ASF in the Internet
Contact, comments, suggestions: firstname.lastname@example.org
Name and address of the controller
Aktion Sühnezeichen Friedensdienste e.V.
10117 Berlin, Germany
T: +49 30 28 395 – 184
F: +49 30 28 395 – 135
Data protection officer
The correct implementation of data protection laws is carried out by us through an external data protection officer. If you have issues regarding the processing of your personal data, you can also contact this party directly:
GFAD Datenschutz GmbH
Data Protection Officer
10553 Berlin, Germany
Treatment of personal data
Aktion Sühnezeichen Friedensdienste takes the protection of personal data very seriously. Personal data is any piece of information about the personal or factual affairs of an identified or identifiable natural person (data subject). This includes information such as the person’s name, address, postal address, telephone number, and e-mail address. Not included is information that is not connected to a person’s identity (for example the number of female users of a website).
Aktion Sühnezeichen Friedensdienste stores the information on specially secured servers in Germany. Only a few specially authorised persons who are involved with the technical, commercial, or editorial administration of such servers have access to them. Such accessing likely enables identifications (for example IP address, date, time, and web pages visited) to be made on the basis of the data stored on the servers for backup purposes. IP addresses are not being used to identify users, and no profiles of the using persons are being created neither in relation to concrete persons nor in an anonymised form. The inputting of data by a person is deemed as the person’s consent to the collection and storage of the data. The right to analyse anonymised data records for statistical purposes is reserved.
Description and scope of data processing
Each time our website is visited, our system, i.e. the web server, automatically collects information from the system of the visitor’s computer or user device. The following data is thereby collected by us:
The legal legitimation for the temporary storing of this data and the log files is found in Article 6(1)(f) of the General Data Protection Regulation (GDPR), i.e. it is in our legitimate interests as the operator responsible for the website to do so.
The temporary storing of a user’s IP address on our system is required to enable the transmission of the website to the user’s computer. This necessitates the storing of the user’s IP address for the duration of the session. The storing of the aforementioned data in the log files is done to assure the proper functioning of our website. This data is also used by us for optimising the website and for ensuring the integrity of our IT systems (e.g. attack recognition). This data is not being used for market-analysis purposes. The aforementioned data is deleted as soon as it is no longer needed for the purpose for which it was collected. In the case of data collected for enabling the transmission of the website, the purpose for which it was collected ends when the respective session ends. In the case of data stored in log files, this is the case at the end of seven days at the latest. A storage for longer periods of time is also possible. In such cases, the user’s IP address is deleted or is distorted in such a way that an attributing of it to the accessing client is no longer possible and the data contained in it no longer has any connection to a person.
Disclosure of personal data to third parties
Aktion Sühnezeichen Friedensdienste uses personal data exclusively for fulfilling its duties within the organisation and within associated partner organisations. Aktion Sühnezeichen Friedensdienste only discloses personal data to third parties if it is required for fulfilling its duties, if it is prescribed or allowed by law, or if it has been consented to.
Data security (SSL encryption)
ASF uses the SSL encryption procedure in order to best protect your transmitted data from undesired accessing. These kinds of encrypted connections are identifiable by the prefix ‘https://’ and by the green lock displayed beside the page link in the address bar of your browser. Unencrypted pages are recognisable by the prefix ‘http://’. Thanks to the SSL encryption, none of the data transmitted by you to this website, for example in conjunction with queries or logins, can be read by outside third parties. Your information is being transferred through the internet from your computer to our server, and vice versa, by means of a 128-bit TLS 1.2 encryption key (Transport Layer Security).
Data subjects are entitled at any time to prevent our website from storing cookies [in their browsers] by making the appropriate settings in their web browsers. By doing so, they can permanently object to the storing of cookies. Moreover, cookies that are already stored can be deleted at any time via a web browser or other software programs. All of the web browsers commonly used allow for this. If a data subject does deactivate the storing of cookies in his or her web browser, then some of the functions of our website may not be fully functional.
