Privacy policy

We, the website owner, are taking the protection of your personal data very seriously. We will keep your personal data confidential and adhere to the legal data protection regulations.

In general, you can use our website without giving personal data. In case a data subject wants to make use of special services provided by our company through our website, processing of personal data might be required. As far as personal data will be collected on our websites, this will be optional where possible. This data will be used for the purpose specified and will not be passed on to third parties without your explicit consent. Personal data, for instance name, address, e-mail address or phone number, is processed according to the requirements of the EU’s General Data Protection Regulation (EU GDPR), the Federal Data Protection Act (new) (BDSG new), the applicable data protection rules of the federal states and the German Digitale Dienste Gesetz (DDG).

We inform you that data transfer via the Internet (as in e-mail communication) can have safety flaws. It is impossible to protect data completely from third parties. You can always convey personal date to us using alternative means, for instance over the telephone.

1. Name and address of the controller

Controller in accordance with the General Data Protection Regulation:

Wohlfahrtswerk für Baden-Württemberg
Schloßstraße 80, 70176 Stuttgart
Phone: +49 711 61926-0 Fax: + 49 711 61926-199
E-mail: info@wohlfahrtswerk.de

Wohlfahrtswerk für Baden-Württemberg is a foundation under German Civil Law and a member of Deutscher Paritätischer Wohlfahrtsverband

Board:
Ingrid Hastedt (chair)
Manuel Arnold

2. Name and address of the data protection officer and supervisory authority

Data protection officer
Alpaslan Kücükelci
Phone: +49 711 61926-108, E-mail: datenschutz@wohlfahrtswerk.de

If you have any questions or suggestions concerning data protection do not hesitate to contact our data protection officer at any time.

Supervisory authority
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit
Postfach 10 29 32
70025 Stuttgart
Phone: +44 711 615541-0, E-mail: poststelle@lfdi.bwl.de

Every data subject has the right to lodge a complaint with the supervisory authority.

3. Legal basis for processing of personal data

3.1 Insofar as we obtain the consent of the data subject for the processing of personal data, art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis.

3.2 When processing personal data required for the performance of a contract to which the data subject is party, art. 6 para. 1 lit. b General Data Protection Regulation serves as the legal basis. This also applies to any processing required for pre-contractual provisions. 

3.3 If processing of personal data is required for compliance with a legal obligation our company is subject to, art. 6 para. 1 lit. c General Data Protection Regulation serves as the legal basis.

3.4 In case vital interests of the data subject or another natural person make the processing of personal data necessary, art. 6 para. 1 lit. d General Data Protection Regulation serves as the legal basis.

3.5. If processing of personal data is necessary for the performance of a task that is in the public interest or in the exercise of official authority vested in the controller, art. 6 para. 1 lit. e General Data Protection Regulation serves as the legal basis.

3.6. If processing of personal data is necessary for the purposes of the legitimate interests pursued by our company or by a third party and these interests are not overridden by the interests or fundamental rights and freedoms of the data subject, art. 6 para. 1 lit. e General Data Protection Regulation serves as the legal basis.

3.7. As part of our services we can furthermore process special data categories in accordance with art. 9 para. 1 GDPR, in particular personal data concerning health. In this case, we will obtain explicit consent of the data subject in accordance with art. 6 para. 1 lit. a., art. 7, art. 9 para. 2 lit. a. GDPR and will apart from that process the specific data categories for the purposes of preventive medicine based in art. 9 para. 2 lit h GDPR and § 22 para. 1 no. 1 b Federal Data Protection Act.

3.8. In our capacity as a care facility we process personal data for exercising a contract governing medical treatment in accordance with art. 6 para. 1 lit. b in conjunction with art. 9 para. 2 lit. h GDPR. If processing personal data is necessary to fulfil a legal obligation, the legal basis is art. 6 para. 1 lit. c in conjunction with art. 9 para. 2 lit. h GDPR in conjunction with special legal provisions. E.g. certain personal data can be transferred to third parties, in particular social security institutions, in accordance with §§ 294 ff. of Book V of the German Social Code as well as the obligation of documenting nursing care as per § 113 of Book 11 of the German Social Code or the special provisions of Baden-Württemberg’s residence, participation and care act as well as the housing and care contract act applicable at the federal level. If, in the case of an emergency, processing personal data is necessary to protect the vital interest of the data subject, art. 6 para. 1 lit. d in conjunction with art. 9 para 2 lit. c GDPR serves as the legal basis. All further processing of personal data, that is not based on any of the aforementioned legal foundations, is done via consent in accordance with art. 6 lit. a GDPR.

