This privacy policy informs you about the nature, scope and purpose of the processing of personal data within our online This privacy policy informs you about the type, scope and purposes of the processing of your personal data within our online offer at https://hudara.org/ and the websites, functions and content connected to it, as well as our external online presences (e.g. our social media profiles). It applies regardless of how you access our online offer or online presences, including access via mobile devices. With regard to the terms used in this privacy policy, such as “processing” or “controller”, we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR), which we adopt as our own.

Responsible person and contact

Hudara gGmbH (hereinafter “Hudara” or “we”)
Non-profit non-governmental organisation
Rollbergstrasse 26
12053 Berlin

If you have any questions about data protection at Hudara or wish to exercise your rights as a data subject, please feel free to contact us by post or at: hello@hudara.org.

Categories of data processed

We process the following categories of personal data:
• Inventory data (e.g. names, addresses)
• Contact details (e.g. e-mail addresses, telephone numbers)
• Content data (e.g. text input, photographs, videos)
• Usage data (e.g. websites visited, interest in content, access times)
• Meta/communication data (e.g. device information, IP addresses)
• Contract data (e.g. subject matter of the contract, term, customer category, sponsoring membership)
• Payment data (e.g. bank details, payment history)

Purposes and legal bases of the processing

We process your personal data for various purposes and on the basis of various legal grounds:

Consent (Art. 6 para. 1 lit. a DSGVO)
With your consent, we process your personal data in order to
• to answer your contact requests and communicate with you,
• Send you follow-up comments as part of comment subscriptions,
• to send you our newsletter and to measure your interactions with this newsletter (e.g. measurement of opening and click-through rates) in order to identify the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users; and
• analyse your use of this website and display personalised advertising to you

Fulfilment of a contract / implementation of pre-contractual measures (Art. 6 para. 1 lit. b DSGVO)
We process your personal data in order to carry out pre-contractual measures and to provide you with contractually owed services (e.g. in the case of sponsoring memberships).

Fulfilment of a legal obligation (Art. 6 para. 1 lit. c DSGVO)
We process your personal data in order to fulfil our legal obligations. This includes, in particular, the fulfilment of legal storage obligations and data protection obligations (e.g. guaranteeing the rights of data subjects).

Protection of legitimate interests (Art. 6 para. 1 lit. f DSGVO)
Unless your interests or fundamental rights and freedoms are overridden, we also process your personal data to protect our legitimate interests in order to
• to be able to provide you with our online offer together with its functions and contents,
• to secure our online offer by security measures,
• Reach measurement/marketing,
• Customer care

Cooperation with processors and third parties

If we disclose data to other persons and companies (processors or third parties) within the scope of our processing, transfer it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transfer of the data is required for the performance of a contract pursuant to Art. 6 (1) lit. b DSGVO) or you have consented. If we commission third parties with the processing of data on the basis of a so-called “order processing contract”, this is done in accordance with Art. 28 DSGVO.

Third parties include payment service providers, and our contracted processors include our hosting provider and our service provider for sending newsletters.

Data transfers to third countries

Your personal data may be transferred to and stored in third countries outside the European Economic Area (“EEA”). If you are outside Germany and provide us with information, please note that we will transfer the data to Germany and process it there. Hudara gGmbH will take all steps necessary to ensure that your data is treated securely and in accordance with this privacy policy. There will be no transfer of your personal data to recipients outside the EEA unless there are adequate safeguards for the lawful handling of that data.

Duration of data storage

We delete the personal data stored by us as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory retention obligations. If the data is not deleted because its processing is required for other and legally permissible purposes, its processing is restricted. I.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law. According to legal requirements in Germany, data is stored in particular for 6 years in accordance with § 257 para. 1 HGB (commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting vouchers, etc.) and for 10 years in accordance with § 147 para. 1 AO (books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.).

Your rights

Subject to legal requirements and restrictions, you have the following rights in relation to the processing of your personal data. To exercise these rights, please use the information provided in the Responsible and Contact section and ensure that we are able to uniquely identify you.

