Kempff-Kulturstiftung - Privacy Policy

IMPRINT

Information according to § 5 TMG

Registered office:
Wilhelm-Kempff-Kulturstiftung
c/o Gutes Stiften GmbH
Koppenplatz 6
10115 Berlin
Germany

Supervisory authority:
Regierung von Oberbayern, Stiftungsaufsicht

Represented by:
Gutes Stiften GmbH as the board of directors, which is represented by the managing director Thomas Ebermann

Contact:
Tel.: +49 30 55 23 62 40
E-mail: info@kempff-kulturstiftung.de

Responsible for the content according to § 18 MStV:
Chairwoman of the Board of Trustees, Evelyn Meining

Conception, design and development

Brandenburger bureau steffi holz designs outstanding websites and concise brands. The agency's services range from in-depth consulting to the Realisation of professional and unique corporate presences.

Photo credits:

Disclaimer of liability: Liability for content. The content of our website has been created with the greatest care. However, we cannot accept any liability for the accuracy, completeness and topicality of the content. As a service provider, we are responsible for our own content on these pages in accordance with § 7 para.1 TMG (German Telemedia Act) and general laws. According to §§ 8 to 10 TMG, however, we as a service provider are not obliged to monitor transmitted or stored third-party information or to investigate circumstances that indicate illegal activity. Obligations to remove or block the use of information in accordance with general legislation remain unaffected by this. However, liability in this respect is only possible from the time of knowledge of a specific infringement. As soon as we become aware of such infringements, we will remove this content immediately.

Liability links: Our website contains links to external third-party websites over whose content we have no influence. Therefore, we cannot accept any liability for this third-party content. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Illegal contents were not recognisable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete evidence of an infringement. If we become aware of any legal infringements, we will remove such links immediately.

Copyright: The content and works created by the site operators on these pages are subject to German copyright law. Reproduction, editing, distribution and any kind of utilisation outside the limits of copyright law require the written consent of the respective author or creator. Downloads and copies of this site are only permitted for private, non-commercial use. Insofar as the content on this site was not created by the operator, the copyrights of third parties are respected. In particular, third-party content is labelled as such. Should you nevertheless become aware of a copyright infringement, please inform us accordingly. If we become aware of any infringements, we will remove such content immediately.

DATA PROTECTION

Data protection information

Provider and controller within the meaning of the General Data Protection Regulation („GDPR“):

Wilhelm-Kempff-Kulturstiftung
c/o Gutes Stiften GmbH
Koppenplatz 6
10115 Berlin
Germany

Contact:

Foundation headquarters, Munich
E-Mail: info@kempff-kulturstiftung.de

Responsible for the content according to § 55 Abs. 2 MStV:

Gutes Stiften GmbH as the board of the foundation, represented by the managing director Thomas Ebermann

Basic information on data processing and legal bases

This data protection notice informs you about the type, scope and purpose of the processing of personal data within our online offering and the associated websites, functions and content (hereinafter jointly referred to as "online offering" or "website") by the Wilhelm Kempff Kulturstiftung. Personal data means any information relating to an identified or identifiable natural person (see Article 4 No. 1 GDPR). Unless otherwise stated below, the terms "process" and "processing" also include, in particular, the collection, use, disclosure and transfer of personal data (see Article 4 No. 2 GDPR). The data protection information applies regardless of the domains, systems, platforms and devices used (e.g. desktop or mobile) on which the online offer is executed.

As part of this online offering, we process the following personal data that is transmitted to us by you as a user of the online offering:

Inventory data (e.g. names and email addresses of newsletter subscribers),
Usage data (e.g. the websites visited on our website) and
Content data (e.g. entries in comments).

The data collected as part of the application process is stored as follows. The personal data received in the context of applications for funding is stored on the basis of Art. 6 para. 1 lit. f) GDPR in accordance with section 5. The legitimate interest lies, among other things, in being able to counter any allegations of fraud and to defend against allegations of discrimination. A further legitimate interest lies in having the necessary information available for compliance with the application criteria. If the persons concerned give their consent, we will store their application documents permanently in order to take them into account for archiving and evaluation purposes. This consent can be revoked at any time.

The term "user" includes all categories of data subjects affected by data processing. This includes all visitors to our online offering. The terms used, such as "user", are to be understood as gender-neutral.

We only process users' personal data in compliance with the relevant data protection regulations. This means that user data is only processed if we have legal authorisation to do so. We process users' personal data for the following purposes if the relevant legal basis exists:

We process personal data insofar as this is necessary for the provision of our contractual services (e.g. processing of funding applications) and online services (Article 6(1)(b) GDPR).
We process personal data insofar as we are legally obliged to do so (Article 6(1)(c) GDPR).
We process personal data if the respective user has given their consent (Article 6(1)(a) GDPR).
We also process personal data insofar as this is necessary to safeguard our legitimate interests, unless the interests or fundamental rights of users take precedence (Article 6(1)(f) GDPR). In this respect, we process personal data for analysis, optimisation and to ensure the economic operation and security of our online offering, in particular when measuring reach.

Safety measures

We take organisational, contractual and technical security measures in accordance with the state of the art to ensure that data protection regulations are complied with and to protect the data processed by us against accidental or intentional manipulation, loss, destruction or access by unauthorised persons.

The security measures include in particular the encrypted transmission of data between your browser and our server.

Collection of access data and log files

Based on our legitimate interests within the meaning of Article 6(1)(f) GDPR, we collect data about every access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.

Log file information is stored for security reasons (e.g. to investigate misuse or fraud) for a maximum of seven days and then deleted. Data whose further storage is required for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified.

Cookies & reach measurement

Cookies are pieces of information that are transferred from our web server or third-party web servers to the user's web browser and stored there for later retrieval. Cookies can be small files or other types of information storage.

