Data protection

Here you will find information about the protection of your personal data when you visit our website. Generally, you can use our website without us acquiring or using your personal data. It may be necessary for us to acquire personal data in order to provide certain functions or services. The following will help you understand which personal data we acquire about you, what we use it for and what rights you have regarding your data.

On this website, we link to our presence on social networks or use social plugins such as ‘Share’ buttons or integrate our posts published on social media. When you visit our website, no data is transmitted to the operator of the respective social network, but only when you actively follow the link to our profile on the respective social network or click on the social plugin.

The following data categories are processed by the respective social network:

• IP address
• Date and time
• Website visited

If you are logged into your user account of the respective network when you access our profile page on a social network, the operator of the social network may be able to assign the information collected from the specific visit to your personal account.

If you interact via a ‘Share’ or ‘Like’ button of the respective network or if you access our posts published on a social network directly on the website via a plugin, this information can also be assigned to the user’s personal account and published if necessary.

If you want to prevent the information collected from being directly assigned to your user account, you must log out of the respective social network before accessing our profile page or before using the social plugin.

You can also configure the user account with the respective social network accordingly.

If you access our profile page on a social network, the operator of the social network may also place cookies on your device, regardless of whether you have an account with the network or whether you are logged in there. Cookies are data packets that mark the user’s end device with a specific identifier. Cookies are primarily used to display personalised advertising to visitors to social networks, including our profile pages. This is done, for example, by displaying adverts from advertising partners of the social network whose websites the user has previously visited on the pages of the social network. Cookies also enable us to compile statistics on the use of our profile page (e.g. number of page views, user categories). If we receive such statistical analyses from the operator of the social network, the data is anonymised by the operator beforehand, i.e. it is not possible for us to assign usage data to an individual user.

The purpose of processing your data on our profile page on the respective social network is to provide information about our offers and services and to respond to any enquiries on our profile page. The legal basis for the processing is Art. 6 para. 1 f) GDPR. In this respect, public relations work is covered by our legitimate interests within the meaning of the provision. If you use a social plugin integrated by us, the legal basis is your consent in accordance with Art. 6 para. 1 a) GDPR.

We delete private messages that you send us via social networks twelve months after the last communication with you. We generally leave public posts from you (e.g. in our timeline) published permanently until you expressly request their deletion.

We have no influence on which data is collected and transmitted by the operator of the social network, to which third party recipients the data is transmitted by the operator of the social network and how long the data is stored by the operator of the social network. Please refer to the privacy policy of the respective social network.

We reserve the right to delete illegal content published by users on our profile page on the respective social network, e.g. copyright infringements or statements relevant under criminal law.

According to the case law of the European Court of Justice, we are jointly responsible with the operator of the respective social network for the operation of our profile page or the social plugin with regard to compliance with data protection regulations. In this context, the operator of the social network provides the associated IT infrastructure and the website of the social network and is generally the primary point of contact when it comes to processing your data on the pages of the social network (e.g. information or deletion). However, you can also assert your legal rights against us. In this case, we will forward your requests to the operator of the social network.

In the case of US providers (Instagram), data is transferred to the USA. These providers oblige recipients outside the EU/EEA to comply with an appropriate data protection standard on the basis of so-called EU standard contractual clauses. In addition, data may also be transferred to a third country if the European Commission recognises an adequate level of data protection.

We integrate the following social networks on our website through links:

Facebook:
Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2 D02 X525, Ireland
https://www.facebook.com/privacy/policy/

Instagram:
Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2 D02 X525, Ireland
https://privacycenter.instagram.com/policy/

LinkedIn:
Provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
https://www.linkedin.com/legal/privacy-policy

YouTube:
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
https://www.youtube.com/howyoutubeworks/user-settings/privacy/

Our website uses Borlabs Cookie consent technology to obtain your consent for storing certain cookies in your browser or for using certain technologies, and to document this consent in a manner compliant with data protection regulations. The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg (hereinafter referred to as Borlabs).

When you enter our website, a Borlabs cookie is set in your browser, in which the consents you have given or the revocation of these consents are stored. This data is not shared with the provider of Borlabs Cookie.

The collected data is stored until you request us to delete it, you delete the Borlabs cookie yourself, or the purpose for data storage no longer applies. Mandatory legal retention periods remain unaffected. Details on data processing by Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

The legal basis for data processing is our legitimate interest in the data protection-compliant management of user consents for the setting of cookies on our site (Art. 6 para. 1 lit. f) GDPR).

