Im Folgenden unterrichten wir die Besucher*innen unserer Internetseite, unsere (Förder-) Mitglieder, Teilnehmer*innen von Veranstaltungen und Umfragen, Spender*innen, Bewerber*innen sowie Mitarbeiter*innen über den Umgang der Gesellschaft für Freiheitsrechte e.V. (GFF) mit ihren personenbezogenen Daten. Personenbezogene Daten sind solche Daten, die direkt oder indirekt Rückschlüsse auf Ihre Identität zulassen. Damit erfüllen wir die Informationspflicht nach Art. 13 der Datenschutz-Grundverordnung (DSGVO).
1. Responsible party
The data controller within the meaning of Article 13 (1) a DSGVO is the Gesellschaft für Freiheitsrechte e.V., Boyenstraße 41, 10115 Berlin, Germany, reachable by phone at 030-549 08 10 0, by e-mail at email@example.com. The GFF is represented by its Board of Directors: Dr. Ulf Buermeyer, LL.M. (Columbia), Dr. Boris Burghardt, Prof. Dr. Nora Markard.
2. Purposes and legal bases of processing
The GFF processes the following personal data:
- For (supporting) member administration: name, first name, address, e-mail address of the (supporting) members. The legal basis for this is Art. 6 para. 1 sentence 1 lit. b DSGVO. The GFF deletes the data ten years after termination of the association or sponsoring membership.
- For contribution management: name, first name, bank details incl. IBAN and BIC of the (supporting) members. The legal basis for this is Art. 6 para. 1 sentence 1 lit. b DSGVO. The GFF deletes the data ten years after completion of the last transaction within the scope of association membership.
- For donation management: name, first name, address, email address, if applicable bank details incl. IBAN and BIC of the donors. The legal basis for this is Art. 6 para. 1 sentence 1 lit. b DSGVO. The GFF deletes the data ten years after the last transaction.
- To fulfill transparency obligations: Last name and first name as well as the amount of the donation(s) within the scope of the lobby register for the representation of interests vis-à-vis the German Bundestag and the Federal Government, insofar as the donation(s) exceeds 20,000 euros in the past financial year. The legal basis for this is Art. 6 (1) sentence 1 lit. c in conjunction with (3) the DSGVO. The data will be deleted after the statutory periods."
- For applications: Surname, first name, address and all other data of the applicants submitted with the application and arising in the course of the application process. The legal basis for this is § 26 BDSG. The GFF deletes the data at the latest six months after completion of the application process, but in the case of employment only six months after the end of the employment. Personnel records and references are deleted within ten years after the end of employment in the case of employment. In order to document the diversity of the applications received, the GFF keeps an anonymized version of the applicant information in both cases.
- For payroll accounting: surname, first name, address, religious affiliation if applicable, tax number, social security number, health insurance number, bank details incl. IBAN and BIC of the employees. The legal basis for this is Art. 6 para. 1 sentence 1 lit. c DSGVO. The GFF deletes the data ten years after termination of the employment relationship.
- For external presentation: Image and sound recordings of the GFF members and staff as well as participants in the GFF events on the website freiheitsrechte.org and accompanying publication formats on social networks and online and offline to document our work. The legal basis for this is Art. 6 para. 1 sentence 1 lit. f DSGVO. The legitimate interest is to provide public information about our activities. GFF deletes the data as soon as its use is no longer necessary, for example because newer recordings are available. If you, as a participant in an event, do not wish to have any recordings made, please inform us in advance at firstname.lastname@example.org.
- For the operation of the website www.freiheitsrechte.org: Data automatically transmitted to us is not stored. We delete security log data stored on the basis of Art. 6 Para. 1 Sentence 1 lit. f within six months.
- For event management: Information and personal data that you have provided to us in the course of registering for an event or online event, usually surname, first name, email address and event-related information such as selection of event blocks or meal requests are stored for the duration of the event organization and follow-up. The data will be deleted no later than 24 months after the end of the event, unless there are legal reasons (esp. accounting) that require a longer storage of the list of participants for documentation purposes. The legal basis for this is Art. 6 para. 1 sentence 1 lit. b DSGVO.
- For individual communication, e.g. via the Internet (e-mail): All data voluntarily submitted to us, such as surname, first name, e-mail address and any other specified personal data or special categories of personal data, insofar as this is necessary to process your request. The legal basis for this is Art. 6 para. 1 sentence 1 lit. a DSGVO. The GFF deletes the data within 24 months after the end of the respective form of communication or, if the data is part of ongoing proceedings, 24 months after the conclusion of the proceedings. In the event of support for legal proceedings, the details of data processing shall be governed by a separate agreement.
