Privacy Policy
Data protection is important to us, so you can find our privacy policy here.
§1 Information on the collection of personal data
In the following, we inform you about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour.
This website contains links to other websites. This privacy policy only applies to this website. We are not responsible for the privacy practices or the content of the linked websites. For more information, please read their own privacy statements.
The responsible party pursuant to Art. 4 (7) EU General Data Protection Regulation (GDPR) is Wir für Demokratie e.V., Zenettistraße 26, 80337 Munich.
When you contact us by e-mail ([email protected]) or via a contact form, the data you provide (your e-mail address, name and telephone number, if applicable) will be stored by us in order to answer your questions. We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are legal retention obligations.
If we use commissioned service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail about the respective processes below. In doing so, we will also state the defined criteria for the storage period.
You will find an explanation of the legal terms used in the GDPR at the end of this privacy policy.
§ 2 General information on data processing
Scope of the processing of personal data
As a matter of principle, we process personal data of our users only insofar as this is necessary for the provision of a functional website as well as our contents and services. The processing of personal data of our users is regularly only carried out with the consent of the user. An exception applies in those cases where it is not possible to obtain prior consent for factual reasons and the processing of the data is permitted by legal regulations.
Overview of the legal basis for processing
Art. 6 I lit. a GDPR serves as our legal basis for processing operations where we obtain consent for a specific processing purpose.
If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for a delivery of goods or the provision of another service or consideration, the processing is based on Art. 6 I lit. GDPR. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of requests for services.
If Wir für Demokratie e.V. is subject to a legal obligation by which the processing of personal data becomes necessary, such as for the fulfilment of tax obligations, the processing is based on Art. 6 I lit. c GDPR.
§ 3 Provision of the website and creation of log files
Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected:
Information about the type of browser and the version used.
- The user’s operating system
- The Internet service
- The user’s provider
The IP address of the user - Date and time of access
- Websites from which the user’s system accesses our website
- Websites that are accessed by the user’s system via our website
This data is also stored in the log files of our system. Not affected by this are the IP addresses of the user or other data that enable the data to be assigned to a user. This data is not stored together with other personal data of the user.
Legal basis for data processing
The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 lit. f GDPR. The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. These purposes are also our legitimate interest in data processing according to Art. 6 Para. 1 lit. f GDPR.
Purpose of data processing
The purpose of creating log files is to simplify the use of websites for users and to ensure the stability of the website display.
Duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated so that an assignment of the calling client is no longer possible.
Possibility of objection and removal
The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, the user has no possibility to object.
§ 4 Contact form and e-mail contact
Description and scope of data processing
Our website contains a contact form which can be used to contact us electronically. If a user takes advantage of this option, the data entered in the input mask is transmitted to us and stored. These data are:
The IP address of the user
Date and time of registration
For the processing of the data, your consent is obtained during the submission process and reference is made to this data protection declaration. Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user’s personal data transmitted with the e-mail will be stored.
In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation.
Legal basis for data processing
The legal basis for the processing of data is Art. 6 para. 1 lit. a GDPR if the user has given his consent.
The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f GDPR. If the e-mail contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
Duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified. The additional personal data collected during the sending process is deleted after a period of seven days at the latest.
Possibility of objection and removal
The user has the option of revoking his or her consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued. All personal data that is stored in the course of contacting us will be deleted.
§ 5 Other plugins and embedded functions and content from Google Ireland Limited
Description, scope and purpose of data processing
We use content or service offers from Google Ireland Limited within our online offer in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”).
This always requires that the third-party providers of this content are aware of the IP address of the user, as without the IP address they would not be able to send the content to their browser. The IP address is therefore necessary for the display of this content. We endeavor to only use content whose respective providers only use the IP address to deliver the content.
Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as being linked to such information from other sources.
In addition, we use ReCaptcha, which evaluates the behavioural data of users (e.g. mouse movements or queries) for us in order to be able to distinguish humans from bots.
