PRIVACY POLICE

Introduction

We, the Founders Foundation gGmbH, as the operator of the online service, are responsible for processing the personal data of users of the online service. Our contact details can be found in the legal notice of the online service, the contact persons for questions regarding the processing of personal data are named directly in this privacy policy.

We take the protection of your privacy and your private data very seriously. We collect, store and use your personal data only in accordance with the content of this privacy policy and the applicable data protection regulations, in particular the European General Data Protection Regulation (GDPR) and the national data protection regulations. 

With this data protection declaration, we inform you to what extent and for what purposes personal data is processed in connection with the use of the online services.

Personal data

Personal data is information relating to an identified or identifiable natural person. This includes all information relating to your identity, such as your name, your e-mail address or your postal address. Information that cannot be linked to your identity (such as statistical data, e.g. the number of users of the online service) is not considered personal data.

You can use our online services without disclosing your identity and without providing personal data. We will then only collect general information about your visit to our website. However, personal data is collected from you for some of the services offered. This data is then only processed by us for the purposes of using this online service, in particular for providing the requested information. When collecting personal data, only the data that is absolutely necessary must be provided. In addition, further information may be possible, in which case it is voluntary. We will indicate in each case whether the information is mandatory or voluntary. We will then provide information on the specific details in the corresponding section of this privacy policy.

Automated decision-making based on your personal data does not take place in connection with the use of our online services.

Processing of personal information

Your data is stored by us on specially protected servers within the European Union. These are protected by technical and organisational measures against loss, destruction, access, modification or dissemination of your data by unauthorised persons. Access to your data is only possible for a few authorised persons. These persons are responsible for the technical, commercial or editorial support of the servers. Despite regular checks, however, complete protection against all risks is not possible.

Your personal data is transmitted in encrypted form over the Internet. We use TLS / SSL encryption (Transport Layer Security / Secure Socket Layer) for data transmission. 

Disclosure of personal data to third parties

We only use your personal information to provide the services you have requested. If external service providers are used by us in the course of providing the service, their access to the data is also exclusively for the purpose of providing the service. We take technical and organisational measures to ensure compliance with data protection regulations and also oblige our external service providers to do the same. 

Furthermore, we do not pass on the data to third parties without your express consent, in particular not for advertising purposes. Your personal data will only be passed on if you yourself have consented to the data being passed on or if we are authorised or obliged to do so on the basis of statutory provisions and/or official or court orders. In particular, this may involve the provision of information for the purposes of criminal prosecution, to avert danger or to enforce intellectual property rights.

Insofar as we transfer your personal data ourselves or through service providers to countries outside the European Union, we comply with the special provisions of Art. 44 et seq. GDPR and also oblige our service providers to comply with these regulations. We will therefore only transfer your data to countries outside the European Union subject to the level of protection guaranteed by the GDPR. This level of protection is guaranteed in particular by an adequacy decision of the EU Commission or by suitable guarantees in accordance with Art. 46 GDPR.

Legal basis for data processing

Insofar as we obtain consent for the processing of your personal data, Art. 6 para. 1 lit. a) GDPR is the legal basis for data processing.

Insofar as we process your personal data because this is necessary for the fulfilment of a contract or in the context of a contract-like relationship with you, Art. 6 para. 1 lit. b) GDPR is the legal basis for data processing.

Insofar as we process your personal data to fulfil a legal obligation, Art. 6 para. 1 lit. c) GDPR is the legal basis for data processing.

Art. 6 para. 1 lit. f) GDPR may also be considered as the legal basis for data processing if the processing of your personal data is necessary to protect our legitimate interests or the interests of a third party and your interests, fundamental rights and freedoms do not require the protection of personal data.

In this privacy policy, we always indicate the legal basis on which we base the processing of your personal data.

Data erasure and storage duration

We always delete or block your personal data when the purpose of storage no longer applies. However, data may be stored beyond this point if this is provided for by legal requirements to which we are subject, for example with regard to statutory retention and documentation obligations. In such a case, we delete or block your personal data after the end of the corresponding requirements. 

