Privacy policy

Data protection policy

1. Introduction

The protection of your personal data is of particular concern to us. With the following data protection declaration, we inform you about the purpose and scope of the processing of your personal data carried out on our websites.

2. Name and address of the responsible controller

The responsible controller as defined in the EU General Data Protection Regulation (GDPR) and other national data protection laws of the EU member states as well as other data protection-related provisions is:

S. Fischer Stiftung
legally represented by the Board of Management (Vorstand), Prof. Dr. Anne Bohnenkamp-Renken, Antje Contius (Executive), Clemens Greve, Stefan Liechentstein, Dr. Arno Mahlert (Chairman)
Neue Grünstraße 17
D-10179 Berlin
Phone.:+49-30-847-1211-10
Fax:+49-30-847-1211-19
office[at]s-fischer-stiftung.de

3. Name and address of the data protection officer

Neither according to Art. 37 para. 1 GDPR nor according to Art. 37 para. 4 sentence 1 GDPR in conjunction with. § 38 para. 1 sentence 1 BDSG, the S. Fischer Stiftung as the responsible party has to appoint a data protection officer.

4. General information on data processing

We collect and use the personal data of our users insofar as necessary for operating a functional website and delivering our content and services, and to the extent to which the law permits.

Legal basis for processing personal data

Whenever we obtain the consent from a data subject to process personal data, Art. 6 (1 a) GDPR serves as the legal basis for processing this personal data.

Whenever processing such data is necessary for compliance with a legal regulation, to which the S. Fischer Foundation is subject, Art. 6 (1 c) GDPR serves as the legal basis.

In cases for which processing is necessary to protect the vital interests of the data subject or of another natural person, Art. 6 (1 d) GDPR serves as the legal basis.

If processing is necessary for safeguarding the legitimate interests of the S. Fischer Foundation or of a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, Art. 6 (1 f) GDPR serves as the legal basis for processing this data.

Duration of storage of personal data

We reserve the right to retain the data subject’s personal data for as long as the purpose of such storage exists. If processing is permitted on the basis of the subject’s consent, his/her personal data is only stored until the data subject withdraws his/her consent, except in cases where processing is governed by a different legal basis.

5. Rights of the data subject

Right to rectification and erasure of personal data

The data subject has the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. The data subject also has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay as soon as the purpose of storage is no longer necessary. In cases where data processing is performed on the basis of consent, the right to erasure exists if the data subject withdraws his/her consent and no other legal grounds exist for processing the data.

Right to withdrawal

If permission to process personal data was granted by the consent of the data subject, he or she may withdraw his/her consent at any time. All processing of personal data performed prior to withdrawal remains lawful irrespective of the subject’s withdrawal.

Right to information

The data subject has the right to obtain confirmation from the S. Fischer Foundation whether it is processing any personal data concerning him or her. If such is the case, the data subject has a right to information regarding the type of personal data and the purpose for which it is being processed. The data subject also has the right to obtain information on the duration of the planned storage of his/her data, or on the criteria for determining how long his/her data is to be stored.

Recourse to the supervisory authority

Without prejudice to any other administrative or judicial remedy, the data subject shall have the right to lodge a complaint with a supervisory authority if he or she considers that the processing of personal data concerning him or her infringes the requirements of the GDPR.

An overview of the supervisory authorities can be found here:

https://www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html

The supervisory authority responsible:

Berliner Beauftragte für Datenschutz und Informationsfreiheit

Volker Brozio (permanent representative)

Friedrichstraße 219
Visitor entrance: Puttkamer Straße 16 – 18 (5. floor)
10969 Berlin

Telephone: 030/138 89-0
E-Mail: mailbox@datenschutz-berlin.de

Homepage: https://www.datenschutz-berlin.de

6. Provision of the website and webhosting

Scope of data processing

For every access query to our website, our server automatically collects data and information from the querying computer system.
This data is compiled in log files and saved on our server. The following data is collected in this process:

  1. information on the browser type and version
  2. the user’s operating system
  3. the user’s Internet service provider
  4. the user’s IP address
  5. Address and name of the retrieved web pages and files
  6. Transmitted data volumes
  7. the date and time of the query
  8. websites from which the user’s system was directed to our website
  9. websites which the user’s system accesses via our website

For the provision of our websites, we use infrastructure (storage space, computing capacity and software) that we rent with associated services from our service provider (“web hoster”) Alfahosting:

Alfahosting GmbH
Ankerstraße 3b, 06108 Halle (Saale)
Deutschland

Website: https://alfahosting.de
Data protection policy: https://alfahosting.de/datenschutz

An data processing agreement is provided by the service provider.

Legal basis for processing

The legal basis for temporarily processing data and log files is provided in Art. 6 (1 f) GDPR.

Purpose of processing

The temporary storage of the IP address on our server is necessary for granting the user’s system access to our website. For this purpose, the user’s IP address must remain stored on our server for the duration of the session.

Data storage in log files is required to ensure the functionality of the website. Furthermore, the data enables us to optimise the website and guarantee the security of our IT systems. Data analysis for marketing-related purposes is not performed in this context.

These purposes correspond to the legitimate interests of data processing as indicated in Art. 6 (1 f) GDPR.

