Data Protection Policy
Section 1 Information about the collection of personal data
(1) The following information applies to the collection of personal data when using our website. Personal data are any data that can be related to you personally, e.g. name, address, e-mail addresses or user behaviour.
(2) The legal basis for this declaration is the German Church Data Protection Act (KDG).
(3) The controller in accordance with Section 4, No. 9, KDG, is
Stiftung Liebenau
Kirchliche Stiftung privaten Rechts
Siggenweilerstr. 11
88074 Meckenbeuren
Telefon +49 7542 10-0
info(at)stiftung-liebenau.de
Thomas Kaldenbach
Stiftung Liebenau
Justiziar und Datenschutzbeauftragter
Siggenweilerstraße 11
88074 Meckenbeuren
Telefon +49 7542 10-1101
thomas.kaldenbach(at)stiftung-liebenau.de
(4) ) In some cases we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly monitored. If we use commissioned service providers for individual functions of our services, we shall inform you in detail about the respective processes below. In that respect we shall also state the defined criteria for the storage period.
(5) If our service providers are based in a country outside the European Economic Area (EEA), we shall inform you about the consequences of this circumstance in the service description.
Section 2 Collection of personal data
(1) In the case of using the website to obtain information, i.e. if you merely view our website and do not register or otherwise forward information to us, we process the personal data that your browser transmits to our server (log files). The processing is necessary to display our website to you and ensure stability and security. This legitimate interest is the basis for the data processing in accordance with Section 6(1), letter g), KDG. This applies to the following data:
a) IP address
b) Date and time of the enquiry
c) Time zone difference to Greenwich Mean Time (GMT)
d) Content of the request (specific page)
e) Access status/HTTP status code
f) Respective transferred data quantity
g) Website from which the request comes Browser
h) Operating system and its interface
i) Language and version of the browser software
The data are deleted as soon as they are no longer required for the purpose of their collection. In the case of recording the data to present the web site, this shall be deemed the case if the respective session has ended. In the case of storing the data in log files, this is deemed the case at the latest after five days. Storage beyond this period is possible. In such a case, the user’s IP address shall be deleted or rendered anonymous so that attributing such an IP address to the requesting client is no longer possible.
Section 3 Use of Cookies
Below we explain the mechanisms we use to recognise you as a user. Cookies are used when you visit our website.
Cookies are small text files that are stored on your hard drive in relation to the browser you are using and which provide the party setting the Cookie (in this case us) with certain information. Cookies cannot execute programs or transfer viruses to your computer. They are aimed at making the internet service more user-friendly and effective overall.
With regard to Cookies, a distinction must be made between those that are necessary and those that are not. Technically necessary Cookies, on the other hand, are all Cookies that are necessary to operate a website and maintain its functions. All Cookies that are not absolutely technically necessary to operate a website and provide specific page functions are deemed Cookies that are not necessary in a technical sense.
(1) Technically necessary/unconditionally necessary Cookies - Without consent
We use the following technically necessary Cookies and Cookies that are absolutely necessary in accordance with Section 25(2), No. 2, German Telecommunications Telemedia Data Protection Act (TTDSG), because these are necessary for the operation of our website according to their stated purpose:
| Surename | Third parties | Intended use | Storage Period |
| be_lastLoginProvider | stiftung-liebenau.de | Retains the user’s states for all page requests. | 3 months |
| be_typo_user | stiftung-liebenau.de | Retains the user’s states for all page requests. | 3 months |
| PHPSESSID | stiftung-liebenau.de | Retains the user’s states for all page requests. | Session |
| cookie_optin | www.stiftung-liebenau.de | Retains the user’s Cookie opt-in consent. | 1 month |
For an explanation of these Cookies, please refer to the comments below about the third party providers we use.
(2) Technically unnecessary Cookies - With consent
We use technically unnecessary Cookies based on Section 25(1), TTDSG.
With regard to the processing of data as part of technically unnecessary Cookies and the transfer of your data to third countries, your consent is required in accordance with Section 6(1), letter b), in conjunction with Section 41(1), KDG.
There are currently no third party Cookies in use.
For an explanation of these Cookies, please refer to the comments below about the third party providers we use.
(3) If you do not wish Cookies to be processed, you can configure your browser settings according to your wishes and, for example, refuse to accept third party Cookies Cookies or all Cookies. Please note that you may not be able to use all the functions of this website.
Section 4 Contact form and e-mail contact
(1) Our website contains contact forms that can be used for electronic contact. If a user makes use of this option, the following data shall be forwarded to us and stored in addition to the data entered in the input window:
a) The user’s IP address
b) Date and time of the registration
(2) Your consent is obtained in respect of processing the data as part of the sending procedure, and reference is made to this Data Protection Policy.
