Quelle: dpa
: Privacy Policy of the Hans Böckler Foundation
General introduction:
We take the protection of your data very seriously and want to ensure your visit to our Internet page is secure. We handle data protection, in particular, in compliance with the provisions of the European General Data Protection Regulation, the Federal Data Protection Act (BSDG - new) and the German Telecommunications Digital Services Data Protection Act (TDDDG). We would herewith like to inform you of the nature, scope and purpose of the processing of your personal data. To begin with, we would like to point out that this Privacy Statement solely refers to our own webpages and does not apply to any third-party webpages to which we may refer in the form of a link.
Object of protection:
The object of this Privacy Statement is to protect personal data. This concerns all information that refers to an identified or identifiable natural person (hereinafter referred to as the “data subject”) and includes, in particular, all information that allows conclusions to be drawn as to your identity (e.g. details such as your name, postal address, email address and telephone number).
Technical requirements:
In order for you to be able to set up a connection to our website, your browser transfers specific data to the web server of our website. This is a technical requirement that allows the information you called up to be made available to you by our website. This is achieved by storing your IP address, the date and time of your request, your operating system type and other information which is then stored and used for a maximum period of 7 days. We reserve the right to store these data for a limited period in order to safeguard our legitimate interests so as to be able to derive information from personal data in the case of unauthorized access or the attempt to deliberately cause damage to our company through this route (Art. 6, para. 1 (f) GDPR). These data shall be solely stored or transferred for this and no other purpose, whereby we shall not inform you of this or ask for your consent in advance.
Cookies:
Cookies are small text files that are stored by your browser on your computer or mobile terminal device to detect, for example, whether you visit the same webpages repeatedly from the same terminal device or browser. In general, we set cookies to analyze the interest in our website as well as to improve the user-friendliness of our website. In principle, however, you can also call up our website without using cookies.
As a rule, cookies can be deactivated or removed with the aid of special tools which are offered by most commercial browsers. For each browser that you use, you have to determine the settings separately and configure these individually. The different browsers offer a range of functions and options to this purpose.
For full and easy usage of our website, you should accept those cookies that allow the use of specific functions, resp. make it easier to use. You can review which cookies are used by us and to which purpose - and how long these are stored - in the following overview:
Cookie list:
Name |
Provider |
Function |
Validity |
hbs_nl_cookie | www.boeckler.de | This cookie stores whether our newsletter overlay has already been displayed to the visitor, resp. whether it has been selected by the visitor, during the current session. |
“End of the session” [when the browser is closed] |
JSESSID |
www.boeckler.de |
Apache Tomcat session (on which the OTDS is based) |
“End of the session” [when the browser is closed] |
wt_fweid |
www.boeckler.de |
“FWEID weak Fingerprint Ever ID” for recognizing the session if no cookies |
Unknown as this is not set in the browser |
wt_feid |
www.boeckler.de |
“FEID weak Fingerprint Ever ID” for recognizing the session if no cookies are |
Unknown as this is not set in the browser |
wt_geid |
www.boeckler.de |
only contains information in the case of a third-party cookie and is otherwise |
“End of the session” [when the browser is closed] |
wt_cdbeid |
www.boeckler.de |
“CDBEID CDB Ever ID”. When CDB is activated, this is the EID of one of the |
15 minutes |
boeckler_de |
www.boeckler.de |
HBS JavaScripts for the cookie banner |
3 years |
wt3_sid |
www.boeckler.de |
SSID session ID stated for Pixel v3 or higher |
“End of the session” [when the browser is closed] |
hans |
www.boeckler.de |
Session ID of the OTDS HBS project |
“End of the session” [when the browser is closed] |
wt3_eid |
www.boeckler.de |
“EID Ever ID / Cookie ID” stated when first-party tracking and Pixel v3 or |
6 months |
When you visit our website(s) for the first time, a pop-up window containing our Cookie Consent Manager (Usercentrics) is displayed. This Consent Manager provides a “toggle” button which you can use to activate or deactivate different services and cookies on our website, thus consenting to the processing of any data thus collected (Art. 6, para. 1 (a) GDPR). Please note that if you do not accept any cookies at all, you may not be able to use certain features of our website as we had originally intended. You can revoke your consent at any time with future effect and change your settings in our Usercentrics Consent Manager by clicking on the following link: COOKIE SETTINGS
Cookie types:
In order to be able to explain the most common cookie types in more detail, we have provided explanations of these in the following to help you to understand them:
1. Session cookies
The usage of session cookies allows users and the changes they make on a particular website to be identified. These cookies allow the website to track the movements of the users across individual pages so that information that has already been entered/stored does not have to be re-entered/stored again. Webshop shopping baskets are a good example of this. The session cookie stores the selected products in the shopping basket so that this contains the correct articles when payment is made at checkout. Session cookies are deleted when the user logs off or become invalid once the session has automatically expired.