Use of Matomo (formerly Piwik)
ASF’s website uses the web analysis software Matomo (www.matomo.org), a service of InnoCraft Ltd., 150 Willis St., 6011 Wellington, New Zealand (‘Matomo’), to collect and store data; the legal legitimation for this is found in Article 6(1)(f) GDPR, i.e. our legitimate interest in statistically analysing user behaviour for optimisation and marketing purposes. From this data, anonymised usage profiles can be created and analysed for the same purposes. Cookies can be used for this. Cookies are small text files that are stored locally in the intermediate memory of the visitor’s web browser. Cookies enable, among other things, the recognition of the web browser. The data collected via the Matomo technology (including your anonymised IP address) is being processed on our servers.
Information generated through cookies in user profiles that use pseudonyms is not being used to personally identify visitors to this website and is not being consolidated with the personal data of the persons behind the pseudonyms.
If you do not agree to the storing and analysing of this data collected during your visit, then you can object at any time to such storage and use by clicking on the following. If you do this, a so-called opt-out cookie is stored in your browser, which prevents Matomo from collecting any kind of session data whatsoever. Please note that a deletion of all of your cookies also deletes the opt-out cookie, which you may then have to activate again.
As already mentioned above, data subjects are entitled at any time to prevent our website from storing cookies [in their browsers] by making the appropriate settings in their web browsers. By doing so, they can permanently object to the storing of cookies. Such a setting in the web browser would also prevent Matomo from storing cookies in the data subjects’ IT systems. Moreover, cookies that are already stored by Matomo can be deleted at any time via a web browser or other software programs.
You may choose not to have a unique web analytics cookie identification number assigned to your computer to avoid the aggregation and analysis of data collected on this website. To make that choice, please click below to receive an opt-out cookie.
Opt-out complete. Your visits to this website will not be recorded by the Web Analytics tool.
Note that if you clear your cookies, delete the opt-out cookie, or if you change computers or Web browsers, you will need to perform the opt-out procedure again.
It is your decision here whether to allow the storing of a unique web-analysis cookie in your browser so that the operator of the website can collect and analyse various kinds of statistical data.
If you decide that you do not want this, then click on the following link to have a Matomo deactivation cookie stored on your browser.
Your visit to this website is currently being included in the Matomo web analysis. Click here if you no longer want your visit to be included in it.
Use of your data for the newsletter
By registering for our newsletter, you consent to Aktion Sühnezeichen Friedensdienste using your name and your e-mail address to send you information about the organisation. The sending of the newsletter is made on the basis of your consent as contemplated by Article 6(1)(a) GDPR.
Subscriptions to and the sending of the newsletter are done using the so-called double-opt-in procedure, i.e. you only receive the newsletter if your registration [for the newsletter] via our website is re-confirmed by you by activating a link sent to you in an e-mail from our organisation. In conjunction with an outsourcing of data processing activities to Cleverreach, a certified (by various data-protection certification bodies) provider of subscription software, your e-mail address is passed on for the purposes of technical distribution.
You can object at any time to the use of your personal data for the aforementioned purposes by writing to:
Aktion Sühnezeichen Friedensdienste e.V.
10117 Berlin, Germany
T: +49 30 28395 – 184
F: +49 30 28395 – 135
You can also cancel the regular receipt of the newsletter at any time by clicking on the unsubscribe link at the bottom of each newsletter. You can also unsubscribe through the website. Your data is deleted after you unsubscribe to the newsletter.
Aktion Sühnezeichen Friedensdienste e.V.’s newsletters contain so-called tracking pixels. Tracking pixels are miniature graphics embedded in e-mails sent in HTML format to enable the recording and analysis of log files. Through this, statistical analyses of the success or failure of online marketing campaigns can be made. On the basis of the embedded tracking pixels, Aktion Sühnezeichen Friedensdienste e.V. can determine whether and when an e-mail was opened by a data subject and which links in the e-mail the data subject clicked on.