4. Deleting and blocking data

We process and store your personal data for as long as necessary to accomplish the set purpose or for as long as it is stipulated by the General Data Protection Regulation or another legislative body in laws or regulations that the controller is subject to.

If the purpose ceases to exist or a storage period stipulated by the European regulatory body or another competent legislative authority expires, the personal data are routinely and in accordance with the legal requirements blocked or deleted. 

5. Cookies

The Wohlfahrtswerk’s websites use cookies. Cookies are text files that a website files and stores on a computer system via an internet browser. Websites and servers use cookies. Cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It contains a string of characters used to correlate websites and servers to the specific web browser where the cookie was stored. This enables the websites you visit to distinguish your individual browser from other browsers containing different cookies. A specific web browser can be recognized and identified using the unique cookie ID.

Using cookies, we can offer the users of this website user-friendly services which would not be possible without using cookies.

Using a cookie, the information and offers on our website can be optimised on the users’ behalf. Cookies allow us to recognize users of our website, as mentioned above. The purpose of this is to facilitate the use of our website. For instance, users of a website that uses cookies do not need to enter their access data every time they visit the site, because this can be taken from the website and the cookie stored on the user’s computer system.

The data subject can prevent cookies from being stored through our websites any time by changing the settings of the web browser they use and thereby can permanently refuse cookies. Cookies that have already been stored may be cancelled at any time using a web browser or another software. This is possible in all established web browsers. If the data subject deactivates cookies in the web browser they use this can lead to some of the features on our website not working to their full extent.

6. Collecting general data, log files and information

Every time a data subject or an automated system accesses a website, a series of general data and information is collected. This data and information is saved in the log files of the server.
The data collected may include

  • browser type and version used,
  • the operating system used by the system accessing the website,
  • the website from which the system accessed our website (so-called referrers),
  • which sub-websites are being accessed on our website,
  • data and time of access,
  • an Internet protocol address (IP address),
  • the Internet service provider of the system accessing the website,
  • as well as other similar data and information that can help with defending against attacks on our IT systems.

When using this general data and information we do not draw conclusions on the data subject. Rather, the information is necessary

  • to correctly display our website’s content,
  • to optimise our website and advertising on it,
  • to ensure permanent functioning of our IT systems and the technology behind our website, as well as
  • to provide law enforcement authorities with the information needed for law enforcement in the case of a cyberattack.

This data and information, which is collected anonymously, is statistically analysed in order to increase data protection and data security in our company to guarantee the ideal protection level for the personal data we process. The anonymous data of the server log files are stored separately from all personal data given by a data subject.

7. Registration on the website

Users of our website can register using personal data for instance via a contact form, online advertising, donations or to register for a seminar. The personal data transmitted in each case depends on the input mask used for registration. The personal data entered by the data subject will be collected and stored only for internal use and used for our own ends. The controller responsible for processing the data can arrange for the data to be transferred to one or more processors, for instance, a parcel service, who will also only use the personal data for internal use, which has been assigned to the controller.

When registering on the website, the Internet service provider (ISP) stores the IP address of the data subject, as well as date and time of the registration. These data are stored against the background of this being the only way to prevent a misuse of our services. The data can, if necessary, be used to clear up criminal acts and copyright infringements. Therefore, storing these data are required as a safeguard. These data are generally only passed on to third parties if there is a legal obligation or the disclosure serves law enforcement.

Registering a data subject with voluntary given personal data helps us to offer content and services, that due to the nature of things can only be offered to registered users.  Registered persons are free to have the personal data given at registration fully deleted from our stored data.

Wohlfahrtswerk will inform the data subject on request of which personal data are being stored in connection with the data subject at any time. We correct and delete personal data if requested by the data subject as far as there is no legal obligation to retain data to the contrary. Your contact persons are the data protection officer named in this privacy policy and the persons responsible for processing personal data. 

