This privacy policy has been translated automatically.

I. Name and address of the responsible person

DAI Heidelberg
Das Haus der Kultur.
Sofienstraße 12
D-69115 Heidelberg
phone: +49 (0) 6221 60730
email: info@dai-heidelberg.de

Carrier: Schurman-Gesellschaft e. V.

is the controller within the meaning of the EU General Data Protection Regulation (GDPR) and other national data protection laws.

II. Name and address of the data protection officer

The data protection officer of the controller is:

AGOR AG
Niddastraße 74
60329 Frankfurt am Main
Deutschland
phone: +49 (0) 69 – 9494 32 410
email: info@agor-ag.com
web: www.agor-ag.com

III. General information on data processing

1. Scope of the processing of personal data

We collect and use personal data of the users of our website only to the extent necessary to provide a functional website, our content and services.

In principle, the collection and use of personal data of our users only takes place after their consent. An exception to this principle applies in cases where processing of the data is permitted by legal regulations or obtaining prior consent is not possible for actual reasons.

2. Legal basis for the processing of personal data

Art. 6 (1) sentence 1 lit. a DSGVO when obtaining the consent of the data subject.

Art. 6 (1) sentence 1 lit. b DSGVO for processing operations that serve to fulfill a contract to which the data subject is a party. Included here are processing operations that are necessary for the implementation of pre-contractual measures.

Art. 6 (1) sentence 1 lit. c DSGVO for processing operations that are necessary for the fulfillment of a legal obligation.

Art. 6 (1) p. 1 lit. d DSGVO if vital interests of the data subject or another natural person make processing of personal data necessary.

Art. 6 para. 1 p. 1 lit. f DSGVO, if the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interest. In order to be able to base the processing of personal data on a legitimate interest, an assessment is carried out in each case in consultation with the Data Protection Officer for each relevant process, whereby the following three conditions must be met:

1) The controller or a third party has a legitimate interest in the processing of personal data.

2) The processing is necessary to safeguard the legitimate interest.

3) Interests or fundamental rights and freedoms of the data subject which require the protection of personal data do not prevail.

3. Data deletion and storage period

The users’ personal data will be deleted or blocked as soon as the purpose of the storage no longer applies. Storage beyond this may take place if this has been provided for by the European or national legislator in Union regulations, laws or other regulations to which the responsible party is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.

IV. Use of our website, general information

1. Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the user’s computer system. The following information may be collected:

Information about the browser type and version used, The user’s operating system, The user’s Internet service provider, The user’s IP address, The date and time of access, Websites from which the user’s system accesses our website, Websites that are accessed by the user’s system via our website.

The described data is stored in the log files of our system. This data is not stored together with other personal data of the user.

2. Purpose and legal basis for data processing

The temporary storage of the IP address by our system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 p. 1 lit. f DSGVO.

The collection of their personal data for the provision of our website and the storage of the data in log files is mandatory for the operation of the website. Therefore, there is no possibility for the user to object.

3. Duration of storage

Your data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If your data is collected to ensure the provision of the website, the data will be deleted when the respective session has ended.

If your data is stored in log files, it will be deleted after seven days at the latest. Storage beyond this period is possible, in which case the IP addresses of the users are deleted or alienated. An assignment of the calling client is thus no longer possible.

V. General information on the use of cookies

We use cookies on our website. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. If you call up a website, a cookie may be stored on your operating system. This contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.

Cookies are used by us to make our homepage more user-friendly. Some elements of our website require that the browser can be identified even after a page change.

TTDSG:

The legal basis for the storage of cookies, device identifiers and similar tracking technologies or for the storage of information in the end user’s terminal equipment and access to this information is the European ePrivacy Directive in conjunction with the Telecommunications and Telemedia Data Protection Act (TTDSG).

Please note that the legal basis for the processing of personal data collected in this context then results from the DSGVO (Art. 6 para. 1 p.1 DSGVO). The relevant legal basis for the processing of personal data in each specific case can be found below the respective cookie or the respective processing itself.