2. Permanent or protocol cookies
A permanent or protocol cookie stores the user’s information and settings on the user’s computer for the duration of the period defined by the respective expiration date. This allows quicker and easier access as you do not, for example, have to repeat the language settings or re-enter your login data. These cookies are automatically deleted when the storage period expires.
3. Third-party cookies
As a rule, third-party cookies have no influence on the usage of the page as they do not originate from the operator of the website. They fulfill, for example, the purpose of collecting information for advertising purposes, personalized content and web statistics and for passing these on to the respective third-party provider.
4. Tracking cookies
Tracking cookies are special text files which open up the possibility of collecting data on the behavior of the Internet user. This is aimed at gaining information on what the user’s main points of interest are, for example, to be able to launch made-to-measure promotional offers. Therefore, tracking cookies are not only set during the login process but are automatically set whenever the website is visited.
The examples of the most common types of cookies in the above representation is intended to provide you with a global overview of this type of data collection. The information contained therein does not claim to be complete. As a result of technical developments in the IT sector, it is to be assumed that further cookie types will be developed over the course of time. Prior to using our website, please refer at regular intervals to the Privacy Statement on our website to find out about the latest changes.
Contact form users:
Our website includes contact forms which can be used to contact us electronically. To ensure that your data are transferred securely, we use a connection which deploys state of the art encryption technology and comes with a corresponding SSL certificate during the transfer process. We store you name and email address, and possibly other information that you have provided us with, in order to be able to contact you and provide you with the best-possible answer to your request. On the one hand, this allows us to offer you the service that you expect from us and, on the other, it provides us with the opportunity to continually improve (Art. 6, para. 1 (f) GDPR).
Use of our online form (project outline) to apply for funding:
On our website, you can submit a project outline via web form to apply for research funding. In this case, we will process the applicant's personal data (contact details) for the purpose of deciding on possible funding and responding to the submitted application. The data will only be shared with the persons involved in the decision. As it is of vital importance for scientific projects which person as the responsible project leader submits the funding application, we have a legitimate interest according to Art. 6 para. 1 f GDPR in processing the applicant's personal data for the purposes mentioned.
(Online) registration for our events:
You can register for various (in-person, online and hybrid) events electronically on our website. We process the data you provide in the registration form. To ensure that your data is transmitted securely, we use a state-of-the-art encrypted connection with an SSL certificate during transmission. By consenting to the electronic storage and processing of your data and clicking on "Submit registration", you confirm to us that your data is being processed lawfully in accordance with Art. 6 Para. 1 a GDPR for the purpose of organizing the event or webinar. You can revoke your consent at any time with effect for the future. To do so, please send us an e-mail to datenschutz[at]boeckler.de. In this case, however, you will no longer be able to participate in our event. Since our online events are usually held via one of our video conferencing systems (Microsoft Teams or Zoom), in this case further data will be processed and may be forwarded to the respective services. You can find out about the processing of your personal data when using video conferencing systems in accordance with Art. 13 GDPR here before you register.
Data processing on LABOR.A
To participate in LABOR.A, you must first register on our event platform. The platform is provided to us by an external service provider (Talque). To ensure that your data is processed securely, we have a data processing agreement with the provider in accordance with Art. 28 para. 3 GDPR. When registering, you must provide the following information:
- Surname, first name
- E-mail address
- Institution
- Country
- Participant category (speaker, moderator, participant, organization team, exhibitor)
After you have received access to the event platform, a profile will be created with the data you have provided. You can voluntarily add a picture to this profile. You can also voluntarily participate in a matchmaking process and state your interests. On this basis, you will then be suggested further event participants with whom you can get in touch and network before and/or during the event.
If you would like to take part in a survey during the event, you can do so anonymously via a link or QR code.