8. Data privacy rights

8.1 Right of confirmation

According to the European regulatory body, the data subject has the right to obtain from the controller confirmation as to whether or not personal data concerning them are being processed. If a data subject wants to use this right of confirmation, they can at any time contact our data protection officer or another member of staff responsible for processing.

8.2 Right of access

According to the European regulatory body, the data subject has the right at any time and free of charge to get information on the personal data stored about them from the controller, as well as to get a copy of this information. The European regulatory body grants the data subject access to the following information:

  • the purposes of the processing
  • the categories of personal data that are being processed
  • the recipients or categories of recipients to whom the personal data have or will be disclosed, in particular when it comes to recipients in third countries or international organisations
  • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period
  • the existence of a right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing
  • if the personal data are not collected from the data subject, all available information on the origin of the data
  • the data subject has a right to access the information whether personal data were transferred to a third country or an international organisation. If this is the case, the data subject furthermore has the right to be informed on the appropriate safeguards when it comes to transferring the data.

If a data subject wants to use this right of access, they can at any time contact our data protection officer or another member of staff of the controller.

8.3 Right of rectification

According to the European regulatory body, the data subject has the right to demand the rectification of inaccurate personal data without undue delay. The data subject has the right to demand the completion of incomplete personal data - where appropriate accompanied by an additional explanation, under due consideration of the purposes of processing.

If a data subject wants to use this right of rectification, they can at any time contact our data protection officer or another member of staff responsible for processing.

8.4 Right of erasure (right to be forgotten)

According to the European regulatory body, the data subject has the right to demand from the controller to erase the personal data concerned without undue delay where one of the following reasons applies and insofar as processing is not required:

  • The personal data were collected or otherwise processed for purposes for which they are no longer necessary.
  • The data subject withdraws the consent the processing was based on in accordance with art. 6 para. 1 lit. a GDPR or art. 9 para. 2 lit. a GDPR, and there is no other legal basis for processing.
  • The data subject objects to the processing in accordance with art. 21 para. 1 and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing in accordance with art. 21 para. 2.
  • The personal data have been unlawfully processed.
  • The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
  • The personal data have been collected in relation to the offer of information society services referred to in art.  8 para 1 GDPR.

If one of the reasons mentioned above applies and the data subject wants to have the personal data stored at Wohlfahrtswerk erased, they can at any time contact our data protection officer or another member of staff of the controller.

The data protection officer or another member of staff will arrange for the demand of erasing the personal data to be complied with without undue delay.

Where Wohlfahrtswerk has made the personal data public and is obliged in accordance with art. 17 para. 1 GDPR to erase the personal data, Wohlfahrtswerk, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data, insofar as processing is not required. The data protection officer or another member of staff will take the necessary steps on an individual basis.

8.5 Right to restriction of processing

The data subject has the right granted by the European regulatory body to demand from the controller restriction of processing where one of the following applies:

  • The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
  • The processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead.
  • The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims.
  • The data subject has objected to processing pursuant to art. 21 para. 1 pending the verification whether the legitimate grounds of the controller override those of the data subject.

If one of the requirements mentioned above exists and a data subject wants to demand the restriction of personal data stored at Wohlfahrtswerk, they can at any time contact our data protection officer or another member of staff of the controller. The data protection officer or another member of staff will arrange for the restriction of processing to be implemented.

8.6 Right to data portability

The data subject has the right granted by the European regulatory body to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used and machine-readable format. They furthermore have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on consent in accordance with art.6 para. 1 (a) GDPR or art. 9 para. 2 (a) GDPR or on a contract in accordance with art. 6 para. 1 (b) GDPR and the processing is carried out by automated means insofar as processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

In exercising their right to data portability in accordance with art. 20 para. 1 GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible and as far as this does not adversely affect the rights and freedoms of others.

To establish this right of data portability, the data subject can at any time contact the data protection officer appointed by Wohlfahrtswerk or another member of staff.

8.7 Right to object

The data subject has the right granted by the European regulatory body to object at any time to processing of personal data concerning them which is based on art. 6 para. 1 lit. e or f GDPR, on grounds relating to their particular situation.

