Data Privacy Policy

The protection of your data is important to us. Therefore, we inform you below about the nature, scope and purpose of the collection and use of your personal data when using this website.
The legal basis for data protection can be found in the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG) and the EU General Data Protection Regulation (GDPR).

If you have any questions, please contact the Controller.

Controller

The controller for the processing of your personal data is:

Tilmann Walz
Segenstraße 10b
81735 München

E-Mail: info@refrastructure.org
Internet: www.refrastructure.org

Data processing for the purpose of communicating with you

You can send us inquiries about our project, in relation to a cooperation or other relevant topics via our contact data displayed on the website.

We process the data provided for communication by you (name, address, telephone number, e-mail address) in order to contact you, communicate with you and respond to your inquiries. Personal data that you provide will only be processed for correspondence and answering your inquiries or only for the purpose for which you have provided us with the data.

The legal basis the processing of such data processing Article 6 para 1 sentence. 1 litera b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.

Acces data and log files

By visiting this website, information about the access such as date, time, page viewed, IP address, browser type, browser system, provider, referrer URL (originating URL from which you came to the web pages), the amount of data transferred and similar data falling into this category may be stored. This data is anonymized and is only stored for a short period of time for technical security reasons, in particular to defend against attempted attacks on the web server. It is not possible for us to draw conclusions about individual persons on the basis of this data. There will be no comparison with other databases or transfer to third parties, whether for commercial or non-commercial purposes.

The legal basis the processing of such data processing Article 6 para 1 sentence 1 litera f GDPR, which permits the processing of data for the purposes of the controller’s legitimate interests, unless such interests are overridden by the interests or fundamental rights and freedoms of the data subject. Our legitimate interest lies in ensuring data security on the website.

Our server is hosted by Treatec One GmbH. Ludmillastraße 37a, 84034 Landshut (data processor).

Analytics and Marketing

No analysis and/or advertising tools are used on our website.

Cookies

We don not use Cookies.

Fonts

Our website uses fonts provided by “Google” for the uniform display of fonts. When you access a page, your browser loads the required web fonts into your browser cache to display text and fonts correctly. For this purpose, the browser you use must connect to Google’s servers (fonts.google.com). Through this, these providers gain knowledge that our website was accessed via your IP address. The use of web fonts is in the interest of a uniform and appealing presentation of our online offers (Art. 6 para. 1 lit. f GDPR).
For more information on Google Web Fonts, please visit https://developers.google.com/fonts/faq and see Google’s privacy policy: https://www.google.com/policies/privacy.

Data processing for the fulfillment of legal obligations

In addition – if relevant – we process your data to fulfill legal obligations (e.g. regulatory requirements, commercial and tax retention and verification obligations).
The legal basis the processing of such data processing Article 6 para 1 sentence 1 litera c DS-GVO, which permits processing for compliance with a legal obligation.

Categories of recipients of the personal data

Your communication data will be forwarded to the responsible employee to answer your inquiries, for communication. The legal basis the processing of such data processing Article 6 para 1 sentence 1 litera b DS-GVO, which permits the processing of data for the performance of a contract or pre-contractual measures.

Your personal data will only be passed on or otherwise transferred to third parties outside our company if this is necessary for the purpose of processing your request or if you have given your prior consent or if there is a legal basis for the transfer.

Insofar as we use the services of third parties for the implementation and handling of processing operations, the provisions of the General Data Protection Regulation shall be complied with. Service providers that support us in providing our service to you are in particular hosting providers, e-mail service providers/software providers, etc. for the generation, processing and provision of documents and information.

Duration of data storage

Wir löschen Ihre personenbezogenen Daten, sobald sie für die mit der Verarbeitung verfolgten Zwecke nicht mehr benötigt werden und soweit keine gesetzlichen Aufbewahrungspflichten entgegenstehen.

Data Security

Your personal data is transferred securely by us through encryption. We use the SSL (Secure Socket Layer) coding system for this purpose. Furthermore, we secure our website and other systems by technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons.