Use of our online services

Information about your computer

Each time you access our online services, we collect the following information about your computer, regardless of your registration: the IP address of your computer, the request from your browser and the time of this request. In addition, the status and the amount of data transferred as part of this enquiry are recorded. We also collect product and version information about the browser used and the computer’s operating system. We also record the website from which the online services was accessed. The IP address of your computer is only stored for the duration of your use of the online service and is then deleted or anonymised by shortening it. The other data is stored for a limited period of time.

We use this data for the operation of the online services, in particular to detect and eliminate errors, to determine the utilisation of the online services and to make adjustments or improvements. These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f) GDPR.

Use of cookies

Cookies are used for our online services – as on many websites. Cookies are small text files that are stored on your computer and save certain settings and data for exchange with our online services via your browser. A cookie usually contains the name of the domain from which the cookie file was sent as well as information about the age of the cookie and an alphanumeric identifier. 

Cookies enable us to recognise your computer and make any pre-settings and preferences immediately available. The cookies we use are – as far as possible – so-called session cookies, which are automatically deleted at the end of the browser session. Occasionally, cookies with a longer storage period may also be used so that your pre-settings and preferences can also be taken into account the next time you visit our website.

Most browsers are set to accept cookies automatically. However, you can deactivate the storage of cookies or set your browser so that it notifies you as soon as cookies are sent. It is also possible to delete cookies that have already been saved manually via the browser settings. Please note that you may only be able to use our online services to a limited extent or not at all if you reject the storage of cookies or delete necessary cookies.

If cookies are not required for our online services, we will ask you to consent to the use of cookies when you access the online services for the first time. With regard to the non-essential cookies from third-party providers, you will find a more detailed description of the services we use from these third-party providers below. The legal basis for the associated data processing, including any data transfer, is your consent within the meaning of Art. 6 para. 1 lit. a) GDPR. Once consent has been given, it can be revoked at any time with effect for the future, in particular by changing the selected settings. 

The legal basis for the use of necessary cookies is our legitimate interest in the proper provision of our online services within the meaning of Art. 6 para. 1 lit. f) GDPR and – insofar as contracts are concluded or fulfilled via our online services – the fulfilment of the contract within the meaning of Art. 6 para. 1 lit. b) GDPR.

Integration of the services of third-party providers

We use third-party services for some of the functions on our website. The corresponding services are mainly optional functions that must be explicitly selected or used by you. We have concluded contractual agreements with the respective providers for the provision or integration of their services and, as far as possible, we endeavour to ensure that the third-party providers also provide transparent information about the scope of the processing of personal data and comply with data protection regulations.

Google Analytics

We use Google Analytics for statistical analyses. Google Analytics is a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, Ireland (“Google”). 

As part of Google Analytics, Google uses cookies, among other things, for the analyses. The type and scope of the use and analysis of cookies are specified by Google. The information generated by the cookies about your use of the online services is transmitted to a Google server and stored there. It cannot be ruled out that data will be transmitted to the USA and that government agencies may be able to access this data as a result. However, due to standardised IP anonymisation, your IP address will be shortened by Google beforehand on servers in the European Union. 

Google uses this information on our behalf to analyse your use of the website, to compile reports on website activity and to provide us, as the operator of the website, with other services relating to website activity and internet usage. Google may also use the data for its own purposes. As part of these purposes, Google may, for example, create a profile of user behaviour or link the data with other data, for example with an existing Google account. We have no influence whatsoever on these data processing operations. According to Google, the IP address transmitted by your browser as part of Google Analytics is not merged with other data that Google collects or already has. For more information, please refer to Google’s data protection information, which is linked below.

We also use the “demographic characteristics” function of Google Analytics. This allows reports to be created that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google and visitor data from third-party providers. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the following paragraph. You can find more information on the “demographic features” function at Google at https://support.google.com/analytics/answer/2799357?hl=de.  