Your data will be processed on the basis of your consent given during the registration process in accordance with Art. 6 para. 1 a GDPR. You can revoke your consent at any time with effect for the future. To do this, send us an e-mail to datenschutz[at]boeckler.de. In this case, however, you will no longer be able to participate in our event.
You can delete all the information you provided on the platform during the event yourself if you wish. To do this, you will need to delete your profile on the platform, which can otherwise be used for other events. In this case, responsibility for data processing passes to the respective event organizer.
Newsletter subscriptions:
We offer you the opportunity of subscribing to our newsletters free of charge. These subscriptions are commissioned by way of a double opt-in procedure. This involves an accepted process which ensures that the express consent of the person concerned is obtained in connection with respective contact procedures in accordance with Art. 6, para. 1 (a) GDPR. Once you have subscribed, you will receive a corresponding confirmation link via email. You need to confirm this link which serves to document your consent. When registering, you also have the option to choose a tracking option on a voluntary basis. As the tracking process is anonymous, it is totally impossible for us to draw conclusions regarding your person or you as a user. In addition, you can change the tracking settings at any time in your profile settings. Should you no longer be interested in receiving your newsletter subscription, you can unsubscribe at any time with future effect via a link in the newsletter footer (bottom section).
FRIENDLY CAPTCHA:
We use the "Friendly Captcha" of Friendly Captcha GmbH (Am Anger 3-5, 82237 Woerthersee) on our website.
The Friendly Captcha is intended to check whether the data input on our websites (e.g. in a contact form) is made by a human or by an automated program "bot". As part of this check, the service processes your IP address, technical details about the browser and operating system used, the date and time of the visit, and the part of the website from which the input is made. It also processes data input that Friendly Captcha prompts you to make during the verification process.
All data is stored only as long as necessary for verification. The data is then anonymized or deleted.
The legal basis for processing the data is our legitimate interest acc. to Art. 6 (1) f GDPR. Our interest is to prevent abusive access or spam attacks by bots.
For all further information on data processing by Friendly Captcha, please visit: https://friendlycaptcha.com/privacy/gdpr/
Portal for online applications:
You also have the opportunity to participate in our online application process through our MyBöckler portal. To do so, you have to click on the “Go to online applications” tile in the dashboard after logging in. First of all, you will be redirected to a profile screen where you have to enter your applicant profile data. The master data stored here constitute part of your application and will only be viewed by the persons responsible for your application at the Foundation. The following data are required to set up a profile:
- First and last names
- Marital status
- Gender
- Date of birth
- Address
- Phone number (mobile or landline)
- Email address
After you have saved your profile data, you will be redirected and can then select the appropriate application procedure. As part of the application process you have selected, you will also be asked to supply additional data relevant to your application. This includes personal data, information on your family, information on your studies, your occupation, internships and part-time jobs, information on your educational background, economic situation, etc. To ensure that your data are transferred securely, we use a connection which deploys state of the art encryption technology and comes with a corresponding SSL certificate during the transfer process.
The processing of your personal data is done as part of the process to initiate a contract between yourself as a scholarship holder and the Hans Böckler Foundation in accordance with Art. 6, para. 1 (b) GDPR. In order to be able to forward your personal data to the other involved persons, committees and sponsors, your consent to this effect is obtained in accordance with Art. 6, para.1 (a) GDPR. In order to be able to process special categories of personal data that apply to your person (such as trade union membership), we also require your consent in accordance with Art. 9, para. 2 (a) GDPR. You can revoke your consents at any time with future effect. To do this, please send an email to datenschutz[at]boeckler.de or delete your application in the portal.
You can only delete your application in the portal yourself if you have not yet actually submitted it to the Hans Böckler Foundation. However, you can also subsequently withdraw an application submitted via our portal by contacting our Applications division. Your application profile itself can only be deleted if none of your applications are currently running through Hans Böckler Foundation’s (online) review process.
All further information on the processing of your personal data during the ongoing application process is available in our Data protection information for applicants section.
Tracking tools:
Our website uses functionality provided by a number of different third-party web analysis services. We shall explain in more detail which individual services are involved and which data are analyzed in the following.
Mapp Intelligence (formerly Webtrekk)
We use the services of Mapp Intelligence to collect statistical data on the usage of our website and to optimize our website accordingly. To this end, we have concluded a written contract on commissioned data processing with Mapp Digital Germany GmbH (hereinafter referred to as “Mapp”) in accordance with Art. 28, para. 3 GDPR. When you visit our website, various information transmitted from your browser is collected and evaluated. This information is collected by way of a pixel which is embedded on each webpage and through the usage of cookies. Your data will only be processed once you have consented to this processing via our Consent Manager in accordance with Art. 6, para. 1 (a) GDPR.