Our security measures are continuously improved in line with technical developments. We expressly point out that data transmission on the Internet has security gaps and cannot be completely protected against access by third parties, which applies in particular and especially when communicating by e-mail.

Links to third party sites

If you find links to third-party websites on our site, the respective third-party provider is responsible for the data processing on it site. Data processing of the third party begins as soon as you click on the respective link or follow the URL stored there.

Social Media

We operate presences on online platforms and social networks in order to network and communicate with interested parties. This includes the following providers:
LinkedIn
LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Irleand https://www.linkedin.com/legal/privacy-policy; https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

We operate insofar as so-called joint controllers in the sense of data protection regulation with the respective providers. Data that you directly share or publish via the online platforms and networks (e.g. via comment and chat functions), we process as the responsible party in order to interact with you in this regard or to exchange information with you. As part of this interaction, we may also receive statistical data from the platform operators on the use of our “channels and fan pages”. This includes, for example, information about interactions, likes, comments, or aggregate information and statistics (e.g., IP address; origin of followers) that help us learn about interactions with us.
The legal basis the processing of such data processing Article 6 para 1 sentence 1 litera f GDPR.

However, such providers also process data under their resposibliity / control. We have no influence on data that is processed by the provider under its own responsibility in accordance with its own terms of use and data protection conditions. We would like to point out that when when using provider’s services, further data (e.g. from your usage and “surfing behavior”) may be collected and possibly transmitted to the provider. Please also note that in the event of interaction via the aforementioned media, data may also be processed outside the area of the European Union. Furthermore, user data is in this case usually processed for market research and advertising purposes. For example, usage profiles can be created from the usage behavior and resulting interests of the users. The usage profiles may in turn be used, for example, to serve advertisements within and outside the platforms that presumably correspond to the users’ interests. You can find more detailed information on this in the data protection information of the respective providers.

If we have personal data from you in connection with the use of the online platforms and networks, please direct your concerns to us. If you wish to assert any additional rights against a specific provider, please contact the provider.

Rights of data subjects

Within the limits of the legal provisions, you have the right at any time to request information about data collected and stored about you. In particular, you have the right to:

  • Request information about your personal data processed by us. In particular, you can request information about the purpose for which the data is processed, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, your right to rectify, delete, data or restrict the processing of data or objection to such processing, the existence of your right of complaint, the origin of your data if it was not collected by us, and the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details, Article 15 GDPR.
  • immediately demand the correction of incorrect and/or completion of the personal data stored by us, Art. 16 GDPR;
  • request the deletion of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise and defense of legal claims, Art. 17 GDPR
  • to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure, but you need it for the assertion, exercise and defense of legal claims, Art. 18 GDPR, or you have objected to the processing, Art. 21 GDPR;
  • To receive your personal data that you have provided to us in a structured, commonly used, machine-readable format or to request that it be transferred to other data controllers, Art. 20 GDPR;
  • complain to the supervisory authority in accordance with Art. 77 GDPR if you can claim a violation of the collection, processing, use or storage of your data or of your other data subject rights.

Right of revocation and objection

You may revoke your consent to the processing of your personal data given to us pursuant to Art. 6 para. 1 sentence 1 a GDPR at any time, Art. 7 para 3 GDPR.

In accordance with Art. 21 GDPR you also have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR. Processing will then not take place unless there are compelling interests worthy of protection that outweigh your interest in not processing or the processing serves the assertion, exercise and defense of legal claims.

If you wish to exercise your right to object, simply send an e-mail to info@refrastructure.org.

No automated individual decision-making

We do not use your personal data for automated individual de within the meaning decision-making according to Art. 22 para. 1 GDPR.

Changes to this Data Privacy Policy

New legal requirements, business decisions or technical developments may require changes to our privacy policy. The Data Privacy Policy will then be changed respectively. You can always find the current version on our website.

Version: January 2022