Data Protection Declaration
1. Data Protection in a Nutshell:
The following information will provide you with an overview of what will happen with your personal data when you visit our website. The term “personal data” comprises all data that can be used to personally identify you. For detailed information about our data protection policy, please consult our Data Protection Declaration found below.
Data recording on our website
Who is responsible for the recording of data on this website?
The data on this website is processed by the operator of the website, whose contact information is available in the section “Legal Notice” on this website.
How do we record your data?
First, your data is collected as a result of your sharing it with us, e.g. information you enter into a contact form. Second, our IT systems automatically record other data when you visit our website. This data comprises primarily technical information (e.g. web browser, operating system or the time the site was accessed). This information is recorded automatically when you access our website.
What purposes do we use your data for?
Part of the information is generated to ensure that the website can operate without error. Other data may be used to analyze user behavior.
What rights do you have as far as your information is concerned?
You have the right to receive information about the source, recipients and purposes of your archived personal data at any time and free of charge. You also have the right to demand that your data are rectified, blocked or deleted. Please do not hesitate to contact us at any time under the address disclosed in the section “Legal Notice” if you have questions about this or any other data protection related issues. You also have the right to log a complaint with the competent supervising agency.
Regarding the terms used, e.g. “personal data” or “data processing,” please refer to the definitions in Art. 4 DSGVO.
2. General Information and Mandatory Information
The operators of this website take the protection of your personal data very seriously. We handle your personal data as confidential information and in compliance with the statutory data protection regulations and this Data Protection Declaration. Whenever you use this website, a variety of personal information will be collected. Personal data comprises data that can be used to personally identify you. This Data Protection Declaration explains which data we collect as well as the purposes we use this data for. It also explains how and for which purpose the information is collected.
We advise you that the transmission of data via the Internet (e.g. through e-mail communications) may be prone to security gaps. It is not possible to completely protect data against third party access. When you send us an e-mail, we use your e-mail address only to communicate with you and do not share it with third parties.
Information about the responsible party
Institute for German Language and Culture e.V.
Ms. Stefanie Rieger
06886 Lutherstadt Wittenberg
Telephone: +49 (0) 3491 466253
Telefax: +49 (0) 3491 466228
The responsible party is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g. names, e-mail addresses, etc.).
SSL and/or TLS encryption
For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption program. You can recognize an encrypted connection by checking whether the address line of the browser switches from “http://” to “https://” and also by the appearance of the lock icon in the browser line. If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.
Data subject rights
We process and store personal data of any individual only for the time necessary to complete the purpose for which the data had been collected. Otherwise, personal data will be stored if required by legal regulations in the form of European Union directives or other competent authorities’ legislation. In accordance with legal regulations, personal data will be deleted or blocked if the retention period stipulated by the aforementioned legal regulations or directives expires or the purpose for which the information is being stored no longer exists. Additionally, each data subject has the right to confirmation as to whether we are processing any of their personal data. To exercise this right, please contact us during our business hours.
Right of access
The data subject’s right of access states that information about their stored personal data can be obtained from us at any time and free of charge. The data subject may also request a copy of this information. Furthermore, the competent legislator for regulations and European Union directives grants the data subject the right of access to the following information:
- the purpose of data processing
- which categories personal data is assigned to
- which recipients personal data is transferred to
- the time period or anticipated time period for which personal data is being stored
- the existence of the right to rectification or erasure of the data subject’s personal data, or to restriction of processing by us, or of the right to object to the processing of their personal data
- the existence of the right to lodge a complaint regarding the processing of their personal data with a supervisory authority
- should the data subject not have provided the personal data him- or herself, all available information about their source must be provided
- information about the disclosure of their data to third countries or other international organizations. If you wish to exercise your right of access, please contact us during our business hours.
Right to rectification
In accordance with the regulatory guidelines and European Union directives for the party responsible for data processing, each data subject has the right to rectification, which states that the data subject has the right to have incorrect personal data corrected immediately. Moreover, each data subject has the right to have their data completed for data processing purposes, potentially necessitating an additional form.
Right to erasure
As an individual whose personal data is processed, you have the right to have your personal data deleted by us without delay under the condition that processing your data is not necessary or one of the following reasons applies:
- There is no longer a necessity or purpose for processing your data.
- If your personal data were processed unlawfully
- If you revoke your consent to data processing given on the basis of Art. 6 Sect. 1 lit. a DSGVO or Art. 9 Sect. 2 lit. a DSGVO
- If deleting your personal data serves adherence to a legal obligation according to the laws of member states or the European Union which the responsible party is subject to
- If you object to the processing of your data on the basis of Art. 21 Sect. 2 DSGVO
- If a contract on the basis of Art. 6 Sect. 1 lit. b DSGVO exists and data processing was performed using automated processes
- If data processing is not necessary for performing tasks of public interest and if these are performed by a public authority, granted the task had been relegated to us. As far as technically possible and under the condition that no third party is being restricted, according to Art. 20 Sect. 1 DSGVO you have the right to have us transmit your personal data directly to the third party you request for further processing.