Legal basis for data processing
If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent (Art. 6 para. 1 lit. a GDPR). Otherwise, users’ data is processed on the basis of our legitimate interests (i.e. interest in efficient, economic and recipient-friendly services) (Art. 6 para. 1 lit. f GDPR). In this context, we would also like to refer you to the information on the use of cookies in this privacy policy.
Services used and service providers
When entering forms, we use the ReCaptcha service to detect bots. We use the YouTube service to implement videos. The service provider behind this is “Google Ireland Limited”, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Website; Privacy Policy.
The guarantee of the level of data protection when processing data in the USA results from the respective Privacy Shield certification .
Opt-out and removal options
Google offers an opt-out plugin as well as special settings for the display of advertisements as an objection option.
§ 6 Your Rights
Under the General Data Protection Regulation, you have the rights listed below. Please understand that individual rights may be restricted in certain cases. Should this be the case, we will inform you of the reason.
A) Right of revocation (Art. 7 para. 3 GDPR)
In accordance with Art. 7 (3) GDPR, you have the right to revoke your consent at any time.
B) Right to information (Art. 15 GDPR)
You may request information in accordance with Art. 15 GDPR about your personal data processed by us. In your request for information, you should specify your request in order to make it easier for us to compile the necessary data. Please note that your right to information may be restricted in certain circumstances in accordance with the law.
C) Right to rectification (Art. 16 GDPR)
If the information concerning you is not (or is no longer) accurate, you may request a correction in accordance with Art. 16 GDPR. If your data is incomplete, you can request that it be completed.
D) Right to erasure (Art. 17 DS-GVO)
You can request the deletion of your personal data under the conditions of Art. 17 GDPR. Your right to erasure depends, among other things, on whether the data relating to you is still needed by us to comply with a legal obligation.
E) Right to restriction of data processing (Art. 18 GDPR)
Within the framework of the provisions of Art. 18 GDPR, you have the right to request a restriction of the processing of the data concerning you.
F) Right to data portability (Art. 20 GDPR)
In accordance with Art. 20 GDPR, you have the right to receive your data that you have provided to us in a structured, common and machine-readable format.
G) Right to data portability (Art. 20 GDPR)
According to Art. 20 GDPR, you have the right to receive your data that you have provided to us in a structured, common and machine-readable format.
H) Right to object (Art. 21 GDPR)
Pursuant to Art. 21 GDPR, you have the right to object at any time to the processing of data relating to you if we process your data on the basis of Art. 6(1)(e) or (f) GDPR or if we process your data in order to carry out direct marketing.
To exercise your rights referred to in para. 1, please contact us at the contact address stated under § 1 para. 4.
If you are of the opinion that we have not complied with data protection regulations when processing your data, you can lodge a complaint with the competent supervisory authority in accordance with Art. 77 GDPR. The competent data protection authority is The Hamburg Commissioner for Data Protection and Freedom of Information, Ludwig-Erhard-Straße 22, 20459 Hamburg.
§ 7 Definitions
A) Personal data
This data protection declaration uses terms from the (GDPR), which are listed below to ensure readability and comprehensibility.
B) Data subject
Data subject means any identified or identifiable natural person whose personal data are processed by the controller.
C) Processing
Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
D) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.
E) Profiling
Profiling shall mean any automated processing of personal data which consists in using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or change of location.
F) Pseudonymisation
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data are not attributed to an identified or identifiable natural person.
G) Controller or person responsible for processing
The controller or person responsible for processing is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.
H) Processor
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
I) Recipient
Recipient means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients.
J) Third party
Third party means any natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or the processor.
K) Consent
Consent is any freely given specific and informed indication of his or her wishes in the form of a statement or other unambiguous affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.
§ 8 Data Protection
We have taken appropriate technical and organisational measures to ensure adequate security of your personal data. This applies in particular to protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.
§ 9 Amendment of the privacy policy and final remark
This privacy policy may be amended from time to time, e.g. to adapt it to legal framework conditions or actual circumstances. Any changes to the privacy policy will be published by us on this page.
This data protection declaration is up to date as of 25.02.2020.