Information

you have the right to request confirmation as to whether data concerning you is being processed by us and to information about this data as well as further information in accordance with Art. 15 DSGVO.

Correction

In accordance with Art. 16 DSGVO, you have the right to request the completion of data concerning you or the correction of incorrect data concerning you.

Deletion and restriction

In accordance with Art. 17 DSGVO, you have the right to demand that data concerning you be deleted without delay, or you can demand a restriction of the processing of this data in accordance with Art. 18 DSGVO.

Data portability

You have the right to obtain the data concerning you that you have provided to us in accordance with Article 20 of the GDPR and to request that it be communicated to other data controllers.

Complaint to a supervisory authority

Pursuant to Art. 77 of the GDPR, you have the right to lodge a complaint with a data protection authority. You can do this by contacting a data protection authority of your choice, such as the data protection authority of your usual place of residence, your workplace or the data protection authority responsible for us. This is:

Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstrasse 219
10969 Berlin

Revocation

You have the right to revoke your consent in accordance with Art. 7 (3) DSGVO at any time with effect for the future. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

Contradiction

You may object at any time to the processing of data relating to you on the basis of legitimate interests pursuant to Art. 6 (1) lit. f DSGVO in accordance with Art. 21 DSGVO. This also applies to the processing of your data for direct marketing purposes.

Cookies and right to object to direct advertising

Cookies” are small files that are stored on the user’s computer. Different information can be stored within the cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after his visit within an online offer. Temporary cookies, or “session cookies” or “transient cookies”, are cookies that are deleted after a user leaves an online offer and closes his browser. In such a cookie, for example, the contents of a shopping cart in an online shop or a login jam can be stored. Cookies that remain stored even after the browser is closed are referred to as “permanent” or “persistent”. For example, the login status can be stored if users visit them after several days. Likewise, the interests of users can be stored in such a cookie, which is used for range measurement or marketing purposes. Third-party cookies” are cookies that are offered by providers other than the responsible party that operates the online offer (otherwise, if it is only their cookies, it is called “first-party cookies”). We may use temporary and permanent cookies and will explain this in our privacy policy. If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer. A general objection to the use of cookies used for online marketing purposes can be declared for a large number of services, especially in the case of tracking, via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be achieved by deactivating them in the browser settings. Please note that not all functions of this online offer can then be used.

Administration, financial accounting, office organization, contact management

We process data in the context of administrative tasks and organisation of our operations, financial accounting and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process in the course of providing our contractual services. The processing bases are Art. 6 para. 1 lit. c. DSGVO, Art. 6 para. 1 lit. f. DSGVO. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in the processing lies in the administration, financial accounting, office organization, archiving of data, i.e. tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of data with regard to contractual services and contractual communication corresponds to the data mentioned in these processing activities. In this context, we disclose or transfer data to the tax authorities, consultants, such as tax advisors or auditors, as well as other fee offices and payment service providers. Furthermore, on the basis of our business interests, we store details of suppliers, organisers and other business partners, e.g. for the purpose of contacting them at a later date. This data, most of which is company-related, is generally stored permanently.

Newsletter performance measurement

Our newsletters contain a so-called “tracking pixel”, i.e. a pixel-sized file that is retrieved from our server or, if we use a shipping service provider, from their server when the newsletter is opened. Within the scope of this retrieval, technical information, such as information on the browser and your system, as well as your IP address and the time of the retrieval are initially collected.

This information is used for the technical improvement of the services based on the technical data or the target groups and your reading behaviour based on their retrieval locations (which can be determined with the help of the IP address) or the access times. Statistical surveys also include determining whether newsletters are opened, when they are opened and which links are clicked. The evaluations serve us to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

The legal basis for this data processing is your consent (Art. 6 para. 1 lit. a DSGVO).

