1. Name and contact information of the processing controller and the company data protection officer:
This data protection statement covers data processing by:
Stiftung „Lebendige Stadt“
Saseler Damm 39
In case of questions about data protection, please send an email to email@example.com
2. Collection and storage of personal data and method and purpose for its use:
a) When visiting the website:
When you access our website www.lebendige-stadt.de, information is automatically sent from the browser being used on your end device to the server of our website. This information is then temporarily stored in a log file.
Here the following information is collected without action from you and is stored until it is deleted automatically:
- IP address of the requesting computer,
- Date and time of access,
- Name and URL of the retrieved file,
- Website of origin for the access (referrer URL),
- Browser being used, and the operating system of your computer if necessary, and the name of your access provider.
The data listed is processed by us for the following purposes:
- To ensure that a connection can be established to the website without problems,
- To ensure the user-friendliness of our website,
- To evaluate system security and stability, and
- For other administrative purposes.
The legal basis for the data processing is Article 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes listed above for data collection. We will never use the data collected for the purpose of determining your identity.
b) When signing up for the newsletter:
Where explicitly authorized under Article 6 para. 1 sentence 1 lit. a GDPR, we will use your email address to send you our regular newsletter. To receive the newsletter, only an email address is required.
Newsletter delivery is handled through the Metanet delivery service, a delivery platform from METANET AG, Josefstrasse 218, 8005 Zürich, Switzerland. Information on the data protection provisions of the delivery service provider is available at: https://www.metanet.ch/about_metanet/rechtliches
You can opt out at any time, for example using the link at the end of each newsletter.
c) When using our contact form:
If you have any questions, you can use the contact form provided on the website to contact us. To use the form you must provide your name, a valid email address and a subject ("message") so that we will know who sent the email and so that we can process your inquiry. Other information can be provided voluntarily.
The processing of data for purposes of contacting us falls under Article 6 para. 1 sentence 1 lit. a GDPR based on your freely given consent.
The personal data that we collect for the use of the contact form will be deleted after we finish handling your inquiry.
3. Sharing data:
Your data will not be shared with third parties for any reason other than for the purposes listed in the following. We will only share your data with third parties when:
- You have given your explicit consent as defined under Article 6 para. 1 sentence 1 lit. a GDPR
- Sharing your data is necessary under Article 6 para. 1 sentence 1 lit. f GDPR in order to establish, exercise or defend legal claims and there is no reason to believe that you have a legitimate interest that would override your data being shared,
- In the event of a legal obligation to share your data according to Article 6 para. 1 sentence 1 lit. c GDPR, and
- This is legally authorized and necessary under Article 6 para. 1 sentence 1 lit. b GDPR to fulfill the terms of contractual relationships.
- This is necessary in providing online services (e.g. newsletters).
The cookie is used to store information relating to the specific end device in use. But that does not mean we can directly determine your identity with this information.
Cookies are used to allow us to collect statistical information on the use of our website and analyze it for purposes of optimizing our services (see section 5). These cookies allow us to determine automatically the next time you visit our site that you already visited the site. These cookies are deleted automatically after a specified period of time.
The data processed by cookies is necessary for the listed purposes in securing our legitimate interests and those of third parties as defined under Article 6 para. 1 sentence 1 lit. f GDPR.
Most browsers accept cookies automatically. However, you can configure your browser so that cookies are not saved on your computer or so that you always receive a prompt before a new cookie is created. But if you completely deactivate cookies, there is a risk that you may not be able to use all the functionalities of our website.
5. Analytic tools:
We use the open source software Matomo (formerly Piwik) for the analysis and statistical evaluation of the use of the website. Cookies are used for this purpose (see section 4). The information on website use that is generated by the cookie is transmitted to our servers and is combined in pseudonymous use profiles. The information is used to evaluate the use of the website and to allow the appropriate design of our website. Information is not shared with third parties.
The IP address is never associated with other data concerning the user. The IP addresses are anonymized so that they cannot be assigned to visitors (IP masking). You have the option to object to the collection of your – already anonymized – usage behavior as follows:
6. Social media plug-ins:
We use social plug-ins on our website as defined under Article 6 para. 1 sentence 1 lit. f GDPR from the social networks Facebook, Twitter and Google+ to increase exposure for the company. The underlying promotional purpose should constitute a legitimate interest as understood under the GDPR. Responsibility for compliance with data protection provisions during use must be ensured by the particular provider. We integrate these plug-ins using the "two click method" to provide the best possible protection to visitors of our website. The relevant plug-in only opens after you actively click on the image for the relevant plug-in.
Social media plug-ins from Facebook are used on our website to allow a more personalized experience when using it. We use the "like" button for this purpose. This is a service of Facebook.
