Datenschutzerklärung

Privacy Notice

1. Privacy at a glance

General information

The following information provides a straightforward overview of what happens with your personal data when you visit our website. Personal data refers to all data which can be used to identify you personally. See the privacy statement included under this text for extensive information on privacy.

Data recording on our website

Who is responsible for the recording of data on this website?

Data processing on this website is carried out by the website operator, i.e. the data controller. See the website’s legal notice for the website operator’s contact details.

How do we record your data?

On the one hand, your data is recorded when you share it with us. This may for example be information entered by you in a contact form.

Other data is recorded automatically by our IT systems when you visit the website. This is primarily technical data (e.g. web browser, operating system or time of site access). This data is recorded automatically as soon as you access our website.

What do we use your data for?

A portion of said data is gathered to guarantee error-free provision of the website. Other data may be used to analyse your user behaviour.

What rights do you have with regard to your data?

You have the right to inquire free of charge as to the origin, recipients and purpose of your saved personal data at all times. You also have the the right to correct, block or delete this data. You can refer to us using the address given in the legal notice at any time for this or any other questions relating to privacy. You also have a right to lodge a complaint with the competent supervisory authority.

Analysis tools and tools from third-party providers

Your surfing behaviour may be subject to statistical analysis during visits to our website. This is done primarily with cookies and analysis programs. Your surfing behaviour is generally analysed anonymously; the browsing behaviour cannot be traced back to you. You can object to this analysis or prevent it by avoiding the use of certain tools. You can find further details relating to this in the following privacy statement.

You can object to this analysis. We will inform you of the opt-out options in this privacy statement.

2. General information and mandatory information

Information about the data controller

The data controller for the processing of data on this website is:

Verkehrsverbund Rhein-Ruhr AöR (Rhine-Ruhr Public Transport Association)
Augustastraße 1
45879 Gelsenkirchen 
Tel. +49 209 1584-0   Fax: +49 209 23967
Email: info@vrr.de

Data protection officer

We have appointed a data protection officer for our company.

Verkehrsverbund Rhein-Ruhr AöR
Datenschutzbeauftragter
Augustastraße 1
45879 Gelsenkirchen 

Tel. +49 209 1584 0
Email: datenschutz@vrr.de

Privacy

The purpose of this statement

Thank you for your interest in the Rhine-Ruhr Public Transport Association (Verkehrsverbund Rhein-Ruhr AöR) (hereinafter referred to as the “VRR”). We attach a great deal of importance to protecting your personal data. In the following we tell you which data is processed and to what extent this happens when you visit our websites and use the services offered there. We also inform you of the technical and organisational measures employed by us to protect this data and your rights as the data subject.

Your personal data will only be processed in accordance with legal legislation. These arise primarily from EU regulation 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46/EC (EU General Data Protection Regulation), the Federal Data Protection Act and the Data Protection Act for North Rhine-Westphalia.

Despite the care we have taken to implement our technical and organisational measures to protect your personal data, transmitting data via the internet does entail security vulnerabilities over which we have no influence. We ask that you bear this in mind when using our website.

Explanation of terms

In the following we will explain the most important terms which have been defined by the European legislators.

Personal data

This is information relating to an identified or identifiable individual. An individual is deemed identifiable if they can be identified, either directly or indirectly, specifically by means of assignment to an identifier like a name, identification number, location data, an online identifier or one or more special attributes that express the physical, physiological, genetic, psychological, economic, cultural or social identity of this individual.

Data subject

This is the identified or identifiable individual whose personal data is being processed by the data controller.

Processing

“Processing” refers to any operation carried out with or without the help of automated processes or any such sequence of processes associated with personal data, such as collection, recording, organisation, categorisation, storage, adjustment or alteration, scanning, querying, use, disclosure through transmission, processing or any other form of provision, comparison or combination, restriction, deletion or destruction.

Restriction of processing

“Restriction of processing” refers to marking saved personal data with the aim of restricting the future processing of said data.

Data controller

The “data controller” is the individual or legal entity, authority, institution or other body which decides, either alone or in conjunction with others, as to the purposes and means of personal data processing. If the purposes and means of this processing are prescribed by European Union law or the law of the member states, then the data controller, or else specific criteria for the appointment of the same, may be stipulated under European Union law or the law of member states.

Processor

A “processor” is an individual or legal entity, authority, institution or other body which processes personal data on behalf of the data controller.

