- 1.1 Responsible Party
- 1.2 Type and scope of data processing
- 1.3 Rights of the data subject
The party responsible within the meaning of the General Data Protection Regulation Art. 4 No. 7 GDPR and other national data protection laws of the member states as well as other data protection regulations is:
Flüchtlingsrat Sachsen-Anhalt e.V.
Authorized to represent from the board: Robert Fietzke (chairman), Reem Alrahmoun (deputy chairman), Liban Hassan Awsaid (treasurer)
You can reach the data protection officer at email@example.com .
Type and scope of data processing
1. Provision of the website: processing of access data
In principle, we only process personal user data insofar as this is necessary to provide a functional website and the content and services. You can therefore visit the website without providing any information about yourself. Only the following access data is stored in so-called server log files:
- Referrer (previously visited website)
- Requested website or file
- Browser type and browser version
- Operating system used
- Device type used
- Time of access
- IP address in anonymized form
These data are used exclusively for
- Ensuring trouble-free operation
- Ensuring a smooth connection to the website,
- Ensuring comfortable use of our website,
- Defense against attacks on our website and our IT system and
- Evaluation of system security and stability.
The legal basis for data processing is Art. 6 Para. 1 S. 1 lit.f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally. The data stored in the server logs may be checked by technical service providers who act as processors for the operation and maintenance of the site. In addition, they will not be transmitted to third parties.
Opposition and removal option
The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no possibility of objection on the part of the user.
2. When contacting us: data processing to process your inquiries
2.a Via email
The website has email addresses that can be used to contact us electronically. We collect the personal data that you voluntarily provide to us when you contact us by email.
These data are only processed for this correspondence with you and for the purpose for which you have given us the data in the context of this communication, e.g. to process your request or to contact you at your request. In this case, the processing of personal data takes place with your consent and on the basis of Art. 6 Para. 1 a GDPR. In this context, the data will not be passed on to third parties without your knowledge.
If the aim of the email contact is to conclude a contract, the additional legal basis for processing is Art. 6 Para. 1 lit. b GDPR.
2.b Via complaint form
There is a complaint form on the website in which users can leave an entry. If a user uses this option, the data entered in the input mask will be transmitted to us and saved. Personal details are optional in order to be able to guarantee an anonymous process if requested.
At the time the entry is sent, the following data is stored in addition to the information entered: Date and time of sending. For the processing of the data, your consent is obtained as part of the sending process and reference is made to this data protection declaration.
These data will only be processed for this correspondence with you and for the purpose for which you have given us the data in the context of this communication, e.g. to process your complaint or to respond to your request to contact you. In this case, the processing of personal data takes place with your consent and on the basis of Art. 6 Para. 1 a GDPR. In this context, no personal data is passed on to third parties.
2.c Use of the information services
In order to enable you to use the information services, your name and email address will be added to our mailing list. Information about the place and your organization are voluntary and serve statistical purposes.
It is not possible for other subscribers to view your personal data within the distribution list. You can unsubscribe from a subscribed information service at any time on the relevant page:
The information services are used with your consent and on the basis of Art. 6 Para. 1 a GDPR.
Data deletion and storage duration
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
Opposition and removal option
The user has the option at any time to revoke his consent to the processing of personal data and to object to the storage of his personal data. In such a case, the conversation cannot be continued. Send an informal email to firstname.lastname@example.org .
We maintain various online presences within different social networks in order to communicate with the users active there or to offer information about us there.
We would therefore like to point out that user data can be processed outside of the European Union. This can result in different risks for the users, because, for example, the enforcement of the rights of the users could be made more difficult. With regard to US providers, we point out that data is processed in the USA.
Furthermore, the data of users within social networks are usually processed for market research and advertising purposes and used accordingly. For example, usage profiles can be created on the basis of user behavior and the interests of the users resulting from this. The usage profiles can in turn be used, for example, to place advertisements inside and outside the networks that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users' computers - i.e. your computers - in which the usage behavior and the interests of the users - i.e. your behavior - are saved. Furthermore, data can also be stored in the usage profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
For a detailed and comprehensive presentation of the respective forms of processing and the options for objection (opt-out), we refer to the data protection declarations and information provided by the operators of the respective networks for these networks. In principle, you have the option to object to the use of your data on these platforms.
But also in the case of requests for information - you also have the right in accordance with the GDPR - and the assertion of other so-called data subject rights (if your data has been collected or stored, processed or passed on), we point out that these are most effective with the providers can be asserted. Because only the providers have access to the data of the users and can take appropriate measures and provide information directly. You can also assert these rights against these companies by referring to the GDPR, for example in Germany as well as in other European countries.
Processed data types: Inventory data (e.g. names, addresses), contact data (e.g. e-mail, telephone numbers), content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times) , Meta / communication data (e.g. device information, IP addresses).
- Affected persons: all users (e.g. website visitors, users of online services) whose data was collected, stored, processed or passed on
- Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f. GDPR), consent (Art. 6 Par. 1 S. 1 lit. a. GDPR) if you have a profile with the providers themselves and visit the provider's pages
Services and service providers with whom we maintain profiles:
- Facebook: Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland, parent company: Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA; Website: https://www.facebook.com ; Data protection declaration: https://www.facebook.com/about/privacy ; Opposition option (opt-out): Settings for advertisements: https://www.facebook.com/settings?tab=ads; Additional information on data protection: Agreement on joint processing of personal data on Facebook pages: https://www.facebook.com/legal/ terms / page_controller_addendum , data protection information for Facebook pages: https://www.facebook.com/legal/terms/ information_about_page_insights_data .
- Twitter: Provider: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. Website: https://twitter.com . Notes on data protection: https://twitter.com/de/privacy .