If the data subject objects, Wohlfahrtswerk will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or if the processing serves for the establishment, exercise or defence of legal claims.

Where Wohlfahrtswerk processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data for such marketing. Where the data subject objects to Wohlfahrtswerk processing data for direct marketing purposes, the personal data shall no longer be processed for such purposes.

Furthermore, the data subject, on grounds relating to their particular situation, has the right to object to processing of personal data concerning them processed for scientific or historical research purposes or statistical purposes in accordance with art. 89 para. 1 GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

In order to exercise this right to object, the data subject can at any time contact Wohlfahrtswerk’s data protection officer or another member of staff.

The data subject is free to exercise their right to object by automated means using technical specifications in the context of the use of information society services, and notwithstanding Directive 2002/58/EC.

8.8 Right to withdraw consent

The data subject has the right granted by the European regulatory body to withdraw consent to the processing of personal data at any time.

If the data subject wants to exercise their right to withdraw consent, they can at any time contact our data protection officer or another member of staff of the controller.

9. SSL encryption

Our website uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the inquiries you send to us as the website operator. You can recognize an encrypted connection by the browser address bar changing from "http://" to "https://" and by the lock symbol in your browser bar. If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

10. Technologies employed

11. Information on data protection referring to the processing of online meetings, seminars and applications via “Zoom” video conference system

11.1 For what purpose and on what legal basis do we process your data?

We process your data in connection with the use of the Zoom video conference system in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG-neu) for the following purposes:

  • Carrying out meetings, workshops, group work or lectures within the company group and externally with customers and partners.
  • Carrying out online seminars and job interviews.  

Insofar as this is necessary for the decision on the establishment of an employment relationship with us, processing is based on 26 BDSG-neu and on Art. 6 para. 1 lit. b GDPR for the initiation or implementation of contractual relationships.
Furthermore, we can process your data if there is an interest of effective communication using video conferences based on art. 6 para.1 lit. f GDPR. If you consent to us processing your data for certain purposes, the legitimacy of this processing is based on your consent as per art. 6 para. 1 lit. a GDPR.

Right to object: You have the right to object to a voluntary consent into the processing of your data without giving reasons and without this resulting in any disadvantages for you. We will then no longer process your data, unless we can provide evidence of compelling legitimate grounds for processing that prevail over your interests, rights and freedoms, or if the processing serves the purposes of enforcing, exercising or defending legal rights. A withdrawal only applies to processing planned for after the withdrawal.


11.2 What data will be processed for the video conference system?

  • Carrying out online meetings: User information (surname, name, e-mail address, password). 
  • Meeting meta data: Subject description, time of participation. 
  • When dialling-in by phone: Phone records. 
  • Text, audio and video data: User input during the meeting, location information for the technical provisioning of the service.

11.3 To whom do we transfer your data?

Your data will be transferred to each party involved for preparing and carrying out the video conference. Furthermore, we will transfer your data within our company to those areas and persons exclusively who need to have them in order to perform contractual and legal obligations. Your data will be processed acting on our instruction based on data processing contracts as per art. 28 GDPR.

Within our company group, our data will be transferred to certain companies if these exercise data processing tasks for all companies connected in the group (e.g. salary administration, IT services). Company group: Wohlfahrtswerk für Baden-Württemberg and all subsidiaries Wohlfahrtswerk Altenhilfe GmbH, Wohlfahrtswerk Management und Service GmbH, Wohlfahrtswerk Bau- und Immobilienmanagement GmbH, further company departments commissioned with processing tasks concerning compliance with obligations.

The service provider Zoom is based in the US. Your data will not be transferred and processed in a third country. Zoom meetings take place exclusively on servers in data centres of our processor in Europe (Germany, Austria, Switzerland). Zoom's technical measures were adapted by the operator to meet our requirements and the requirements of data protection.

11.4 Will meetings be recorded and saved?

We will not automatically record meetings. Your data, that has been processed during the video conference, will be erased as soon as the purpose for processing ceases to exist.  Recordings are only made with the consent of the participants concerned and only insofar as this is necessary within the framework of the applicable law or in the specific case for the establishment, exercise or defence of legal claims for the duration of a legal dispute and is necessary for official purposes or for the specific performance of tasks.

