our web server (the computer on which this website is stored) automatically saves data such as…
the address (URL) of the accessed website, browser and browser version, the operating system used, the address (URL) of the previously visited page (referrer URL)
the hostname and IP address of the device from which access is made, date and time in files (web server log files).
Web server log files are typically stored for two weeks and then automatically deleted. We do not share this data, but we cannot rule out the possibility that it may be accessed in the event of unlawful activity.
The legal basis according to Article 6 paragraph 1 f GDPR (lawfulness of processing) is that there is a legitimate interest in enabling the error-free operation of this website by collecting web server log files.
Cookies
Our website uses HTTP cookies to store user-specific data. Below we explain what cookies are and why they are used, so that you can better understand the following privacy policy.
What exactly are cookies? Whenever you browse the internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies. There's no denying it: cookies are really useful tools. Almost all websites use cookies. More precisely, they are HTTP cookies, as there are other types of cookies for different applications. HTTP cookies are small files that our website stores on your computer. These cookie files are automatically placed in the cookie folder, essentially the "brain" of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified. Cookies store certain user data, such as your language or personal website settings. When you revisit our site, your browser sends this user-related information back to us. Thanks to cookies, our website knows who you are and offers you your usual default settings. In some browsers, each cookie has its own file, while in others, such as Firefox, all cookies are stored in a single file.
There are both first-party and third-party cookies. First-party cookies are created directly by our website, while third-party cookies are created by partner websites (e.g., Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies from a few minutes to several years. Cookies are not software programs and do not contain viruses, Trojans, or other malware. Cookies cannot access information on your computer. For example, cookie data might look like this: Name: _ga Expiration time: 2 years Purpose: Differentiating website visitors
Example value: GA1.2.1326744211.152311108786. Browsers should support the following minimum sizes: A cookie should be able to contain at least 4096 bytes.
At least 50 cookies should be able to be stored per domain. A total of at least 3000 cookies should be able to be stored. What types of cookies are there?
The specific cookies we use depend on the services used and are explained in the following sections of the privacy policy. Here, we would like to briefly discuss the different types of HTTP cookies. There are four main types of cookies:
Strictly necessary cookies: These cookies are essential for the basic functionality of the website. For example, they are needed when a user adds a product to their shopping cart, continues browsing other pages, and only later proceeds to checkout. These cookies ensure the shopping cart is not emptied, even if the user closes their browser window. Functional cookies: These cookies collect information about user behavior and whether the user receives any error messages. They also measure loading times and the website's performance across different browsers. Performance cookies: These cookies improve user experience. For example, they save entered locations, font sizes, or form data. Advertising cookies: These cookies, also known as targeting cookies, are used to deliver personalized advertising to the user. This can be very convenient, but also very annoying. Typically, you will be asked which of these cookie types you wish to allow the first time you visit a website. This decision is, of course, also stored in a cookie. How can I delete cookies? You decide how and whether you want to use cookies. Regardless of the service or website the cookies originate from, you always have the option to delete cookies, allow them only partially, or disable them entirely. For example, you can block third-party cookies but allow all others.
If you want to see which cookies have been stored in your browser, or if you want to change or delete cookie settings, you can find this information in your browser settings: Chrome: Delete, enable, and manage cookies in Chrome. Safari: Manage cookies and website data with Safari. Firefox: Clear cookies to remove data that websites have stored on your computer. Internet Explorer: Delete and manage cookies. Microsoft Edge: Delete and manage cookies.
If you generally don't want to allow cookies, you can configure your browser to always notify you when a cookie is about to be set. This allows you to decide whether to allow each individual cookie. The procedure varies depending on the browser. The best way to find instructions is to search on Google using the keywords "delete cookies Chrome" or "disable cookies Chrome" if you are using Chrome, or replace "Chrome" with the name of your browser, such as Edge, Firefox, or Safari.
What about my data privacy?
Since 2009, the so-called "Cookie Directive" has been in effect. This directive stipulates that storing cookies requires the consent of the website visitor (i.e., you). However, reactions to this directive vary considerably across EU countries. In Germany, the Cookie Directive was not implemented as national law. Instead, it was largely implemented through Section 15 Paragraph 3 of the Telemedia Act (TMG).
If you would like to learn more about cookies and are not afraid of technical documentation, we recommend https://tools.ietf.org/html/rfc6265, the Internet Engineering Task Force (IETF) Request for Comments entitled “HTTP State Management Mechanism”.
Storage of personal data
Personal data that you submit to us electronically on this website, such as name, email address, address or other personal information when submitting a form or comments on the blog, will be used by us together with the date and time and IP address only for the stated purpose, stored securely and not passed on to third parties.
We therefore only use your personal data to communicate with visitors who expressly request contact and to process the services and products offered on this website. We will not share your personal data without your consent, but we cannot rule out the possibility that this data may be accessed in the event of unlawful activity.
If you send us personal data via email – that is, outside of this website – we cannot guarantee secure transmission and the protection of your data. We recommend that you never send confidential data unencrypted via email.
The legal basis for processing your data, according to Article 6 Paragraph 1 a GDPR (Lawfulness of processing), is your consent to the processing of the data you have entered. You can withdraw this consent at any time – an informal email is sufficient; you can find our contact details in the legal notice.