You can prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link http://tools.google.com/dlpage/gaoptout?hl=de. Further information on this can be found at http://tools.google.com/dlpage/gaoptout?hl=de or http://www.google.com/intl/de/analytics/privacyoverview.html (general information on Google Analytics and data protection). Please note that the code “anonymizeIp();” has been added to Google Analytics on our website in order to anonymise IP addresses, whereby the last octet is deleted.

Retargeting and remarketing

Retargeting or remarketing refers to technologies in which users who have previously visited a certain website are shown suitable adverts even after they have left this website. To do this, it is necessary to recognise internet users beyond the website itself, for which cookies from the relevant service providers are used; previous user behaviour is also taken into account. For example, if a user views certain products, these or similar products can later be displayed as adverts on other websites. This is personalised advertising that is adapted to the needs of the individual user. For this personalised advertising, it is not necessary for the user to be identified beyond recognition. We therefore do not merge the data used for retargeting or remarketing with other data. 

We use such technologies to place adverts on the Internet. We use third-party providers to place the adverts. Among others, we use offers from AdScale, OpenX, Yieldlap, Doubleclick (Google) and rtbLab, which enable the automatic display of adverts tailored to your interests. This function is implemented using cookies. It cannot be ruled out that data may be transferred to Google or other providers in the USA in the course of this process and that US security authorities may gain access to the corresponding data. 

Further information on this technology can be found in Google’s privacy policy at https://policies.google.com/privacy?hl=de. The installation of cookies for Google Remarketing and Google AdWords Conversion Tracking can be prevented from the outset by a setting of the respective browser software by calling up the website http://www.google.com/policies/privacy/ads/ and changing the corresponding setting altogether. Irrespective of the above options for preventing data processing by means of cookies in connection with Google Remarketing and Google AdWords Conversion Tracking, the use of corresponding cookies or these services by us is subject to your express consent.

Facebook Custom Audience

Remarketing tags from Facebook Inc., 1601 South California Avenue, Palo Alto, CA 94304, USA (hereinafter: “Facebook”) are integrated into our online services. When you visit our website, a direct connection is established between your browser and the Facebook server via the remarketing tags. As a result, Facebook receives the information that you have visited our website with your IP address. In this way, Facebook can associate your visit to our website with your Facebook user account, if you are registered there. We can use the information obtained in this way to display adverts via Facebook. It cannot be ruled out that data will be transferred to Facebook servers in the USA and that US security authorities may be able to gain access to the corresponding data in this context. We would like to point out that we have no further knowledge of the content of the transmitted data or its use by Facebook. However, you can find further information in Facebook’s privacy policy at www.facebook.com/about/privacy/. 

The legal basis for the use of remarketing tags is your consent in accordance with Art. 6 para. 1 lit. a) GDPR. If you do not wish data to be collected via Facebook’s remarketing tags, you can also deactivate the use of Facebook Custom Audience via the following link: www.facebook.com/ads/website_custom_audiences/.

HubSpot

We use HubSpot Inc, Ground Floor, Two Dockland Central Guild Street, Dublin 1, Ireland (“HubSpot”) for our online and offline marketing activities. Hubspot is an integrated software solution that the Founders Foundation uses to cover various aspects of its online marketing. These include, among others:

Email marketing (newsletters and automated mailings, e.g. to provide downloads), social media publishing & reporting, reporting (e.g. traffic sources, hits, etc. …), contact management (e.g. user segmentation & CRM), landing pages and contact forms.

Our registration service enables users of our online presence to download content, provide their contact information and other demographic information, or find out more about us. This information and the content of the website are stored on HubSpot servers. It can be used to contact users of the website and to determine which content of the website is of interest to users. All data processed in this context is used exclusively to optimise our marketing measures. All information collected by us is subject to this privacy policy.

The legal basis for the use of HubSpot’s services is your consent in accordance with Art. 6 para. 1 lit. a) GDPR. HubSpot is certified under the terms of the “EU – U.S. Privacy Shield Framework”.

More information on HubSpot’s data protection provisions can be found at https://www.hubspot.de/data-privacy/gdpr. 