If you would like to donate online, you can do so through our donation form. For this, we use the services of Wikando GmbH, Schießgrabenstraße 32, 86150 Augsburg (hereinafter referred to as “Fundraisingbox”). When using this option to donate online, various data about you will be collected, which we process solely for the purpose of payment processing, handling the donation, and issuing a donation receipt. The personal data that is transmitted as part of payment processing is usually your first and last name, the payment amount, your IP address if applicable, your e-mail address if applicable or other data required for payment processing. This transmission is necessary to process your payment with the payment method you have selected, in particular to confirm your identity and process your payment. The legal basis is Art. 6 para. 1 lit. b GDPR.

Depending on the selected payment method, your data will be forwarded by Fundraisingbox to the corresponding financial service provider, namely for

• direct debit payment
• PayPal payment to PayPal S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg; further information: https://www.paypal.com/de/legalhub/paypal/privacy-full
• payments with mobile devices (Google and Apple Pay) via the payment platform Stripe Payments Europe, Limited (SPEL), 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland; further information: https://stripe.com/de/privacy
• payment by credit card to your respective credit card provider.via PayPal S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg; further information: https://www.paypal.com/de/legalhub/paypal/privacy-full

Information on data security and data protection at Fundraisingbox can be found here: https://www.fundraisingbox.com/datenschutz/. If you use the PayPal payment services provided by Fundraisingbox, please also note the privacy policy of PayPal S.à.r.l. (www.paypal.com/de/webapps/mpp/ua/privacy-full).

Your data will be deleted as soon as we no longer need it for the purposes mentioned. However, due to legal retention obligations, we are required to retain your personal data along with information on the donation amount, donation frequency, and donation purpose/project for ten years in connection with your donation. The legal basis for processing is the fulfillment of the donation contract in accordance with Art. 6 para. 1 lit. b GDPR.

We use Google Fonts on our website. This allows us to integrate certain fonts into our website. These fonts are provided by Google via servers in the USA. When accessing our website, the visitor’s web browser establishes a direct connection to these servers. Among other things, the visitor’s IP address is transmitted to Google and stored there. The purpose of using Google Fonts is the standardised presentation of fonts. The legal basis is Art. 6 para. 1 lit. a) GDPR.

The provider Google is headquartered in the USA (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Personal data may therefore also be processed in a third country (a country outside the European Union or the signatory states to the Agreement on the European Economic Area). Google undertakes to conclude so-called EU standard data protection clauses within the meaning of Art. 46 GDPR. On the basis of this contractual framework, recipients in third countries are also obliged to comply with a data protection standard that essentially corresponds to the European standard. Please note, however, that actual compliance with the requirements resulting from the EU standard data protection clauses cannot always be ensured (e.g. due to official access to the data in the recipient country).

Further information about Google: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660, E-Mail: support-deutschland@google.com. Further information on data protection at Google: https://www.google.com/policies/privacy/

a) Type and scope of data processing
We use Google Adwords to show you adverts on Google and other third-party websites. Google Adwords Conversion Tracking is a web analysis service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660, E-Mail: support-deutschland@google.com (‘Google’).

Conversion tracking enables us to determine how successful the individual advertising measures are.

The adverts are delivered by Google via so-called ‘ad servers’.

For this purpose, we use cookies that can be used to measure certain parameters for measuring success, such as the display of adverts or clicks by users. If you reach our website via a Google advert, Google Adwords will store a cookie on your PC. These cookies generally lose their validity after 30 days and are not intended to identify you personally. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be addressed) are usually stored as analysis values for this cookie.

These cookies enable Google to recognise your internet browser. If a user visits certain pages of an Adwords customer’s website and the cookie stored on their computer has not yet expired, Google and the customer can recognise that the user clicked on the ad and was redirected to this page. A different cookie is assigned to each Adwords customer. Cookies can therefore not be tracked via the website of Adwords customers. We ourselves do not collect and process any personal data in the aforementioned advertising measures. We only receive statistical analyses from Google. These analyses enable us to recognise which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material; in particular, we cannot identify users on the basis of this information.

Due to the marketing tools used, your browser automatically establishes a direct connection to Google’s servers. We have no influence on the scope and further use of the data collected by Google and inform you according to our level of knowledge: Through the integration of AdWords conversion tracking, Google receives the information that you have accessed the corresponding part of our website or clicked on an advert from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider will find out your IP address and store it.

b) Purpose and legal basis of data processing
We do this in order to show you adverts that are of interest to you and to make our website more interesting for you.