The personal data collected via tracking pixels in the newsletters is being stored and anonymously analysed by the controllers responsible for the processing. The legal legitimation for this is found in Article 6(1)(f) GDPR, i.e. it is done in the controller’s legitimate interests in optimising the newsletter distribution and in adapting the contents of future newsletters to the interests of the data subjects. This personal data is not being disclosed to third parties. Data subjects are entitled to object at any time to this tracking. Once an objection is made, this personal data is deleted by the controller responsible for the processing. An unsubscribing to the newsletter is automatically deemed by Aktion Sühnezeichen Friedensdienste e.V. as an objection. Your data is deleted after you unsubscribe to the newsletter.
Donation, contact, and job application forms
The data transmitted by you via our donation forms, contact forms, and job application forms are transferred via an encrypted SSL connection. It thereby reach us in a secure manner and is protected from being spied on by third parties. You can recognise this by the green locked lock in the address bar of your web browser. The processing of the personal data provided by you is done solely for the processing of your donation, your enquiry, or your job application, the legal legitimation for which is found in Article 6(1)(b) GDPR and in Article 6(1)(f) GDPR. Your job application documents are disclosed only to those employees working in this area and only for fulfilling their duties in our organisation or in partner organisations.
Aktion Sühnezeichen Friedensdienste collects and stores your address data for the automatic sending of the donation receipt at the beginning of the year following the year the donation was made.
Aktion Sühnezeichen Friedensdienste also stores your data in order to inform you about the use of your donation, the work in our organisation and our projects, and to ask you for your support for the association’s goals and topics, and to invite you to events. The legal legitimation for the processing of data in relation to donations is found in Article 6(1)(b) GDPR; for our legitimate interest in informing our donators about the use of the donation and about our work, the legal legitimation is found in Article 6(1)(f) GDPR. The data is only stored for as long as it is needed to fulfil its purpose, for the statutory storage periods mandatory for us, or until the deletion of it is demanded. Donation receipts must be kept for ten years. If a deletion cannot be made due to mandatory statutory storage periods, then your data will be blocked. We will of course block your data at your request – even for individual topics or areas only. Please contact us at email@example.com. We will carry out your request without undue delay. We would also be very happy to meet with you in person and provide you with advice or information.
Disclosure of data to third parties
Your bank account details are disclosed by us to our bank, the Bank für Sozialwirtschaft, Berlin, in conjunction with the direct debits issued to us.
Certified software only and the EBICS procedure, which is supported by all German banks and is doubly encrypted, are being used for this.
Some services, such as the sending of letters, are carried out with the partial assistance of service providers. With all of the service providers commissioned by Aktion Sühnezeichen Friedensdienste, agreements on the outsourcing of data processing in compliance with the provisions of the GDPR have been concluded. This ensures that your personal data is only being processed for the intended purpose and is not being used or disclosed beyond the scope of the commission.
Overview of the forms used:
Your name, e-mail address, and your questions for ASF are transmitted to us via the contact form found at www.asf-ev.de/de/kontakt/. We need this data to answer your questions. Your data is deleted after your question is answered, unless you have given us your consent to use your data further or if a deletion is not possible due to mandatory statutory storage periods. The legal legitimation for this data processing is the consent contemplated by Article 6(1)(f) GDPR.
The donation form is found at www.asf-ev.de/de/spenden/jetzt-spenden/.
The following data is needed by us to process your donation, to issue a donation receipt, and to be able to contact you for any questions:
First name, last name, street, street number, postal code, city, e-mail address.
In the case of donation receipts, German tax law, as well as contract law, obligates us to store these for ten years. Furthermore, we use your contact data to inform you about how your donation is being used and about the work at ASF, unless you object to this. The legal legitimation for this data processing is found in Article 6(1)(b) GDPR, i.e. the processing of the donation.
Regular publications, books, brochures, DVDs, and other articles in the ASF collection can be purchased by you through our online Webshop. The order is placed through an online form in which you must enter the personal data necessary for processing the order. For the protection of your personal data, the website is encrypted in accordance with current technological standards. The SSL protocol used by us ensures a secure transfer of your personal data to us.
