Privacy policy

This Privacy Statement clarifies to you the nature, scope and purpose of processing personal data ("Data") in the context of the provision of our services as well as within our online offer and the websites associated with it, Features and content as well as external online presence, such as our Social Media profiles on (collectively referred to below as an "online offering"). With regard to the concepts used, such as "processing" or "responsible," we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

Responsible
Klaus Gdowczok
VG-Project e.V.
Postfach 100230
D-50442 Köln

Vorstand@vg-Project.de
Chairman: Klaus Gdowczok

Types of data processed
-inventory data (e.g., personal master data, names or addresses).
-contact details (e.g., e-mail, telephone numbers).
-Content data (e.g., text input, photographs, videos).
-usage data (e.g., visited websites, interest in content, access times).
-Meta-/communication data (e.g., device information, IP addresses).

Categories of affected persons
Visitors and users of the online offer (below we also refer to the affected persons as "users").

Purpose of processing
- Providing the online offer, its features and content.
- Answering contact requests and communicating with users.
- Security measures.
- Range measurement/Marketing

Terms used
"Personal data" is any information relating to an identified or identifiable natural person (' the person concerned '); Identifiable is a natural person who is directly or indirectly identifiable, in particular by assigning it to an identifier such as a name, to a identification number, to location data, to an online identifier (e.g. cookie) or to one or more special features It can be identified that are an expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.

"Processing" is any process performed with or without the help of automated procedures or any such sequence of operations in connection with personal data. The term goes far and encompasses virtually every handling of data.

"Pseudonymization" means the processing of personal data in such a way that the personal data can no longer be assigned to a specific person concerned without the use of additional information, provided that this additional data Information is kept separately and is subject to technical and organisational measures to ensure that the personal data is not assigned to an identified or identifiable natural person.

„Profiling' any type of automated processing of personal data that consists in this personal data being used to evaluate certain personal aspects relating to a natural person, in particular to address aspects relating to To analyze or predict work performance, economic situation, health, personal preferences, interests, reliability, behavior, whereabouts or change of location of this natural person.

The "person responsible" is the natural or legal person, authority, institution or other body that decides alone or together with others on the purposes and means of processing personal data.

"Order processor" means a natural or legal person, authority, institution or other body that processes personal data on behalf of the person responsible.

Authoritative legal bases
In accordance with Article 13 of the GDPR, we will inform you of the legal basis of our data processing. For users from the scope of the General Data Protection Regulation (GDPR), i.e. the EU and the EEC, unless the legal basis is mentioned in the Privacy Statement, the following applies:
The legal basis for obtaining consents is Article 6 (1) Bed. a and Article 7 GDPR;
The legal basis for processing to fulfil our services and implement contractual measures, as well as answering inquiries, is Article 6 (1) Bed. b DSGVO;
The legal basis for processing to fulfil our legal obligations is Article 6 (1) Bed. c DSGVO;
In the event that vital interests of the person concerned or any other natural person require the processing of personal data, Article 6 (1) shall be used Bedd GDPR as the legal basis.
The legal basis for the necessary processing to carry out a task which is in the public interest or in the exercise of public authority, which has been entrusted to the person responsible, is Article 6 (1). Bed. and Dsgvo.
The legal basis for processing to safeguard our legitimate interests is Article 6 (1) Bed. f DSGVO.
The processing of data for purposes other than those for which it was collected is determined by the requirements of Article 6 (4) of the GDPR.
The processing of special categories of data (in accordance with Article 9 (1) of the GDPR) is determined in accordance with the requirements of Article 9 (2) of the GDPR.

Security
We meet in accordance with the statutory requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of processing, as well as the different probability of occurrence and severity of the Risk to the rights and freedoms of individuals, appropriate technical and organisational measures to ensure a level of protection appropriate to the risk.

Measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access to it, entering, sharing, ensuring availability and its Separation. We have also established procedures to ensure a perception of affected rights, deletion of data and response to data exposure. In addition, we take the protection of personal data into account in the development, or selection of hardware, software and processes, in accordance with the principle of data protection through technology design and data protection-friendly presets.

Working with contract processors, jointly responsible and third parties
If, as part of our processing, we disclose data to other persons and companies (contract processors, jointly responsible persons or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of A legal permit (e.g. if a transfer of the data to third parties, such as payment service providers, is necessary for the fulfillment of the contract), users have consented to a legal obligation or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).

If we disclose, transmit or otherwise grant access to other companies in our group of companies, this is done in particular for administrative purposes as a legitimate interest and beyond that on a legal basis. This is the basis for this.

Transfers to third countries
If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA) or the Swiss Confederation), or if we do so in the context of the use of third-party services or disclosure, or transmission of Data is done to other persons or companies only if it is done to fulfil our (before) contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to explicit consent or contractual transmission, we only process or leave the data in third countries with a recognised level of data protection, including US processors certified under the "Privacy Shield," or Process on the basis of special guarantees, such as contractual obligation through so-called standard protection clauses of the EU Commission, the existence of certifications or binding internal data protection regulations (Articles 44 to 49 GDPR, Information page of the EU Commission).

