Disclosure of information for the Website bca.earth and beyondclimatealliance.org (collectively the "Website") pursuant to Article 13 of the EU General Data Protection Regulations ("GDPR") concerning Data Processing (“Processing”) operations in the context of access to and use of the Website.
Thank you for your interest in our Website. The protection of your Personal Data (“Personal Data") is of great concern to us. We therefore process your Data exclusively on the basis of the legal requirements of the GDPR in conjunction with other relevant legal provisions.
With certain exceptions, Data Protection regulations focus on the Processing of Personal Data. For the purpose of this Privacy Policy, we will use the GDPR terminology. This means that the Processing of Personal Data basically includes any handling of such Data. As long as the Data processed by us is human-related and makes you identifiable as a person, it is basically Personal Data, which means that you are to be regarded as the person affected by Data Processing as defined in Article 4(1) of the GDPR.
You are not obliged to provide Data. Data that is automatically processed as a result of accessing the Website is not Personal Data or is only stored for a very short period of time (see in particular point 2.1).
Responsible as defined in Art. 4.7 of the GDPR:
Beyond Climate Alliance GmbH
Hohenzollerndamm 111,
DE-14199 Berlin, Germany
Contact:
Tel: +49.30.466.064.61
Fax: +49. 30.466.064.61
E-Mail: hello@bca.earth
Internet: www.beyondclimatealliance.org
Internet: www.bca.earth
(a) Type and Scope of Data Processing: You can visit our Website without having to provide any personal information. When you visit our Website, only general access Data is automatically stored in so-called server log files. In particular, the following Data is processed: (i) name of the website visited; (ii) browser type/browser version used; (iii) operating system used by the user; (iv) website previously visited (referrer URL); (v) time of the server visit; (vi) amount of Data transferred; (vii) host name of the accessing computer (IP address used in abbreviated form). This information does not itself allow us to draw any conclusions about your person; however, IP addresses are considered Personal Data within the framework of the GDPR.
(b) (b) Legal Basis and Purpose: The purpose of this Data Processing is to establish and maintain the technical security of our Website, to improve its quality and to generate statistical information. The Processing is carried out on the basis of our legitimate interest (Art. 6 para. 1(f) of the GDPR), which is to achieve the aforementioned objectives.
(c) Storage Period: The server log files are always deleted automatically after fourteen (14) days, ath the latest
(a) Type and Scope of Data Processing: When contacting us via one of the contact options listed within this Privacy Policy or on our Website, the information provided by you will be processed for the purpose of handling the contact request and for the Processing thereof. The Processing of your Data is necessary to process and respond to your enquiry, as we would be unable to contact you otherwise.
(b) Legal Basis and Purpose: The purpose of Data Processing is to enable us to exchange information with users of the Website. We answer your enquiries on the basis of our legitimate interest (Art. 6 para. 1(f) of the GDPR) by having a functioning contact system as a prerequisite for the provision of any services. In the case of recurring contact requests, your Data may also be processed for other purposes about which you will be informed separately if necessary.
(c) Storage Period: We will delete your enquiry/enquiries and your contact details once your enquiry has been conclusively answered. Unless you send us any follow-up enquiries or we need to process the Data for other purposes, your Data will generally be stored for six (6) months and deleted after this period.
(a) Type and Scope of Data Processing: You have the option of subscribing to our newsletter on our Website. All you need to do is enter your email address. The newsletter informs you about news concerning our company; it is sent exclusively to email addresses provided by interested parties themselves. In the event that you no longer wish to receive the newsletter, you can unsubscribe at any time (revoke your consent) by sending a message to the contact address listed under point 1, or by clicking on the unsubscribe link at the end of each newsletter. For the purpose of evaluating success and reach, we also use the newsletter for statistical evaluations in connection with your Personal Data and measure the performance of the newsletter by Processing the opening and click behaviour, as well as information about its technical deliverability.
For the delivery of the newsletter, we use the newsletter service Mailjet, which is operated by Mailjet SAS (“Mailjet”) 13-13 bis, rue de l'Aubrac, 75012 Paris, France. For this purpose, your voluntarily disclosed Personal Data is stored on the servers of Mailjet SAS in order to send you the newsletter you subscribed to. Mailjet SAS acts as our processor within this framework and is strictly bound by our instructions.