The primary legal basis for the storage of information in the end user’s terminal equipment – in particular for the storage of cookies – is your consent, Section 25 (1) sentence 1 TTDSG. The consent is given when visiting our website -which of course does not have to be given- and can be revoked at any time in the cookie settings.

Pursuant to Section 25 (2) No. 2 TTDSG, consent is not required if the storage of information in the end user’s terminal equipment or access to information already stored in the end user’s terminal equipment is absolutely necessary for the provider of a telemedia service to be able to provide a telemedia service expressly requested by the user. You can see from the cookie settings which cookies are to be classified as absolutely necessary (often also referred to as “technically necessary cookies”), and therefore fall under the exception of Section 25 (2) TTDSG and therefore do not require consent.

EU GDPR:

When using “Borlabs Cookie” (Cookie Consent Tool), no data is stored or transmitted.

The legal basis for the processing of personal data using cookies results from Art. 6 para. 1 p. 1 lit. f EU GDPR. The purpose of the use of technically necessary cookies is to simplify the use of our website.

We point out that isolated functions of our website can only be offered by using cookies.

We do not use user data collected through technically necessary cookies to create user profiles.

Cookies are stored on the user’s computer and transmitted to our site by the user. As a user, you therefore have control over the use of cookies. You can restrict or deactivate the transmission of cookies by making changes in the settings of your Internet browser. There, stored cookies can also be deleted again. Please note that you may no longer be able to use all the functions of our website if you disable cookies.

The legal basis for the processing of personal data using cookies for analysis and advertising purposes is Art. 6 para. 1 p. 1 lit. a DSGVO if the user has given his consent in this regard.

Cookie consent with Borlabs

This website uses the provider Borlabs (Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg, Germany), which sets a technically necessary cookie (borlabs-cookie) to provide you with individual cookie settings and to document them in accordance with data protection laws. If our website is accessed, the following data is transmitted to borlabs: Your consent or revocation of your consent to set cookies, a cookie set by borlabs-cookie in your browser, the cookie runtime and version, domain and path of the website and the UID. Whereas the UID is a randomly generated ID and not personal information. Borlabs does not process any personal data.

The use of Borlabs cookie consent technology takes place in order to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c DSGVO.

The borlabs-cookie cookie stores your consents that you gave when entering the website. If you wish to revoke these consents, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked again for your cookie consent.

Cookie Settings


VI. Your rights / rights of the data subject

1. Right to information

You have the right to receive from us as the responsible party the information whether and which personal data concerning you are processed by us, as well as further information in accordance with the legal requirements under Art. 13, 14 DSGVO.

You could assert your right to information under:

verwaltung@dai-heidelberg.de

2. Right to rectification

If the personal data processed by us and relating to you is incorrect or incomplete, you have a right against us to rectification and/or completion. The correction will be made without delay.

3. Recht auf Einschränkung

You have the right to restrict the processing of personal data concerning you in accordance with the legal provisions (Art. 18 DSGVO).

4. Right to deletion

If the reasons set out in Article 17 of the GDPR apply, you may request that the personal data relating to you be deleted without delay.

We point out that the right to erasure does not exist insofar as the processing is necessary for one of the exceptional circumstances mentioned in Art. 17 (3).

5. Right to information

If you have asserted the right to rectification, erasure or restriction of processing, we are obliged to notify all recipients to whom the personal data relating to you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. Furthermore, you have the right to be informed about these recipients.

6. Right to data portability

Under the GDPR, you also have the right to receive the personal data concerning you that has been provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller.

7. Right to revoke the declaration of consent under data protection law

You have the right to revoke your declaration of consent under data protection law at any time. We would like to point out that the revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

8. Right to object

Furthermore, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6 (1) sentence 1 lit. e or f DSGVO.

9. Automated decision in individual cases including profiling

Under the EU General Data Protection Regulation, you also have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

10. Right to complain to a supervisory authority

Finally, if you consider that the processing of personal data concerning you infringes the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement.

