Privacy policy

For questions, suggestions or comments concerning data privacy please contact our data protection commissioner:

Kerstin Herschel
External Data Protection Commissioner

PRODATIS CONSULTING AG
Landhausstraße 8
01067 Dresden
Germany

Tel.: +49 351 266 23 30
E-Mail: dsb [at] prodatis.com_cke_saved_href="mailto:dsb [at] prodatis.com"

arche noVa takes the protection of your personal data seriously. We treat your personal data confidentially and according to the legal data privacy regulations. All the data collected here will be kept strictly confidential within our area of responsibility and in accordance with the EU General Data Protection Regulation (GDPR) and with the country – specific laws applicable to us, such as the new Federal Data Protection Act (BDSG) or the Telemedia Act (TMA).


The processing is carried out either according to Art. 6 para. 1 lit. a GDPR on the basis of your consent, in accordance with Art. 6 para.1 lit. b GDPR to the fulfilment or initiation of a contract with you according to Art. 6 para.1 lit. c GDPR for the fulfilment of a legal obligation from us or on the basis in accordance with Art. 6 para. 1 lit. f GDPR for the protection of our legitimate interests.


In the following we inform about the collection of personal data when using this website. Personal data includes all data related to you personally, such as name, address, e-mail addresses, user behaviour. The use of our website is generally possible without providing any personal data. If personal data is collected on our website, it happens, if possible, on a voluntary basis.

 

 

Name and address of the person responsible for the processing

The responsible party in terms of the General Data Protection Regulation, other data privacy acts effective in EU member states and regulations of a data protection nature is:

arche noVa – Initiative for people in Need e.V.
Weißeritzstraße 3
01067 Dresden
Germany

Tel.: +49 351 | 27 18 32 - 0
Fax: +49 351 | 27 18 32 - 70

E-Mail: info [at] arche-nova.org
Internet: www.arche-nova.org

 

Name and Adress of the the Data Protection Commissioner

For questions, suggestions or comments concerning data privacy please contact our data protection commissioner::

Kerstin Herschel
External Data Protection Commissioner

PRODATIS CONSULTING AG
Landhausstraße 8
01067 Dresden
Germany

Tel.: +49 351 266 23 30
E-Mail: dsb [at] prodatis.com_cke_saved_href="mailto:dsb [at] prodatis.com"

 

Processing of data for provision of statutory services 

arche noVa processes data from supporters, interested parties, members or other persons according to Art. 6 para. 1 lit. b GDPR, if we offer them contractual services or are recipients of services or contributions ourselves. Apart from that, we process the data from the persons concerned in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interests, for example if it concerns administration work or public relations. We process our donors personal data and payment details (such as bank details, payment history) to issue donation confirmations, provision of services and donor care. We do not lease nor sell our donors’ or supporters’ addresses to other companies or organizations. The   processing of personal data can be carried out with or without the aid of data processing systems and includes the following activities: collection, recording, organisation, organizing, saving, adaptation or alteration, sorting, retrieval, use, disclosure by means of conveyance, dissemination or another form of provision, comparison or combination, limitation, deletion or elimination. We process your personal information which you communicate to us through this website, only for the correspondence with you and only for the purpose for which you provided us this data.

We delete the data that is no longer necessary for the provision of our statutory and business purposes. This is determined corresponding to the respective tasks and contractual relations. Your personal data which has been communicated to us through our website will only be saved until the purpose for which we have been entrusted with the data is met and storing is necessary. So far as commercial, fiscal or administrative retention periods are to be taken into account, the storage period for certain data can amount to 6 or 10 years.

 

Your Rights

By using the contact data below you may exercise the following rights at any time: information about the data saved about you and its treatment, right to data transfer in a machine-readable form, correction of inaccurate data, deletion of your data stored with us, restriction of data processing provided that we are not yet allowed to delete your data on the basis of legal obligations, opposition to the processing of your data and data availability, provided that you have agreed to the data processing or closed a contract with us.

Provided that you have granted us consent you can revoke it with future effect at any time. You can address a complaint to your local supervisory authority at all times.

 

Contacting

Upon contacting, for example via contact form, e-mail or telephone the user’s details for processing handling the request are disseminated in accordance with Art. 6 para. 1 lit. b GDPR. Data can be stored in a donor administration system (donation – “CRM-system”). Edited or obsolete requests will be deleted.
A regular check is carried out as to what extent further storage is necessary.