To exercise these rights, please contact us in one of the ways detailed above.
Right to object
As a data subject, you have the right to object to the processing of your data at any time if your data has been recorded and processed (according to Art. 6 Sect. 1 lit. e/f DSGVO).
In case of an objection, we will no longer process your personal data, except if there are compelling, legitimate reasons for processing them that outweigh your interests, rights, and liberties. We shall have to demonstrate that this is the case.
The necessity to process your data in order to claim, exercise, or defend our legal rights is another exception. If we process your data for direct marketing, you have the right to object to this processing of your data as well. We will no longer process your data for direct marketing purposes in this case.
To exercise your right to object, please contact us during our business hours.
Right of revocation
Explicit consent is necessary for many processes in data processing. You may revoke any previously granted consent at any time by sending an informal email to us. Revocation does not affect the permissibility of the processing of your data up to the time of revocation.
Right to lodge a complaint with a supervisory authority
In case of violation of your rights to your personal data, you have the right to lodge a complaint with a supervisory authority. The competent supervisory authority for matters of data protection is the commissioner for data protection (“Landesdatenschutzbeauftragter”) of the federal state in which our institute is located.
A list of all commissioners for data protection along with their contact information may be found here: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to demand that we hand over any data we automatically process on the basis of your consent or in order to fulfill a contract to be handed over to you or a third party in a commonly used, machine readable format. If you should demand the direct transfer of the data to another party, this will be done only if it is technically feasible.
3. Recording of Data on Our Website
Cookies are small text files that are placed on your computer and stored by your browser with the purpose of saving various information, e.g. language settings on a website, log-in status, shopping cart, or the point until which a video has been watched. The term “cookies” may also refer to other technologies with the same purpose.
WordPress: Log-in cookie – stores user log-in
(no data transfer to third parties)
Processing of data derived from cookies on the basis of your consent: Before processing data derived from cookies, we ask users to give their consent, which can be revoked at any time. Only necessary cookies, required for the performance of our online services, are used until this consent has been given. The use of necessary cookies is based on our and the user’s interest in the optimized provision of our online services.
Server log files
On the basis of our legitimate interest according to Art. 6 Sect. 1 lit. f. DSGVO, we collect information about each access to the server on which this service is located (so-called server log files). The information comprises the name of the website accessed, the file, date, and time of the server inquiry, the volume of data transmitted, status of access, the type and version of browser used, the user’s operating system, Referrer URL (the website visited beforehand), IP address, and the accessing provider. Processing of these server log files takes place using the IP address anonymization function.
The data collected by the webspace provider are automatically deleted after 30 days.
Storage of these server log files takes place using the IP address anonymization function. These data are automatically deleted after 30 days.
This data is not merged with other data sources. This data is recorded on the basis of Art. 6 Sect. 1 lit. b GDPR which allows processing data for the purpose of fulfill a contract or precontractual measures.
4. Analysis Tools and Advertising
5. Social Media
Our website’s content can be shared on social networks such as Facebook, Instagram, or Twitter in a manner that complies with data protection regulations via social share buttons. These share buttons provide direct contact between the networks and users only when a user actively clicks on one of these buttons.
This tool does not automatically transfer user data to the platforms’ operators. If the user is logged in to one of the social networks, a pop-up window asking the user to confirm the text to be shared before sending opens when Facebook’s, Instagram’s, or Twitter’s social share button is clicked on. Our users can then share this site’s content on social networks in a manner that complies with data protection rules without the networks’ operators being able to generate complete surfing profiles.
6. Plug-ins and Embedded Functions
Via an API, this website uses the mapping service Google Maps.The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To enable the use of the Google Maps features, your IP address must be stored. As a rule, this information is transferred to one of Google’s servers in the United States, where it is archived. The operator of this website has no control over the data transfer. We use Google Maps to present our online content in an appealing manner and to make the locations disclosed on our website easy to find. This constitutes a legitimate interest as defined in Art. 6 Sect. 1 lit. f GDPR.
For more information on the handling of user data, please review Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en&gl=en
This website uses so-called Web Fonts provided by Google (\”Google Fonts\”). User data is used for the sole purpose of displaying the fonts in the user’s browser. Embedding Google Fonts is based on our legitimate interest in using fonts in a manner that is technically safe, maintenance-free, and efficient, as well as guaranteeing a uniform display. Embedding takes place in consideration of any potential licencing issues. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: https://fonts.google.com/; Data Protection Declaration: https://policies.google.com/privacy; Privacy Shield (Guarantee of a level of data protection for data processing in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&status=Active.
7. Changes to the Data Protection Declaration
Users are asked to read the content of the Data Protection Declaration regularly.