Consent

“Consent” on the part of the data subject is any informed and unambiguous declaration of willingness voluntarily expressed for the case at hand in the form of a declaration or any other unequivocal affirmative action whereby the data subject indicates that he/she consents to the processing of personal data relating to him/her.

Recipient

A “recipient” is an individual or legal entity, authority, institution or other body to which personal data is disclosed, regardless of whether it is a third party or not. Authorities which receive potentially personal data in the course of an investigation mandate under European Union law or the law of the member states are not however regarded as recipients.

Third party

A “third party” is any individual or legal entity, authority, institution or other body, with the exception of the data subject, the data controller, the processor and the people who are authorised to process said personal data under the direct authority of the data controller or the processor.

Profiling

“Profiling” is any form of automated personal data processing which consists in said personal data being used to assess certain personal aspects relating to an individual, specifically to analyse or predict aspects in relation to the work performance, economic circumstances, health, personal preferences, interests, reliability, behaviour, place of residence of this individual or any change of location by the same.

Personal data breach

A “personal data breach” is a security violation which, whether unintentional or illegal, leads to the destruction, loss, change or unauthorised disclosure of and/or unauthorised access to any personal data which has been transmitted, saved or processed in any other way.

The data controller is the individual or legal entity which decides, either alone or in conjunction with others, as to the purposes and means of personal data processing (e.g. names, email addresses etc.)

Personal data storage duration

Where necessary, we will process and save your personal data for the duration of the business relationship with you, which might for example include the preparation and the conclusion of a contract. Furthermore, we are subject to various different retention and documentation obligations, including those which arise from the German Commercial Code (HGB), the Regulation of Taxation (AO), the German Banking Act (KWG), the Money Laundering Act (GwG) and the Securities Trading Act (WpHG). The retention and/or documentation periods specified therein range from two to ten years. Ultimately the retention period is also determined by the statutory limitation periods, which can for example stretch to thirty years under sections 195 et seqq. of the German Civil Code (BGB), whereby the regular limitation period is three years.

Your rights as the data subject

Every data subject has the right to information under Art. 15 GDPR, the right to correct under Art. 16 GDPR, the right to delete under Art. 17 GDPR, the right to restrict processing under Art. 18 GDPR as well as the right to data portability under Art. 20 GDPR. Please refer to the data controller to exercise any of the aforementioned rights.

Insofar as your personal data is being processed to safeguard our legitimate interests within the meaning of Art. 6(1)(f) GDPR, you may reject said processing in accordance with the statutory requirements under Art. 21 GDPR. You can find out more about your right to object at the end of this privacy statement in the section “Information about your right to object under Article 21 GDPR”.

Furthermore, you have the right to lodge a complaint with a data protection authority (Art. 77 GDPR) if you believe that your personal data is being processed in an unlawful manner. The right of appeal shall exist irrespective of any administrative or judicial legal action to the contrary. The address of the data protection supervisory authority responsible for our company is as follows:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW), Kavalleriestr. 2-4, 40213 Düsseldorf.

In the following we explain to your your rights under the EU General Data Protection Regulation.

Right to confirmation and information

You are entitled to ask us for confirmation at any time as to whether we are processing personal data relating to you. If this is the case, you have a right to access this personal data and the following information:

  • the purpose of the processing;
  • the categories of personal data being processed;
  • the recipients or categories of recipients to whom said personal data has been disclosed or to whom it will be disclosed, specifically where recipients in third-party countries or international organisations are involved;
  • if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for defining this duration;
  • if this personal data has not been obtained from the data subject, all available information relating to the origin of said data;
  • the existence of automated decision making, including profiling, as defined under Article 22(1) and (4) GDPR – at least in these cases – meaningful information about the logic involved, the scope and the desired implications of this sort of processing for the data subject.

If personal data is transmitted to a third-party country or an international organisation, you have the right to be informed of the appropriate guarantees associated with this transmission of data in accordance with Article 46 GDPR.

The VRR shall make a copy of the personal data undergoing processing available. The data controller may ask for a reasonable fee for administrative costs for all other copies requested by the data subject. If the data subject submits the request electronically, the information should be provided in a standard electronic format.

Right to correct

You are entitled to ask that the VRR immediately correct incorrect personal data relating to you. Taking into account the purpose of the processing, the data subject has the right to ask that incomplete personal data be completed – even by means of a supplementary statement.