VII. Data transfer outside the EU

The GDPR ensures an equally high level of data protection within the European Union. When selecting our service providers, we therefore rely on European partners wherever possible when your personal data is to be processed. Only in exceptional cases will we have data processed outside the European Union in the context of using third-party services. We will only allow your data to be processed in a third country if the special requirements of Art. 44 et seq. DSGVO are fulfilled. This means that the processing of your data may then only take place on the basis of special guarantees, such as the officially recognized determination by the EU Commission of a level of data protection corresponding to the EU or the observance of officially recognized special contractual obligations, the so-called “standard data protection clauses”.

VIII. Minors under 16 years

Minors under the age of 16 are expressly not addressees of our website and our offers on this website. We point out that legal guardians must accompany the online activities of their children. Minors under the age of 16 should not transmit any personal data to us without the consent of their parents or legal guardians. We explicitly do not request personal data from minors under the age of 16, do not knowingly collect such data and do not pass it on to third parties.

IX. Newsletter

1. General

You can subscribe to a free newsletter on our homepage, with which we inform you about our current interesting offers. The advertised goods and services are named in the declaration of consent. The data that you enter in the input mask during registration will be transmitted to us.

We collect the following data on the basis of the consent obtained from you during the registration process:

Last name, first name, e-mail address.

Furthermore, the following data is stored at the moment of transmission:

IP address of the calling computer, date and time of registration.

Your data will not be passed on in connection with the data processing for the dispatch of newsletters. The data is used exclusively for sending the newsletter.

2. Double opt-in and logging

The registration for our newsletter takes place in a so-called double opt-in process. After registration, you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that no one can register with other email addresses.

The registrations for the newsletter are logged in order to be able to prove the registration process according to the legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address.

3. Legal basis

The legal basis for the processing of the data is Art. 6 para. 1 p. 1 lit. a DSGVO if the user has given his consent. The collection of the user’s email address serves to deliver the newsletter.

4. Deletion, revocation and objection

Your data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. Your e-mail address will therefore be stored as long as the subscription to the newsletter is active. The subscription to the newsletter can be terminated by you at any time by revoking your consent. For this purpose, you will find a corresponding link in each newsletter.

We would also like to point out that you can object to the future processing of your personal data in accordance with the legal requirements pursuant to Art. 21 DSGVO at any time. The objection can be made in particular against the processing for purposes of direct advertising.

5. Shipping service provider Brevo

This website uses Brevo to send newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.

Brevo is a service with which, among other things, the dispatch of newsletters can be organized and analyzed. The data you enter for the purpose of receiving newsletters is stored on Brevo’s servers in Germany.

With the help of Brevo, it is possible for us to analyze our newsletter campaigns. For example, we can see whether a newsletter message has been opened and which links, if any, have been clicked. In this way, we can determine, among other things, which links were clicked on particularly often.

In addition, we can see whether certain previously defined actions were performed after opening/clicking (conversion rate). We can thus see, for example, whether you have made a purchase after clicking on the newsletter.

Brevo also enables us to subdivide (“cluster”) the newsletter recipients according to various categories. In doing so, the newsletter recipients can be subdivided according to age, gender or place of residence, for example. In this way, the newsletters can be better adapted to the respective target groups.

If you do not want any analysis by Brevo, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.

For detailed information on the functions of Brevo, please refer to the following link: https://www.brevo.com/de/newsletter-software/.

The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.

The data you provide for the purpose of receiving the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data that has been stored by us for other purposes remains unaffected by this.

After you have unsubscribed from the newsletter distribution list, your e-mail address will be stored by us or the newsletter service provider in a blacklist, if necessary, to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) f DSGVO). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

For more details, please refer to Brevo’s privacy policy at: https://www.brevo.com/de/datenschutz-uebersicht/.

We have concluded an order processing agreement (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that this provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the DSGVO.

X. Electronic contact

If you would like to contact us, a contact form is available on our homepage, which you can use to contact us electronically. The data entered in the input mask will be transmitted to us and stored. These data are:

Salutation, first name, last name, e-mail address, telephone, message.

At the time the message is sent, the following data is also stored:

The IP address of the user, date and time of contact.

Furthermore, it is possible to contact us via the e-mail address provided. In this case, the user’s personal data transmitted with the e-mail will be stored.

Your data will not be passed on to third parties in this context; the data will be used exclusively for processing the communication.