Use of Google Fonts

Google Fonts are used as external fonts for our online services. Google Fonts originate from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter: “Google”) and are made freely available by Google. These Google Fonts are integrated by a server call, usually a Google server. This tells the server which of our web pages you have visited. The IP address of the browser of the end device of the visitor to this website is also stored by Google. It cannot be ruled out that data may be transmitted to the USA in this context and that US security authorities may be able to gain access to the data. Further information on data processing by Google can be found in Google’s privacy policy, which you can access here: 

www.google.com/fonts#AboutPlace:about
www.google.com/policies/privacy/

The legal basis for the integration of Google Fonts is Art. 6 para. 1 lit. f) GDPR; our legitimate interest is the optimisation of our online services. 

Ordering tickets

When you order tickets for events, we only use your personal data within our company and affiliated companies and for the company commissioned to process orders. 

Storage and data transfer for orders

For order processing, we work together with various companies that are responsible for payment processing and logistics. We ensure that our partners also comply with data protection regulations. The legal basis for this is Art. 6 para. 1 lit. b) GDPR. The processing of your personal data is necessary for the fulfilment of the contract with you.

We store the data for as long as it is required to fulfil the contract. In addition, we store this data for the fulfilment of post-contractual obligations and due to retention periods under commercial and tax law for the period prescribed by law. This retention period is generally 10 years to the end of the respective calendar year.

Payment processing 

Depending on the payment method selected, payment for orders may be processed by a service provider. 

The legal basis for payment processing is Art. 6 para. 1 lit. b) GDPR. The processing of your personal data is necessary for the fulfilment of the contract with you, whereby you are free to choose the payment method.

We store the data for as long as it is required to fulfil the contract. In addition, we store this data for the fulfilment of post-contractual obligations and due to retention periods under commercial and tax law for the legally prescribed period. This retention period is generally 10 years to the end of the respective calendar year.

Use of Zapier

In the context of ticket ordering, we use the services of Zapier Inc, 548 Market St #62411, San Francisco, California 94104, USA (“Zapier”) to connect various applications and databases. In particular, Zapier may have access to the contact details of our customers or interested parties. Zapier processes this data for us as a processor in accordance with Art. 28 GDPR exclusively on our instructions (and not for Zapier’s own purposes or those of third parties). Data processing by Zapier in a third country outside the EU is carried out on the basis of an adequacy decision by the European Commission pursuant to Art. 45 GDPR, as Zapier has undertaken to comply with the principles of the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework). Further information on data protection at Zapier can be found at https://zapier.com/privacy/.

 

Registration for events 

The service we use if you wish to register for our events is vivenu. Before you register, you must register with vivenu and then transfer your particulars directly to vivenue, from whom we then receive the participants data. Vivenu will process your data under its own responsibility and according to its own data protection provisions. If you do not wish to register on the basis of the use of your data by vivenu, you can also contact us directly.

We would like to point out that photo/sound and film recordings may be made for public and non-public purposes during events. We have a legitimate interest in the creation of such recordings and base the data processing on Art. 6 para. 1 lit. f) GDPR. On the one hand, the recordings are used for reporting on the events and, on the other hand, they enable hybrid events to be held. No interests of the data subjects worthy of protection are apparent here. 

If you do not wish to be photographed, please let us know before the start of an event or by e-mail info@foundersfoundation.de. In the event of an objection, the corresponding photographs will be exchanged or deleted for online publications. In the case of video recordings and print products, these will be replaced or deleted regularly in the event of a new publication.

Communication with us

You can contact us in various ways, including via the contact form on our website. We are also happy to keep you regularly informed with our newsletter by e-mail.

Contact form

If you wish to use the contact form on our website, we collect the personal data that you enter in the contact form, in particular your name and email address. We also store the IP address and the date and time of the enquiry. We process the data transmitted via the contact form solely for the purpose of responding to your enquiry or request. 