The participants will be informed about the recording before it is started in order to obtain their approval. If participants do not consent, they have the option to turn off microphone and camera and not use the chat but stay in the online meeting. Alternatively, the participants log out but will be given the option to access the recordings later.

11.5 What rights do I have?

You can find further comprehensive information on your rights as per GDPR under item "8. Data privacy rights"

12. Information on data privacy concerning the processing of your application

12.1 For what purpose and on what legal basis do we process your data?

We process your data that we receive from you by mail, e-mail or form via our homepage in the course of contacting you or your application, or that you transmit to us via other sources, in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG-neu), insofar as this is necessary for the decision on the establishment of an employment relationship with us. The legal basis for this is art. 88 GDPR in conjunction with § 26 BDSG-neu as well as, if applicable, art. 6 para. 1 lit. b GDPR for the initiation or execution of contractual relationships.

Conducting interviews via video conference replaces or completes the process of getting to know each other and face-to-face communication between Wohlfahrtswerk and the applicant as part of the application process. (Refer to Information on data protection referring to the processing of online meetings, seminars and applications via “Zoom” video conference system)

Furthermore, we can process your personal data if this is necessary for compliance with legal obligations (art. 6 para. 1 lit. c GDPR) or is necessary for the defence of legal claims brought against us. Art. 6 para.1 lit. f GDPR constitutes the legal basis. The legitimate interest is, for instance, a duty to provide evidence in proceedings under the General Act on Equal Treatment (AGG) or the legitimate interest to conduct job interviews by video conference. If you give us explicit consent to processing your data for certain purposes, the legitimacy of this processing is based on your consent as per art. 6 para. 1 lit. a GDPR.

Right to object:  You have the right to object to a voluntary consent into the processing of your data without giving reasons and without this resulting in any disadvantages for you. We will then no longer process your data, unless we can provide evidence of compelling legitimate grounds for processing that prevail over your interests, rights and freedoms, or if the processing serves the purposes of enforcing, exercising or defending legal rights. A withdrawal only applies to processing planned for after the withdrawal.

If we enter into an employment relationship with you, we may, in accordance with art.88 GDPR in conjunction with. § 26 BDSG-neu, process the data received from you for the purposes of the employment relationship, insofar as this is necessary for the implementation or termination of the employment relationship or for the exercise or fulfilment of the rights and obligations of the employee representation resulting from a law or a collective agreement, a company or service agreement (collective agreement).

We do not use automated decision-making (including profiling) within the meaning of art. 22 GDPR.

12.2 What data is being processed for your application?

We only process data related to your application. This may include general master data about you (such as first name, surname, qualifiers such as academic degrees/titles, nationality), contact data (such as private address, (mobile) phone number, e-mail address) and the data of the entire application process (cover letter, certificates, questionnaires, interviews as well as any performance evaluations, qualifications and previous activities). If you have also voluntarily provided special categories of personal data (such as health data, religious affiliation, degree of disability) in the letter of application or in the course of the application process, processing will only take place with your you consent. As a rule, your personal data will be collected directly from you as part of the recruitment process. In addition, we may have received data (address data, data from curriculum vitae) from third parties (e.g. job placement agencies).

12.3 To whom do we transfer your data?

Your data will be transferred to each party involved in the job interview for preparing and carrying out the application process and for carrying out the video conference. Furthermore, we will transfer your data within our company to those areas and persons exclusively who need to have them in order to perform contractual and legal obligations. Your data will be processed acting on our instruction based on data processing contracts as per art. 28 GDPR. In these cases, we will make sure that the processing of your data will be consistent with the regulations stipulated in the GDPR. In this case, the categories of recipients include Internet service providers as well as providers of application management systems, video conference systems and software.

Within our company group, our data will be transferred to certain companies if these exercise data processing tasks for all companies connected in the group (e.g. salary administration, IT services). 
Company group: Wohlfahrtswerk für Baden-Württemberg and all subsidiaries Wohlfahrtswerk Altenhilfe GmbH, Wohlfahrtswerk Management und Immobilien GmbH, further company departments commissioned with processing tasks concerning compliance with obligations from the contractual relationship.