Duration of storage of personal data

The data is erased at the conclusion of the respective session.

All data stored in log files is erased within seven days. The IP address is anonymized after 24 hours; for this purpose, the last octet is zeroed,  so that it is impossible to identify the querying client.

7. Use of cookies

Scope of data processing

Our website uses cookies. Cookies are small text files saved on or by the web browser, installed on the user’s computer system. Cookies are often saved on the user’s operating system whenever a user accesses a website. The file contains a distinctive sequence of characters which enables the browser to correctly identify a website when it is visited again.

The user has control over the use of cookies. He or she can, among other things, deactivate or restrict the transmission of cookies by changing the browser settings. Stored cookies can be deleted at any time.

We use cookies to improve the user friendliness of our website. Some elements on our website make it necessary to identify a querying browser after a page change. The following data is saved and transmitted through and by cookies:

  1. login information
  2. session settings

Legal basis for processing

The legal basis for processing personal data using technically necessary cookies is provided in Art. 6 (1 f) GDPR. The legal basis for processing personal data using cookies for other purposes for which respective consent is granted by the user is provided in Art. 6 (1 a) GDPR.

Purpose of processing

The purpose of using cookies is to make it easier for the client to use the website. Some functions on our website cannot be offered without cookies. Such functions require the browser to identify the user after a page change. These purposes correspond to the legitimate interests of processing personal data in accordance with Art. 6 (1 f) GDPR.

Duration of storage of personal data

Cookies are saved on the user’s computer which transfers them to our server. Consequently, as the user, you have complete control over how cookies are used by your system. By changing the settings in your web browser, you can deactivate or restrict the transmission of cookies to external websites. You can also delete all saved cookies on your system at any time. Restrictions on cookie usage can be managed automatically by your browser. If you choose to deactivate cookies for our website, it may prevent you from taking full advantage of all the features offered on this website.

We also use a cookie consent management process, under which user consent to the use of cookies can be obtained and managed and revoked by the user at any time.

8. Embedded features and content

We embed feature and content elements in our website that are obtained from the servers of a third-party provider. This may include, for example, the following content: Graphics, videos or interactive geographic maps.

The integration of this content requires that third-party providers process the IP address of the user. In addition, third-party providers may use so-called pixel tags for statistical or marketing purposes. With the help of pixel tags, the following information can be evaluated:

  • Usage data (e.g. websites visited, access times).
  • Meta and communication data such as device information or IP addresses
  • Contact data (e.g. e-mail, telephone numbers)
  • Content data such as submissions in online forms.

Legal basis for the processing

The legal basis for the processing of personal data is legitimate interests according to Art. 6 (1) lit. f GDPR.

Purpose of processing

The purpose of using embedded features and third-party content is to enable the presentation of our website and provide user-friendliness. Third-party providers may create profiles with user-related information using usage data, contact data, content data, and meta and communication data.

Further information on the services used

Google Analytics

This website uses the “Google Analytics” service, which is used to analyze website usage by users. This helps to optimize the user experience on our pages.

Service provider:

Google Ireland Limited
Gordon House
Barrow Street
Dublin 4, Ireland,

Parent company:
Google LLC
1600 Amphitheatre Parkway
Mountain View
CA 94043, USA

Google Fonts

Obtaining fonts and symbols (web fonts) for efficient and consistent display, taking into account possible restrictions under licensing law. The provider of the web fonts receives information on the user’s IP address as well as technical data (language settings, screen resolution, operating system, hardware used) in order to make the web fonts available in the user’s browser.

Service Provider:

Google Ireland Limited
Gordon House
Barrow Street
Dublin 4, Ireland,

Parent company:
Google LLC
1600 Amphitheatre Parkway
Mountain View
CA 94043, USA

Website: https://fonts.google.com/
Privacy policy: https://policies.google.com/privacy

Pinterest

Pinterest content such as images, videos, texts and buttons.

Service Provider:

Pinterest Inc.

635 High Street

Palo Alto

CA, 94301, USA

Website: https://www.pinterest.com;

Privacy policy: https://about.pinterest.com/de/privacy-policy.

Vimeo

Video content delivery

Service Provider:

Vimeo Inc.

Attention: Legal Department

555 West 18th Street New York

New York 10011, USA

Website: https://vimeo.com;
Privacy policy: https://vimeo.com/privacy

9. Email contact

Scope of data processing

On our website, users can personally contact the S. Fischer Foundation via email by using the email address provided for such purposes. In this case, the email together with the user’s personal data is saved on our server.

The user’s personal data is not shared with third parties in this context. The data is exclusively used for purposes of establishing and maintaining contact with the user.

Legal basis for processing

The legal basis for processing the user’s personal data, acquired as a result of the user sending an email, is provided in accordance with Art. 6 (1 f) GDPR.

Purpose of processing

The user’s personal data is processed only for the purpose of establishing and maintaining contact with the user. This corresponds to the legitimate interests of processing personal data in accordance with Art. 6 (1 f) GDPR.

Duration of storage of personal data

All personal data sent to us via email is deleted as soon as the respective dialogue with the user is concluded. The dialogue is deemed concluded when circumstances indicate that the issue in question has been clarified to the satisfaction of all parties.