Right to delete

You are entitled to ask that the VRR immediately delete any personal data relating to you, and the VRR is under obligation to delete personal data immediately insofar as one of the following reasons applies:

  • The personal data is no longer required for the purpose for which it was originally collected or otherwise processed.
  • You revoke your consent, on which the processing was based in accordance with Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, and no other legal basis for said processing exists.
  • You object to the processing in accordance with Article 21(1) GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing under Article 21(2) GDPR.
  • The personal data has been processed in an unlawful manner.

The personal data must be deleted to fulfil a legal obligation under the law of the European Union or the law of the member states to which the VRR is subject.
The personal data was collected in relation to information society services under Article 8(1) GDPR.

If the VRR has made personal data accessible to the public and it is obliged to delete this data in accordance with Article 17(1) GDPR, it shall take appropriate measures, including those of a technical nature, and taking into consideration the available technology and implementation costs, to inform the data controller responsible for the processing of said personal data that a data subject has requested that it delete all links to this personal data or copies or reproductions of this personal data.

This does not apply insofar as the processing is necessary

  • to exercise the right of free speech and freedom of information;
  • to fulfil a legal obligation which requires the processing in accordance with the law of the European Union or the member states to which the controller is subject, or to fulfil a task in the public interest or in the exercise of official authority vested in the controller;
  • on the grounds of public interest as regards public health as defined under Article 9(2)(h) and (i) as well as Article 9(3) GDPR;
  • for archiving purposes in the public interest, scientific or historic research purposes or for statistical purposes as defined under Article 89(1), insofar as the right specified in Article 17(1) GDPR would likely prevent or seriously compromise the fulfilment of the objectives of this processing; or
  • to assert, exercise or defend legal claims.

Right to restriction of processing

You have the right to ask that the VRR restrict processing if one of the following requirements is met:

  • the accuracy of the personal data is disputed by you, for a period allowing the VRR to review the accuracy of the personal data;
  • the processing is unlawful, and you reject the deletion of the personal data and instead request restriction of the use of said personal data;
  • the VRR no longer requires your personal data for processing purposes, but you require this data to assert, exercise or defend legal claims; or
  • you have objected to the processing in accordance with Article 21(1) GDPR, so long as it is not yet clear whether the VRR's justified reasons outweigh you.
  • If processing has been restricted as defined under paragraph 1, this personal data may – aside from its storage – only be processed with your consent or to assert, exercise or defend legal claims, or to protect the rights of another individual or legal entity, or for reasons of substantial public interest to the European Union or a member state.

If you have put a restriction in place, the VRR will inform you before suspending the restriction.

Right to data portability

Under Article 20(1) GDPR you have the right to obtain personal data relating to you which you have supplied to a data controller in a standard, structured, and machine-readable format, and you have the right to transmit this data to another data controller without obstruction by the data controller to whom the personal data was supplied insofar as

  • processing is based on consent as defined under Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract as defined under Article 6(1)(b) GDPR and said processing is done using automated processes.
  • When exercising your right of data portability under Article 20(1) GDPR you have the right to have your personal data transmitted directly from one data controller to another data controller provided this is technically feasible.

Article 17 GDPR shall remain unaffected where the right under Article 20(1) GDPR is exercised. The right does not apply to any processing which is required for the performance of a task that is in the public interest or which consists in the exercise of official authority vested in the controller.

This right under Article 20(1) GDPR may not compromise the rights and freedoms of other individuals as defined under Article 20(4) GDPR.

Reservation of the right to make changes

The VRR reserves the right to change these privacy terms at any time with effect for the future. The respective latest version is published on this website. Please visit this page regularly to find out about any changed privacy terms.

SSL or TLS encryption

Personal data submitted by you on our site, e.g. in contact forms or for newsletter subscription, and sent to us as site operator, will be transmitted with SSL or TLS encryption. You can tell that a connection is encrypted when the address line of the browser switches from “http://” to “https://” and when you see a padlock symbol in your browser line.

If SSL or TLS encryption is activated, data sent to us by you cannot be read by third parties.

3. Data recording on our website

Cookies

Some of our web pages use what are referred to as cookies. Cookies do not harm your computer and do not contain any viruses. We use cookies to make our website more user-friendly, more effective and more secure. Cookies are small text files which can be placed on your computer and saved by your browser.

Most of the cookies used by us are what are referred to as session cookies. We use these to internally distribute the load of users visiting our website. These are automatically deleted at the end of your visit. The data generated by this will not be collated with any other personal data supplied by you.