The legal basis for the processing of your data is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the analysis, optimisation and economic operation of our website.

c) Storage period
The stored data will be deleted as soon as it is no longer required for our purposes.

d) Right to object
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://www.google.com/settings/ads/plugin

Further information on data protection at Google can be found here: http://www.google.com/intl/de/policies/privacy

a) Type and scope of data processing

We use Google Adwords Remarketing. Google Adwords Remarketing is a web analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660, E-Mail: support-deutschland@google.com (‘Google’).

This application allows us to display our advertising on other websites after you have visited our website. This is done by means of cookies stored in your browser, which are used by Google to record and evaluate your usage behaviour when you visit various websites. This enables Google to determine that you have previously visited our website. According to Google, the data collected in the course of remarketing is not merged with your personal data that may be stored by Google. In particular, Google states that pseudonymisation is used for remarketing.

b) Purpose and legal basis

The Google Adwords Remarketing service is used to analyse how our website is used.

The legal basis is the consent of the user of the website in accordance with Art. 6 (1) point a GDPR.

c) Storage duration

The stored data will be deleted by us as soon as it is no longer needed for our purposes.

d) Right to object

You can permanently disable the use of cookies by Google by following the link below and downloading and installing the plug-in provided there: https://support.google.com/ads/answer/7395996?hl=de

For more information about Google Remarketing and its privacy policy, please visit: https://www.google.com/privacy/ads/

Further information on data protection at Google can be found here: http://www.google.de/intl/de/privacy

a) Type and scope of data processing
We use the online marketing tool Campaign Manager from Google. Campaign Manager is a service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660 (‘Google’).

Campaign Manager uses cookies to deliver ads that are relevant to users, to improve ad campaign performance, or to prevent a user from seeing the same ads more than once.
Google uses a cookie ID to record which ads are displayed in which browser and can thus prevent ads from being displayed more than once. In addition, Campaign Manager can use cookie IDs to capture conversions that are related to ad requests. This is the case, for example, when a user sees a Campaign Manager ad and later visits the advertiser’s website with the same browser and makes a purchase.

Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server.

b) Purpose and legal basis

By integrating Campaign Manager, Google receives the information that you have accessed the corresponding part of our website or clicked on one of our ads.

If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider collects and stores your IP address.

The Campaign Manager (Google Doubleclick) cookies used enable us to track whether you perform certain actions on our website after you have accessed or clicked on one of our ads on Google or on another platform via Campaign Manager (conversion tracking). This enables us to send you targeted advertising.

The legal basis is consent in accordance with Article 6(1)(a) GDPR.

c) Retention period

We will delete the stored data as soon as it is no longer needed for our purposes.

d) Right to object

You can prevent cookies from being stored by adjusting your browser software accordingly. You can disable personalised advertising via a browser plug-in at https://support.google.com/ads/answer/7395996?hl=de

You can also disable personalised ads here.

Further information can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=de

Privacy policy for advertising: https://policies.google.com/technologies/ads?hl=de

We use the visitor action pixel of the provider Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2 D02 X525, Ireland (‘Facebook’) within our website. The remarketing tag or tracking pixel from Facebook was implemented. Facebook and we are jointly responsible for data processing.

The Facebook pixel enables Facebook to determine the visitors to our online offering as a target group for the display of adverts (so-called ‘Facebook ads’). A user can also be tracked across several websites. We use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have shown an interest in our online offering or who have certain characteristics (e.g. interest in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook (so-called ‘custom audiences’).

With the help of the Facebook pixel, we can also track the effectiveness of Facebook adverts for statistical and market research purposes (‘Audience Insights’) by seeing whether users were redirected to our website after clicking on a Facebook advert (so-called ‘conversion’).

The Facebook pixel is a JavaScript code that sends the following data to Facebook:

• HTTP header information: including IP address, web browser information, page location, document, website URL and web browser device (computer, smartphone, tablet, other) as well as date and time of use
• Pixel-specific data: Pixel ID and Facebook cookie data including your Facebook ID (this is used to link events to a specific Facebook advertising account and thus assign them to a Facebook user)
• Additional information about the visit and about standard and custom data events.

