Privacy Policy

We are pleased that you have visited our website and we thank you for your interest. We would like to inform you about how your personal data is handled when you use our website in accordance with Art. 13 of the General Data Protection Regulation (GDPR).

 

Data controller

The authority specified in the legal notice is responsible for the data collection and processing described below. 

Usage data

To improve the quality of our web pages, we store data relating to the individual access to our web pages for statistical purposes. This data consists of:

  • page from which the file was requested
  • filename
  • date and time of the request
  • data volume transmitted
  • access status (file transmitted, file not found)
  • description of the type of web browser used
  • the IP address of the device making the request, which is shortened to ensure that no conclusions can be made about the individual concerned.

The specified log data is only stored in pseudonymised form. We do not store IP addresses or other personal information that could be used to identify you. When you visit our website, no data or information is shared with third parties.

Data security

We have technical and organisational measures in place to protect your data as comprehensively as possible from undesired attacks. We have an encryption process in operation on our web pages. Your information is transferred over the Internet from your device to our server and vice versa by means of TLS encryption. This is evident from a locked padlock symbol in the status bar of your browser and the URL beginning with https://.

Cookies

We use cookies on our websites. Cookies are small text files that are stored on your device and can be read. There are different types of cookies. These include session cookies which are deleted as soon as you close your browser and persistent cookies which are stored beyond a particular session. Cookies may contain data that enables a device to be identified. However, some cookies only contain information relating to specific settings that cannot be used to identify a specific individual. We use session cookies on our web pages. These cookies do not process any personal data and therefore do not allow any conclusions to be made about any specific individual.

You can configure your browser to inform you about the setting of cookies. This ensures that the use of cookies is transparent. Using the relevant browser settings, you can also delete cookies or prevent new cookies from being set at any time. Please note that, in this case, our website may not display optimally and some features may not function properly.

Contact form

You have the option to get in touch with us using the web form. To use our contact form, all we need is your name and email address. You can provide us with further information if you wish, but you do not have to.

The legal basis for the data processing is Art. 6(1)(a) GDPR. By submitting your email enquiry, you allow us to process your data for the purposes of responding to your enquiry. No processing is carried out for any other purpose. Your data will be deleted as soon as we have conclusively dealt with your enquiry and there are no legal obligations on our part to retain the data that would prevent us from deleting it.

You can revoke your consent to processing of your data at any time, including before we respond to your enquiry. If you wish to revoke your consent to the processing of your data transmitted using the contact form, please contact us at the email address specified in the legal notice.

Image upload

You have the option of uploading a picture of yourself via this website in accordance with the terms of use and thus making it available to the public. Companies have the option of uploading campaign images to us or using a service provider acting on their behalf. The upload, storage and other processing of the image data and, if applicable, first name and additional details such as email address, are in accordance with your consent pursuant to Art. 6(1)(a) GDPR and with the consent of the person or persons depicted in the image. This consent can be revoked at any time with future effect. To revoke your consent, please use the contact details of the Senator for Health, Women and Consumer Protection as provided in the legal notice of the website bremen-gegen-corona.de or use the email address: presse-stelle@gesundheit.bremen.de or hello@bernstein.de 
The data (pictures, first name, email address) is transmitted exclusively to service providers based in Germany, who are commissioned to develop and operate the website and social media accounts. The campaign images that companies wish to provide us with are processed by Gruppe für Gestaltung GfG, Altes Zollamt / Waller Stieg 1, 28217 Bremen, Germany, email: bremen-gegen-corona@gfg-id.de. 
The data will be deleted after the campaign has terminated, no later than within 24 months, or if the website is taken down, unless there is a legal obligation to retain the data.