(b) Legal Basis and Purpose: The above-mentioned Data is processed for the purpose of direct advertising in the form of a newsletter and is necessary to enable the newsletter to be sent. Under no circumstances will a newsletter, or other electronic advertising, be sent without your prior consent which we obtain on our Website in accordance with Art. 6 para. 1(a) of the GDPR. Any evaluation of the performance of the newsletter is carried out on the legal basis of our overriding legitimate interest in compiling easily manageable and marketing- effective newsletter statistics in a cost-effective manner (Art. 6 para. 1(f) of the GDPR).
(c) Storage Period: The Data collected for the purpose of sending the newsletter will be deleted within seven (7) days of unsubscribing, provided that there are no statutory retention periods against this and the Data is not also permissibly processed for other purposes.
Our Website uses so-called Cookies (“Cookies”), provided that you give us your consent within the context of Art. 6 Para. 1(a) of the GDPR (once you have given your consent for the use of Cookies, you can revoke it at any time [see "Right of Revocation" under point 8]); if you refuse to give your consent, we limit the use of Cookies to technically necessary Cookies that we need to maintain the functionality of our Website (see below), and that we use on the basis of our legitimate interest (Art. 6 para. 1(f) of the GDPR), insofar as Personal Data is processed within this framework.
Cookies are small data sets that are basically managed by your browser on your end device and are stored there. They are initially placed by a web server and are sent back to it as soon as a new connection is established in order to recognise the user and his or her settings. A specific identity consisting of numbers and letters is assigned to your end device.
Cookies can serve various purposes, such as helping to maintain the functionality of a website in terms of features and user experience according to state-of-the-art technology. The actual content of a specific Cookie is always determined by the website that created it.
Most browsers automatically accept Cookies. However, you have the option to adjust your browser settings so that Cookies are either generally rejected or only certain types are permitted (for e.g., restriction of refusal of third-party cookies). However, if you change the Cookie settings on your browser, you may no longer be able to use our Website to its full extent. You also have the option of deleting all Cookies already stored on your end device via the browser settings. This also corresponds to the revocation of your consent.
If you give us your consent within the context of Art. 6 Para. 1(a) of the GDPR, we use the storage capacity of your browser software, for e.g. to improve the usability of our Website, its user- friendliness, as well as our offer in general (for e.g., to secure your language settings). For this purpose, we use the so-called local storage or session storage to store certain Data on your end device, whereby your browser creates the local storage or session storage separately for different domains. Apart from you, only we can access the Data that is processed within this framework. Insofar as this is technically absolutely necessary to maintain the functionality of our Website, certain information may also be stored in the local storage or session storage of your browser without your consent. Uninvolved third parties are never able to access this information; however, it may be stored on your terminal device by our partners (third-party providers) on our behalf for specific purposes. In contrast to Cookies, this method is faster and more secure, as Data is not automatically transferred to the respective server with every HTTP request, but is only stored by your browser software; in addition, the local storage or session storage each offers up to 5 megabytes of storage volume, while a single Cookie can be a maximum of 4096 bytes.
Since the functionalities have similarities to Cookies, what was written under point 3.1 applies accordingly. Please note, that information in the local storage has no expiry date (it is comparable to persistent Cookies). Information in the session storage, on the other hand, is only stored for the duration of the respective browser session (they are comparable to session Cookies).
Manually removing Data from the local storage or session storage works within the settings of most browsers in exactly the same way as the manual removal of Cookies, because Cookies are usually grouped together with other website Data within this option (e.g. Cookies and other website Data); in this respect, we refer to the explanations under point 3.1. If the browser software you use combines Cookies and other website Data in this way, blocking Cookies also blocks access to the local storage or session storage (which can also lead to restrictions with the use of our Website). If you deactivate JavaScript, the local storage or session memory can also no longer be used by us, but this can generally lead to considerable restrictions in use.
Another possibility, apart from Cookies, to collect certain user Data is through so-called tracking pixels (also: pixel tags or web beacons). These are transparent images that are practically invisible because they only consist of a single pixel. The tracking pixel is located on a server and is loaded as soon as a designated sub-page of our Website is called up. They enable us to track the fact that a web page is called up, as well as subsequent user activity in order to be able to carry out targeted marketing. With the help of the tracking pixel, the following information can generally be retrieved: (i) operating system used; (ii) browser software used; (iii) time of accessing a website; (iv) user behaviour on the visited website; (v) IP address and approximate location of the user.
Tracking pixels are used on our Website on the basis of our legitimate interest in accordance with Art. 6 para. 1(f) of the GDPR in a state-of-the-art analysis of hits. Since this is merely an image loaded from a server, the lifetime of a tracking pixel cannot extend beyond a single browser session. However, information generated by tracking pixels may subsequently be stored in Cookies (see point 3.1).