Sermon support texts are free of charge and can be ordered at www.asf-ev.de/de/publikationen-webshop/regelmaessige-publikationen/predigthilfen/bestellformular-predigthilfe/.
We need your name and e-mail address in order to send you these publications. You can choose to have these sent by e-mail or by post. If you choose to have them sent by post, we will need your postal address in addition. The legal legitimation for processing your order is found in Article 6(1)(b) GDPR.
After your order, your e-mail address is also being used by us for informing you about other publications and about the work of ASF, which is being done for our legitimate interests as contemplated by Article 6(1)(f) GDPR. If you do not want us to send you this information, you can object to it at any time by sending an e-mail to firstname.lastname@example.org. Your data is then being blocked until the end of the statutory storage period and deleted afterwards, unless you give us your consent to further process your data.
For articles ordered out of the ASF collection, we need your name, postal address, and your e-mail address in order to process the order and send you the goods. We also use your contact data to inform you about other things offered by ASF and about the activities of ASF. If you do not want us to send you this information, you can object to it at any time by sending an e-mail to email@example.com.
Your data is being deleted after the end of the statutory storage period, unless you give us your consent to use your data further.
For ordering publications, books, brochures, and DVDs, we need your name, postal address, and your e-mail address in order to process the order and send you the goods. We also use your contact data to inform you about other things offered by ASF and about the activities of ASF. If you do not want us to send you this information, you can object to it at any time by sending an e-mail to firstname.lastname@example.org. Your data is being deleted after the end of the statutory storage period, unless you give us your consent to use your data further.
The registration for the newsletter can be made at www.asf-ev.de/de/newsletter/. For the newsletter, we need your e-mail address and your last name (obligatory information). We need your last name in order to address you personally in the newsletter. It is only with your express consent that we are allowed to send you our newsletter containing information about the activities and upcoming events at ASF. The legal legitimation for this is found in Article 6(1)(a) GDPR. By sending an e-mail to email@example.com, you can revoke your consent at any time, which will be effective for the future.
To attend a summer camp, interested persons can apply here: //www.asf-ev.de/de/freiwilligendienste/sommerlager/anmeldung/online-anmeldung/.
For the organising, carrying out, and follow-up assessments of the summer camps, we need your personal data, the legal legitimation for which is found in Article 6(1)(b) GDPR. This data is obligatory and is marked with an asterisk (*). All other information is voluntary. The more we know about you, the better we are able to care for you and accommodate your wishes and interests during a summer camp. For administering the summer camps, your data is sent to the ASF office in the respective German state. Once a summer camp is over, we would like to stay in contact with you and send you information about our activities and other ASF events. If you do not want any further information, you can object to it at any time, which will take effect for the future. Your data is then being deleted after the end of the statutory storage period, unless you give your consent to use it further.
Data protection in the case of job applications and job-application procedures for advertised and unsolicited employment positions
The personal data given to us by you in conjunction with your job application is being treated confidentially by us and is only disclosed to those employees working in this area of our organisation. Your personal data is being processed for the job-application procedure, the legal legitimation for which is found in Article 6(1)(b) GDPR.
The processing can also take place electronically. This is especially the case when applicants send their application documents electronically via e-mail to the controller responsible for the processing. We point out here, however, that the sending of unencrypted e-mails involves certain security risks, for example unauthorised access or reading of the content, that cannot be ruled out.
If the controller responsible for the processing concludes an employment contract with the applicant, then the data transferred for the purposes of processing the employment relationship must be stored in compliance with the statutory requirements. If the responsible controller does not conclude an employment contract with the applicant, then the application documents are automatically deleted six months after the announcement of the decision not to hire, unless a deletion is not possible due to other legitimate interests of the controller responsible for the processing or unless consent is given to process them further.
‘Other legitimate interests’ within the meaning of the foregoing includes, for example, a duty to provide proof in proceedings under the [German] General Act on Equal Treatment (AGG).