You can decide for yourself what information you send us via the contact form. The legal basis for the processing of your data is your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

After the matter has been processed by us, the data will initially be stored in case of any queries. Deletion of the data can be requested at any time, otherwise we will delete the data once the matter has been fully dealt with; statutory retention obligations remain unaffected in each case.

Chatbot

We offer a chatbot that can be used to obtain information. The chatbot “Botsonic” comes from Writesonic, Inc, 2261 Market Street #4608, San Francisco, CA 94114, USA (“Writesonic”). The inputs in the chatbot are analysed by Writesonic and answered using AI tools (artificial intelligence) with recourse to various sources. There is no human interaction; the answers are completely automated. Writesonic can also analyse the IP address used and the previous chat history to answer questions. 

Further information about Botsonic and data protection at Writesonic can be found at https://writesonic.com/privacy-policy.

Newsletter

When you register for our newsletter, your e-mail address will be used for our own advertising purposes until you unsubscribe. You will receive regular information by e-mail on current topics as well as e-mails on special occasions, such as special promotions. The emails may be personalised and individualised based on our information about you. 

Unless you have given us your consent in writing, we use the so-called double opt-in procedure to subscribe to our newsletter, i.e. we will only send you a newsletter by e-mail if you have expressly confirmed to us beforehand that we should activate the newsletter dispatch. We will then send you a notification e-mail and ask you to confirm that you wish to receive our newsletter by clicking on a link contained in this e-mail.

The legal basis for the processing of your data is your consent in accordance with Art. 6 para. 1 lit. a) GDPR if you have expressly registered for the newsletter. Within the scope of the legal requirements, it may also be possible for you to receive our newsletter from us without express consent because you have ordered goods or services from us, we have received your email address in this context and you have not objected to receiving information by email. In this case, the legal basis is our legitimate interest in sending direct advertising in accordance with Art. 6 para. 1 lit. f) GDPR.

If you no longer wish to receive newsletters from us, you can revoke your consent at any time with effect for the future or object to the further receipt of the newsletter without incurring any costs other than the transmission costs according to the basic rates. Simply use the unsubscribe link contained in every newsletter or send a message to us or our data protection officer. 

Social Media

In addition to our online services, we also use various social media channels for information transfer and communication, to which you will find links in our online services or in which you will find links to our online services. Specifically, we use the social networks Facebook and Instagram as well as the short message service X (Twitter). You can recognise the links by the respective provider’s logo.

Clicking on the links opens the corresponding social media pages, for which the respective providers’ own provisions and data protection notices apply. We have summarised an overview of the respective provider’s information for you below. 

Facebook: https://www.facebook.com/policy.php

Instagram: https://help.instagram.com/519522125107875 

X (Twitter): https://twitter.com/privacy?lang=de 

No personal information is transmitted to the respective providers before the corresponding links are called up. Your access to the linked page is also the basis for data processing by the respective provider.

We would also like to take this opportunity to point out that the German Federal Office for Information Security (BSI) provides general information on the safe use of social networks on its website at https://www.bsi.bund.de/DE/Themen/Verbraucherinnen-und-Verbraucher/Informationen-und-Empfehlungen/Onlinekommunikation/Soziale-Netzwerke/soziale-netzwerke_node.html.

The following information on the associated processing of your personal data also applies to our use of the social media channels Facebook and Instagram.

Facebook Fanpage

In addition to our own online services, we also operate a fan page on the social network Facebook. We use the fan page to provide information about our activities and offer a channel for communication. The operator of the Facebook social network is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter referred to as “Meta”). In this respect, we use the technical platform and services of Meta.

Delimitation of responsibility

We would like to point out that you use the fan page and its functions on your own responsibility, especially with regard to interactive functions such as commenting, sharing or rating. Alternatively, you can also access the information offered via the fan page on our homepage.