- For the distribution of our newsletter: We process your email address and whether you have opened the newsletter. The legal basis for this processing is Art. 6 para. 1 p. 1 lit. a DSGVO. For more information, in particular on the revocation option, please see Newsletter.
You may revoke your consent at any time with effect for the future, in particular by sending an email to email@example.com. In the event of revocation, GFF will delete the relevant data immediately.
We would like to point out that data transmission on the Internet (e.g. communication by e-mail) may be subject to security gaps. Complete protection of data against unauthorized access by third parties is not possible. However, our website uses the SSL/TLS encryption method with optimal security settings. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser input line. When SSL/TLS encryption is activated, the data that is transmitted is particularly protected during transport. For a high standard of protection in e-mail communication, we also offer the option of secure communication with PGP/GPG.
3. Recipient of the data
We do not transmit any data to third parties without your express consent (Art. 6 para. 1 sentence 1 lit. a DSGVO), except for the purpose of managing contributions, wages or donations. If this is required or necessary, this is done within the framework of commissioned data processing. Our legitimate interest (Art. 6 para. 1 sentence 1 lit. f DSGVO) in commissioned data processing lies in the outsourcing of this resource-intensive processing. The data is transferred to Lohn24 for payroll administration.
We do not use any social media plug-ins. Instead, the buttons present at some points on the website represent a link to the website of the respective social media service (in our case Facebook, Twitter, YouTube, Instagram). The existing buttons alone do not result in the collection and transmission of data to these services. Only when you click on a button will you be directed to the page of the respective provider.
The GFF is registered in the lobby register for the representation of interests towards the German Bundestag and the Federal Government (Link: https://www.lobbyregister.bund...). Therefore, we are legally obliged to disclose the names of the donors and the amount of the donation(s) in the register, if the donation(s) exceed 20,000 euros in the past fiscal year.
The internet pages partly use so-called cookies. Cookies are small text files that are stored on your computer and saved by your browser. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure; this is our legitimate interest (Art. 6 para. 1 sentence 1 lit. f DSGVO) in their use.
The cookies we use are so-called "session cookies". They are automatically deleted after the end of your visit to our website.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of Internet pages may be limited.
5. Third country transfer
The GFF does not transmit any data outside the scope of the GDPR. The exception is communication via social media based in the USA, for example Facebook and Twitter, where personal data is only processed by third parties who are themselves customers of these networks.
The GFF operates various newsletters and manages them with the programs Mailman and phpList on its own servers. In these newsletters, you register yourself and give consent by confirming the activation link sent to you, which we store as part of the registration and confirmation. For the use of the newsletter, the e-mail address you provide is processed. You can unsubscribe yourself from the newsletter, so your e-mail address will be deleted immediately. You can also send us by e-mail the revocation of consent to use the e-mail address for the newsletter at firstname.lastname@example.org. In this case, the GFF will delete your e-mail address immediately.
Our info newsletter provides you with general information on the work of the GFF. Sustaining members receive additional e-mails with appeals for further support of our work and invitations for special events. We send out our press releases via the press distribution list.
Our software phpList uses a tracking pixel that statistically evaluates interactions with our mailings. This is a pixel embedded in the email that connects to the GFF's server when you open the email. This determines whether you have opened the e-mail. You can prevent this transmission by deactivating the "Load external content" function in your e-mail program.
The GFF operates its internet offers on its own servers. It uses the AWStats application to evaluate page visits; this evaluation takes place onthe GFF servers, and no personal data is processed for this purpose. The same applies to the use of Matomo.
The GFF operates surveys on its own servers. For this purpose, it uses the LimeSurvey application to conduct these surveys. The processing takes place on servers of the GFF and only if you enter personal data. In this case, the personal data you enter and the date and time of entry are processed.
You have the right
- in accordance with Art. 15 DSGVO to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
- in accordance with Art. 16 DSGVO to immediately demand the correction of incorrect or completion of your personal data stored by us;
- pursuant to Art. 17 DSGVO to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
- to request the restriction of the processing of your personal data in accordance with Art. 18 DSGVO, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 DSGVO;
- pursuant to Art. 20 DSGVO to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller;
- to revoke your consent at any time in accordance with Art. 7 (3) DSGVO. This has the consequence that we may no longer continue the data processing based on this consent for the future, and
- complain to a supervisory authority in accordance with Art. 77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our club headquarters.
To exercise your data subject rights, please contact us by e-mail at email@example.com or also by post at: Society for Freedom Rights e.V., Boyenstraße 41, 10115 Berlin.
Competent supervisory authority for a complaint:
Berlin Commissioner for Data Protection and Freedom of Information An der Urania 4-10 10787 firstname.lastname@example.org