 

Privacy Policy in application procedure

We process the applicant data only for the purpose and in the context of the application process in accordance with the legal requirements. The processing of the applicant data takes place in order to fulfill our pre-contractual obligations within the framework of the application procedure within the meaning of Art. 6 lit. (1) sentences b and f GDPR.

 

Encrypted Data Transmission

All data is transmitted by the so - called SSL-Technology through an encrypted connection. The SSL Certificate required for this which is installed on our server was issued by an independent organization.

 

Collection of Access Data and Server Log Files

With each access to our website we automatically collect and store the information your browser leaves during your use of our website and every time a file is opened temporarily in Server Log Files. Prior to storing each data record is made anonymous by changing the IP address. In detail, the following data is stored upon every access/retrieval:

•    anonymised IP address
•    date and time of retrieval
•    accessed page/name of accessed page
•    web browser and requesting domain
•    amount of data transmitted
•    message if access was successful

The processing is carried out according to Art. 6 para.1 lit. f GDPR on the basis of our legitimate interest in the stability and functionality of our website.
The personal data may not be passed on to third parties or used in any other way. But we do reserve the right to check the server log files afterwards should there be concrete indications for unlawful use.

 

Cookies

Websites partially use so-called cookies. Cookies do not cause any damage to your computer and do not contain any viruses. Cookies serve to make our offers more user-friendly, more effective and safer. Cookies are small text files which get saved on your computer and stored by your browser. Through the use of cookies we collect and process certain user information from you in the respective individual extent of the text files such as browser details, location data and IP address. Most of the cookies used by us are so-called “session-cookies”. They will be deleted automatically after the end of your visit. Other cookies stay on your terminal device until you delete them. Those cookies enable us to recognise your browser at your next visit. You can adjust your browser so that you will be informed about the placement of cookies as well as accept them only in individual cases, refuse them in certain cases or at all times or activate the feature of automatic deletion when closing the browser. When cookies are deactivated the functionality of this website may be limited.

 

Information about the newsletter

As a service feature we offer users our regular newsletter. We use the list provider MailChimp to mail the newsletters. To subscribe to the newsletter you only need your e-mail address, all other data can be given voluntarily.
MailChimp is an offer from The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318 (“Rocket”). We trust in MailChimp’s reliability as well as IT and data security. MailChimp is certified under the US-Eu Data Protection Agreement “Privacy Shield” and thus commits itself to adhere to the EU Data Protection requirements. MailChimp is used based on our legitimate interests according to Art. 6 para.1 lit. f GDPR and on a processing contract in accordance with Art. 28 para.3 lit. 1 GDPR.

Upon registration the so-called double opt-in method is used, that means that after registration you receive an e-mail in which you reconfirm your registration. Only after that the newsletter will be activated for you. If you subscribe to our newsletter the data you provided upon registration will be transmitted to MailChimp and stored there. The data provided upon registration will not be forwarded to third parties. Apart from that, MailChimp offers different analytic options as to how the sent newsletters can be opened and used, for example to how many users an e-mail has been sent, if e-mails have been rejected and if users have unsubscribed from the list after receiving an e-mail. In addition to that MailChimp uses the analytic tool Google Analytics and includes it, where appropriate, in the newsletter.
These analyses are group-related and will not be used by us for individual evaluation.
They solely serve to improve the content of our newsletter.

Further information on data protection at MailChimp is available at: http://mailchimp.com/legal/privacy/

You can revoke your consent to the use of your e-mail address to send the newsletter at any time. The revocation can be carried out via a link in the newsletters or via message to info [at] arche-nova.org.

 

Piwik/Matomo

We measure the range of our online offer on the basis of the legitimate interests according to Art. 6 para.1 lit. f GDPR, that means interest in the analysis and optimization of the offer. The following data will be processed: browser type and browser version, the operating system in use, date and time of the server request, country from which the request is made, number of visits, length of stay as well as used external links. For the processing Piwik/Matomo uses so-called cookies. These will be stored on the users’ computers and enable an analysis of the use of our offer. The data will be collected anonymously. Cookies will be saved for a week, the information generated therefrom about the use of the website will be stored exclusively on our server and not be forwarded to others. In order to object to the data collection so-called Opt-Out cookies can be created, thus session data will not be collected via the browser used. If you clear the cookies from your browser this Opt-Out cookie will also be deleted and has to be regenerated.