We endeavour to ensure the protection of your privacy and your private data within the scope of the possibilities offered by Facebook. Insofar as your personal data is processed by us in connection with your visit to the fan page, the explanations in this privacy policy apply without restriction. Due to the integration of the fan page into the Facebook service, it should also be noted that Meta processes personal data at the same time. When you visit the Fan Page, Meta collects, among other things, your IP address and other information that may be stored in the form of cookies on the device you are using or in the respective browser. We have no influence on data processing by Meta; in particular, Facebook does not act as a processor for us under our responsibility. Facebook’s data processing – at least according to Meta – is governed by Facebook’s guidelines, which are available at https://de-de.facebook.com/policy.php. We would like to point out that the data collected by Meta about you in this context may also be transferred outside the European Union.

In terms of data protection law, it can be assumed that Meta and we are jointly responsible for the operation of the fan page and the analysis of user data when visiting the fan page. In accordance with data protection regulations, we have reached an agreement with Meta on the internal delimitation of responsibility.

Facebook Insights

Meta offers fan page operators the option of using the Page Insights functions to obtain an overview of the use of the fan page and its users. Page Insights can be used primarily to access and analyse statistical data. We use the data from Page Insights to make the fan page as attractive and efficient as possible. For this purpose, Meta provides us with data that Meta has generated itself. Facebook provides further information on how the Page Insights function works and who is responsible for it at https://www.facebook.com/legal/terms/page_controller_addendum.

Messenger

Users who are registered with Facebook also have the option of communicating directly via Facebook Messenger. If you contact us via Messenger, the data transmitted will be stored and used by us exclusively for the purpose of responding to your enquiry. The legal basis for the processing of your data is your consent within the meaning of Art. 6 para. 1 lit. a) GDPR and our legitimate interest within the meaning of Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the recording and processing of customer enquiries, the evaluation of customer enquiries and the monitoring of misuse.

The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. For your personal data, this is the case when the respective conversation has ended. For us, the conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified. You have the option to revoke your consent to the processing of personal data at any time; in this case, we will delete the data immediately if there is no basis for further storage. 

Further information about Facebook

If you have any questions about the use of personal data by us in connection with the use of the fan page on Facebook, you are welcome to contact us and our data protection officer at any time. The contact details and communication channels are explained in our privacy policy. If you have any questions about data protection on Facebook, please contact Meta directly. 

Instagram account

We also have an account on the social network Instagram. We use the Instagram account to provide information about our activities through our own publications and offer another channel for communicating with us. The Instagram social network is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter: “Meta”).

Please remember that you use Instagram and its functions on your own responsibility, especially with regard to interactive functions such as commenting, sharing or rating. 

Responsibility under data protection law

We endeavour to ensure the protection of your privacy and your private data within the scope of the possibilities offered by Instagram. Insofar as your personal data is processed by us in connection with your visit to the Instagram account, the explanations in this privacy policy apply without restriction. Due to the integration of the account into Meta’s offer, it should also be noted that Meta processes personal data at the same time. When you access our Instagram content, Meta collects, among other things, your IP address and other information that may be stored in the form of cookies on the device you are using or in the respective browser. We have no influence on data processing by Instagram; in particular, Meta does not act as a processor for us under our responsibility. For data processing by Facebook, the Meta guidelines apply – at least according to Meta – which are available at https://www.facebook.com/help/instagram/155833707900388. We would like to point out that the data collected by Meta about you in this context may also be transferred outside the European Union.

In terms of data protection law, Meta and we have two separate responsibilities for the operation of the Instagram account and the associated communication and analysis options. Insofar as your personal data is processed by us in connection with your visit to our Instagram presence and we alone decide on the purposes and means of this data processing, we are responsible for this data processing. This is usually the case if you communicate directly with us via the “Instagram Direct Messaging” function and transmit your data to us in the process. If your personal data is processed by Meta and Meta alone decides on the purposes and means of data processing, Meta is solely responsible for this data processing. This applies in particular to the analysis of user behaviour by Meta for its own purposes.