The following data are collected and passed on to Mapp: Request (file name of the requested file), browser type/version, browser language, operating system used, inner resolution of the browser window, screen resolution, JavaScript activation, Java enabled/disabled, cookies enabled/disabled, color depth, referrer URL (previous screen visited), shortened IP address for geographical recognition, access time, clicks, possibly order values, possibly form content (in the case of free text fields, e.g. name and password, only “filled in” or “not filled in” are transmitted). Mapp only stores the IP address in a shortened (pseudonymized) form and only uses it for session recognition, geolocation (to city level) and for warding off attacks. When you have finished visiting the website, your IP address is immediately deleted, rendering the recorded data anonymous. Even going via the ISP, it is impossible to associate these data with the user’s identity. According to Mapp, this information is transferred to and stored on a server in Germany. However, it cannot be ruled out that the parent company in the USA can also access these data. As the operator of this website, we have no influence on the respective transfer of these data. No data are transferred until you have agreed to the use of Mapp[t3] via our Consent Manager. Upon activating the service, you automatically agree to the possible export of such data to a third country, i.e. the USA, in accordance with Art. 49, para. 1 (a) GDPR. The transfer of your data to the USA harbors certain risks, e.g. national authorities may gain access to your data through domestic laws (such as “FISA”). The ability to enforce your rights as a data subject in accordance with Art. 15 ff. GDPR may also be restricted. If you do not wish to consent to the transfer of such information, do not activate Mapp[t4] in our Consent Manager. You can then continue to use the page without a transfer taking place. You can revoke this consent at any time with future effect via our Consent Manager: COOKIE SETTINGS.
Mapp Intelligence Tag Integration
We use the tag management system "Mapp Intelligence Tag Integration" from the provider Mapp Digital c/o Webtrekk GmbH on our website to manage Mapp-specific product features and third-party tags. The tag manager of Mapp processes your IP address in the process.
The legal basis for the data processing is your electronic consent pursuant to Art. 6 (1) a GDPR, which you can provide on our Consent Manager. The above data will only be processed after you have given your consent.
All further information on data processing can be found at https://mapp.com/privacy.
Social media plugins:
Our website uses various social media plugins in order to expand and link up our own Internet presence via the social networks. The usage of all the social media platforms named below serves to ensure that our online portfolio is appropriately displayed, to present all the available information and content so that it can be used accordingly, as well as to make it easy to find the locations named on our website.
We will be explaining which individual plugins are concerned and how the communication - and where appropriate the transmission - of user data is carried out in more detail in the following.
YouTube
To embed videos, we use YouTube, a service of Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland. The embedded videos only work if you have previously consented to the processing of your data by YouTube via our Consent Manager in accordance with Art. 6. para. 1 (a) GDPR.
All of our videos have also been embedded in an “extended data protection mode” so that your IP address is not actually transmitted to the YouTube servers until you have actively clicked on the video in question. Should you fail to do this, however, no data will be sent to YouTube whilst you are visiting our website.
YouTube sets cookies to collect information on those who visit their Internet page. Among other things, YouTube uses these to record video statistics, to avoid and investigate cases of fraud and to improve user-friendliness. This may also result in a connection being made to Google’s DoubleClick Network. If you launch a YouTube video, this may initiate further data processing processes. We have no influence on this.
Upon activating this service, you automatically agree to the possible export of such data to a third country, i.e. the USA, in accordance with Art. 49, para. 1 (a) GDPR. The transfer of your data to the USA harbors certain risks, e.g. national authorities may gain access to your data through domestic laws (such as “FISA”). The ability to enforce your rights as a data subject in accordance with Art. 15 ff. GDPR may also be restricted. If you do not wish to consent to the transfer of such information, do not activate YouTube in our Consent Manager. You can then continue to use the page without a transfer taking place. Furthermore, you can revoke this consent at any time with future effect via our Consent Manager: COOKIE SETTINGS
You allow YouTube to directly associate your surfing behavior with your personal YouTube profile if you have a YouTube account and are logged in to this account when you call up our webpages. You can avoid this by logging out of your YouTube account.