You can find more information here: https://de-de.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0

We also use the additional function ‘automatic extended synchronisation’. Here, data such as first and last name, place of residence, email addresses, telephone numbers or Facebook IDs of users are transmitted to Facebook in encrypted form to form target groups (‘Custom Audiences’ or ‘Look Alike Audiences’). This also includes data from non-Facebook users and from users who are not logged into Facebook when they visit our website. This means that website visitors who have deactivated the storage of third-party cookies can also be identified.

If no Facebook cookies are stored in your browser, you will not be categorised into one of the user groups known as ‘Custom Audience’. However, if the Facebook ID contained in the Facebook cookie has been assigned to a Facebook user, Facebook assigns this user to a so-called ‘Custom Audience’ based on the rules we have defined.

According to the case law of the European Court of Justice, we are jointly responsible with Facebook for the operation of the tracking pixel with regard to compliance with data protection regulations. In this context, Facebook provides the associated IT infrastructure and the website of the social network and is generally the primary point of contact when it comes to the processing of your data on the pages of the social network (e.g. information or deletion). However, you can also assert your legal rights against us. In this case, we will forward your enquiry to the operator of the social network. We use the Facebook pixel to display our Facebook ads to Facebook users who have shown an interest in our online offering or who have certain characteristics that we transmit to Facebook (so-called ‘custom audiences’).

The legal basis for the use of Facebook Custom Audience is your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

We use the YouTube embedding function to display and play videos from the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660, E-Mail: support-deutschland@google.com (‘Google’).

The extended data protection mode is used here, which, according to the provider, only initiates the storage of user information when the videos are played. If the playback of embedded YouTube videos is started, the provider ‘YouTube’ uses cookies to collect information about user behaviour. According to YouTube, these are used, among other things, to record video statistics, improve user-friendliness and prevent abusive behaviour. If you are logged in to Google, your data can be assigned directly to your account when you click on a video. If you do not wish to be associated with your YouTube profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and analyses them. Such an evaluation is carried out in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your consent. Irrespective of playback of the embedded videos, a connection to the Google network ‘DoubleClick’ is established each time this website is accessed, which can trigger further data processing operations without our influence. Further information on data protection at ‘YouTube’ can be found in the provider’s privacy policy at: https://www.google.de/intl/de/policies/privacy

We use ‘Google reCAPTCHA’ (hereinafter ‘reCAPTCHA’) on this website. The provider is Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland.

The purpose of reCAPTCHA is to check whether data is entered on this website (e.g. in a contact form) by a human or by an automated programme. For this purpose, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.

The data is stored and analysed on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website from abusive automated spying and SPAM. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.

For more information about Google reCAPTCHA, please refer to the Google Privacy Policy and the Google Terms of Use at the following links: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de.

Our website uses so-called Content Delivery Networks (CDN). A CDN is a network of high-performance servers that cache content at various locations around the world. A CDN essentially has two tasks: firstly, to provide content in the shortest possible time and secondly, to relieve the web host by distributing the data traffic. CDNs transmit two types of content: Static and dynamic content. All website visitors receive static content in the same form, such as video content from streaming services or code frameworks (e.g. Javascript, jQuery). Dynamic content is initially customised to the user and only created at the moment of the request. This includes content that takes place via web applications, e-mail or online shops and is personalised. In order to be able to use the latter, information about the website visitor must first be transmitted to the CDN. The legal basis for the use of a CDN and the transmission of your data to it is Art. 6 para. 1 sentence 1 letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need for a technically flawless and fast presentation of our website and the relief of our IT infrastructure. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice. In detail, we use:

We use the CDN service ‘BootstrapCDN’ (formerly called ‘MaxCDN’) from jsDelivr. You can find more information on the handling of user data in BootstrapCDN’s privacy policy at: https://www.jsdelivr.com/terms/privacy-policy-jsdelivr-net

We use the CDN service ‘CDNJS’ from Cloudflare, Inc, 101 Townsend St, San Francisco, CA 94107, USA. Further information on data protection at Cloudflare: https://www.cloudflare.com/de-de/privacypolicy/

We use the JavaScript library jQuery via the CDN (Content Delivery Network) of the OpenJS Foundation. Further information on data protection: https://openjsf.org/

Persons below the age of 18 should not submit personal data to us without the consent of their parents or legal guardians. Minors may only provide personal information with the express consent of their parent or legal guardian, or if they are 16 years or older. This data will then be processed in accordance with this Data Privacy Statement. Before you give your consent, advise your child about the risks ensuing from communication in the Internet and the release of personal information in online operation.