Introduction

Being the operator of this website, CHE Gemeinnütziges Centrum für Hochschulentwicklung GmbH (CHE), are the data controller in charge of processing personal data of any users of such website. You can find our contact details in the imprint of the website, while the contacts for questions concerning the processing of your personal data are provided directly in this Privacy Statement.

We are strongly committed to protecting your privacy and your private and personal data. We collect, save, and use your personal data strictly in accordance with the provisions of this Privacy Statement and the applicable data protection provisions, including without limitation the European General Data Protection Regulation (GDPR) and national data protection provisions.

With this Privacy Statement, we wish to inform you to what extent and for what purpose your personal data is processed in connection with the use of our website.

Personal data

Personal data is all information about an identified or identifiable individual. This includes information about your identity such as your name, your e-mail address, or your postal address. Any information that cannot be directly linked to your identity (e.g. statistical details such as the number of users of the website) is, however, not considered to be personal data.

You can essentially use our website without disclosing your identity and without providing any personal data. In that case, we will merely collect general information about your visit to our website. However, some of the services offered require you to provide certain personal data. As a rule, we will process such data only for purposes connected with the use of this website, including without limitation for the provision of the desired information. Whenever personal data is collected, you are only required to provide the data that is absolutely essential. Also, you may be asked to provide additional details, which is optional information provided voluntarily. We let you know in each case whether the input fields are for mandatory or optional details. More specific details are provided in the relevant section of this Privacy Statement.

There is no automated decision-making on the basis of your personal data in connection with the use of our website.

Processing personal data

We store the information provided by you on protected dedicated servers located within the European Union. Technical and organisational measures are taken to protect such servers against loss, destruction, access, modification, or dissemination of your data by unauthorized persons. Access to your data will be permitted only to a limited number of persons in charge of the technical, commercial, or editorial support of the servers. Notwithstanding regular controls, full protection against all risks cannot be provided.

Your personal data is transmitted over the Internet in encrypted form. We use SSL (Secure Socket Layer) encryption for transmission of data.

Disclosure of personal data to third parties

As a rule, we use your personal information exclusively for providing the services that you have requested from us. Insofar as we use external service providers in performing the service requested, such external service providers will also access the data exclusively for the purpose of performing the service. By taking the necessary technical and organisational measures we ensure compliance with data protection policies and we demand the same of our external partners.

Moreover, we will not disclose the data to any third parties, including without limitation for advertising purposes, without your express consent. We will disclose your personal data only if you have given your consent to disclosure of the data or insofar as we are entitled or obligated to do so under legal provisions and/or administrative or judicial orders. This may include, without being limited to, giving information for purposes of criminal prosecution, in order to avert danger, or in order to enforce intellectual property rights.

If we transfer your personal data ourselves or through service providers to countries outside the European Union, we comply with the special provisions of Article 44 et seq. of the GDPR for this purpose and also oblige our service providers to comply with these regulations. We will therefore only transfer your data to countries outside the European Union subject to the level of protection guaranteed by the GDPR. This level of protection is ensured in particular by an adequacy decision of the EU Commission or by appropriate safeguards pursuant to Article 46 of the GDPR.

Legal basis of data processing

Insofar as we obtain your consent to processing your personal data, Article 6(1)(a) of the GDPR constitutes the legal basis for such data processing.

Insofar as we process your personal data because processing is necessary for the performance of a contract or is necessary under a quasi-contractual relationship with you, the lawfulness of data processing is based on Article 6(1)(b) of the GDPR.

Insofar as we process your personal data because processing is necessary for compliance with a legal obligation, the lawfulness of data processing is based on Article 6(1)(c) of the GDPR.

Furthermore, Article 6(1)(f) of the GDPR may constitute the legal basis for data processing, if processing of your personal data is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by your interests or your fundamental rights and freedoms which require protection of personal data.

Throughout this Privacy Statement, we refer to the legal basis on which we process your personal data.

Deletion of data and duration of storage

We invariably delete or block any personal data provided by you as soon as the purpose of storage of such data has ceased to apply. However, we may continue to store your personal data beyond that, if such storage is governed by legal provisions to which we are subject, including without limitation the legal obligation to retain business records and documentation. In such a case, we will delete or block the personal data after the prescribed period of time has expired.

Use of our website

Information relating to your computer

Every time you access our website, we will collect the following information relating to your computer, regardless of whether or not you have registered: the IP address of your computer, the inquiry of your web browser, and the time stamp of that inquiry. In addition, the status and the amount of data transmitted in the course of the inquiry are collected. We also collect product and version information about the web browser used and the operating system of the computer. Furthermore, we record the website from which our own website has been accessed. The IP address of your computer is stored only for the duration of your use of our website; afterwards, it is deleted or anonymised by truncation. The remaining data is stored for a limited period of time and then anonymised.

We use this data to operate the website, more specifically for troubleshooting, or in order to assess the degree of utilisation of the website, or to carry out adjustments or improvements thereof. Such purposes also constitute our legitimate interest in data processing in accordance with Article 6(1)(f) of the GDPR.