Rights under the General Data Protection Regulation
According to the provisions of the GDPR, you are generally entitled to the following rights:
Right to rectification (Article 16 GDPR)
Right to erasure (“right to be forgotten”) (Article 17 GDPR)
Right to restriction of processing (Article 18 GDPR)
Right to notification – obligation to notify in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR)
Right to data portability (Article 20 GDPR)
Right to object (Article 21 GDPR)
Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR)
If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been infringed, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
TLS encryption with https
We use HTTPS to transmit data securely over the internet (data protection by design, Article 25 Paragraph 1 GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the internet, we can ensure the protection of confidential data. You can recognize this secure data transmission by the small padlock icon in the top left corner of your browser and the use of the HTTPS protocol (instead of HTTP) as part of our web address.
Google Fonts Privacy Policy
We use Google Fonts from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website.
You don't need to register or provide a password to use Google Fonts. Furthermore, no cookies are stored in your browser. The files (CSS, fonts) are requested via the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from all other Google services. If you have a Google account, you don't need to worry about your Google account data being transmitted to Google while using Google Fonts. Google collects data on the usage of CSS (Cascading Style Sheets) and the fonts used, and stores this data securely. We will examine the specifics of this data storage in more detail later.
What are Google Fonts?
Google Fonts (formerly Google Web Fonts) is an interactive directory with more than 800 fonts that Google LLC provides for free use.
Many of these fonts are released under the SIL Open Font License, while others are released under the Apache License. Both are free software licenses. Therefore, we can use them freely without paying any license fees. Why do we use Google Fonts on our website?
With Google Fonts, we can use fonts on our own website without having to upload them to our own server. Google Fonts is an important component for maintaining the high quality of our website. All Google fonts are automatically optimized for the web, which saves data volume and is a significant advantage, especially for use on mobile devices. When you visit our site, the small file size ensures fast loading times. Furthermore, Google Fonts are considered reliable web fonts. Different rendering systems in various browsers, operating systems, and mobile devices can lead to errors. These errors can sometimes distort text or even entire web pages. Thanks to the fast Content Delivery Network (CDN), there are no cross-platform problems with Google Fonts. Google Fonts supports all common browsers (Google Chrome, Mozilla Firefox, Apple Safari, Opera) and works reliably on most modern mobile operating systems, including Android 2.2 and iOS 4.2 (iPhone, iPad, iPod). We use Google Fonts to ensure our entire online service is displayed as attractively and consistently as possible. According to Article 6(1)(f) of the GDPR, this already constitutes a "legitimate interest" in processing personal data. In this context, "legitimate interest" encompasses legal, economic, and non-material interests recognized by the legal system.
What data does Google store? When you visit our website, the fonts are loaded from a Google server. This external request transmits data to Google's servers. This allows Google to recognize that you, or rather your IP address, have visited our website. The Google Fonts API was developed to minimize the collection, storage, and use of end-user data to only what is necessary for the efficient delivery of fonts. API stands for "Application Programming Interface" and serves, among other things, as a data transmitter in the software field. Google Fonts securely stores CSS and font requests with Google and is therefore protected. The collected usage statistics allow Google to determine the popularity of the fonts. Google publishes the results on internal analytics pages, such as Google Analytics. Google also uses data from its own web crawler to determine which websites use Google Fonts. This data is published in the Google Fonts BigQuery database. BigQuery is a web service from Google for companies that want to move and analyze large amounts of data. It's important to remember that every Google Font request automatically transmits information such as IP address, language settings, browser screen resolution, browser version, and browser name to Google servers. Whether this data is also stored is unclear and not explicitly communicated by Google. How long and where is the data stored? Google stores requests for CSS assets on its servers, primarily located outside the EU, for one day. This allows us to use the fonts with a Google stylesheet. A stylesheet is a formatting template that allows you to easily and quickly change, for example, the design or font of a website. The font files themselves are stored by Google for one year. Google's goal is to improve website loading times. When millions of websites reference the same fonts, they are cached after the first visit and appear immediately on all subsequent visits. Google sometimes updates font files to reduce file size, increase language coverage, and improve design. How can I delete my data or prevent data storage?
The data that Google stores for a day or a year cannot be easily deleted. This data is automatically transmitted to Google when you visit our website. To delete this data prematurely, you must contact Google Support at https://support.google.com/?hl=de&tid=311108786. In this case, you can only prevent data storage by not visiting our website.
Unlike other web fonts, Google Fonts grants us unrestricted access to all its fonts. This means we can access a vast array of fonts and choose the perfect one for our website. You can find more information about Google Fonts and answers to frequently asked questions at https://developers.google.com/fonts/faq?tid=311108786. While Google addresses data privacy issues there, truly detailed information about data storage is not included. Obtaining precise information from Google about the data they store is relatively difficult (almost impossible).
You can also read about what data Google collects and what this data is used for at https://www.google.com/intl/de/policies/privacy/.
Google Maps Privacy Policy
We use Google Maps from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) on our website.
By using the features of this map, data will be transmitted to Google. You can find out what data Google collects and what it is used for at https://www.google.com/intl/de/policies/privacy/.
Facebook Privacy Policy
We use features from Facebook, a social media network operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, on this website. You can find information about the features (social plugins) provided by Facebook at https://developers.facebook.com/docs/plugins/.
By visiting our website, information may be transmitted to Facebook. If you have a Facebook account, Facebook can associate this data with your personal account. If you do not wish this to happen, please log out of Facebook.
The privacy policy, which details what information Facebook collects and how it uses it, can be found at https://www.facebook.com/policy.php.
Source: Created with the privacy policy generator from www.adsimple.at in cooperation with ilovevienna.at