If you do not want us to analyse your interactions with the newsletter, you can unsubscribe by using the unsubscribe link at the bottom of the newsletter or by contacting us using the contact details provided under Responsible party and contact and revoking your consent. Alternatively, you can disable graphics by default in your email program to prevent the analysis of your interactions with the newsletter. In this case, however, the newsletter will not be displayed to you in full.

Online presence in social media

We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply. Unless otherwise stated in our privacy policy, we process the data of users if they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.

Insofar as we determine the means and purposes of the data processing jointly with the operators of the social media, we are joint controllers with these operators pursuant to Art. 26 DSGVO.

The following links will provide you with more detailed privacy information about those social media where we maintain online presences, including explanations of how you can change your personal advertising preferences and withdraw your consent:

Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
• Privacy policy
• Cookie policy
• Agreement on joint responsibility

Instagram (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
• Privacy policy
• Cookie policy

LinkedIn (LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA)
• Privacy policy

Integration of third party content

Within our online offer, we use content or service offers of third party providers on the basis of our legitimate interests (i.e. interest in the optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO) content or service offers from third-party providers in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”). This always requires that the third-party providers of this content process the IP address of the user, as without the IP address they would not be able to send the content to their browser. The IP address is thus necessary for the display of this content. We endeavour to only use content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as be combined with such information from other sources.

Vimeo: We integrate the videos of the platform “Vimeo” of the provider Vimeo Inc, Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA. Privacy policy: https://vimeo.com/privacy.

YouTube: We integrate the videos of the platform “YouTube” of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

Cookies, plugins and similar technologies

When you use our Services, we and selected third parties use cookies and similar technologies to provide you with a better, faster and safer user experience or to show you personalized advertising. Cookies are small text files that are automatically created by your browser and stored on your device when you use the Services.

Our cookies and similar technologies have different functions:
• They are technically necessary for the presentation of our online offer and help us to technically optimize this offer. The legal basis for this data processing is Art. 6 para. 1 lit. f DSGVO, whereby our legitimate interest is to present our online offer to you.
• They help us to improve your user experience (e.g. saving the font size and entered form data). The legal basis for this data processing is Art. 6 para. 1 lit. f DSGVO.
• They enable us to analyse your use of our website (Art. 6 para. 1 lit. a DSGVO).
• They enable us to show you personalised advertising in our services and on the websites and apps of other providers. The legal basis for this data processing is your consent (Art. 6 para. 1 lit. a DSGVO).

We use cookies and similar technologies that remain stored on your device only as long as your browser is active (session cookies) and cookies and similar technologies that remain stored on your device for longer (persistent cookies). Where possible, we take reasonable security measures to prevent unauthorised access to our cookies and similar technologies. A unique ID ensures that only we and/or selected third parties have access to cookie data.

Google analytics

We use Google Analytics, a web analytics service provided by Google LLC (“Google”), on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offering within the meaning of Art. 6 para. 1 lit. f. DSGVO) Google Analytics, a web analytics service provided by Google LLC (“Google”). Google uses cookies. The information generated by the cookie about the use of the online offer by the users is usually transmitted to a Google server in the USA and stored there. Google is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). Google will use this information on our behalf for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. In doing so, pseudonymous user profiles of the users can be created from the processed data. We only use Google Analytics with IP anonymisation activated. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by the user’s browser is not merged with other data from Google. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent the collection of the data generated by the cookie and related to their use of the online offer to Google as well as the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de. For more information about Google’s use of data, settings and opt-out options, please visit Google’s websites: https://www.google.com/intl/de/policies/privacy/partners (“Google’s use of data when you use our partners’ websites or apps”), http://www.google.com/policies/technologies/ads (“Use of data for advertising purposes”), http://www.google.de/settings/ads (“Manage the information Google uses to serve you ads”).