We do not plan to transfer data to a third country.

12.4 What data do we store for how long?

We will only process and electronically save your application documents as part of the application process in accordance with the data protection regulations applicable. After the application process has ended, your data will be erased after 6 months in accordance with § 61 para. 1 ArbGG (German Labour Court Act) in conjunction with § 15 AGG, as long as a longer storage period is not legally required or allowed. We will only store your data beyond that if this is necessary by law or in a specific case for the establishment, exercise or defence of legal claims for the duration of a legal dispute.

In case you consented to a longer storage of your data, we will store them according to your declaration of consent. Only with your declaration of consent do we have the option of registering you in our in-house applicant pool, where your application will be kept for 1 year and accessed in the event of a job application in the Wohlfahrtswerk für Baden-Württemberg and its subsidiaries.

If, following the application process, an employment relationship, apprenticeship or trainee relationship is established, your data will, as far as necessary and permissible, remain stored and later transferred to your personnel file.

The video conference will not be recorded. The data processed in the course of your job interview via video conference will be deleted as soon as the purpose for processing ceases to exist, refer to Information on data protection referring to the processing of online meetings, seminars and applications via “Zoom” video conference system

12.5 What rights do I have?

You can find further comprehensive information on your rights as per GDPR under item 8,  „Data privacy rights".

13. Social Media

13.1 Our social media

Protecting your privacy when processing personal data is very important to us. We process the personal data collected in the course of your visit to our respective social media accounts (e.g. Facebook, Fanpage, Instagram) confidentially and only within the scope of legal regulations.

13.2 Data processing on the part of the social media platforms

The respective social media platforms process your personal data as soon as you are accessing our social media account. The processing ties in with the following usage:

  • Accessing a page and/or viewing a post or video from a page
  • Subscribing to a site or unsubscribing
  • Reacting to a page or post with “Like” or using similar functions
  • Recommending a site in a post or comment
  • Commenting on, sharing or reacting to a site post (including how you react)
  • Hiding a post or reporting it as spam
  • Accessing the social media platform through another site or clicking a link on a site outside of the social media platform that leads you to the page
  • Hovering over the name or profile picture of a certain page to see a preview
  • Using functions of the social media platform such as the website, contact or plan route button or any other button on the site
  • Data on the type of device you use for logging in, i.e. a PC or a mobile device.

You will find all information on the personal data a social media platform collects, how it processes them and what rights of data protection you have vis-à-vis the social media platform in their respective privacy policy. We cannot influence how social media platforms process data in any way.

13.3 Data processing on our part

The social media platform, regarding the website provided by us through them, grants us access to the following categories of data:

The social media platform grants us the ability to generate statistical analyses that provide information about the use of our social media account. The analyses visible to us do not allow us to view the usage behaviour of individuals. We can only view aggregated data (such as number of views, likes, followers, region of origin, age group, gender) that tell us about our audience and the use of our social media account. The data of the respective user on which the analyses are based are not transmitted to us.

We can set a target audience to be reached for with our social media account or individual posts we make. The setting is based on general parameters set by the social media platform (e.g. age group, language, region, interests) that can be used to align our content with a specific audience. The data provided by the social media platform do not allow us to address or identify individual persons.

If you contact us directly via the social media platform or interact with us in any other way and consciously transmit personal data to us (e.g. direct networking with our social media account), we store and process this personal data for the purposes for which you transmitted them.
We use this data exclusively for the purpose of making content on our social media account known to the target audience and to better understand and optimize the use of our social media account.

Beyond that, we cannot influence the data processing (for the provision of this data upstream) by the social media provider. You can find information on what personal data the respective social media platform collects in particular, how they process them and what data protection rights you have vis-à-vis the respective social media platform in the following privacy policies of the respective social media providers:

a) Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA;
http://www.facebook.com/policy.php; Facebook has submitted to the EU-US Privacy Shield.

b) Instagram, provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland,
https://help.instagram.com/519522125107875


Here, you will find information on the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework

Here, you will find further information on the processing of your data: Datenschutzerklärung - Facebook

13.4 Related links on Instagram

On our Instagram account we use the Wonderlink tool. This is a link tree solution provided by Seyffert mit Himmelspach GmbH which is hosted on German servers. When using Wonderlink there is no tracking, no tapping of user data. The tool operates on German servers. Here, you will find further data protection information on Wonderlink: https://www.wonderlink.de/datenschutz.