We use a web analysis and online marketing tool from Google Ireland Limited ("Google Ireland"), Gordon House, 4 Barrow Street, Dublin, Ireland on our Website, namely Google Analytics (“Google Analytics”), which enables us to analyse the use of the Website. The tool records, for example, the time users have spent on sub-pages of our Website or which links have been clicked on by users. The tracking is done using JavaScript libraries provided by Google Ireland. Google Analytics works with Cookies (or comparable storage technologies), which can be stored on your end device after your consent. With regard to Google Analytics, Google Ireland acts as our processor within the framework of Art. 28 of the GDPR.
When Google Analytics is used, your IP address and other client Data, namely information about the use of our Website, such as browser type/version, operating system used, the previously visited page or the time of the server request, are transmitted to Google servers and stored there. Google Ireland will use the information collected on our behalf for the purpose of evaluating your use of the Website, compiling reports on Website activity and providing other services relating to website activity and internet usage. The Data on the use of our Website will be automatically deleted at the end of the retention period of fourteen (14) months set by us for Google Analytics.
The IP address transmitted by your browser is not merged with other Data from Google Ireland. To best protect you, we use IP anonymisation by adding "anonymizeIP" to our Website's code. This guarantees the masking of your IP address so that all Data is collected anonymously. Only in exceptional cases will the full IP address be transferred to a Google server and be shortened there.
As far as possible, Google Ireland tries to process the Data of users from the EEA region in European data centres; however, your Data may be transferred to companies affiliated with Google Ireland, in particular to the parent company based in the USA, Google LLC ("Google"), 1600 Amphitheatre Parkway, Mountain View, California 94043, USA; any transfer of your Data by Google Ireland to such sub-processors in third countries is based on standard Data Protection clauses of the EU Commission within the framework of Art. 46 Para. 2(c) of the GDPR. An overview of all Google data centre locations can be found here: https://www.google.com/about/ datacenters/locations/.
For disposition options in connection with Cookies, see point 3.1. You can prevent the collection of Data generated by means of Cookies (or comparable storage technologies) and related to your use of the Website (incl. your IP address) by Google Ireland, as well as the Processing of this Data, by downloading and installing an appropriate browser add-on ("Browser add-on to disable Google Analytics" - available for Microsoft Internet Explorer 11, Google Chrome, Mozilla Firefox, Apple Safari and Opera).
For further information on the use of Data by Google Ireland and affiliated companies, as well as on settings and objection options, please refer to the Google Privacy Policy at https://policies.google.com/privacy?hl=de.
As part of our offer, we use Facebook Pixel (“Facebook Pixel”). This is a Facebook business tool for which Facebook Ireland Ltd. ("Facebook Ireland"), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, is responsible for Data Protection in the EEA. Facebook Pixel is integrated into our Website as a JavaScript code snippet and enables us to track the activities of website users. Certain actions that a user takes are defined as so-called events and are analysed with the help of the Pixel (in particular, calling up a specific sub-page of our Website, so-called button click data); this allows us to measure, for example, the effectiveness of the structure of our Website and the effectiveness of our advertisements (conversion tracking). Facebook Pixel is therefore used for statistical and market research purposes in order to optimise our offer. Facebook Ireland acts as our processor within the framework of Art. 28 of the GDPR.
Your Data may also be transferred to companies affiliated with Facebook Ireland, in particular Meta Platforms Inc.(“Meta”), 1601 Willow Road, Menlo Park, California 94025, USA; any transfer of your Data by Facebook Ireland to such affiliated companies is based on the General Data Protection Regulations of the EU Commission within the framework of Art. 46 Para. 2(c) of the GDPR.
In addition to the defined event Data, Facebook Pixel collects all information from HTTP headers (IP address, browser information, page location, document, referrer, website visit) as well as a Pixel ID and Cookie information. This Data is exchanged with Facebook Ireland. The Processing of your IP address is necessary so that the desired content can actually be sent to your browser. By activating the Advanced Matching (“Advanced Matching”) function, our use of the Facebook Pixel and therefore, the exchange of data with Facebook Ireland, is not limited exclusively to event Data; rather, this Data is enriched with Data that is read, in particular, from entries in text fields during a visit to our Website and is transmitted to Facebook Ireland in a hashed (pseudonymised) form together with the associated event Data. Tracking is carried out by means of tracking pixels and Cookies, which can be first-party Cookies as well as third-party Cookies.