The legal basis for the processing of the contact request and its handling is regularly Art. 6 para. 1 p.1 lit. b DSGVO.

If further personal data is processed during the sending process, this is only used to prevent misuse of the contact form and to ensure the security of our information technology systems.

Your data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

XI. Web Analytics

Matomo Cloud

We use the Matomo Cloud service provided by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, email: privacy@matomo.org, website: https://matomo.org/. Data is also transferred to a third country outside the EU. An adequacy decision by the Commission exists for this third country. On the website of the EU Commission (Link: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de) you will find a current list of all adequacy decisions.

The legal basis for the processing of personal data is your consent in accordance with Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, which you have given on our website.

The purpose of collecting statistical data is to monitor the functionality and user-friendliness of our website and to optimize it by analyzing anonymized user flows. This enables us to identify which content is relevant for our site visitors and users and to expand our offering in this regard. We can use the data collected to create user profiles and read out general statistical information. The data collected in this context will not be merged with other personal data without separate consent.

For the processing itself, the service or we collect the following data: Parts of your IP address, user activities (e.g. referrer links, the time spent on certain URLs, clickstream, shopping cart or order IDs), data about your browser settings, browser provider, browser version, screen resolution and the operating system used.

You can withdraw your consent at any time. You can find more information on revoking your consent either in the consent itself or at the end of this privacy policy.

Further information on the handling of the transferred data can be found in the provider’s privacy policy at https://matomo.org/privacy/.

XII. Vimeo-Player

We have integrated Vimeo videos into our online offer, which are stored on https://vimeo.com/ and can be played directly from our website. The provider is Vimeo, Inc., New York City, United States.

These are all integrated in “extended data protection mode”, i.e. no data about you as a user is transmitted to Vimeo if you do not play the videos. Only when you play the videos, the data mentioned in paragraph 2 are transmitted. We have no influence on this data transmission.

By visiting the website, Vimeo receives the information that you have accessed the corresponding subpage of our website. This occurs regardless of whether Vimeo provides a user account through which you are logged in or whether no user account exists. Vimeo stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) for the provision of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Vimeo to exercise this right.

Insofar as we obtain your consent, the legal basis for the use of the plug-in is your consent pursuant to Art. 6 (1) p. 1 lit. a DSGVO. How the respective social media providers process your personal data can be found in the respective privacy policy. We are not the responsible party in the sense of the DSGVO for the data processing of the social media providers.

Further information on the purpose and scope of data collection and its processing by Vimeo can be found in the privacy policy. There you will also find further information about your rights and setting options to protect your privacy: https://vimeo.com/privacy. Vimeo also processes your personal data in the USA.

XIII. YouTube video integration

We have integrated YouTube videos into our online offer, which are stored on https://www.youtube.com and can be played directly from our website. These are all embedded in “extended data protection mode”, which means that no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos, data is transmitted. We have no influence on this data transmission.

By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment with your profile at YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, and you must contact YouTube to exercise this right.

The legal basis for the use of YouTube is our legitimate interest pursuant to Art. 6 (1) p. 1 lit. f DSGVO, which is to provide our users with the most extensive and appealing user experience possible.

For more information on the purpose and scope of data collection and its processing by YouTube, please see the privacy policy. There you will also find more information about your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy

Opt-Out: https://support.google.com/ads/answer/10261289?hl=de&ref_topic=7048998

XIV. Google Maps

On this website we use the offer of Google Maps. This allows us to show you interactive maps directly in the website and enables you to use the map function comfortably.

By visiting the website, Google receives the information that you have called up the corresponding sub-page of our website. In addition, the data mentioned in section IV of this declaration are transmitted to Google. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment with your profile at Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.

The legal basis for the use of Google Maps is our legitimate interest pursuant to Art. 6 (1) p. 1 lit. f, which is to provide our users with the most extensive and appealing user experience possible.

For more information on the purpose and scope of data collection and its processing by the plug-in provider, please refer to the provider’s privacy policy. There you will also find further information about your rights in this regard and setting options for protecting your privacy: https://www.google.de/intl/de/policies/privacy.