(3) Alternatively, you can establish contact via the stated e-mail address. In such a case, the user's personal data forwarded by e-mail are stored. In this context, the data are not forwarded to third parties. The data are used exclusively to process the conversation.
(4) The legal basis for processing the data in the case of obtaining the user's consent is Section 6(1), letter b), KDG. The legal basis for processing the data that are forwarded during the course of sending an e-mail is Section 6(1), letter g), KDG. If the e-mail contact is aimed at entering into a contract, the additional legal basis for the processing is Article 6(1), letter c), KDG.
(5) Processing the personal data from the entry window is intended solely for processing cases in which contact is established. In the event of establishing contact by e-mail, this also constitutes a justified interest in processing the data. The other personal data processed during the forwarding process are aimed at preventing misuse of the contact form and ensuring that our IT systems are secure.
(6) The data are deleted as soon as they are no longer required for the purpose of their collection. With regard to personal data from the entry window of the contact form and personal data that have been sent via e-mail, this is the case if the respective conversation with the user has ended. The conversation is deemed to have ended if based on the circumstances it is clear that the respective matter has been conclusively clarified.
(7) The additional personal data collected during the forwarding process shall be deleted at the latest following a period of seven days.
Section 5 Newsletter and press distribution list
(1) By way of your consent you can subscribe to our newsletter or be included in our press distribution list, which we use to inform you about our work, projects or the current legal situation.
(2) We use the so-called double-opt-in procedure for subscriptions to our newsletter. This means that after your registration, we shall send you an e-mail to the e-mail address you provided, in which we ask you to confirm that you wish to receive the newsletter or be included in the press distribution list. If you do not confirm your registration within 3 days, your information shall be blocked and automatically deleted after one month. Furthermore, we store your IP addresses and the times of registration and confirmation. The procedure is aimed at being able to prove your registration and, if necessary, clarify potential misuse of your personal data.
(3) ) The only compulsory information for sending the newsletter is your e-mail address. Your e-mail address and your request for inclusion in the press distribution list stated in the message field are among the compulsory data for sending press releases. Providing further, separately marked data is voluntary. After your confirmation, we store your e-mail address for the purpose of sending you the newsletter or press releases. The legal basis for this form of data processing is your consent in accordance with Section 6(1), letter b), KDG.
(4) You may withdraw your consent to receive the newsletter or be included in the press distribution list at any time and unsubscribe from the newsletter or press releases. You may state your cancellation by clicking on the link provided in every newsletter e-mail. After cancelling, your IP shall be anonymised after seven days. Your e-mail address shall then only be added to our blacklist so that we cannot write to you again.
Section 6 Applications
(1) You can use the Jobfinder to find out about vacancies at Stiftung Liebenau, our subsidiaries or our co-operation partners. In the case of a search via the Jobfinder only, no personal data are collected apart from the log files (Section 3). Any additional collection of data only occurs when you use the online application form linked to the job you have called up to send us a personal enquiry or your application.
(2) We process the personal data concerned for the purpose of processing your application, insofar as this is necessary for the decision about establishing an employment relationship with us. The legal basis for this is Section 53, KDG. Insofar as we also refer to job offers of our subsidiaries or other institutions, your applications will then be forwarded to these institutions.
(3) Further information about data processing in conjunction with your application can be found in our data protection information for applicants, which you can access here.
Section 7 Events
(1) On our website we offer you the opportunity to find out about cultural and religious events organised by Stiftung Liebenau and affiliated companies or organisations and, if applicable, register for these events by e-mail, in writing or by telephone. If you register for such an event with us by e-mail or wish to receive additional information, we shall process your data as described above in accordance with Section 4. Your data shall only be passed on to third parties if the implementation of the event requires such action.
(2) Photos shall be taken and videos made at these events for documentation, communication and marketing purposes. We use these recordings for reporting and public relations, in our magazines, on our website and in social media. They may also be shared with other media as part of our media relations. We shall additionally inform you appropriately about the taking of photos and making of videos as well as your rights as part of the invitation and during the event. You have the right to object to the taking and use of photos and videos that apply to you, that have already been taken in relation to the photographer or during the event or afterwards with regard to us.
(3) In the context of communication and entering into a contract regarding your participation, the data processing that occurs in this context is based on Section 6(1), letter c), KDG. The legal basis for processing your recordings in the context of our events is our legitimate interest in effective public relations work within the meaning of Section 6(1), letter g), KDG.