Working as a volunteer and as a team member
Certain requirements must be met by you in order to work as a volunteer or team member at ASF. Questions related to such requirements are asked of you via an (online) form, the legal legitimation for which is based on Article 6(1)(b) GDPR. This personal information is transferred via an encrypted process and kept confidential by us. The data is disclosed only to the employees working in this area of our organisation and in some cases of partner organisations and strictly for the intended purpose. If you do not meet the requirements, your data is deleted once it is no longer needed, but at the latest at the end of six months, unless you give us your consent to store it longer. If you do meet the requirements, your data is then stored and processed for contractual-fulfilment and administration purposes during your employment in order to provide you with the information needed for your daily work.
In order to establish and administer a membership as contemplated by Article 6(1)(b) GDPR, the personal data requested in the membership application form is required by us. The data is disclosed only to the employees in our organisation responsible for the administration of memberships. During your membership, you will receive information about our work and about upcoming events. The data collected for the membership is being stored by us for the duration of the membership and until the end of the statutory storage periods. Your membership data is deleted two years after the membership ends. At the end of this period, the information regarding the membership relationship required by tax law is being stored for the time periods prescribed by law. The required storage period under tax law is generally ten years. During this time period, any re-processing of the data is only made in the case of an audit by the tax authorities.
Participation in voluntary services
For the processing of and participation in voluntary services, we need certain personal data from you, which we request from you in our (online) form. The legal legitimation for processing the data provided by you is found in Article 6(1)(b) GDPR.
Your data is being transferred in an encrypted form, treated confidentially, and is only being disclosed to the employees working in this area of our organisation and to the competent partner organisations in the country in which your voluntary service is being performed. After the voluntary service ends, we are using your contact data to send you further information about our work and events. If you no longer wish to receive information, you can inform us of this at any time in text form and send it to either our e-mail or postal address. Your data is blocked until the end of the statutory storage periods, which means you will receive no further information from us; at the end of these periods, your data is being deleted.
Our website provides opportunities to share content, via external links, on social networks or via e-mail. When you use these links, you are forwarded to the websites of the providers of these and the corresponding user information is disclosed.
If, while you are visiting our website, you are logged in to one of these social networks with your account and you share our content, then this information is linked to your account. As operators, we have no control over the data that is transmitted to the various servers via plugins. What usually is transferred is the IP address.
Facebook as the standard plugin
The so-called social plugins of the social network Facebook are being used on our website; Facebook is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA (‘Facebook’). The plugins are marked with a Facebook logo or bear the supplement ‘Social Plugin by Facebook’ or ‘Facebook Social Plugin’. An overview of the Facebook plugins and what they look like is available at developers.facebook.com/docs/plugins.
If you visit one of the pages of our website that contains such a plugin, your browser creates a direct connection to the Facebook servers. The contents of the plugin are transmitted by Facebook directly to your browser and embedded in the page. Through such embedding, Facebook receives the information that your browser has accessed the corresponding pages of our website, even if you have no Facebook profile or are not logged in to Facebook at that time. This information (together with your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there.
If you are logged in to Facebook, Facebook can directly attribute the visiting of our website to your Facebook profile. If you interact with the plugins, for example by clicking on the ‘Like it’ button or by commenting on something, this information too is directly transmitted to a Facebook server and stored there. The information is also published on your Facebook profile and is shown to your Facebook friends.
The legal legitimation for the foregoing data processing activities is found in Article 6(1)(f) GDPR, i.e. on the basis of Facebook’s legitimate interests in displaying personalised advertising for the purpose of informing other social network users about your activities on our website and in the interests of a need-based design of the service.
If you do not want Facebook to directly attribute to your Facebook profile the data collected via our website, you must log out of Facebook before visiting our website. The loading of Facebook plugins, and therefore the above-described data processing activities, can also be prevented by you for your browser for the future through the use of add-ons, for example the script blocker ‘NoScript’ (http://noscript.net/).
Facebook Inc., with its registered office in the USA, has certified to the EU-US Privacy Shield Framework, which ensures compliance with the level of data protection effective in the EU.
The purpose and the extent of the collection of data and the further processing and use of it by Facebook, as well as your rights and the settings for protecting your private sphere, are found on Facebook’s data policy page:
Facebook fan page
ASF operates an online profile on Facebook, a so-called Facebook fan page.
