The protection of your data is very important to us. That is why we operate the above-mentioned website in accordance with the applicable laws on data protection and data security. We are subject in particular to the General Data Protection Regulation (GDPR) and the new German Data Protection Act (Bundesdatenschutzgesetz, BDSG).
The following statement provides an overview of the scope and purpose of the collection and processing of personal data. This information can be accessed on our website at any time.
Name and address of the person responsible and the data protection officer
The person responsible within the meaning of the GDPR and other federal data protection laws of the Member States as well as other data protection regulations is:
Verein zur Förderung der Gedenkstätte und des Archivs Breitenau e.V., represented by the 1st Chairman René Mallm
The data protection officer is:
Ann Katrin Düben
Scope of personal data processing:
We only process the personal data of our users to the extent necessary for ensuring a functional website as well as providing our content and services. The processing of your personal data takes place regularly only after your explicit consent. An exception applies in cases where prior consent is not possible on factual grounds and the processing of such data is permitted in accordance with legal regulations.
Legal basis for personal data processing:
Under current data protection legislation (GDPR and BDSG), it is necessary that the processing of your personal data has a legal basis. In the following, please find the legal basis for each case
Data deletion and storage duration:
Your personal data will be deleted or blocked as soon as the purpose of the storage is no longer applicable.
Collection, processing and use of personal data:
Access data / log files
You may visit our website without providing us with any personal information, except for the information that your browser provides to enable you to visit our website. Each time our web servers access the pages of our website, the following information is temporarily stored in a so-called log file:
The IP address of the requesting computer, date and time of access, name, URL and transmitted data volume of the retrieved data, access status (requested file transferred, not found, etc.), identification data of the browser and operating system used (if transmitted by the requesting web browser), web page from which access was made (if transmitted by the requesting web browser)
The log entries are continuously evaluated automatically in order to detect attacks on our web servers and to react accordingly. In individual cases, i.e. in the case of reported interruptions, errors and safety incidents, a manual analysis is carried out. We do not combine the IP addresses listed in the log entries with other data sets. This means we cannot identify individual persons.
The legal basis for the temporary storage of data and log files is Art. 6 (1) point (f) GDPR.
The temporary storage of the IP address by the system is necessary in order to enable delivery of the website to the user's computer. The user's IP address must therefore remain stored for the duration of the session. Storing data in the form of log files takes place to ensure the functionality of the website. In addition, the data is used to optimize our website and to ensure the security of our IT systems so that we can detect and respond to attacks on our web servers. Your data will not be evaluated for marketing purposes in this context.
Duration of storage
Your data is deleted as soon as it has fulfilled the purpose of its collection. These log entries are stored for 6 months for the above-mentioned reasons and then deleted.
Contact / booking of educational programmes / inquiries
Personal data that you transmit for the purpose of contacting us, booking educational programmes or archive requests, etc., will be used exclusively for this purpose. These details are provided on a voluntary basis and only with your consent. If this is information regarding communication channels (e.g. email address, telephone number), you also agree that we may contact you via this communication channel in order to respond to your request. You may revoke your consent at any time. To do so, please contact our data protection officer, whose contact details are listed above. Your personal data is deleted after it has fulfilled its purpose.
Our website allows you to subscribe to our newsletter and receive invitations to events as well as current information regarding our work. Here, we ask you to provide personal data such as name, address, email address and telephone number via an online form. This only occurs on the basis of your voluntary and explicit consent, which you can revoke at any time. This also applies to an email registration.
The processing of your personal data takes place on the basis of Art. 6 (1) point (a) GDPR.
Changes to this data privacy statement
Due to legal and/or organizational reasons, changes or adjustments to our data privacy statement will be necessary from time to time. Please refer to the latest version of our data privacy statement. The date of the current version is March 2021.