When you access a page on our website that contains such a plug-in, your browser will only establish a direct connection with Facebook servers when you actively click on the image of the relevant plug-in ("f Like"). The contents of the plug-in will then be directly transmitted from Facebook to your browser, where the browser will integrate it into the website.
Through the integration of the plug-in, Facebook receives the information that your browser has accessed the relevant page on our website, even if you have no Facebook account or are not currently logged in to Facebook. This information (including your IP address) is sent directly from your browser to a Facebook server and is stored there.
If you are logged in to Facebook, Facebook can directly assign your visit to our website to your Facebook account. When you interact with the plug-ins, e.g. by selecting the "like" button, the relevant information is likewise sent directly to a Facebook server and stored there. The information is also published to Facebook and displayed for your Facebook friends.
Facebook can use this information for purposes of marketing, market research and appropriate design of Facebook pages. For this purpose, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with respect to ads displayed on Facebook for you, inform other Facebook users of your activities on our website and to provide other services related to the use of Facebook.
If you do not want Facebook to associate the data collected from our website with your Facebook account, then do not click on the image of the particular plug-in ("f Like").
For information on the purpose and extent of data collection, on other processing and use of data by Facebook, as well as your rights and configuration options in protecting your privacy, see the data protection instructions (https://www.facebook.com/about/privacy/) from Facebook.
Plug-ins from the microblogging network Twitter Inc. are integrated on our website. For this we use the "tweet" button. This is a service of Twitter Inc.
When you access a page on our website that contains a plug-in, your browser will only establish a direct connection with Twitter servers when you actively click on the image of the relevant plug-in ("f Tweet"). The contents of the plug-in will then be directly transmitted from Twitter to your browser, where the browser will integrate it into the website.
Twitter is then informed that you have visited our site with your IP address. When you click on the Twitter "Tweet" button while you are logged in to your Twitter account, you can link the contents of our pages to your Twitter profile. In this way Twitter can assign the visit of our pages to your user account. We as the provider of the pages have no knowledge of the contents of the data that is transferred or its use by Twitter.
If you do not want Twitter to associate the data collected from our website with your Twitter account, then do not click on the image of the relevant plug-in ("f Tweet").
For more information, see Twitter's data protection statement (https://twitter.com/privacy).
7. Rights of data subjects:
You have the right:
- under Article 15 GDPR to request information on your personal data that is processed by us. In particular, you can request information on the processing purposes, the categories of personal data, the categories of recipients with whom your data has been shared or will be shared, the planned storage period, whether there is a right to correction, deletion, restriction of processing, whether there is a right to complain, the origin of your data if it was not collected by us, and whether there are any automated decision-making processes, including profiling, and any important information on their specific features.
- under Article 16 GDPR to request the immediate correction or completion of any personal data about you that is stored with us;
- under Article 17 GDPR to request the deletion of personal data saved with us when its processing is not necessary to exercise the right to the free expression of opinion and information, to meet legal obligations, for reasons of the public interest or to establish, exercise or defend legal claims;
- under Article 18 GDPR to request a restriction on the processing of your personal data where the accuracy of the data is disputed by you, processing is unlawful, but you decline to have it deleted and we no longer need the data, although you need this data to establish, exercise or defend legal claims or you have raised an objection to its processing under Article 21 GDPR;
- under Article 20 GDPR to obtain your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transmitted to another controller;
- under Article 7 para. 3 GDPR to withdraw consent you have previously granted to us. This means that we cannot continue data processing in the future that was predicated on this consent in the future and
- under Article 77 GDPR to lodge a complaint to the supervisory authority. In most cases the complaint can be directed to the supervisory authority in your regular place of residence, your workplace or our place of business.
8. Right to object:
To the extent that your personal data is being processed based on legitimate interests as defined under Article 6 para. 1 sentence 1 lit. f GDPR, you have the right under Article 21 GDPR to object to the processing of your personal data when there are reasons for this that arise from a situation particular to you or the objection pertains to direct mail. In the latter case, you have a general right to object, which we will respect without reference to a specific situation. If you would like to utilize your right to object, just email us at firstname.lastname@example.org.
9. Data security:
During the visit to our website, we use the common SSL procedure (Secure Socket Layer) at the highest level of encryption supported by your browser. This is usually 256 bit encryption. If your browser does not support 256 bit encryption, we will use 128 bit v3 technology instead. You can see whether a particular page on our website is sent with encryption from the key/lock symbol in the status bar of your browser. In addition, we take appropriate technical and organizational security measures to protect your data from accidental or malicious manipulation, partial or complete loss, destruction or from unauthorized access by third parties. We are improving our security measures on an ongoing basis as technology develops.
10. Validity of this data protection statement and changes
This data protection statement is now legally valid and is current in the version of May 2018. Because of the ongoing development of our website and the services offered through it, or because of changes in the legal or regulatory provisions, it may become necessary to make changes to this data protection statement. The currently valid data protection statement can be accessed here and printed out any time.