13.5 Facebook Pixel

On our website we use the Facebook pixel.

To do so, we have implemented code on our website. Facebook pixel is a snippet of JavaScript code that loads a library of functions that allows Facebook to track your user actions if you access our website via Facebook Ads. The Facebook pixel is triggered and stores your actions on our website in one or more cookies. These cookies enable Facebook to match your user data (customer data such IP address, user ID) to your Facebook user accounts. After this, Facebook will delete the data.

The data collected are anonymized and not visible to us and can only be used in the context of ad placements. If you are logged in on your Facebook account, your visit on our website will automatically be mapped to your user account.

We only want to show our services to those who are really interested. Using the Facebook pixel, we can adjust our advertising measures to better meet your wishes and interests. Thus, Facebook users (as long as they have enabled personalized advertising) will be shown suitable advertising.

In addition, Facebook uses the data collected for analysis purposes and own advertisements.

Depending on the interaction with our website, different cookies are used.

Siehe 10.  Eingesetzte Technologien

The cookies mentioned above correspond with individual usage. Especially when using cookies, there can always be changes at Facebook.

If you are logged in your Facebook account, you can change your advertisement settings here https://www.facebook.com/adpreferences/advertisers.

If you do not have a Facebook account, you can manage your user-based online advertisement here https://www.youronlinechoices.com/de/praferenzmanagement/?tid=331655807314

Here, you have the option to activate or deactivate a platform.

Facebook might also process your data in the US. We inform you that according to the European Court of Justice there is currently no appropriate level of protection for data transfer to the US. It may be associated with various risks regarding the legitimacy and security of data processing.

As a basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular the US) or a data transfer there, Facebook uses so-called standard contractual clauses (= Art. 46.  para. 2 and 3 GDPR) Standard Contractual Clauses (SCC) are templates provided by the European Commission and are intended to ensure that your data is protected in compliance with European data protection standards even if they are transferred to and stored in third countries (such as the US). By using these clauses, Facebook pledges to comply with the standard European level of data protection when processing your data, even if said data is stored, processed and managed in the US. These clauses are based on an implementing decision of the European Commission. You can find the decision and the corresponding standard contractual clauses here:

https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

You can find Facebook's data processing terms and conditions, which correspond to the standard contractual clauses, here

https://www.facebook.com/legal/terms/dataprocessing

If you would like to learn more about Facebook's privacy practices, we recommend that you read the company's own data policies on

https://www.facebook.com/policy.php

Elements of the social network Facebook are integrated on this website. The service provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected are also transferred to the US and other third countries.

You will find an overview on Facebook’s social media elements here:

https://developers.facebook.com/docs/plugins/?locale=de_DE.

When the social media element is active, a direct connection is established between your end device and the Facebook server. Facebook thereby receives the information that you have visited this website with your IP address. If you click the Facebook "Like" button while logged into your Facebook account, you can link the content of this website on your Facebook profile.

This allows Facebook to associate your visit to this website with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook. For more information, please refer to the privacy policy of Facebook at:

https://de-de.facebook.com/privacy/explanation.

Insofar as consent has been obtained, the above-mentioned service is used on the basis of art. 6 para. 1 lit. a GDPR and § 25 TTDDG (German digital services act-telemedia data protection act). You can revoke your consent at any time. Insofar as no consent has been obtained, the use of the service is based on our legitimate interest in achieving the greatest possible visibility in social media.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and the Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for the data processing (art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. You can find the text of the agreement at:

https://www.facebook.com/legal/controller_addendum.

According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

Data transfer to the US is based on the European Commission’s standard contractual clauses.

You will find details here:

https://www.facebook.com/legal/EU_data_transfer_addendum

https://de-de.facebook.com/help/566994660333381  and

https://www.facebook.com/policy.php.