Facebook Pixel, Custom Audiences and Facebook Conversion

Within our online offer, the so-called “Facebook pixel” of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are a resident of the EU, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), is used due to our legitimate interests in the analysis, optimization and economic operation of our online offer and for these purposes. Facebook is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). With the help of the Facebook pixel, it is possible for Facebook, on the one hand, to determine the visitors to our online offer as a target group for the display of advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of users and do not have a harassing effect. With the help of the Facebook Pixel, we can also track the effectiveness of the Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion”). The processing of the data by Facebook takes place within the framework of Facebook’s data usage policy. Accordingly, general information on the display of Facebook ads, in Facebook’s data usage policy: https://www.facebook.com/policy.php. Specific information and details about the Facebook Pixel and how it works can be found in Facebook’s help section: https://www.facebook.com/business/help/651294705016616.

You can opt-out of the Facebook Pixel’s collection and use of your data to display Facebook Ads. To adjust which types of ads are displayed to you within Facebook, you can visit the page set up by Facebook and follow the instructions there regarding the settings for usage-based advertising: https://www.facebook.com/settings?tab=ads. The settings are platform independent, meaning they are applied to all devices, such as desktop computers or mobile devices. You can also opt out of the use of cookies for reach measurement and advertising purposes by visiting the Network Advertising Initiative opt-out page (http://optout.networkadvertising.org/) and additionally the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

Social plugins

We use social plugins (“plugins”) of the social network facebook.com, which is operated by Facebook Ireland Ltd. DSGVO) social plugins (“plugins”) of the social network facebook.com, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The plugins can display interaction elements or content (e.g. videos, graphics or text contributions) and are recognisable by one of the Facebook logos (white “f” on a blue tile, the terms “Like”, “Like” or a “thumbs up” sign) or are marked with the addition “Facebook Social Plugin”. The list and appearance of Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins/. Facebook is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). When a user calls up a function of this online offer that contains such a plugin, his or her device establishes a direct connection with Facebook’s servers. The content of the plugin is transmitted by Facebook directly to the user’s device and integrated into the online offer by the latter. In the process, user profiles can be created from the processed data. We therefore have no influence on the scope of the data that Facebook collects with the help of this plugin and therefore inform users according to our level of knowledge. By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online offer. If the user is logged into Facebook, Facebook can assign the visit to his Facebook account. If users interact with the plugins, for example by clicking the Like button or posting a comment, the corresponding information is transmitted from their device directly to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will learn and store his or her IP address. According to Facebook, only an anonymised IP address is stored in Germany. The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the relevant rights and setting options for protecting the privacy of users, can be found in Facebook’s privacy policy: https://www.facebook.com/about/privacy/. If a user is a Facebook member and does not want Facebook to collect data about him or her via this online offer and link it to his or her membership data stored with Facebook, he or she must log out of Facebook and delete his or her cookies before using our online offer. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.

Twitter: Within our online offer, functions and contents of the service Twitter can be integrated, offered by Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. This may include, for example, content such as images, videos or texts and buttons with which users can announce their liking of the content, the authors of the content or subscribe to our posts. If the users are members of the Twitter platform, Twitter can assign the call of the above-mentioned content and functions to the profiles of the users there. Twitter is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active). Privacy policy: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization.

Instagram: Within our online offer, functions and content of the service Instagram may be integrated, offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA. This may include, for example, content such as images, videos or texts and buttons with which users can announce their liking of the content, the authors of the content or subscribe to our posts. If the users are members of the Instagram platform, Instagram can assign the call of the above-mentioned content and functions to the profiles of the users there. Instagram privacy policy: http://instagram.com/about/legal/privacy/.

Data security

The security of your information is important to us. However, please remember that no method of transmission over the Internet or method of electronic storage is 100% secure. Although we strive to use commercially acceptable means to protect personal information, we cannot guarantee its absolute security.

Data of persons under the age of 18

Our Service is not directed to anyone under the age of 18 (“Children”). We do not knowingly collect personal information from anyone under the age of 18. If you are a parent or guardian and know that your children have provided us with Personal Information, please contact us. If we discover that we have collected personal information from children without verifying parental consent, we will take steps to remove that information from our servers.