Integration of SmartMaps

On this website, we use SmartMaps, a service provided by YellowMap AG, CAS-Weg 1–5, 76131 Karlsruhe, Germany.
This enables us to display maps to you directly on our website and for you to use the map functionality conveniently. In order display the maps to you, SmartMaps uses your IP address when your browser accesses the SmartMaps components. Your IP address is retained in the memory of the web server for around five minutes to protect against DoS attacks. After this, it expires and is not processed or stored in any other way.
YellowMap AG is therefore the recipient of data. However, it does not process the data for its own purposes, rather exclusively on behalf of and on the instructions of the data controller.

Social media 

Data protection regulations for the use and application of Shariff:
The controller has integrated the Shariff component on this website. The Shariff provides social media buttons in accordance with data protection regulations. Shariff was developed for the German computer magazine c't and was published by GitHub, Inc.
The developer of the component is GitHub, Inc. 88 Colin P. Kelly Junior Street, San Francisco, CA 94107, USA.
Typically, the button solutions provided by social networks transmit personal data to the social network in question when a user visits a website on which a social media button is integrated. With the Shariff component, personal data is only transmitted to social networks when a website visitor actively clicks one of the social media buttons. The computer magazine c't provides further information about Shariff at http://www.heise.de/newsticker/meldung/Datenschutz-und-Social-Media-Der-c-t-Shariff-ist-im-Einsatz-2470103.html. We use Shariff in order to protect the personal data of visitors to our website as well as to integrate a button solution for social networks on this website.
For more information and for the privacy policy of GitHub, visit https://help.github.com/articles/github-privacy-policy/.

Data protection regulations for the use and application of Facebook and Instagram:
The controller has integrated components from Facebook on this website. Facebook and Instagram are social networks.
A social network is a social meeting place operated on the Internet. It is an online community that usually enables users to communicate and interact with one another in a virtual space. A social network can serve as a platform for sharing opinions and experiences and enables the Internet community to provide personal or company-related information. Facebook allows its users to create personal profiles, upload photos and network by means of friend requests.
The operating company of Facebook and Instagram is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The data controller for personal information where the data subject lives outside of USA or Canada is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Each time one of the individual pages of this website operated by the data controller is accessed and on which a Facebook component (Facebook plug-in) is integrated, the web browser on the data subject’s information technology system is automatically prompted by the respective Facebook component to download an instance of the relevant Facebook component from Facebook. For a complete overview of all Facebook plug-ins, see https://developers.facebook.com/docs/plugins/?locale=en_gb. As part of this technical process, Facebook receives information about which specific sub-page of our website is visited by the person concerned.
If the data subject is logged in to Facebook/Instagram at the same time, Facebook recognises which specific sub-page of our website the data subject is visiting each time the data subject accesses our website and for the entire duration of the respective stay on our website. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account/Instagram account of the person concerned. If the data subject interacts with one of the Facebook buttons integrated on our website, such as the ‘Like’ button, or if the data subject submits a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.
Facebook receives information via the Facebook component that the data subject has visited our website if the data subject is logged in to Facebook at the same time that they access our website. This occurs regardless of whether the data subject clicks on the Facebook component or not. If the data subject does not want this information to be transmitted to Facebook, they can prevent the data transmission by logging out of their Facebook account before they access our website.
The privacy policy published by Facebook, which is available for Facebook at https://en-gb.facebook.com/about/privacy/ and for Instagram at https://en-gb.facebook.com/help/instagram/155833707900388 provides information about the collection, processing and use of personal information by Facebook. It also explains the setting options that Facebook provides to protect the privacy of the data subject. In addition, there are various applications available that make it possible to prevent the transmission of data to Facebook, such as Facebook Blocker from Webgraph, which is available at http://webgraph.com/resources/facebookblocker/. These types of applications can be used by the data subject to prevent the transmission of data to Facebook.