The following supplementary information on data processing applies when visiting our fan page.
General information about data protection by Facebook is found here.
1. Joint responsibility, contact data, data protection officer for the organisation:
According to Article 26 GDPR, ASF and Facebook are jointly responsible for the operation of our Facebook fan page. In an agreement with Facebook, we have stipulated who must fulfil which obligations with respect to data protection. This agreement can be viewed here. According to the agreement, Facebook has the primary responsibility for informing data subjects about the joint processing of data and for enabling such persons to exercise their data protection rights. Regardless of this, we still wish to inform you about what happens when you visit our fan page.
You can contact us at:
Aktion Sühnezeichen Friedensdienste e.V.
10117 Berlin, Germany
T: +49 30 28 395 – 184
F: +49 30 28 395 – 135
You can contact Facebook at:
Facebook Ireland Ltd.
4 Grand Canal Square
Grand Canal Harbour
Dublin 2, Ireland
You can contact Facebook online here
You can contact our organisation’s internal data protection officer at:
GFAD Datenschutz GmbH
Data Protection Officer
10553 Berlin, Germany
You can contact Facebook’s data protection officer at:
2. Collecting and storing personal data, and the kinds, purpose, and use of the data collected:
a) Data collected by Facebook:
The user data collected when visiting Facebook is generally also collected by Facebook for market research and advertising purposes. On the basis of the user behaviour (including when visiting our fan page), complex user profiles are created, which Facebook can use to provide the visitor with personalised advertisements within and outside of Facebook. Further information on this is also found in the Facebook Data Policy.
If you do not agree with this, you can object to it (opt-out) here.
b) Data used by us (‘Page Insights’) and legal legitimation:
Facebook provides us with statistics and usage data on the basis of which we are able to analyse our fan page (so-called ‘Page Insights’). This enables us to continually improve our Facebook presence.
As the page administrators, there is no other way for us to analyse the user behaviour on our fan page, not even through user tracking. It is also completely impossible for us to identify the visitors to our fan page on the basis of Page Insights. Pursuant to the agreement [with Facebook], we especially have no right to demand from Facebook the disclosure of individual visitor data. Identifications are only possible for us is if we are able to attribute to individual Facebook profiles those instances where our page was actively ‘Liked’; this only works, however, when our fan page was actively ‘Liked’ by a visitor and this visitor’s settings for ‘Likes’ are set on ‘public’.
The information used by Facebook to create the Page Insights is found here.
The operation of the Facebook fan page and the use of Page Insights serves our legitimate interests in creating an effective public image and an efficient communication with our customers and prospective customers. Such interests justify the operating of the page both with respect to the legitimate interests of Facebook users and with respect to those visitors of our fan page who have no Facebook account. The legal legitimation is therefore found in Article 6(1)(f) GDPR.
3. Disclosure of personal data to third parties
Data collected by Facebook is exchanged amongst and processed by all of the companies in the Facebook group. The companies in the Facebook group include, for example, Instagram, WhatsApp, and Oculus. Information collected by Facebook is used, for example, to display personalised advertising to Instagram users, or information from WhatsApp is used to take action on Facebook against accounts that send spam via WhatsApp. This information is found in the Facebook Data Policy under ‘How do the Facebook Companies work together?’
When data is processed by Facebook, it can occur that user data is transferred outside the European Economic Area (EEA), particularly to the USA. For this reason, Facebook has subjected itself to the EU-US Privacy Shield Framework:
For the short messenger service offered on this website, ASF uses the technical platform and the services of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103 U.S.A. Responsible for the processing of data of persons living outside the United States is Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland.
Please be advised that your use of the short messenger service Twitter and its functions is done at your own risk. This applies especially to the use of the interactive functions (e.g. sharing, rating).
1. Data processed by Twitter:
Twitter Inc. has undertaken to comply with the principles of the EU-US Privacy Shield Framework. More information on this is found at https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
ASF has no way of influencing the kind or the extent of the data processed by Twitter, the kind of processing and use, or the disclosure of this data to third parties. It therefore has no effective control possibilities either.