The Data is stored and processed by Facebook Ireland on our behalf; Facebook's own use of Data, in particular to personalise features and content (including ads and recommendations), only occurs after the Data has been aggregated with Data from other advertisers or other Facebook products. The enrichment of event Data with Data from Advanced Matching enables us to improve the conversion measurement performed using Facebook Pixel and to better match it to Facebook users in order to make advertising more interesting for users and, at the same time, to improve the effectiveness of our advertising campaigns. The hashed (pseudonymised) Data from the Advanced Matching is immediately deleted in its personal form by Facebook Ireland after it has been appropriately linked. Overall, non-personal clusters are formed which are stored for longer periods of time. If you have created a Facebook account and are logged in, you can manage your settings for personalisation of advertising on Facebook here: : www.facebook.com/settings?tab=ads.
We use links to third-party sites on our Website. These are, in particular, links to our social network sites (e.g. Facebook). If you click on one of these links, you will be forwarded directly to the respective page. For the website operators, it is only obvious that you have accessed our Website. Accordingly, we generally refer to the separate Data Protection declarations of these websites. For more detailed information on our Processing of your Data in connection with our social media presence, please see point 6.
For the purpose of promoting our business activities and advertising our offers, we maintain a presence on social networks and various platforms. The Processing of your Data within this context is based on our legitimate interests pursuant to Art. 6 Para. 1(f) of the GDPR, which consist of increasing our reach, as well as providing users of the social networks and platforms with additional information and communication channels. In order to best achieve these purposes, outreach measurement (access statistics, recognition of returning users, etc.) may be carried out as part of the offer of the respective service provider
Within the framework of accessing one of the online networks illustrated below, we process general information, that is evident from your profile, with the respective provider, as well as, if applicable, further inventory Data, contact Data or content Data, insofar as you make these available to us by interacting with our respective online network and its content. We do not store this Data separately outside of the respective social network or platform.
Since we jointly determine the purpose and means of the Data Processing that takes place within the scope of our respective online networks with the respective provider (or the entity otherwise designated as responsible), joint responsibility within the framework of Art. 26 of the GDPR applies in each case. Within this framework, the provider of the respective social network or platform is the central contact for all general and technical questions in connection with our online presence; this also applies to the fulfilment of Data subject rights within the context of point 8. However, if enquiries concern the actual operation of our online presence, your interactions with it and the information published/collected about it, we are the primary contact; point 8 and the other statements in this Data Protection Declaration apply accordingly.
From a Data Protection perspective, the social network, Facebook ("Facebook") is under the responsibility of Facebook Ireland Ltd. ("Facebook Ireland"), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, in the EEA region. With regards to the operation of our Facebook fan page "Beyond Climate Alliance" ([https://www.facebook.com/beyond.climate.alliance]), we are jointly responsible with Facebook Ireland for the Processing of your Personal Data carried out within this context and within the framework of Art. 26 of the GDPR.
Your Data may also be transferred to companies affiliated with Facebook Ireland, in particular Meta Platforms Inc. ("Meta"), 1601 Willow Road, Menlo Park, California 94025, USA; any transfer of your Data by Facebook Ireland to such affiliated companies is based on the General Data Protection Regulations of the EU Commission within the context of Art. 46 Para. 2(c) of the GDPR.
Please note that we have no influence over the programming and design of the social network, but can only personalise and manage our Facebook fan page to the extent provided by Facebook. Therefore, please take into account the conditions that the service provider places on the use of the social network (https://www.facebook.com/terms), the separately provided Data Protection information (www.facebook.com/policy.php) and the existing setting options in your Facebook account. We are, of course, fully responsible for the information we make available through the mechanisms provided by Facebook (posts, shares, etc.).
The social network, Instagram, is operated by Instagram Inc (“Instagram") 1601 Willow Road, Menlo Park, California 94025, USA, which is part of the Facebook group. The Data Protection controller for the EEA region is Facebook Ireland (see point 6.1). With regards to the operation of our Instagram accounts "beyond.climate.alliance" (https://www.instagram.com/beyond.climate.alliance/) and "bca_earth" (https://www.instagram.com/bca_earth/), we are jointly responsible with Facebook Ireland for the Processing of your Personal Data carried out in this context within the framework of Art. 26 of the GDPR.