 

OpenStreetMap

Within this website cartographical material from Openstreetmap Foundation, 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom, more precise: from the service OpenStreetMap (OSM), is included for the display of an interactive map. OSM is an open-source mapping tool. To our knowledge the users‘ data is used by OpenStreetMap solely for the purpose of displaying the map functions and intermediate storage of chosen settings. This data may include IP addresses and users’ location data in particular, which, however, cannot be collected without their consent (as a rule within the framework of the settings of your mobile devices). When including the map data we refer to Art. 6 para. 1 lit. f GDPR, that means as a website operator we have a legitimate interest in improving our website’s user friendliness. Information about data protection and legal conditions at Openstreetmap is available under the following links:

https://wiki.osmfoundation.org/wiki/Privacy_Policy#Map_Data
https://wiki.osmfoundation.org/wiki/Licence/Licence_and_Legal_FAQ

 

 

YouTube videos

On our website we embed YouTube videos. The operator of the respective plugins is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. Normally your IP address will be sent to YouTube when opening a page with embedded videos and cookies will be installed on your computer. However, we have integrated our You Tube videos with the extended data protection mode (in this case You Tube still establishes contact with Google’s service Double Klick, yet according to Google’s data protection statement personal data will not be analysed). Thus information about the visitors will not be stored by You Tube unless they watch the video. If you click on the video your IP address will be forwarded to You Tube and You Tube finds out that you have watched the video. If you are logged into You Tube this information gets assigned to your user account (you can prevent this by logging out of You Tube before watching the videos). We have no knowledge of and no influence on the possible collection and use of your data by You Tube.
Generally the storing of cookies for the Google ad programme can be deactivated (this is possible via the following link: https://adssettings.google.com/authenticated?hl=de), however You Tube also places non-personal user information in other cookies. If you want to prevent this you must block the storing of cookies in your browser.
Further information about You Tube’s data protection can be found in the provider’s privacy policy at: https://www.google.de/intl/de/policies/privacy/

 

 

Social Media

We offer you on our website the chance to use so-called “Social-Media-Buttons”.
For the implementation we rely on the solution “Shariff” in order to protect your data.
Hereby these buttons are integrated in the website only as a graphic which include a link to the button providers’ respective websites. Upon clicking on the graphic you will be forwarded to the services of the respective providers. Only then your data will be sent to the respective provider. Provided you do not click on the graphic there will be no exchange between you and the providers of the Social-Media buttons.
Information about the collection and use of your data in social media can be found in the providers’ respective terms of use. You can find more details on the Shariff solution here: http://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html

On our website we included the Social-Media buttons of the following companies: Facebook, Twitter, YouTube, Instagram

 

Information about donations

If you would like to donate online, whether with a one-time donation or a regular support contribution, you can do so via our donation form. The donation form is integrated through Javascript, it concerns the service “Fundraisingbox” from Wikando GmbH, Schießgrabenstraße 32, 86150 Augsburg, Germany.
Upon using the donation form the data will be forwarded to this company. “Fundraisingbox” is used based on our legitimate interests according to Art. 6 para. 1 lit. f GDPR and on a processing contract according to Art. 28 para. 3 lit. 1 GDPR. Depending on the chosen form of payment your data will be forwarded to the respective financial service provider: when using direct debit payment it will be forwarded to our principal bank, SozialBank, Konrad-Adenauer-Ufer 85m 50668 Cologne, Germany when using payment via PayPal it will be forwarded to PayPal (Europe) S.à r.l. & Cie, S.C.A., 5th floor, 22-24 Boulevard Royal, L-2449 Luxembourg, when paying by credit card it is forwarded to Micropayment GmbH, Scharnweberstraße 69, 12587 Berlin, Germany when paying via instant transfer to SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany. In any case your data will be stored and kept for ten years together with information on the donation amount, donation frequency and purpose/project.

 

Trademark Rights

All mentioned trademarks, used logos and registered brands belong to the respective owners and are hereby accredited.

 

Change and Adaptation of the Privacy Policy

In order to ensure that the privacy policy always meets the legal framework conditions and requirements we reserve the right to adapt it. For a later visit to our website the at this time current data protection regulations apply.

 

Data Protection Commissioner

To ensure the quality of our data protection measures we employed Ms. Kerstin Herschel from Prodatis Consulting AG as an independent, external data protection commissioner. If you have any questions concerning data protection, please contact her at datenschutz [at] arche-nova.org.

The appointment of the data protection officers was made by the Management Board without the involvement of Management Board member Cornelia Trentzsch, as she is the Chairwoman of the Supervisory Board of Prodatis Consulting AG. The independence of the data protection officers is thus ensured.

 

 

Teilen: