Responsible person and contact
Hudara gGmbH (hereinafter “Hudara” or “we”)
Non-profit non-governmental organisation
If you have any questions about data protection at Hudara or wish to exercise your rights as a data subject, please feel free to contact us by post or at: firstname.lastname@example.org.
Categories of data processed
We process the following categories of personal data:
• Inventory data (e.g. names, addresses)
• Contact details (e.g. e-mail addresses, telephone numbers)
• Content data (e.g. text input, photographs, videos)
• Usage data (e.g. websites visited, interest in content, access times)
• Meta/communication data (e.g. device information, IP addresses)
• Contract data (e.g. subject matter of the contract, term, customer category, sponsoring membership)
• Payment data (e.g. bank details, payment history)
Purposes and legal bases of the processing
We process your personal data for various purposes and on the basis of various legal grounds:
Consent (Art. 6 para. 1 lit. a DSGVO)
With your consent, we process your personal data in order to
• to answer your contact requests and communicate with you,
• Send you follow-up comments as part of comment subscriptions,
• to send you our newsletter and to measure your interactions with this newsletter (e.g. measurement of opening and click-through rates) in order to identify the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users; and
• analyse your use of this website and display personalised advertising to you
Fulfilment of a contract / implementation of pre-contractual measures (Art. 6 para. 1 lit. b DSGVO)
We process your personal data in order to carry out pre-contractual measures and to provide you with contractually owed services (e.g. in the case of sponsoring memberships).
Fulfilment of a legal obligation (Art. 6 para. 1 lit. c DSGVO)
We process your personal data in order to fulfil our legal obligations. This includes, in particular, the fulfilment of legal storage obligations and data protection obligations (e.g. guaranteeing the rights of data subjects).
Protection of legitimate interests (Art. 6 para. 1 lit. f DSGVO)
Unless your interests or fundamental rights and freedoms are overridden, we also process your personal data to protect our legitimate interests in order to
• to be able to provide you with our online offer together with its functions and contents,
• to secure our online offer by security measures,
• Reach measurement/marketing,
• Customer care
Cooperation with processors and third parties
If we disclose data to other persons and companies (processors or third parties) within the scope of our processing, transfer it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transfer of the data is required for the performance of a contract pursuant to Art. 6 (1) lit. b DSGVO) or you have consented. If we commission third parties with the processing of data on the basis of a so-called “order processing contract”, this is done in accordance with Art. 28 DSGVO.
Third parties include payment service providers, and our contracted processors include our hosting provider and our service provider for sending newsletters.
Data transfers to third countries
Duration of data storage
We delete the personal data stored by us as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory retention obligations. If the data is not deleted because its processing is required for other and legally permissible purposes, its processing is restricted. I.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law. According to legal requirements in Germany, data is stored in particular for 6 years in accordance with § 257 para. 1 HGB (commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting vouchers, etc.) and for 10 years in accordance with § 147 para. 1 AO (books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.).
Subject to legal requirements and restrictions, you have the following rights in relation to the processing of your personal data. To exercise these rights, please use the information provided in the Responsible and Contact section and ensure that we are able to uniquely identify you.
you have the right to request confirmation as to whether data concerning you is being processed by us and to information about this data as well as further information in accordance with Art. 15 DSGVO.
In accordance with Art. 16 DSGVO, you have the right to request the completion of data concerning you or the correction of incorrect data concerning you.
Deletion and restriction
In accordance with Art. 17 DSGVO, you have the right to demand that data concerning you be deleted without delay, or you can demand a restriction of the processing of this data in accordance with Art. 18 DSGVO.
You have the right to obtain the data concerning you that you have provided to us in accordance with Article 20 of the GDPR and to request that it be communicated to other data controllers.
Complaint to a supervisory authority
Pursuant to Art. 77 of the GDPR, you have the right to lodge a complaint with a data protection authority. You can do this by contacting a data protection authority of your choice, such as the data protection authority of your usual place of residence, your workplace or the data protection authority responsible for us. This is:
Berlin Commissioner for Data Protection and Freedom of Information
You have the right to revoke your consent in accordance with Art. 7 (3) DSGVO at any time with effect for the future. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
You may object at any time to the processing of data relating to you on the basis of legitimate interests pursuant to Art. 6 (1) lit. f DSGVO in accordance with Art. 21 DSGVO. This also applies to the processing of your data for direct marketing purposes.