More information on data protection at YouTube can be found in their Privacy Policy at: https://www.youtube.de/t/privacy
resp. at: https://policies.google.com/privacy?hl=de&gl=de
Instagram Plugin
We use a plugin of the social media service Instagram (Meta Platforms, Inc.; headquartered at 1601 Willow Road, Menlo Park, California 94025, USA hereinafter "Instagram") on our website to display various Instagram posts and feeds of the social media profile of the Hans Böckler Foundation, on the boeckler.de website. In order for the Instagram plugin to properly display the information transmitted by the service, it is embedded on the website in such a way that a permanent connection exists between the plugin and the social media platform, as soon as it is activated. If you, as a website visitor, visit one of our websites on which such a plugin is located, various data are automatically sent to Instagram. This includes the IP address, as well as information about the browser and the device used. The legal basis for this data processing is your consent pursuant to Art. 6 (1) a GDPR, which you can give either directly on the plugin, or on our Consent Manager. The above data will only be processed after you have given your consent.
Since the corporate headquarters of the social media service Instagram is located in the USA, it cannot be ruled out that your personal data will also be exported to this country. As a suitable guarantee for a secure third country export, Instagram provides standard contractual clauses according to Art. 46 GDPR. You can find all further information on this at https://help.instagram.com/155833707900388
Flickr
The Hans Böckler Foundation uses Flickr to integrate photo galleries, e.g. from events, and presents these for sharing purposes via this platform. If the Flickr widget has been embedded in a page, the user data are normally transmitted to the Flickr server as soon as this page is called up. The company that operates Flickr is SmugMug Inc., Suite 200, 67 E Evelyn Avenue, Mountain View, CA 94041, USA.
On the pages of the Hans Böckler Foundation, however, Flickr has been embedded using the Usercentrics Consent Manager. This means that no direct connection to the Flickr servers is established until you have first agreed to the processing via the Consent Manager in accordance with Art. 6, para. 1 (a) GDPR. In order to see content that has been embedded into the webpages of the Foundation via Flickr, the user also needs to actively click on the respective widget. If this does not happen, no data are transmitted.
As soon as a connection to Flickr has been established, cookies are set by Flickr in which user data, such as, for example, login data and user behavior, are stored. The Hans Böckler Foundation has no influence on these cookies.
Upon activating this service, you automatically agree to the possible export of such data to a third country, i.e. the USA, in accordance with Art. 49, para. 1 (a) GDPR. The transfer of your data to the USA harbors certain risks, e.g. national authorities may gain access to your data through domestic laws (such as “FISA”). The ability to enforce your rights as a data subject in accordance with Art. 15 ff. GDPR may also be restricted. If you do not wish to consent to the transfer of such information, do not activate Flickr in our Consent Manager. You can then continue to use the page without a transfer taking place. Furthermore, you can revoke this consent at any time with future effect via our Consent Manager: COOKIE SETTINGS
In as far as you have a Flickr user account and are logged into this account when you call up data from the Hans Böckler Foundation, you automatically allow Flickr to associate your user behavior with your Flickr account. Should you not wish this to happen, you must log off from your Flickr account before the data are transferred to Flickr.
More information on Flickr’s data protection rules is available at https://www.flickr.com/help/privacy.
Podigee Podcast Hosting
We implement the Podigee Podcast Hosting service of the provider Podigee GmbH, Schlesische Strasse 20, 10997 Berlin, Germany. The podcasts are either loaded or transmitted from or via Podigee.
Usage of these podcasts is based on our legitimate interests, i.e. our interest in being able to make them available in a safe and efficient manner, in their analysis and in the optimization of our podcast offer in accordance with Art. 6, para. 1 (f) GDPR.
Podigee processes IP addresses and device information so that podcasts can be downloaded/played back and statistical data, such as the number of times they are retrieved, can be determined. These data are anonymized or pseudonymized before being stored in Podigee's database in as far as these are not required to make the podcasts available.
For more information and your options for objecting, please refer to Podigee's Privacy Policy: https://www.podigee.com/de/about/privacy/.