Data protection regulations for the use and application of Twitter:
The controller has integrated the components from Twitter on this website. Twitter is a multilingual publicly accessible micro-blogging service on which users can publish and share messages known as tweets. These are short messages limited to 140 characters. These messages can be accessed by anybody, including people who are not registered with Twitter. However, the tweets are also displayed to the followers of the user in question. Followers are other Twitter users who follow the tweets of a user. Furthermore, Twitter makes it possible to reach a broad audience by means of hashtags, links or retweets.
The operating company of Twitter is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
Each time one of the individual pages of this website operated by the data controller is accessed and on which a Twitter component (Twitter button) is integrated, the web browser on the data subject’s information technology system is automatically prompted by the respective Twitter component to download an instance of the corresponding Twitter component from Twitter. For more information about Twitter buttons, visit https://about.twitter.com/de/resources/buttons. As part of this technical process, Twitter receives information about which specific sub-page of our website is visited by the person concerned. The purpose of integrating the Twitter component is to enable our users to distribute the content of this website, to raise awareness of this website in the digital world and to increase our visitor numbers.
If the data subject is logged in to Twitter at the same time, Twitter recognises which specific sub-section of our website the data subject is visiting each time the data subject accesses our website and for the entire duration of the respective stay on our website. This information is collected by the Twitter component and assigned by Twitter to the respective Twitter account of the person concerned. If the data subject interacts with one of the Twitter buttons integrated on our website, the data and information transmitted in this way will be assigned to the personal Twitter user account of the data subject and will be stored and processed by Twitter.

Transmission of data to third parties

We treat your personal data confidentially and do not share it with unauthorised third parties. Data is transmitted to our assigned service providers, such as the agency Bernstein GmbH and WebMen GmbH.

Order processing

As part of the operation of these websites and related processes, we may be assisted by other service providers (e.g. for hosting and web development). These service providers are strictly bound by instructions and by contract to us in accordance with Art. 28 GDPR.

Your rights as a data subject

In relation to the processing of your personal data, you have certain rights in accordance with the GDPR:

  1. Right of access (Art. 15 GDPR): You have the right to request confirmation as to whether we are processing personal data relating to you. If this is the case, you have a right to information about this personal data as well as the information specified in Art. 15 GDPR.
  2. Right of adjustment and deletion (Art. 16 and 17 GDPR): You have the right to request the prompt adjustment of any inaccurate personal data concerning you and, if applicable, the completion of any incomplete personal data. You also have the right to request that personal data concerning you be deleted promptly if one of the reasons specified in Art. 17 GDPR applies, e.g. if the data is no longer required for the relevant purposes.
  3. Right of limitation of processing (Art. 18 GDPR): You have the right to request the restriction of processing of your data if one of the conditions specified in Art. 18 GDPR applies, e.g. if you have objected to the processing, for the duration of any examination.
  4. Right of data portability (Art. 20 GDPR): In certain cases, specified in Art. 20 GDPR, you have the right to obtain the personal data concerning you in a structured, common, machine-readable format or to request the transmission of this data to a third party.
  5. Right of objection (Art. 21 GDPR): If data is collected on the basis of Art. 6(1)(f) (data processing for the protection of legitimate interests), you have the right to object to the processing at any time for reasons relating to your particular situation. We will then no longer process the personal data unless there is compelling legitimate grounds for the processing which outweigh the interests, rights and freedoms of the data subject or if the processing relates to the enforcement, exercise or defence of legal claims.

Right of appeal to a supervisory authority

In accordance with Art. 77 GDPR, you have the right to make a complaint to a supervisory authority if you believe that the processing of your personal information was in violation of data protection regulations. You can exercise your right of appeal in particular before a supervisory authority in the Member State of your residence, your place of work or the location of the alleged infringement.

Contact details of data protection officer

Our official data protection officer would be happy to provide you with further information or suggestions in relation to data protection:

Dr. Uwe Schläger
datenschutz nord GmbH
Konsul-Smidt-Straße 88
28217 Bremen
Germany
www.datenschutz-nord-gruppe.de
Email: office@datenschutz-nord.de
Phone: 0421 69 66 32 0