We use "session cookies", which are only stored for the duration of the current visit to our online presence (e.g. to enable the storage of your login status or the shopping basket function and thus the use of our online offer at all). A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. A cookie also contains information about its origin and the storage period. These cookies cannot store any other data. Session cookies are deleted when you have finished using our website and, for example, log out or close the browser.

Among other things, we use these cookies for pseudonymised reach measurement.

If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer. The legal basis for the processing of personal data using technically necessary cookies is the legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR, and the legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 lit. a GDPR if the user has given consent to this.

Newsletter

The following information explains the content of our newsletter as well as the registration, dispatch and statistical evaluation procedure and your rights of objection. By subscribing to our newsletter, you agree to receive it and to the procedures described.

Content of the newsletter: We only send newsletters, emails and other electronic notifications with advertising information (hereinafter "newsletter") with the consent of the recipient or with legal authorisation. If the contents of the newsletter are specifically described when registering for the newsletter, they are decisive for the user's consent. Our newsletters also contain information about our products, offers, promotions and our company.

Double opt-in and logging: Registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registering you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that no-one can register with other people's e-mail addresses. Subscriptions to the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes storing the time of registration and confirmation as well as the IP address. Changes to your data stored by the mailing service provider are also logged.

This website uses Mailchimp to send newsletters. Mailchimp is a service that can be used to organise and analyse the sending of newsletters.

Our newsletters sent with Mailchimp enable us to analyse the behaviour of newsletter recipients. Among other things, we can analyse how many recipients have opened the newsletter message and how often which link in the newsletter was clicked on. Conversion tracking can also be used to analyse whether a predefined action (e.g. purchase of a product on this website) has taken place after clicking on the link in the newsletter.

The data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the cancellation. If you do not want Mailchimp to analyse your data, you must unsubscribe from the newsletter. We provide a corresponding link for this purpose in every newsletter message.

The data you provide us with for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored by us for other purposes remains unaffected by this.

After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

You can find more details in Mailchimp's privacy policy at: https://mailchimp.com/de/help/about-the-general-data-protection-regulation/

Automated decision making

Automated decision-making does not take place.

Obligation to transmit data

You are neither legally nor contractually obliged to provide us with your personal data. However, if you do not provide us with certain data, we may only be able to provide you with our online services with restrictions or not at all.

Deletion of data

The data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. If the user's data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to user data that must be retained for commercial or tax law reasons.

In accordance with legal requirements, the retention period is 6 years pursuant to Section 257 (1) HGB (trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting vouchers, etc.) and 10 years pursuant to Section 147 (1) AO (books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.).

Revocation of consent

You can revoke your consent to the processing of personal data at any time free of charge and with effect for the future. This also applies to declarations of consent given before the GDPR came into force, i.e. before 25 May 2018.

The revocation of a declaration of consent can be sent by e-mail to info@kempff-kulturstiftung.de or in writing to

Wilhelm-Kempff-Kulturstiftung
c/o Gutes Stiften GmbH
Koppenplatz 6
10115 Berlin
Germany

Please note that the cancellation is only effective for the future. Processing that took place before the cancellation is not affected.

Your rights

You are entitled to the following rights if the legal requirements are met:

- Right to information: You have the right to information about the data stored by us, in particular for what purpose the data is processed and how long the data is stored (Article 15 GDPR).
- Right to rectification of inaccurate data: You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you (Article 16 GDPR).
- Right to erasure: You have the right to obtain from us the erasure of personal data concerning you. These conditions stipulate that you can request the erasure of your data if, for example, we no longer need the personal data for the purposes for which it was collected or otherwise processed, if we process the data unlawfully, or if you have legitimately objected or withdrawn your consent, or if there is a legal obligation to erase the data (Article 17 GDPR).
- Right to restriction of processing: You have the right to request that the processing of your data be restricted. This right exists in particular for the duration of the review if you have disputed the accuracy of the data concerning you, as well as in the event that you request restricted processing instead of erasure in the case of an existing right to erasure. Furthermore, processing will be restricted in the event that the data is no longer required for the purposes pursued by us, but you need the data for the assertion, exercise or defence of legal claims and if the successful exercise of an objection is disputed between us and you (Article 18 GDPR).
- Right to data portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format (Article 20 GDPR), provided that it has not already been erased.

If you wish to assert any of your rights or receive further information about them, please send an e-mail to info@kempff-kulturstiftung.de or in writing to

Wilhelm-Kempff-Kulturstiftung
c/o Gutes Stiften GmbH
Koppenplatz 6
10115 Berlin
Germany

Right of objection

If we process your data in accordance with Article 6(1)(e) or (f) GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation (Article 21 GDPR). We will stop processing your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defence of legal claims.

If you wish to object to the processing of your personal data, please send us an e-mail to info@kempff-kulturstiftung.de or in writing to

Wilhelm-Kempff-Kulturstiftung
c/o Gutes Stiften GmbH
Koppenplatz 6
10115 Berlin
Germany

Complaint to a supervisory authority

If you are of the opinion that we are violating the GDPR by processing your personal data, you have the right to lodge a complaint with a supervisory authority, e.g. the data protection authority responsible for your place of residence, your workplace or the location of the data protection violation.

A list of the German data protection supervisory authorities can be found here:
https://www.datenschutzkonferenz-online.de/datenschutzaufsichtsbehoerden.html

Changes to the privacy policy

We reserve the right to amend the privacy policy in order to adapt it to changed legal situations or in the event of changes to the service and data processing. However, this only applies with regard to declarations on data processing. If user consent is required or components of the privacy policy contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users.

Users are requested to inform themselves regularly about the content of the privacy policy.

Status 25.01.2024