Tableau
The Hans Böckler Foundation uses Tableau Public, a service provided by Tableau Software Inc., San Mateo, One Curiosity Way, California 94403, USA (hereinafter referred to as “Tableau”), to analyze and visualize data on this website. When using Tableau Public, the data which are processed by the Foundation are processed directly on a Tableau server. These data are displayed in a Tableau plugin on the Foundation's website straight from the hosted server. This is why a data connection is established between Tableau's hosted web server and the Foundation's website when the data are displayed in the Tableau plugin. This may also result in the processing of personal data (e.g. the IP address or device information) of visitors to our website.
If the Tableau plugin has been embedded into a website and the content is then displayed to a website visitor, the website visitor’s personal data are normally immediately transmitted to the Tableau servers as soon as the respective page is called up. On the pages of the Hans Böckler Foundation, however, the Tableau plugin has been embedded using the Usercentrics Consent Manager. This means that no direct connection to the Tableau servers is established until you have first agreed to the processing via the Consent Manager in accordance with Art. 6, para. 1 (a) GDPR. In order to see content that has been embedded into the webpages of the Foundation via Tableau, the website visitor also needs to actively click on the respective Tableau plugin. If this does not happen, no personal data are transmitted.
As soon as a connection to Tableau has been established, cookies are set in which user data are stored. The Hans Böckler Foundation has no influence on these cookies.
Upon activating this service, you automatically agree to the possible export of such data to a third country, i.e. the USA, in accordance with Art. 49, para. 1 (a) GDPR. The transfer of your data to the USA harbors certain risks, e.g. national authorities may gain access to your data through domestic laws (such as “FISA”). The ability to enforce your rights as a data subject in accordance with Art. 15 ff. GDPR may also be restricted. If you do not wish to consent to the transfer of such information, do not activate Tableau in our Consent Manager. You can then continue to use the page without a transfer taking place. You can revoke this consent at any time with future effect via our Consent Manager: COOKIE SETTINGS
Userlike Live-Chat
We deploy the “Userlike” live-chat software provided by Userlike UG (limited liability company), Deisterweg 7, 51109 Cologne, Germany. This service uses cookies (please refer to the explanation provided further up in this Privacy Statement) to enable us to personally converse with you in the shape of a real-time chat on our webpage. A cookie is set by the Userlike plugin to enable the live-chat session, keep this chat open whilst the user is surfing around and also keep it assigned to the same operator. The information on your usage and the data provided during the live-chat session in connection with this usage are collected, stored and processed on Userlike servers. For more information, please refer to the Privacy Policy of Userlike UG (limited liability company): https://www.userlike.com/en/terms#privacy-policy
Data processing is based on Art. 6, para. 1 (f) GDPR and is carried out in the interest of simplifying and improving communications with your person.
StorifyMe
We use the tool "StorifyMe" from Storifyme GmbH (Blutenburgstraße 68, 80636 Munich, Germany, hereinafter "StorifyMe") to integrate interactive stories on our website. The tool allows us to integrate interesting and dynamic content, such as stories or surveys, which enable us to make our website content and the activities of the foundation more interesting for you. If you interact with the tool, data about the use will be sent to StorifyMe. This is only statistical information, e.g. about the number or length of views of our stories. The data is only processed when you view our stories by activating the tool and on the basis of our legitimate interest pursuant to Art. 6 para. 1 f GDPR. For more information on data protection and the use of your data when using StorifyMe, please visit: https://www.storifyme.com/legal/privacy-policy#L2
Further general information:
Changes to this Privacy Statement
We check this Privacy Statement on a regular basis to ensure that it complies with the legal provisions, the jurisprudence and the statements of the supervisory authorities, as well as to align it to emerging trends and the technological state of the art. In this respect, we reserve the right to change this Privacy Statement in order to adjust it in line with new legal data protection requirements or other changes in the factual or legal circumstances. We kindly ask, therefore, that you always check the information in our Privacy Statement applicable at the time prior to using our website.
Who is responsible for data processing? The Hans Böckler Foundation is responsible for the data processing on our webpage. Please refer to our Imprint for the respective contact details. Imprint
You can reach our Data Protection Officer at the following address:
Hans-Böckler-Stiftung
To the attention of the Data Protection Officer
Georg-Glock-Strasse 18
40474 Dusseldorf
Germany
Email: datenschutz@boeckler.de
Tel: +49 (0)211 7778–0
Who receives your personal data? (Art. 13, para. 1 (e), (f) GDPR)
We treat your personal data confidentially and never pass these on to third parties unless you have provided us with your consent to do so or in cases where these are to be made available based on a legal or contractual commitment. In individual cases, we may contract processors to process your personal data. This would be carried out in accordance with Art. 28 GDPR and on the basis of a respective commissioned data processing contract.