Cookies and right to object to direct advertising
Administration, financial accounting, office organization, contact management
We process data in the context of administrative tasks and organisation of our operations, financial accounting and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process in the course of providing our contractual services. The processing bases are Art. 6 para. 1 lit. c. DSGVO, Art. 6 para. 1 lit. f. DSGVO. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in the processing lies in the administration, financial accounting, office organization, archiving of data, i.e. tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of data with regard to contractual services and contractual communication corresponds to the data mentioned in these processing activities. In this context, we disclose or transfer data to the tax authorities, consultants, such as tax advisors or auditors, as well as other fee offices and payment service providers. Furthermore, on the basis of our business interests, we store details of suppliers, organisers and other business partners, e.g. for the purpose of contacting them at a later date. This data, most of which is company-related, is generally stored permanently.
Newsletter performance measurement
Our newsletters contain a so-called “tracking pixel”, i.e. a pixel-sized file that is retrieved from our server or, if we use a shipping service provider, from their server when the newsletter is opened. Within the scope of this retrieval, technical information, such as information on the browser and your system, as well as your IP address and the time of the retrieval are initially collected.
This information is used for the technical improvement of the services based on the technical data or the target groups and your reading behaviour based on their retrieval locations (which can be determined with the help of the IP address) or the access times. Statistical surveys also include determining whether newsletters are opened, when they are opened and which links are clicked. The evaluations serve us to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
The legal basis for this data processing is your consent (Art. 6 para. 1 lit. a DSGVO).
If you do not want us to analyse your interactions with the newsletter, you can unsubscribe by using the unsubscribe link at the bottom of the newsletter or by contacting us using the contact details provided under Responsible party and contact and revoking your consent. Alternatively, you can disable graphics by default in your email program to prevent the analysis of your interactions with the newsletter. In this case, however, the newsletter will not be displayed to you in full.
Online presence in social media
Insofar as we determine the means and purposes of the data processing jointly with the operators of the social media, we are joint controllers with these operators pursuant to Art. 26 DSGVO.
The following links will provide you with more detailed privacy information about those social media where we maintain online presences, including explanations of how you can change your personal advertising preferences and withdraw your consent:
LinkedIn (LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA)
Integration of third party content
Within our online offer, we use content or service offers of third party providers on the basis of our legitimate interests (i.e. interest in the optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO) content or service offers from third-party providers in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”). This always requires that the third-party providers of this content process the IP address of the user, as without the IP address they would not be able to send the content to their browser. The IP address is thus necessary for the display of this content. We endeavour to only use content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as be combined with such information from other sources.
Cookies, plugins and similar technologies
Our cookies and similar technologies have different functions:
• They are technically necessary for the presentation of our online offer and help us to technically optimize this offer. The legal basis for this data processing is Art. 6 para. 1 lit. f DSGVO, whereby our legitimate interest is to present our online offer to you.
• They help us to improve your user experience (e.g. saving the font size and entered form data). The legal basis for this data processing is Art. 6 para. 1 lit. f DSGVO.
• They enable us to analyse your use of our website (Art. 6 para. 1 lit. a DSGVO).
• They enable us to show you personalised advertising in our services and on the websites and apps of other providers. The legal basis for this data processing is your consent (Art. 6 para. 1 lit. a DSGVO).
Facebook Pixel, Custom Audiences and Facebook Conversion
Within our online offer, the so-called “Facebook pixel” of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are a resident of the EU, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”), is used due to our legitimate interests in the analysis, optimization and economic operation of our online offer and for these purposes. Facebook is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). With the help of the Facebook pixel, it is possible for Facebook, on the one hand, to determine the visitors to our online offer as a target group for the display of advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we also want to ensure that our Facebook ads correspond to the potential interest of users and do not have a harassing effect. With the help of the Facebook Pixel, we can also track the effectiveness of the Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion”). The processing of the data by Facebook takes place within the framework of Facebook’s data usage policy. Accordingly, general information on the display of Facebook ads, in Facebook’s data usage policy: https://www.facebook.com/policy.php. Specific information and details about the Facebook Pixel and how it works can be found in Facebook’s help section: https://www.facebook.com/business/help/651294705016616.
The security of your information is important to us. However, please remember that no method of transmission over the Internet or method of electronic storage is 100% secure. Although we strive to use commercially acceptable means to protect personal information, we cannot guarantee its absolute security.
Data of persons under the age of 18
Our Service is not directed to anyone under the age of 18 (“Children”). We do not knowingly collect personal information from anyone under the age of 18. If you are a parent or guardian and know that your children have provided us with Personal Information, please contact us. If we discover that we have collected personal information from children without verifying parental consent, we will take steps to remove that information from our servers.