(4) We shall store your data for as long as is necessary for the aforementioned purposes.
Section 8 Further education and training offered by Akademie Schloss Liebenau
(1) On our website we offer you the opportunity to find out about the further education and training courses offered by Akademie Schloss Liebenau and, if necessary, register online or by e-mail.
(2) It may be necessary for us to process your personal data for online registration for events. These are necessary to organise your participation and are set out in the respective input window. Compulsory data required for the organisation of participation are marked separately, other data are voluntary. We forward your payment data to our bank in the context of paid events. The legal basis for data processing is the participation contract entered into with you in accordance with Section 6(1), letter c), KDG.
(3) Due to commercial and tax law requirements, your address, payment and registration data shall be stored for a period of ten years. However, we shall restrict processing after two years, i.e. your data shall only be used to honour legal obligations.
Section 9 Donations
(1) We would like to inform you about our work and establish a good relationship with you. To honour our statutory purpose, we also rely on the support of your donations. Donations can be made to us online or via simple bank transfer to our specified donation account. When transferring your donation, please state your first and last name as well as your address on the transfer form or by e-mail so that we can correctly allocate your donation and, if necessary, issue a donation receipt.
(2) Online donation
a) To give you the opportunity to donate directly on our website, we use the donation tool of our order processor Altruja GmbH - Augustenstraße 62, D-80333 Munich. The information you enter in the donation tool, and therefore also your personal data, is transmitted to Altruja via a secure connection to process your donation. This ensures that Altruja only receives your data once you have completed and submitted the donation form. Once your data have reached Altruja, Altruja is also responsible for protecting your data. The data shall then be forwarded to us.
b) In order for your donation to reach us, you can choose between direct debit and PayPal as our payment service provider. If you choose direct debit, we shall forward your payment data to our bank, Sparkasse Bodensee, to execute the direct debit. If you choose Paypal, you shall be redirected directly to the Paypal website and enter your payment data there. From the moment of transfer, Sparkasse Bodensee or Paypal is responsible for processing your data.
Data Protection Policy of Sparkasse Bodensee >
Data Protection Policy of Paypal >
c) Your personal data are processed in the context of your online donation to honour your donation in accordance with Section 6(1), letter c), KDG.
d) ) In addition to your details, your IP address and the time and date of use are also collected and stored at the time of sending the donation form. This information is related to the payment process and due to Section 8, German Money Laundering Act, we undertake to store this information for up to ten years.
Section 10 Use of third party providers
Incorporation of YouTube videos
(1) We have incorporated YouTube videos in our online services. These videos are stored on YouTube and can be played directly from our website. These are all incorporated in “Extended data protection mode”, i.e. no data about you as a user are forwarded to YouTube if you do not play the videos. Only when you play the videos shall the data stated in paragraph 2 be forwarded by us to YouTube on the basis of your consent in accordance with Section 6(1), letter b) ,KDG, in conjunction with Section 41(1), KDG.
(2) We have no influence on further data processing, in particular the setting of Cookies, by YouTube. However, you can prevent the setting of Cookies in your browser settings.
(3) By clicking on the video, YouTube is informed that you have accessed the corresponding sub-page of our website. In addition, the data stated under this declaration are forwarded. This occurs regardless of whether YouTube provides a user account via which you are logged in or whether no user account exists. If you are logged-in to Google, your data shall be directly allocated to your account. If you do not wish this to be allocated to your profile at YouTube, you need to log-out before activating the button. YouTube retains your data as use profiles and uses them for advertising and market research purposes and/or tailor-made management of its website. Such an evaluation applies, in particular (including for users who are not logged-in), to provide tailor-made advertising and to inform other users of the social network about your activities on our website. You have the right object to the creation of user profiles, whereby will need to contact YouTube to exercise this right.
(4) Please refer to the Data Protection Policy for additional information about the purpose and scope of data collection and processing by YouTube. These also provide further information about your rights and settings options for protecting your privacy. Google processes your personal data in the USA as well.
Web fonts
(1) We use so-called web fonts, which were made available to us by Font Awesome and are integrated locally on our server )for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache to display texts and fonts correctly. No data are forwarded to third parties.
(2) Font Awesome is used in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Section 6(1), letter g), KDG.
(3) If your browser does not support Web Fonts, a standard font from your computer will be used.
(4) Further information about Font Awesome can be found here.
ReadSpeaker
(1) We use the ReadSpeaker reading service of ReadSpeaker GmbH, Am Sommerfeld 7, D-86825 Bad Wörishofen, Germany, Tel.: +49 8247 / 906 30 10, e-mail: deutschland@readspeaker.com.
