Thank you for your interest in Gewaltfrei in die Zukunft! On this page you will find information and notes on the collection and processing of personal data by us and your associated rights in accordance with the General Data Protection Regulation (GDPR).

This privacy policy describes how we process your personal data when you visit our website, available at https://www.gewaltfrei-in-die-zukunft.de (hereinafter referred to as the “website”) or visit our social media presence. We hereby also comply with our duty to inform you in accordance with Art. 13 GDPR.

1. Responsible body

Responsible for the data processing that takes place on our website is:

Gewaltfrei in die Zukunft e.V.

  • Postfach 30 15 41
  • 10749 Berlin

Represented by

  • Stefanie Knaab (also authorized to represent alone) (CEO, Association chair)
  • Thomas Wied (CFO, Treasurer)
  • Dr. Caroline von der Heyden (Vice chair)

Disclaimer

We constantly check and update the information on our website. Despite careful checking, data may have changed in the meantime. No liability or guarantee can therefore be assumed for the topicality, correctness and completeness of the information. The same applies to the content on external websites that are connected to my website via links. The operators of these linked pages are solely responsible for their content.

Registry information

Register court

Amtsgericht Charlottenburg

Register entry

VR 38226B vom 16. Juni 2020

Contact details of the data protection officer

You can contact our data protection officer by post at the above address or at info@gewaltfrei-in-die-zukunft.de

2. Processing on our website

When you visit our website and use its functions, we process personal data. Under no circumstances are you obliged to provide us with personal data. However, we will generally not be able to provide you with our website and the services offered on it.

In the following sections, we explain which data we process, for what purposes, for how long and on what legal basis. You will also find out which recipients we pass on your data to. At the end of the privacy policy, you will also find information on our storage periods, general recipients and automated decision-making.

2.1. General use of the website

Purposes: When you visit our website, we process certain data to enable you to use our website and the functions it contains, such as the accessibility functions or the display of the fonts used on our website.

Categories of data: The data processed in the context of using the website regularly includes the IP address, which is necessary to be able to deliver the content to your end device, as well as all entries made by you within our website (e.g. choice of language, entries in forms, search functions or similar).

Recipients: IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany

  • Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
  • Skynet Technologies USA LLC, 3265 Summitrun Drive, Independence, KY, 41051

Legal basis: The legitimate interest in pursuing the purposes mentioned (Art. 6 para. 1 lit. f) GDPR).  

Storage duration: We do not store any personal data permanently for the stated purposes. 

2.2. Collection of access data and log files

Purposes: Access to our servers is stored in so-called server log files. The server log files can be used for security purposes, e.g. to avoid overloading the servers and to ensure the utilization of the servers and their stability. 

Categories of data: IP address, address and name of the web pages and files accessed, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page)

Recipients :

  • IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany

Legal basis: The legitimate interest in pursuing the purposes mentioned (Art. 6 para. 1 lit. f) GDPR).

Storage period: The server log files are stored for 30 days and then deleted. 

2.3. Consent management

Purposes: When you visit our website, we ask for your consent to store information on your end device (e.g. cookies) and to process your data for certain purposes. The consent is documented in order to meet our obligation to provide evidence and to technically control the setting of cookies. Cookies are also used for this purpose. You can adjust your settings and/or withdraw your consent at any time.

Categories of data: To obtain, manage and track your consent, your IP address, the date of your consent, a pseudonymous ID and your selected settings are stored.

Recipients :

  • IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany

Legal basis: The legitimate interest in pursuing the purposes mentioned (Art. 6 para. 1 lit. f) GDPR).

Storage period: The data is stored for 1 year and then deleted. 

2.4. Contacting

Purposes: When you contact us (e.g. via the contact form), your data will be processed insofar as this is necessary to answer your request and any follow-up measures.

Categories of data: Inventory data (e.g. names, addresses), contact data (e.g. email, telephone numbers), content data (e.g. entries in online forms). 

Legal basis: The response to contact requests in the context of contractual or pre-contractual relationships is carried out to fulfill our (pre-)contractual obligations (Art. 6 para. 1 lit. b) GDPR) and otherwise on the basis of the legitimate interests in responding to the inquiries. 

Recipients :

  • IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany
  • Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521, Ireland

Storage period: The data will be stored until the request has been answered and no further questions are asked.

2.5. Applications

Purposes: You can apply for a job with us in various ways, e.g. by e-mail. We will then process all the data you provide to decide on the establishment of an employment relationship, including all rights and obligations arising therefrom.

Categories of data: The data collected as part of the application (e.g. name, e-mail, telephone number, address, details of educational qualifications) will be processed for the purposes stated.

Recipients:

  • IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany
  • Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521, Ireland

Legal basis: The data is processed on the basis of Section 26 (1) BDSG.

Storage period: The storage period depends on whether an employment relationship is actually established following the decision-making process. If this is the case, your data will be stored by us for as long as is required by our rights and obligations within the meaning of Section 26 (1) BDSG. If no employment relationship is established, we will only process your data for up to six months after the decision-making process has been completed.

3. Processing of usage data and storage of information (“cookies”) on your end device

3.1 Why do we use cookies (and similar technologies)?

For the purposes mentioned above, we also store information on your end device and access information stored on the end device. This is done with the help of cookies or similar technologies such as local storage, session storage or IndexedDB (hereinafter referred to collectively as cookies for the sake of simplicity).