Your Data may also be transferred to companies affiliated with Facebook Ireland, in particular Instagram Inc or Meta Platforms Inc, 1601 Willow Road, Menlo Park, California 94025, USA; any transfer of your Data by Facebook Ireland to such affiliated companies is based on the General Data Protection Regulations of the EU Commission within the framework of Art. 46 Para. 2(c) of the GDPR. Please note that we have no influence over the programming and design of the social network, but can only personalise and manage our Instagram accounts to the extent provided by Instagram. Please therefore take into account the conditions that the service provider places on the use of the social network (https://help.instagram.com/581066165581870), the separately provided Data Protection information (https://help.instagram.com/519522125107875) and the existing settings options in your Instagram account. We are, of course, fully responsible for the information we provide through the mechanisms provided by Instagram (posts, stories, etc.).
From a Data Protection perspective, the social network, Twitter (“Twitter”) is the responsibility of Twitter International Company (“Twitter International”), One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland in the EEA region. With regards to the operation of our Twitter accounts "Beyond Climate Alliance" (https://twitter.com/BeyondClimateA) and "BCA EARTH" (https://twitter.com/BcaEarth), we are jointly responsible with Twitter International for the Processing of your Personal Data within the framework of Article 26 of the GDPR.
Your Data may also be transferred to companies affiliated with Twitter International, in particular Twitter Inc. (collectively “Twitter”), 1355 Market Street Suite, 900 San Francisco, California 94103, USA; any transfer of your Data by Twitter International to such affiliated companies is based on the General Data Protection Regulations of the EU Commission within the context of Art. 46 Para.2(c) of the GDPR.
Please note that we have no influence over the programming and design of the social network, but can only personalise and manage our Twitter accounts to the extent provided by Twitter. Please therefore take into account the conditions that the service provider places on the use of the social network (https://twitter.com/en/tos), the separately provided Data Protection information (https://twitter.com/en/privacy) and the existing settings options in your Twitter account. We are, of course, fully responsible for the information provided by us via the mechanisms provided by Twitter (Tweets, etc.).
The online communication service, Discord, is operated by Discord Inc. (“Discord”), 444 De Haro Street, Suite 200, San Francisco, California 94107, USA. The Data Protection legal representative in the EEA region in accordance with Art. 27 of the GDPR is VeraSafe Ireland Ltd. ("VeraSafe") Unit 3D North Point House, North Point Business Park, New Mallow Road, Cork T23AT2P, Ireland. With regard to the operation of our Discord account "Beyond Climate Alliance BCA" (https:// discord.gg/HJfU35ZczB), we are jointly responsible with Discord Inc. for the Processing of your Personal Data carried out in this context within the framework of Art. 26 of the GDPR.
A transfer of your Data by Discord Inc. to the USA is based on the General Data Protection Regulations of the EU Commission within the framework of Art. 46 Para. 2(c) of the GDPR.
Please note that we have no influence over the programming and design of the service, but can only personalise and manage our Discord account to the extent provided by Discord Inc.
The social network, LinkedIn, is the responsibility of LinkedIn Ireland Unlimited Company ("LinkedIn"), Wilton Place, Dublin 2, Ireland in the EEA region from a Data Protection perspective. With regards to the operation of our LinkedIn account "Beyond Climate Alliance" (https://www.linkedin.com/company/beyond-climate-alliance), we are jointly responsible with LinkedIn for the Processing of your Personal Data carried out in this context within the framework of Art. 26 of the GDPR.
If applicable, your Data may also be transferred to companies affiliated with LinkedIn, in particular LinkedIn Corporation ("LinkedIn"), 1000 W. Maude Ave, Sunnyvale, California 94085, USA. Any transfer of your Data by LinkedIn to such affiliated companies is based on the General Data Protection Regulations of the EU Commission within the framework of Art. 46 para. 2(c) of the GDPR.
Please note that we have no influence over the programming and design of the social network, but can only personalise and manage our LinkedIn account to the extent provided by LinkedIn. Please therefore take into account the conditions that the service provider places on the use of the social network (https://www.linkedin.com/legal/user-agreement?trk=homepage- basic_footer-user-agreement), the separately provided Data Protection information (https:// www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy) and the existing settings options in your LinkedIn account. We are, of course, fully responsible for the information provided by us via the mechanisms provided by LinkedIn (posts, articles, etc.).
The social network, XING, is operated by New Work SE ("XING"), Am Strandkai 1, 20457 Hamburg, Germany. With regards to the operation of our XING account ([LINK]), we are jointly responsible with XING for the Processing of your Personal Data carried out in this context within the framework of Art. 26 of the GDPR.