Social Media Buttons
The share buttons are integrated in compliance with data protection regulations. As a result, no data is passed on to the linked pages as long as you do not click the buttons to share. When sharing, a new browser window opens in which the connection to the respective network is established. The following guidelines apply to clicking and sharing:
- "Share on Twitter": By using the "Re-Tweet" function on Twitter (Provider: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland) the websites you visit are linked to your Twitter account and made known to other users. This data is also transmitted to Twitter. We would like to point out that, as the provider of the website, we have no knowledge of the content of the data transmitted or its use by Twitter. You can find more information on this in Twitter's data protection declaration at https://twitter.com/privacy .
You can change your data protection settings on Twitter in the account settings at: https://twitter.com/account/settings .
This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the inquiries you send to us. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http: //" to "https: //" and by the lock symbol in your browser line.
If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
Rights of the data subject
If your personal data is processed, you are affected within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:
- Right to information
You can request confirmation from the person responsible as to whether we are processing personal data relating to you.
If such processing is available, you can request the following information from the person responsible:
(1) the purposes for which the personal data are processed.
(2) the categories of personal data that are processed;
(3) the recipients or the categories of recipients to whom the personal data relating to you have been disclosed or are still being disclosed;
(4) the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the duration of storage;
(5) the existence of a right to correct or delete your personal data, a right to restrict processing by the person responsible or a right to object to this processing;
(6) the right to lodge a complaint with a supervisory authority;
(7) all available information about the origin of the data if the personal data are not collected from the data subject;
(8) the existence of automated decision-making including profiling in accordance with Art. 22 Para. 1 and 4 GDPR and - at least in these cases - meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.
- Right to rectification
You have a right to correction and / or completion vis-à-vis the person responsible if the processed personal data concerning you is incorrect or incomplete. The person responsible must make the correction immediately.
- Right to restriction of processing
You can request that the processing of your personal data be restricted under the following conditions:
(1) if you dispute the accuracy of the personal data concerning you for a period of time that enables the person responsible to check the accuracy of the personal data;
(2) the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
(3) the person responsible no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
(4) if you have objected to the processing in accordance with Art. 21 Paragraph 1 GDPR and it has not yet been determined whether the legitimate reasons of the person responsible outweigh your reasons.
If the processing of your personal data has been restricted, this data - apart from its storage - may only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest processed by the Union or a Member State.
- Right to deletion
a ) Deletion obligation
You can request the person responsible to delete the personal data relating to you immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:
(1) The personal data relating to you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You revoke your consent on which the processing was based in accordance with Article 6 (1) (a) or Article 9 (2) (a) GDPR, and there is no other legal basis for the processing.
(3) You object to the processing in accordance with Art. 21 Paragraph 1 GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing in accordance with Art. 21 Paragraph 2 GDPR.
(4) The personal data concerning you have been processed unlawfully.
(5) The deletion of your personal data is necessary to fulfill a legal obligation under Union law or the law of the member states to which the person responsible is subject.
b ) Exceptions
The right to deletion does not exist if processing is necessary
(1) to exercise the right to freedom of expression and information;
(2) To fulfill a legal obligation that requires processing under the law of the Union or of the Member States to which the person responsible is subject, or to perform a task that is in the public interest or in the exercise of official authority that is transferred to the person responsible has been;
(3) for reasons of public interest in the area of public health in accordance with Art. 9 Paragraph 2 lit. h and i as well as Art.
(4) for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes in accordance with Art. 89 Para. 1 GDPR, insofar as the right mentioned under section a) is likely to make the realization of the objectives of this processing impossible or seriously impair it, or
(5) for the establishment, exercise or defense of legal claims.
- Right to information
If you have asserted the right to correction, deletion or restriction of processing against the person responsible, the person responsible is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction of processing, unless this turns out to be impossible or involves a disproportionate effort.
You have the right vis-à-vis the person responsible to be informed about these recipients.
- Right to data portability
You have the right to receive the personal data concerning you that you have provided to the person responsible in a structured, common and machine-readable format. You also have the right to transfer this data to another person responsible without hindrance from the person responsible to whom the personal data was provided, provided
(1) the processing is based on consent in accordance with Art. 6 Paragraph 1 lit.
(2) the processing is carried out using automated procedures.
In exercising this right, you also have the right to have your personal data transmitted directly from one person in charge to another person in charge, insofar as this is technically feasible. This must not impair the freedoms and rights of other people.
The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task that is in the public interest or takes place in the exercise of official authority that has been transferred to the person responsible.
- Right of objection
You have the right, for reasons that arise from your particular situation, to object at any time to the processing of your personal data, which is based on Art. 6 Para. 1 lit. e or f GDPR; this also applies to profiling based on these provisions.
The person responsible will no longer process the personal data concerning you unless he can prove compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If the personal data relating to you are processed in order to operate direct mail, you have the right to object at any time to the processing of the personal data relating to you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.
If you object to processing for direct marketing purposes, the personal data relating to you will no longer be processed for these purposes.
- Right to revoke the data protection declaration of consent
You have the right to withdraw your declaration of consent under data protection law at any time. Withdrawing your consent does not affect the legality of the processing carried out on the basis of your consent up to the point of withdrawal.
- Automated decision in individual cases including profiling
We do not use automated decision-making, including profiling
- Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged violation, if you are of the opinion that the processing of your personal data is against violates the GDPR (overview: https://www.bfdi.bund.de/DE/Service/Anschriften/anschriften_table.html).
The supervisory authority to which the complaint was submitted informs the complainant about the status and the results of the complaint, including the possibility of a judicial remedy in accordance with Art. 78 GDPR.