Some of these cookies are absolutely necessary so that we can provide you with our services (§ 25 para. 2 no. 2 TDDDG). Cookies that are not absolutely necessary for our services are only set with your express consent (Section 25 (1) TDDDG), which you can revoke at any time via the

Settings [...]

and revoke with effect for the future. You can also see which cookies are specifically stored and how long these cookies remain stored on your device there. There you will also find the assignment of cookies to the processing purposes and providers used as mentioned above. 

3.2 What types of cookies do we use?

We use permanent and temporary cookies (“session cookies”). Session cookies only remain on your device until you end your browser session. Persistent cookies remain stored on your device until they expire or are deleted.  

3.3 Analysis

Purposes: We use cookies and process personal data to analyze your use of our offers, to improve our service for you, to avoid bugs and to test new functions. Pseudonymized profiles are also created about your use, e.g. using a cookie ID. These profiles primarily contain information about your activities on our site and interactions with its elements. In addition to web analysis, we may also use test procedures, e.g. to test and optimize different versions of our online offering or its components.

Categories of data:

  • Pseudonymous usage data (e.g. websites visited and elements used there and technical details, access times), meta/communication data (e.g. device information).  
  • Interests
  • Demographic information
  • If users have consented to the collection of their location data, this may also be processed, depending on the provider.
  • The IP addresses of users are also stored. Where possible, particularly in connection with Google Analytics, we use an IP masking procedure (i.e. pseudonymization by shortening the IP address).

Service providers used:

  • Google Tag Manager and Google Analytics

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Transfers to third countries: Data may be transferred to the USA and possibly other third countries. Google's parent company Google LLC, is certified under the Data Privacy Framework, which ensures an appropriate level of protection during processing. Standard contractual clauses have also been concluded. You can access the standard contractual clauses here, here and here.

Cookies used: _ga and ga_ID, each with an expiration period of approx. 8 months.

Privacy policy: https://policies.google.com/privacy?hl=en-US

Legal basis: Art. 6 para. 1 lit. a) GDPR insofar as consent is obtained and Art. 6 para. 1 lit. f) GDPR for processing carried out in our legitimate interest in pursuing the purposes described.

Storage period: The data processed in Google Analytics is stored and processed by us for a period of 28 months. Otherwise, we do not store any personal data.

4. General information on recipients

When we process your data, it may be necessary to transfer or disclose your data to other recipients. Above in the sections on processing, we name the specific recipients as far as we can. If recipients are located in a country outside the EU, we will indicate this separately under the individual points listed above. If we do not expressly refer to an adequacy decision, there is no adequacy decision for the respective country. In these cases, we will agree suitable guarantees in the form of standard contractual clauses to establish an adequate level of data protection (unless other suitable guarantees such as Binding Corporate Rules exist). You can access the current versions of the standard contractual clauses at https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj

In addition to these specific recipients, there may also be transfers to other categories of recipients. These may be persons within our company, but also external recipients. These can be in particular

  • Our employees who are responsible for processing and storing the data and whose employment relationship with us is governed by a confidentiality obligation.  
  • Service providers who work for us as processors bound by instructions. These are primarily technical service providers whose services we use if we are unable to provide certain services ourselves or cannot do so effectively.

5. General information on the storage period

We generally process your personal data for the storage period described above. However, data is often processed for several purposes rather than just one, so that we may continue to process your data for one purpose even after the storage period has expired.The storage period specified for this purpose then applies. As soon as the last storage period has expired, we will delete your data immediately. 

6. Automated decision making

We do not use automated decision-making that has a legal effect on you or significantly affects you in a similar way.

7. What rights do you have in relation to the personal data provided?

You have the following rights, provided the legal requirements are met.

To assert them, you can use the contact addresses provided.

Art. 15 GDPR - Right of access by the data subject:

You have the right to request confirmation from us as to whether personal data concerning you are being processed and, if so, what these are and the detailed circumstances of the data processing.

Art. 16 GDPR - Right to rectification:

You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you also have the right to request the completion of incomplete personal data, including by means of a supplementary statement.

Art. 17 GDPR - Right to erasure:

You have the right to obtain from us the erasure of personal data concerning you without undue delay.

Art. 18 GDPR - Right to restriction of processing:

You have the right to demand that we restrict processing. 

Art. 20 GDPR - Right to data portability:

You have the right, in the case of processing based on consent or for the performance of a contract, to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from us, or to have the data transmitted directly to the other controller, where technically feasible.

Art. 77 GDPR in conjunction with Section 19 BDSG - Right to lodge a complaint with a supervisory authority:

You have the right to lodge a complaint with a supervisory authority at any time, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes applicable law. 

8. Right of objection and revocation in particular

Art. 21 GDPR - Right to object:

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is necessary for the purposes of the legitimate interests pursued by us or for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.If we process your personal data for direct marketing purposes, you have the right to object to this processing at any time.If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

You can object at any time with effect for the future via one of the contact addresses known to you.

Withdrawal of consent

You can revoke your consent at any time with effect for the future via one of the contact addresses known to you 

9. Automated decision making

We do not use automated decision-making that has a legal effect on you or significantly affects you in a similar way. 

10. Obligation to provide data

You have no contractual or legal obligation to provide us with personal data. However, without the data you provide, we will not be able to offer you our services.

 

 

Status: August 2024