Dear visitors, we are delighted that you are visiting our website.
We want you to feel safe and comfortable. The protection of your privacy is very important to us.
The following data protection provisions are intended to inform you about our handling of the collection, use and transfer of personal data.
Responsible body
Create Lasting Change e.V.
P.O. Box 1147
83230 Bernau am Chiemsee
info@create-lasting-change.org
Usage data
In order to improve the quality and functionality of our websites and in the event of criminal prosecution, we store data on individual access to our pages for statistical purposes.
This record consists of
- the page from which the file was requested,
- the name of the file,
- the date and time of the query,
- the amount of data transferred,
- the access status (file transferred, file not found),
- Description of the type of web browser used,
- the IP address of the requesting computer
The legal basis for this data processing is Art. 6 para. 1 letter f DSGVO (legitimate interests of the responsible person).
The above-mentioned reasons also constitute a legitimate interest in data processing in accordance with Art. 6 Par. 1 letter f DSGVO.
Donation process
The following data may be collected as part of the donation process:
name, address, account
This data is used exclusively for the handling of the donation process and is transmitted and stored in accordance with the legal requirements to the companies involved in the payment process (banks, Payrexx, PayPal etc.). The legal basis for this data processing is Art. 6 para.1 b DSGVO (contractual obligation).
We offer the following payment procedures: Stripe, Credit card, Paypal. To execute the payment, the payment data will be transmitted to the corresponding payment service providers. The legal basis for this data processing is art. 6 para. 1 b DSGVO (contractual obligation).
Cookies
Technically required information to create the multilingual and easy to use website are stored only for the duration of your website visit in the server sided session. This session info gets destroyed when the browser window is closed.
Youtube videos are embedded according to DSGVO regulation and do not generate tracking cookie entries.You can set your browser to inform you when cookies are set and to allow cookies only in individual cases, exclude the acceptance of cookies or activate the automatic deletion of cookies when closing the browser.
Contact form
You can contact us at any time with questions or suggestions via a contact form. In order to answer your questions or send you feedback, we need the following information: Name, first name and e-mail address. We use these data exclusively for the above-mentioned purposes. The legal basis for the processing of the data transmitted in the course of using the contact form or sending an e-mail is Art. 6 para. 1 lit. f DSGVO. If the e-mail contact is aimed at the conclusion of a contract, an additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.
Social Plugins
Facebook
This website uses so-called social plugins of the social network facebook.com, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). They can usually be recognized by the "thumbs up" sign. An overview of Facebook's social plugins can be found here: https://developers.facebook.com/docs/plugins/.When you access this website, a connection is established between your browser and the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and integrated into the website by it. We therefore unfortunately have neither influence nor knowledge of the extent of the data that Facebook collects with the help of this plugin.
By integrating the plugin, Facebook receives the information that a user has called up the corresponding page of the offer. If you are logged in to Facebook, Facebook can assign the visit to your Facebook account. If you select (click on) the plugins, the corresponding information is transmitted directly from your browser to Facebook and stored there. Even if you are not a member of Facebook, it is possible that Facebook will find out and save your IP address. According to Facebook, however, the IP address is only stored anonymously in Germany.
Further information on the purpose and scope of data collection and the further processing and use of the data by Facebook along with information on rights and setting options can be found here: http://www.facebook.com/policy.php.
It is also possible to block Facebook social plugins with add-ons for your browser, for example with the "Facebook Blocker" or the add-on "AdBlock Plus" for Firefox. Further information on this can be found at http://t3n.de/news/blockierst-facebook-tracking-345091/.
Instagram
When you visit this Instagram page, Facebook collects, among other things, your IP address and other information that is stored on your PC in the form of cookies. This information is used to provide the BSI, as the operator of the Instagram pages, with anonymized statistical information about the use of the Instagram page.
The data collected about you in this context is processed by Facebook Ltd. and may be transferred to countries outside the European Union. Facebook describes what information Facebook receives and how it is used in its data usage guidelines. There you will also find information on how to contact Facebook and the settings options for advertisements. The data usage guidelines are available at the following link:https://help.instagram.com/519522125107875.
The complete data policy of the Instagram service can be found here:https://help.instagram.com/581066165581870/?helpref=hc_fnav.
Facebook provides information about the use of cookies in the cookie policy for the Instagram service:
https://help.instagram.com/1896641480634370/?helpref=hc_fnav.
We would like to point out that Facebook Ireland is able to track your user behavior (across devices for registered users) beyond the Instagram service on other websites by means of the cookies used. This applies both to those registered with the Instagram service and to those not registered there.