Other cookies will remain on your terminal device until you delete these. These cookies enable us to identify your browser again when you next visit the site.

You can configure your browser to inform you where cookies are about to be set and to allow cookies on a selective basis, to exclude the acceptance of cookies in certain cases, or generally, and you can activate the automatic erasure of cookies upon closure of the browser. Disabling cookies may have the effect of restricting the functionality of this website.

We save cookies which are necessary for electronic communication processes on the basis of Art. 6(1)(f) GDPR. We have a legitimate interest in saving cookies to ensure a technically error-free and optimised provision of services. Where other cookies (e.g. cookies to analyse your surfing behaviour) are saved, these will be outlined separately in this privacy statement.

Server log files

We collect and save information automatically in what are referred to as server log files which are transmitted to us automatically by your browser. This information includes:

  • Browser type and browser version
  • The operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address
  • The names assigned to the IP address
  • Port number of browser
  • Accepted file types

This data will not be collated with any other data sources. This data is collected and processed with a view to ensuring the technical availability of our site in our legitimate interests as defined under Art. 6(1)(f) GDPR.

Contact form

If you submit an inquiry to us via our contact form, your details from the inquiry form as well as the contact details provided there will be saved by us for the purpose of processing the inquiry and responding to any follow-up questions. We will not pass on this information without your consent.

The data provided in the contact form is thus processed solely on the basis of your consent (Art. 6 (1)(a) GDPR). You may revoke this consent at any time. Sending us an informal notice, i.e. via email, will suffice for this. This revocation of consent will not affect the legality of the data processing operations carried out before the revocation.

We will retain the data provided by you in the contact form until such point as you ask us to delete it, revoke your consent for storage or if the purpose of the data storage ceases to apply (e.g. once we have finished processing your inquiry). Mandatory statutory provisions – specifically retention periods – shall remain unaffected by this.

4. Social media

Facebook

We have a Facebook profile. This service is provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Facebook is certified under the EU-US Privacy Shield Framework.

We have concluded an joint controller agreement with Facebook for processing data (Joint Controller Addendum). This agreement sets out which data processing operations we or Facebook are responsible for when you visit our Facebook fan page. You can view this agreement by following this link: 
https://www.facebook.com/legal/terms/page_controller_addendum

You can adjust your advertising settings yourself in your user account. To do this, click on the following link and log in:
https://www.facebook.com/settings?tab=ads

For details see Facebook’s privacy policy:
https://www.facebook.com/about/privacy/

Facebook plugins (Like & Share button)

On our pages we have integrated plugins of the social network Facebook, a service provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. These Facebook plugins are recognisable on our page by the Facebook logo or the Like button. You will find an overview of Facebook plugins here: https://developers.facebook.com/docs/plugins/.

When you visit our pages, a direct connection is established between your browser and the Facebook server via the plugin. This informs Facebook that you have visited our page with your IP address. If you click the Facebook Like button while you are logged into your Facebook account, you can link contents of our pages to your Facebook profile. This allows Facebook to assign the visit to our pages to your user account. Please note that we, the provider of the pages, are not informed of the content of the transmitted data and how this is used by Facebook. You can find out more about this in Facebook’s privacy policy at: https://de-de.facebook.com/policy.php.

If you do not want to allow Facebook to assign this visit to our pages to your Facebook user account, please log out of your Facebook user account.

Twitter plugin

We have integrated functions of the service Twitter on our pages. These functions are provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the Retweet function, websites visited by you will be linked with your Twitter account and disclosed to other users. Data is also transmitted to Twitter in the process. Please note that we, the provider of the pages, are not informed of the content of the transmitted data and how this is used by Twitter. You can find out more about this in Twitter’s privacy policy at: https://twitter.com/privacy.

You can change your Twitter privacy settings in account settings at https://twitter.com/account/settings.

Google+ plugin

We use Google+ functions on our pages. This is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Recording and transmission of information: You can publish information worldwide using the Google+ button. Using the Google+ button you and other users can access personalised content from Google and our partners. Google saves both the information that you have +1ed content, as well as information about the page you were viewing when you clicked on +1. Your +1 may be displayed as a suggestion together with your profile name and your photo in Google services, i.e. in search results or in your Google profile, or in other places on websites and advertisements online.