When you use Twitter, your personal data is being collected, transferred, stored, disclosed, and used by Twitter Inc. and, regardless of your domicile, is being transferred to, stored in, and used in the United States, Ireland, and in every other country in which Twitter Inc. has business operations.
Twitter processes the data voluntarily given by you, such as your name and user name, e-mail address, telephone number, or the contacts in your address book if you have uploaded or synchronised these.
Twitter also rates the content shared by you in terms of which topics you are interested in, it stores and processes confidential messages that you have directly sent to other users, and it can determine your location using GPS data, information on wireless networks, or via your IP address in order to send you advertising or other content.
Under certain circumstances, Twitter Inc. uses analytic tools such as Twitter Analytics or Google Analytics for making analyses. ASF has no way of influencing the use of such tools by Twitter Inc. and has also not been informed about any such potential use. If Twitter Inc. uses tools of this kind for the ASF account, ASF has neither commissioned them to do so nor condoned such use nor supported this in any way whatsoever. The information gained through such an analysis is also not made available to ASF. All that ASF can see in its account is certain, non-personal information about Tweet activities, for example the number of times a profile or link is clicked on by a specific Tweet. Moreover, ASF has no way through its Twitter account of preventing or stopping the use of such tools.
Even if you do not have an account, Twitter still receives information, such as the fact that you have viewed certain content. This so-called ‘log data’ can include the IP address, the browser type, the operating system, information about the preceding website visited, the pages visited by you, your location, your mobile phone provider, the end-user devices used by you (including the device ID and the application ID), the search terms used by you, and cookie information.
Because Twitter Inc. is a non-European provider with a European establishment in only one European country (Ireland), Twitter–in its own opinion–is not bound by German data protection laws. These concern such things as your right to be given information, to have data blocked or deleted, or to object to the use of user data for advertising purposes.
How you can restrict the processing of your data is found in the general settings of your Twitter account and under the heading ‘Data Protection and Security’. In the case of mobile devices (smartphones, tablets), you can also set the settings in the devices so that Twitter only has restricted access to your contacts and calendar data, photos, location data, etc. This will depend, however, on the operating system used.
The platform YouTube.com is used by us to place our own videos on the web and to make them accessible to the public; this is done on the basis of our legitimate interest as contemplated by Article 6(1)(f) GDPR. YouTube is a service provided by a third party, i.e. by YouTube LLC, that is not affiliated with us.
Some of the web pages of our website contain links or connections to YouTube content. The general rule is that we are not responsible for the contents of web pages that we provide links to. Please be aware of the fact that if you do follow a link to YouTube, YouTube stores and makes commercial use of its users’ data (e.g. personal information, IP address) according to its own data use policies.
ASF also directly embeds on some of its web pages videos that are stored by YouTube. In the case of such embedding, parts of your browser window will show YouTube website content. The YouTube videos are only activated, however, when they are separately clicked on. This technique is also referred to as ‘framing’. If you visit one of the (sub)pages of our website on which YouTube videos are embedded in this form, a connection to the YouTube server is created and the content is displayed on the website via a message sent to your browser.
The embedding of YouTube content is only carried out in ‘extended privacy mode’. YouTube provides this itself and also ensures that YouTube initially does not store any cookies on your device. But when visiting the pages concerned, the IP address and the other data set out in Point 4 are being transferred and therefore a message is sent as to which of our web pages you visited. This information cannot be attributed to you, however, unless you logged in to or are permanently logged in to YouTube or another Google service (e.g. Google+) before visiting the pages.
Because of the extended privacy mode, the cookies that YouTube stores on your device after you have started watching an embedded video by clicking on it are only those that do not contain personally identifiable data, unless you are logged in to a Google service at the time. The storing of these cookies can be prevented through the respective browser settings and extended settings.