Instagram Insights

Meta offers the operators of Instagram accounts the opportunity to obtain an overview of the use of the account and its users via the “Instagram Insights” function. Instagram Insights can be used primarily to access and analyse statistical data. We use the data from Instagram Insights to make the Instagram account as attractive and efficient as possible. For this purpose, Meta provides us with data that Meta has generated itself under its own responsibility. The data we receive from Meta is mostly anonymised data and statistics. Insofar as we receive personal data in this context, we are responsible for our further processing of this data to analyse the use of our Instagram account.

Meta provides further information on Instagram Insights at https://help.instagram.com/1533933820244654.

Instagram Direct Messaging

Instagram gives you the opportunity to communicate directly with us via the “Instagram Direct Messaging” function. If you contact us via the Instagram Direct Messaging function, the data transmitted will be stored and used by us exclusively for the purpose of responding to your enquiry. The legal basis for the processing of your data is your consent within the meaning of Art. 6 para. 1 lit. a) GDPR and our legitimate interest within the meaning of Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the recording and processing of customer enquiries, the evaluation of customer enquiries and the monitoring of misuse.

The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. For your personal data, this is the case when the respective conversation has ended. For us, the conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified. You have the option to revoke your consent to the processing of personal data at any time; in this case, we will delete the data immediately if there is no basis for further storage. 

Further information about Instagram

If you have any questions about the use of personal data by us in connection with the use of our Instagram account, you are welcome to contact us and our data protection officer at any time. The contact details and communication channels are explained in our privacy policy. If you have any questions about data protection on the Instagram social network offered by Meta, please contact Meta directly. 

Your rights and contact

We attach great importance to explaining the processing of your personal data as transparently as possible and to informing you of the rights to which you are entitled. If you would like more information or wish to exercise your rights, you can contact us at any time so that we can take care of your request.

Rights of data subjects

You have extensive rights with regard to the processing of your personal data. Firstly, you have a comprehensive right to information and can request the correction and/or deletion or blocking of your personal data if necessary. You can also request the restriction of processing and have the right to object. With regard to the personal data you have provided to us, you also have the right to data portability. 

If you would like to assert one of your rights and/or receive more information about this, please contact our employees using the contact form. Alternatively, you can also contact our data protection officer. 

Revocation of consent and objection

Once you have given your consent, it can be freely revoked at any time with effect for the future. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. Contact persons for this are also our employees via the contact form and our data protection officer. 

If the processing of your personal data is not based on consent, but on another legal basis, you can object to this data processing. Your objection will lead to a review and, if necessary, termination of the data processing. You will be informed of the result of the review and – if the data processing is nevertheless to be continued – you will receive more detailed information from us as to why the data processing is permissible.

Data protection officer and contact

We have appointed an external data protection officer who supports us in data protection issues and whom you can also contact directly. If you have any questions regarding our handling of personal data or require further information on data protection issues, our data protection officer and his team will be happy to assist you:

Attorney Dr Sebastian Meyer, LL.M.
c/o BRANDI Rechtsanwälte
Adenauerplatz 1, 33602 Bielefeld
Telephone: 0521 / 96535-812
E-mail: datenschutz@brandi.net

If you would like to contact our data protection officer personally by e-mail, you can also reach him at sebastian.meyer@brandi.net. 

Complaints

If you are of the opinion that the processing of your personal data by us is not in accordance with this privacy policy or the applicable data protection regulations, you have the right to lodge a complaint with the supervisory authority. You can also lodge a complaint with our data protection officer. The data protection officer will then investigate the matter and inform you of the outcome of the investigation. 

Further information and changes

Links to other websites

Our online services may contain links to other websites. These links are generally labelled as such. We have no influence on the extent to which the applicable data protection regulations are complied with on the linked websites. We therefore recommend that you also inform yourself about the data protection declarations of other websites. 

Changes to this privacy policy

The status of this privacy policy is indicated by the date (below). We reserve the right to amend this privacy policy at any time with effect for the future. Changes will be made in particular in the event of technical adjustments to the online services or changes to data protection regulations. The current version of the data protection declaration can always be accessed directly via the online services. We recommend that you inform yourself regularly about changes to this privacy policy.

Status of this privacy policy: April 2024