(2) ReadSpeaker is a reading service for public internet content. When the “Read Aloud” button is clicked, the corresponding text is converted into an audio file and streamed to the user. In this context, the user’s IP is forwarded to the ReadSpeaker server. The process and the user's IP address are deleted from the ReadSpeaker server immediately after delivery of the audio file. ReadSpeaker does not store any personal data. All services are realised in Europe (Sweden and Ireland).
(3) We use this service and process your data based on our legitimate interest in the full functionality of our website. Section 6(1), letter g), KDG, forms the legal basis in respect of the processing. You can find more information on the handling of the forwarded data in the Data Protection Policy of ReadSpeaker.
(4) You can prevent the collection as well as the processing of your data by ReadSpeaker by deactivating the execution of script code in your browser or installing a script blocker in your browser (you can find this, for example, under NoScript or Ghostery).
Matomo
(1) We use the open source software tool Matomo (formerly PIWIK) on our website to analyse the surfing behaviour of our users. We have set Matomo such that no Cookie is stored on the user’s computer (for Cookies, see above). The following data are stored if individual pages of our website are called up:
- Two bytes of the IP address of the user’s calling system.
- The website called up
- The website from which the user accessed the accessed website
- The subpages called-up from the called-up web page
- The dwell-time spent on the website
- The frequency with which the website is accessed
The software runs exclusively on the servers of our website. Personal user data are only stored there. The data are not forwarded to third parties. The software is set in such a way that the IP addresses are not stored in full, but 2 bytes of the IP address are masked (ex: 192.168.xxx.xxx). This means it is no longer possible to assign the shortened IP address to the calling computer.
(2) The legal basis for the processing of the users’ personal data is our legitimate interest within the meaning of Section 6(1), letter g), KDG. The processing of the users' personal data enables us to analyse the surfing behaviour of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness.
(3) The data are deleted as soon as they are no longer required for our recording purposes.
(4) We offer our users the option of opting out of the analysis process on our website. To that end you need to follow the corresponding link. In this manner, a Cookie is, in fact, set on your system, which signals to our system not to save the user's data. If the user deletes the corresponding Cookie from their own system in the meantime, they must set the opt-out Cookie again. Further information about Matomo privacy settings can be found here.
Matomo opt-out
You have the option of preventing action you take here from being analysed and linked. This will protect your privacy, but will also prevent the owner from learning from your actions and improving usability for you and other users.
Your visit on this website is currently being recorded by the Matomo web analysis. Deselect this checkbox to opt-out.
Matomo Opt-Out
Section 11 Your rights
You have the following rights with regard to the processing of your personal data by us:
Information
You may request information at any time as to whether and which of your personal data we have stored. The provision of information by us is free of charge for you. The right to information does not exist or is restricted if and insofar as information requiring secrecy would be disclosed by the information, for example information subject to professional secrecy.
Correction
If your stored personal data that are incorrect or incomplete, you have the right to request that such data be corrected.
Erasure
You have the right to request the erasure of your personal data if and to the extent that the data are no longer needed for the purposes for which they were collected or if the processing is based on your consent and you have withdrawn your consent. You have the right to request the erasure of your personal data if and to the extent that the data are no longer needed for the purposes for which they were collected or if the processing is based on your consent and you have withdrawn your consent.
Restriction
You have the right to request the restriction of processing of your personal data.
Objection
If the processing of your data is based on Section 6(1), letter (g), KDG, you may object to the processing at any time. In the event of your justified objection, we shall examine the facts of the case and either discontinue or restrict the data processing or show you our compelling legitimate grounds on the basis of which we shall continue the processing.
Data portability
You may request the transfer of your data in a structured, common and machine-readable format to yourself or another controller.
Withdrawal
You may withdraw your consent granted to us at any time with effect for the future.
Complaint
You have the right to complain to the data protection supervisory authority if you are of the opinion that the processing of personal data concerning you violates provisions of the KDG or other data protection regulations (Section 48(1), sentence 1, KDG). The competent data protection supervisory authority is:
Katholisches Datenschutzzentrum
Haus am Dom
Domplatz 3
60311 Frankfurt
Telefon +49 69 800871-8800
Telefax +49 69 800871-8815
info(at)kdsz-ffm.de
www.kdsz-ffm.de
You may exercise your above rights, with the exception of the complaint, against us by sending your specific request by e-mail or by post to our contact details set out in Section 1(3) of this Data Protection Policy. Insofar as you have granted your consent by placing a corresponding tick, you may withdraw your consent by removing the tick.
Status: December 2020