Address and link to the data protection information of third-party providers
YouTube LLC’s main registered office is 901 Cherry Avenue, San Bruno, CA 94066, USA; YouTube is a subsidiary of Google Inc.; information about YouTube or Google’s data processing and data protection is available at https://policies.google.com/privacy?hl=en&gl=en and at https://support.google.com/youtube/answer/171780?hl=en.
Functions of the Instagram service are embedded in our web pages, the legal legitimation for which is a legitimate interest as contemplated by Article 6(1)(f) GDPR. These functions are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. When you are logged in to your Instagram account, you can, by clicking on the Instagram button, link the content of our web pages with your Instagram profile. Through this, Instagram is able to attribute your visiting of our web pages to your user account. We point out to you here that ASF, as the provider of the web pages, obtains no knowledge of the contents of the data transmitted or of its use by Instagram.
Further information on this is available in Instagram’s Data Policy at https://help.instagram.com/519522125107875.
Protection of minors
Children and persons under 18 years of age should not transmit any personal data to us without the permission of their parents or legal guardians. Minors are not allowed to transmit personal data to us without such permission.
Duration for which personal data is being stored
The criterion for determining the duration for which personal data is stored is the respective statutory storage period. Once this period ends, the data involved is routinely deleted unless it is still needed for fulfilling a contract or for pursuing a prospective contract.
Statutory or contractual provisions regarding the provision of personal data; necessary for concluding a contract; obligation of the data subjects to provide the personal data; possible consequences of not providing the data
Please be aware of the fact that the providing of personal data is sometimes required by law (e.g. by tax law) or can arise from a provision of a contract (e.g. information about the contracting partners). The concluding of a contract, for instance, can require that the data subject provides us with personal data that must then be processed by us. Data subjects are obligated, for example, to provide us with personal data if our organisation concludes a contract with them. The failure to provide the personal data would mean that a contract could not be concluded with that person. Before providing personal data, data subjects can consult our data protection officer. Our data protection officer will inform the data subjects whether, in the individual case, the providing of personal data is required by law or by a contract, whether it is required in order to conclude the contract in the first place, whether there is an obligation to provide the personal data, and what the consequences would be if the personal data is not provided.
Automated decision-making practices
As an organisation conscious of its responsibilities, ASF does not engage in any automated decision-making or profiling practices.
Rights of the data subjects
With respect to the personal data concerning you, you have the following rights exercisable against us:
right to be given information under Article 15 GDPR,
right to rectification under Article 16 GDPR and to erasure (‘to be forgotten’) under Article 17 GDPR,
right to the restriction of processing under Article 18 GDPR,
right to data portability under Article 20 GDPR,
right to object to the processing under Article 21 GDPR.
You also have the right to lodge a complaint to a data protection authority regarding our processing of your personal data.
Objection to or revocation of the processing
Any consent given by you to the processing of your data can be revoked by you at any time. Such a revocation has an impact on the permissibility of the processing of your personal data once you have declared it to us.
You are entitled to lodge an objection to the processing of your personal data if the decision to process such data is based on a weighing of interests on our part. This is especially the case when the processing is not required for fulfilling a contract with you, which is stated by us in each of the following descriptions of the functions. When making such an objection, we kindly ask you to state the reasons why we should not process your personal data in the way we have. If your objection is substantiated, we will review the facts and circumstances and will either stop or alter the data processing or we will inform you of the mandatory, meritable reasons why we are continuing with the processing.
The processing of your personal data for advertising and data-analysis purposes can be objected to by you at any time. You can inform us of your objection to such advertising by using the contact information provided below.
Amendments to the Data Protection Statement
The operators reserve the right to amend the Data Protection Statement in response to amendments to the law or in response to changes to the services or to data processing. Any amendments are being brought to the users’ attention at the appropriate places.
Questions, comments, tips
Please do not hesitate to contact us about any questions you may have about data protection. We also welcome any comments or tips from you. You can use the e-mail address firstname.lastname@example.org for this, or you can write us letter and send it to:
Aktion Sühnezeichen Friedensdienste e.V.
10117 Berlin, Germany
General Information on Data Protection
The pamphlet General Information on Data Protection can be downloaded here.