Google logs information about your +1 activities to optimise Google services for you and others. To use the Google+ button you require a globally visible, public Google profile which must contain at least the name used for the profile. This name will be used in all Google services. In some cases this name may be replaced by another name which you have used when sharing content via your Google account. The identity of your Google profile may be displayed to users that know your email address or have access to any of your other personally identifying information.

How recorded information is used: In addition to the usage purposes outlined above, the information provided by you will be used in line with the applicable Google privacy terms. Google may potentially publish aggregated statistics about the +1 activities of users or transmit these to users and partners such as publishers, advertisers or affiliated websites.

Google reCAPTCHA

To ensure adequate data security during the transmission of forms, in certain cases we use the reCAPTCHA service provided by the company Google Inc. This serves primarily to distinguish whether data is being entered by an individual or fraudulently by machine or automated processing. This service includes sending Google the IP address and, where necessary, any other data required by Google for the reCAPTCHA service. The differing privacy terms of Google Inc apply here. For further information on the privacy guidelines of Google Inc. see https://www.google.com/intl/de/policies/privacy/

Service chat

This website uses Userlike, a live chat software provided by the company Userlike UG (limited liability). Userlike uses cookies, text files that are saved on your computer and which enable one-to-one conversation with you in the form of real-time chat on the website. The data recorded is not used to personally identify visitors to this website and will not be collated with personal data relating to the bearer of the pseudonym. For further information please see Userlike’s privacy policy at https://www.userlike.com/de/terms#privacy-policy.

To exercise your rights to information, correction and deletion and export under the GDPR please refer to the operator of this website.

5. Analysis tools and advertising

Google Analytics

This website uses the web analysis tool “Google Analytics”, a service provided by Google Ireland Limited. This is used for the purposes of optimisation, efficient operation and custom design of this online presence, which is performed based on a balancing of interests (Art. 6(1)(1)(f) GDPR). This web analysis also allows us to identify and rectify faults on the website, e.g. due to faulty links. Google Analytics uses what as referred to as cookies. These are text files that are saved on your computer and enable an analysis of your use of the website. This involves the use of what are referred to as client IDs which are used to generate pseudonymous user profiles which record the use of websites by desktop computers and mobile terminal devices by a user.

The information the cookie generates relating to your use of this website is generally transmitted to a server in the USA by Google and stored there. Because we have enabled what is referred to as IP anonymisation on this website and we have concluded the relevant order processing contract with Google, your IP address will be shortened beforehand by Google within member states of the European Union or in other States party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address will be sent to a Google server in the USA and then shortened.

Google in the USA is certified under what is referred to as the Privacy Shield Framework (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

An adequate level of privacy is guaranteed by Google.

You can prevent the data generated by the cookie in relation to your use of the website (including your IP address) from being registered and processed by Google by downloading and installing the browser plug-in available under the following link (http://tools.google.com/dlpage/gaoptout?hl=de).

Alternatively, you can prevent Google Analytics from recording information by clicking on the following link. Doing so will set an opt-out cookie which will prevent any of your data from being recorded in future when visiting this website:

Click here to opt out of Google Analytics statistical analysis.

Weiter im Text

You can find out more about the Google Analytics terms of use and privacy policies here at: https://policies.google.com/privacy

Google Analytics Remarketing

Our websites use Google Analytics Remarketing functions in conjunction with the cross-device functions of Google AdWords and Google DoubleClick. This is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

This function makes it possible for the advertising target groups generated by Google Analytics Remarketing to be linked up to the cross-device functions of Google AdWords and Google DoubleClick. This allows interest-specific, personalised advertising messages which have been adapted to you based on your earlier user and surfing behaviour on one terminal device (e.g. mobile phone) to be displayed on another of your terminal devices (e.g. tablet or PC).

Provided you have given consent for it to do so, Google will link your web and app history with your Google account for this purpose. This makes it possible for the same personalised advertising messages to be placed on any terminal device with which you have logged in with your Google account.

To support this function, Google Analytics records Google-authenticated IDs of users which are temporarily connected with our Google Analytics data to define and generate target groups for the cross-device advertisements.

You can opt out of cross-device remarketing/targeting permanently by disabling personalised advertising in your Google account; to do so, follow this link: https://www.google.com/settings/ads/onweb/.