Rights of the persons concerned
You have the right to request confirmation as to whether the data in question is processed and for information about this data, as well as on further information and copy of the data in accordance with the legal requirements.

You have accordingly. The legal requirements have the right to require the completion of the data concerning you or the correction of the incorrect data concerning you.

In accordance with the legal requirements, you have the right to demand that data in question be deleted immediately, or alternatively to demand a restriction of the processing of the data in accordance with the legal requirements.

You have the right to request that the data you have provided to us be obtained in accordance with the legal requirements and to request that it be transmitted to other persons responsible.

You also have the right, in accordance with the legal requirements, to lodge a complaint with the competent supervisory authority.

Withdrawal
You have the right to revoke granted consents with effect for the future.

Right to object
You may object to the future processing of the data concerning you at any time in accordance with the legal requirements. The objection may be made in particular against processing for direct advertising purposes.

Cookies and the right to object to direct advertising
"Cookies" are small files that are stored on users ' computers. Different information can be stored within the cookies. A cookie is primarily used to provide the information about a user (or the Device On which the cookie is stored) to be stored within an online offer during or after your visit. Temporary cookies, or "session cookies" or "transient cookies," are referred to as cookies that are deleted after a user leaves an online offer and closes their browser. In such a cookie, for example, the contents of a shopping basket can be stored in an online shop or a login status. Cookies are referred to as "permanent" or "persistent," which remain stored even after the browser is closed. For example, the login status can be saved if the users visit it after several days. Similarly, such a cookie can store the interests of users used for range measurement or marketing purposes. Cookies are referred to as a "third-party cookie" offered by providers other than the person who runs the online offer (otherwise, if only its cookies are referred to as "first-party cookies").

We may use temporary and permanent cookies and make up for this as part of our privacy policy.

If users do not want cookies to be stored on their computer, they are asked to disable the option in their browser's system settings. Saved cookies can be deleted from the browser's system settings. The exclusion of cookies can lead to functional limitations of this online offer.

A general objection to the use of cookies used for online marketing purposes can be used on a large number of services, especially in the case of tracking, via the US site. http://www.aboutads.info/choices/ Or the EU side http://www.youronlinechoices.com/ Be explained. In addition, cookies can be stored by switching them down in the browser's settings. Please note that not all functions of this online offer may be available.

Deletion of data
The data we process will be deleted or restricted in processing in accordance with the legal requirements. Unless expressly stated in the context of this Privacy Statement, the data stored with us will be deleted as soon as it is no longer necessary for its purpose and no legal retention obligations stand in the way of deletion.

Unless the data is deleted because it is necessary for other and legally permissible purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons.

Changes and updates to the Privacy Statement
We ask you to check the content of our privacy policy on a regular basis. We adjust the privacy policy as soon as the changes to the data processing we do make this necessary. We will inform you as soon as the changes require a joint action on your part (e.g. consent) or any other individual notification.

Provision of our statutory and business-compliant services
We process the data of our members, supporters, interested parties, customers or other persons in accordance with Article 6 (1) Bed. b. GDPR, provided that we Compared to contractual services Or operate within the framework of existing business relationships, e.g. towards members, or are themselves recipients of benefits and grants. In addition, we process the data of persons concerned in Article 6 (1) Bed(GDPR) based on our legitimate interests, e.g. when it comes to administrative tasks or public relations.

The data processed here, the nature, scope and purpose and necessity of their processing are determined by the underlying contractual relationship. This basically includes inventory and master data of the persons (e.g., name, address, etc.), as well as the contact details (e.g., e-mail address, telephone, etc.), the contract data (e.g., used services, shared content and information, names of Contact persons) and if we offer paid services or products, payment data (e.g., bank details, payment history, etc.).

We delete data that is no longer necessary to provide our statutory and businesslike purposes. This is determined according to the respective tasks and contractual relationships. In the case of business processing, we keep the data as long as it can be relevant for business processing as well as with regard to any warranty or liability obligations. The need to retain the data is reviewed every three years; In addition, the legal retention obligations apply.

Registration function
Users can create a user account. As part of the registration process, the required mandatory information will be communicated to the users and on the basis of Article 6 (1). Bed. b GDPR processed for the purpose of providing the user account. The data processed includes, in particular, the login information (name, password and an e-mail address). The data entered as part of the registration will be used for the purpose of using the user account and its purpose.

Users can be informed by e-mail about information relevant to their user account, such as technical changes. If users have terminated their user account, their data will be deleted with respect to the user account, subject to a legal retention obligation. It is incumbent on users to secure their data before the end of the contract if they are terminated. We are entitled to irretrievably delete all user data stored during the duration of the contract.

As part of the use of our registration and registration functions as well as the use of the user account, we store the IP address and the time of the respective user business. The storage is based on our legitimate interests, as well as the user in terms of protection against abuse and other unauthorized use. In principle, this data is not passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so under Article 6 (1). Bed. c. GDPR. The IP addresses will be anonymized or deleted after 7 days at the latest.
Created with Privacy Generator.de by RA Dr. Thomas Schwenke

DJB DBS IFON