According to its own information, Facebook stores data until it is no longer needed to provide the services and Facebook products or until the user's account is deleted, whichever comes first. This depends on the circumstances of the individual case, in particular the type of data, why it is collected and processed and the relevant legal or operational storage requirements. You can find more information on the storage of data at https://de-de.facebook.com/about/privacy.
Webfonts
On this website we use web fonts (GoogleFonts, Adobe Typekit, Fonts.com or similar), i.e. fonts that may not be available on your device. For this service we use a font library. When you call up our website, web fonts are loaded from a server (Google, Adobe or similar). The IP address of the calling visitor may be transferred to the provider (e.g. Google, Adobe - Adobe Systems Inc., San Jose, California, USA).
The legal basis for this data processing is Art. 6 para. 1 lit. f DSGVO (legitimate interests of the person responsible). The operator has a legitimate interest in a clearly legible and structured presentation of fonts and content (usability) on the website.
Your rights as a user
a) Right to confirmation
Every data subject has the right to obtain information as to whether personal data concerning him/her are being processed.
b) Right to information (Art. 15 DSGVO)
Every person concerned has the right to receive free information about the personal data stored about him/her and a copy of this information.
c) Right of rectification (art. 16 DSGVO)
The data subject has the right to ask the data controller to rectify incorrect personal data concerning him/her without delay.
d) Right of cancellation (right to be forgotten) (art. 17 DSGVO)
Every data subject has the right to request that the personal data concerning him/her be immediately deleted, if one of the reasons stated by law applies and if the processing is not necessary.
e) Right to limitation of processing (Art. 18 DSGVO)
Every data subject has the right to request limitation of processing if one of the reasons specified by law applies.
f) Right to data transferability (Art. 20 DPA)
Every data subject has the right to obtain the personal data concerning him/her which he/she has provided to a controller in a structured, common and machine-readable format and to transfer such data to another controller without hindrance, provided that the processing is based on the consent pursuant to Art. 6 para. 1 letter a DPA or Art. 9 para. 2 letter a DPA or on a contract pursuant to Art. 6 para. 1 letter b of the DPA, and processing is carried out with the aid of automated procedures, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Remotely, when exercising his or her right to data transfer pursuant to Art. 20 Par. 1 DPA, the data subject has the right to obtain that personal data be transferred directly from one controller to another controller, insofar as this is technically feasible and provided that this does not adversely affect the rights and freedoms of other persons.
g) Right to withdraw data protection consent (Art. 13 DPA)
Every data subject has the right to withdraw consent to the processing of personal data at any time if the processing is based on Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a, without prejudice to the lawfulness of the processing carried out on the basis of the consent until the withdrawal.
h) Right of objection (Art. 21 DPA)
Every data subject has the right to object at any time, for reasons arising from his or her particular situation, to the processing of personal data concerning him or her that is carried out pursuant to Art. 6, paragraph 1 letters e or f DPA. Where personal data are processed for the purpose of direct marketing, the data subject shall have the right to object at any time to the processing of personal data relating to him/her for the purpose of such marketing, including profiling where it is linked to such direct marketing.
i) Automated decisions in individual cases including profiling (Art. 22 DPA)
Every data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him/her or significantly affects him/her in a similar way, provided that the decision- (1) is not necessary for the conclusion or performance of a contract between the data subject and the controller, or
- (2) is authorised by Union law or the law of the Member States to which the controller is subject and that law contains adequate measures to safeguard the rights and freedoms and legitimate interests of the data subject, or
- (3) with the express consent of the person concerned.
In the cases referred to in (1) and (3), appropriate measures shall be taken to safeguard the rights and freedoms as well as the legitimate interests of the data subject, which shall include at least the right to obtain the intervention of the controller, to put forward his point of view and to challenge the decision.
Duration for which personal data is stored
The criterion for the duration of the storage of personal data is the respective legally prescribed retention period. After this period has expired, the corresponding data is routinely deleted, provided that it is no longer required for the fulfillment of the contract or the initiation of a contract.
Foreign content
On the pages of our website, third-party content (e.g. YouTube videos or videos from other providers, Google Maps, RSS feeds or similar) may also be integrated. The providers of these contents usually save cookies on the user's computer. You can prevent this by adjusting your browser settings accordingly, but this may result in the content not being displayed correctly. In addition, many (third-party) providers store the IP address of the user in order to be able to send the corresponding content to the user's browser. Unfortunately, we have no influence on the use of the IP address by the (third-party) provider.
Right of complaint to the responsible supervisory authority
In the event of violations of data protection laws, the person concerned has a right of complaint to the responsible supervisory authority. This is the state data protection commissioner of the federal state in which our company has its headquarters. You can find a list of the data protection officers here.