The pooling of recorded data in your Google account only takes place on the basis of your consent, which you may grant or revoke from Google (Art. 6(1)(a) GDPR). In the case of data recording processes which are not aggregated in your Google account (e.g. because you do not have a Google account or you have opted out of the aggregating of this data), data is recorded on the basis of Art. 6(1)(f) GDPR. The legitimate interest results from the fact that the website operator has an interest in the anonymised analysis of website visitors for advertising purposes.

You can find more information and the privacy terms in Google’s privacy policy at: https://www.google.com/policies/technologies/ads/.

Google AdWords and Google conversion tracking

This website uses Google AdWords. AdWords is an online advertising program provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).

As part of the Google AdWords service, we use what is referred to as conversion tracking. If you click on an advert placed by Google, a cookie will be set for conversion tracking. Cookies are small text files placed on the user’s computer by the web browser. These cookies expire after 30 days and cannot be used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, both we and Google can see that the user clicked on the advertisement and was forwarded to this page.

Each Google AdWords customer receives a different cookie. The cookies cannot be tracked by the websites of AdWords customers. The information attained using conversion cookies is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers find out the total number of users that have clicked on their advertisement and that have been forwarded to a page featuring a conversion tracking tag. They do not however receive any information which could be used to identify users personally. If you do not want to take part in tracking, you can opt out of the use of this by easily disabling the Google conversion tracking cookie via your internet browser under user settings. You will then be excluded from the conversion tracking statistics.

The storage of conversion cookies is performed on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in analysing user behaviour with a view to optimising its web presence and its advertising.

You can find out more about Google AdWords and Google conversion tracking in Google’s privacy terms: https://www.google.de/policies/privacy/.

You can configure your browser to inform you where cookies are about to be set and to allow cookies on a selective basis, to exclude the acceptance of cookies in certain cases, or generally, and you can activate the automatic erasure of cookies upon closure of the browser. Disabling cookies may have the effect of restricting the functionality of this website.

6. Newsletter

Newsletter data

If you would like to receive the newsletter offered on the website, we require an email address from you and, if need be, information which will allow us to verify that you are the owner of the given email address and that you consent to receiving the newsletter. We will not collect any other data. We will use this data solely for the purpose of sending the requested information and we will not pass this on to third parties.

The processing of the data supplied in the newsletter sign-up form takes place solely on the basis of your consent (Art. 6(1)(a) GDPR). You may revoke your consent to the storage of data, your email address and its use for sending the newsletter at any time, i.e. by clicking the “unsubscribe” link in the newsletter. This revocation of consent will not affect the legality of the data processing operations already carried out.

We will store the data supplied by you for the purposes of receiving the newsletter until such point as you unsubscribe from the newsletter and will delete it following the cancellation of the newsletter. Data which we have saved for other purposes (e.g. email addresses for the member area) shall remain unaffected by this.

7. Plugins and tools

YouTube

Our website uses plugins for Google-run site YouTube. These pages are operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

When you visit one of our pages featuring a YouTube plugin, a connection is established to YouTube’s servers. In the process of this, the YouTube server is informed of which of our pages you have visited.

If you are logged into your YouTube account, this enables YouTube to link your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

We use YouTube in the interests of creating an appealing visual representation of our web presences. This represents a legitimate interest as defined under Art. 6(1)(f) GDPR.

You can find out more about how user data is handled in Youtube’s privacy policy: 

https://www.google.de/intl/de/policies/privacy.

Information about your right to object under Art. 21 of the EU General Data protection Regulation (GDPR)

1. Right to object on a case-by-case basis

You are entitled to object, for reasons resulting from your specific circumstances, at any time to any processing of your personal data carried out on the basis of 6(1)(e) GDPR (data processing for the performance of a task carried out in the public interest or in the exercise of official authority) or Article 6(1)(f) GDPR (data processing based on a balancing of interests); the same applies to any profiling as defined under Article 4(4) GDPR, carried out on the basis of said provision.

If you do object, we will cease to process your personal data, unless we can demonstrate compelling legitimate grounds for processing which outweigh your interests, rights and freedoms, or if said processing aids the assertion, exercise or defence of legal claims.

2. The right to object against data processing for the purposes of direct marketing

In some cases, we process your personal data for direct marketing purposes. You are entitled to object to the processing of your personal data for the purposes of this kind of advertising; this also applies to profiling, insofar as this is in conjunction with such direct marketing.

If you object to processing for the purposes of direct marketing, we will cease to process your personal data for these purposes.

3. Exercising the right to object

Notice of your objection can be submitted informally.

back to top