Please note that we have no influence over the programming and design of the social network, but can only personalise and manage our XING account to the extent provided by XING. Therefore, please take into account the conditions which the service provider places on the use of the social network (https://www.xing.com/terms), the separately provided Data Protection information (https://privacy.xing.com/en) and the existing settings options in your XING account. We are, of course, fully responsible for the information we provide via the mechanisms provided by XING (posts, articles, etc.).
The video portal, TikTok, is jointly managed from a Data Protection perspective by TikTok Technology Limited (“TikTok”), 10 Earlsfort Terrace, Dublin, D02 T380 Ireland, and TikTok Information Technologies UK Limited (collectively “TikTok"), One London Wall, 6th Floor, EC2Y 5EB, London, England. With regards to the operation of our TikTok account "bca.earth" (https://www.tiktok.com/@bca.earth), we are jointly responsible with TikTok for the Processing of your Personal Data carried out in this context within the framework of Article 26 of the GDPR.
Your Data may also be transferred to companies affiliated with TikTok. Any transfer of your Data by TikTok to such affiliated companies is based on the General Data Protection Regulations of the EU Commission within the framework of Art. 46 Para.2(c) of the GDPR.
Please note that we have no influence over the programming and design of the video portal, but can only personalise and manage our TikTok account to the extent provided by TikTok. Therefore, please take into account the conditions imposed by the service provider on the use of the video portal (https://www.tiktok.com/legal/terms-of-service?lang=en), the Data Protection information provided separately (https://www.tiktok.com/legal/privacy-policy-eea?lang=en) and the existing settings options in your TikTok account. We are, of course, fully responsible for the information we make available through the mechanisms provided by TikTok (posts, etc.)
From a data protection perspective, the instant messaging service, Telegram, is the responsibility of Telegram Messenger Inc. (“Telegram”); the representative within the framework of Art. 27 of the GDPR in the EEA region is Telegram UK Holdings Ltd. (collectively "Telegram"), 71-75 Shelton Street, Covent Garden, London, England, WC2H 9JQ. With regards to the operation of our Telegram channel "[●]" ([LINK]), we are jointly responsible with Telegram Messenger Inc. for the Processing of your Personal Data carried out in this context within the framework of Art. 26 of the GDPR.
Please note that we have no influence over the programming and design of the instant messaging service, but can only personalise and manage our Telegram channel to the extent provided by Telegram. Therefore, please note the separately provided Data Protection information (https://telegram.org/privacy?setln) of the service provider, and the existing settings options in your Telegram account. We are, of course, fully responsible for the information provided by us via the mechanisms provided by Telegram.
Within your Telegram account, you can use the "@GDPRbot" function to (i) request a copy of all your Data stored by Telegram and/or (ii) ask the service provider questions about Data Protection.
In order to carry out the Processing activities set out in this Privacy Policy, your Personal Data will be transferred or disclosed to the following recipients:
Within our organisation, only those employees who absolutely need to have access to your data in order to fulfil your or our respective duties, will have access to your Data.
Furthermore, (external) contractors commissioned by us will receive your Data if this Data is required for the provision of their respective services (whereby access to Personal Data is already sufficient). All contractors are contractually obliged to process your Data with strict compliance of the requirements of the GDPR and exclusively in accordance with our instructions.
Im Rahmen unserer Website können folgende von uns eingesetzte Auftragsverarbeiter Zugriff auf Ihre Daten erhalten:
Within the scope of our Website, the following contractors used by us may have access to your Data:
All of the contractors we use process your Data with strict compliance of the requirements of the GDPR and only in accordance with our instructions. Please note, that some of the recipients are located outside the EEA area or could process your (Personal) Data there. Insofar as there is no EU Commission adequacy decision for the third countries in question, we rely on the General Data Protection Regulations of the EU Commission within the framework of Art. 46 Para. 2(c) of the GDPR for the transfer, which we have agreed upon with individual providers.
In addition, we transfer your Data to independent Data controllers if this is absolutely necessary and we are legally obliged to do so. This may be, for example, courts or authorities within the scope of their legal competence.
Furthermore, we are jointly responsible with the respective operator within the framework of Art. 26 of the GDPR, with regards to our presence on the social networks and platforms as mentioned in point 6.
At any time, you have the following rights with regards to your Personal Data that is processed by us which can be exercised, free of charge, by notifying one of the contact options listed under point 1, and will be answered as soon as possible, but in any case, within one (1) month (restrictions are possible in certain exceptional cases, for example, in the event of threatened impairment of the rights of third parties):