How long are the data stored? (Art. 13, para. 2 (a) GDPR)
The legislator has imposed numerous retention periods and deadlines.
Generally, we only store your data as long as this is legally required.
Once these periods have lapsed, we delete the respective data as a matter of routine, in as far as they are no longer required with a view to fulfilling the contract. We store data that are processed based on your consent until this consent is revoked, resp. as long as these data are required. We store data that are processed based on a legitimate interest as long as this legitimate interest continues to exist.
In line with the legal provisions, commercial law data or financially-relevant data ensuing from a closed financial year are deleted after a further ten years have passed, in as far as no longer retention periods have been stipulated or are required for legitimate reasons. In as far as the data are not subject to specific retention periods, they are deleted when the purpose for which they were processed ceases to exist.
For which purposes and on which legal basis do we process your personal data? (Art. 13, para. 1 (c), (d) GDPR)
We have already outlined the purposes and legal basis for processing data. In addition, the following generally applies: Where required, we process your data to safeguard our legitimate interests or those of other third parties in accordance with Art. 6, para. 1 (f) GDPR, for example to establish legal claims or to defend ourselves in legal disputes or to uphold our IT operations or security.
We process your data for purposes of external communications and marketing on the basis of Art. 6, para. 1 (a) or (f) GDPR in cases where we have a legitimate interest in doing so, or where we have received your written consent to process your personal data. You have the right to revoke your consent at any time.
In order to be able to comply with legal obligations, we are allowed to, or must, where required, process your data and pass these on to third parties (in accordance with Art. 6, para. 1 (c)).
In no case shall we use your data in an automated decision-making process or for profiling purposes.
Furthermore, we use cookies to be able to offer you an improved service when using our website and to make this website more convenient for you to use (Art. 6, para. 1 (f) GDPR).
Which rights do you have? (Art. 13, para. 2 (b), (c), (d), (e) GDPR)
All data subjects have the following rights:
- In accordance with Art. 15 GDPR, you have the right to receive information. This means that you can request confirmation from us as to whether personal data concerning your person are being processed by ourselves. If we process personal data from you, you also have the right to receive this data in accordance with Art. 15 GDPR.
- In accordance with Art. 16 GDPR, you have the right to rectification. This means that you can demand that we rectify any incorrect personal data concerning your person.
- In accordance with Art. 17 GDPR, you have the right to erasure (“right to be forgotten”). This means that you can demand that we erase any personal data concerning your person without undue delay - unless we are unable to erase your data due to being required, for example, to observe legal retention periods.
- In accordance with Art. 18 GDPR, you have the right to restriction of processing. This means that we are virtually no longer allowed to process your personal data - apart from storing them.
- In accordance with Art. 20 GDPR, you have the right to data portability. This means that you have the right to receive the personal data concerning your person and that you have made available to us in a structured, commonly used and machine-readable format and to transmit these data to another controller.
- In accordance with Art. 7, para. 3 GDPR, you have the right to withdraw any consent you have provided at any time with future effect.
- In accordance with Art. 77 GDPR, you have the right to lodge a complaint with the responsible supervisory authority.
In addition, you also have the right to object which we will be explaining in more detail at the end of this data protection information sheet.
If you would like to exercise any of your above rights, please contact our Data Protection Officer (see contact details listed above).
Competent supervisory authority
State Commissioner for Data Protection
North Rhine-Westphalia
Home address: Kavalleriestr. 2-4, 40213 Dusseldorf, Germany
Postal address: P.O. Box 200444, 40102 Dusseldorf, Germany
Tel.: +49 (0)211 38424-0
Email address: poststelle[at]ldi.nrw.de
Information on your right to object in accordance with Art. 21 General Data Protection Regulation (GDPR)
You have the right to object, on grounds resulting from your particular situation, at any time to the processing of personal data concerning your person which is carried out based on Art. 6, para. 1 (f) GDPR (data processing based on the weighing up of legitimate interests); this also applies to potential profiling based on this provision as provided for in Art. 4 (4) GDPR.
Should you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing which override your interests, rights and freedoms or where this processing is for the establishment, exercise or defense of legal claims.
Please direct your objection in writing (via email or post) to the attention of our Data Protection Officer (see contact details listed above).