Use of cookies

Like many other websites, our website uses cookies. Cookies are small text files that are stored on your computer and store certain settings and data of your web browser for the exchange with our website. As a rule, a cookie contains the name of the domain from which the cookie file has been sent as well as information about the age of the cookie and an alphanumeric identifier.

Cookies enable us recognise your computer and make any default settings immediately available. The cookies we use are – as far as possible – so-called session cookies, which are automatically deleted at the end of the browser session. Occasionally, cookies with a longer storage period can also be used so that your settings and preferences can also be taken into account the next time you visit our online offering.

Most web browsers are set to accept cookies by default. However, you can disable the storage of cookies or set up your web browser to inform you when you receive a cookie. It is also possible to manually delete stored cookies in the browser settings. Please note that your use of our website may be limited or restricted if you refuse to save cookies or delete necessary cookies.

If cookies are not necessary for our online offer, we ask you for your consent to the use of cookies when you access the online offer for the first time. With regard to the non-essential cookies of third-party providers, you will find a more detailed description of the services of these third-party providers used by us below. The legal basis for the associated data processing, including any data transfer, is in each case your consent within the meaning of Article 6(1)(a) of the GDPR. Once given, consent can be revoked at any time with effect for the future, in particular by changing the selected settings.

The legal basis for the use of necessary cookies is our legitimate interest in the proper provision of our online offer within the meaning of Article 6(1)(f) of the GDPR and – insofar as contracts are concluded or fulfilled via our online offer – the fulfillment of the contract within the meaning of Article 6(1)(b) of the GDPR.

Integration of third-party services

For some functions in our online offer, we use services from third-party providers. The corresponding services are mainly optional functions that must be explicitly selected or used by you. We have concluded contractual agreements with the respective providers for the provision or integration of their services and, within the scope of our possibilities, we are committed to ensuring that the third-party providers also provide transparent information about the scope of the processing of personal data and comply with the provisions of data protection law.

AWStats

We use the “AWStats” analysis tool to statistically evaluate visitor access to our online offering. The software runs exclusively on our servers. The data from the server log files are evaluated in anonymous form. No user identification takes place in this context.

When accessing our online offer, the following information is recorded:

  • the website accessed
  • the website from which the user accessed the website (referrer)
  • the other sub-pages that are called up from the called-up website
  • the duration of the user’s visit
  • the frequency with which the website is accessed

The data processing is carried out solely for the evaluation and optimization of our online offer, which also represents our legitimate interest according to Art. 6(1)(f) of the GDPR.

Google Analytics

We use Google Analytics for statistical analysis. Google Analytics is a web analytics service provided by Google.

Within the scope of Google Analytics, Google uses cookies, among other things, for the evaluations. The type and scope of the use and evaluation of cookies are specified by Google. The information generated by the cookies about your use of the online offer is transmitted to a Google server and stored there. It cannot be ruled out that data will be transmitted to the USA and that government agencies may be able to access this data. In the case of activation of IP anonymization on this website, however, your IP address will be shortened by Google beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server and shortened there.

On our behalf, Google will use this information for the purpose of evaluating your use of the online service, compiling reports on website activity and providing other services relating to website activity and internet usage to us as the operator of the online service. In addition, Google may use the data for its own purposes. Within the scope of these purposes, Google may, for example, create a profile of user behaviour or link the data with other data, for example with an existing Google account. We have no influence on these data processing operations. For more information, please refer to Google’s data protection information, which is linked for you below.

We also use the “Demographic and Interests” function of Google Analytics. This allows reports to be created that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google as well as visitor data from third-party providers. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown in the following paragraph. For more information on the “Demographic and Interests” function, please visit Google at https://support.google.com/analytics/answer/2799357?hl=en.

You can prevent the collection of data generated by the cookie and related to your use of the website  to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link http://tools.google.com/dlpage/gaoptout?hl=en. For more information, please visit http://tools.google.com/dlpage/gaoptout?hl=en or http://www.google.com/intl/en/analytics/privacyoverview.html (general information on Google Analytics and data protection). We would like to point out that on our Internet pages Google Analytics has been extended by the code “anonymizeIp();” in order to anonymize the IP addresses, whereby the last octet is deleted.

Legal basis for the data processing is your consent according to Article 6(1)(a) of the GDPR.

Google Maps

We use the map service Google Maps for our online offer. Google Maps is a service provided by Google. If you call up a web page of our online offer on which a map is integrated, a connection is established to the Google servers, meaning that Google always additionally receives your IP address as part of the display of the map. For the various services, Google may use cookies which can also be used to evaluate your user behavior. In doing so, the Google server is informed which Internet pages of our online offer you have visited.

If you are logged into your Google account during the page view, you enable Google to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Google account.

In order to comply with data protection regulations, the terms of use for the map service contain data protection provisions that serve to protect you. Google’s terms of use for the map service can be found at https://www.google.com/intl/de_US/help/terms_maps.html, general explanations from Google on data protection can be found at https://policies.google.com/privacy?hl=de&gl=de.

The legal basis for the integration of the map service is Art. 6 (1)(f) of the GDPR; our legitimate interest lies in the provision of map material for your orientation. Our legal basis for setting cookies in connection with the use of Google Maps is your consent pursuant to Art. 6 (1)(a) of the GDPR.

Tableau

For statistical visualisation we use the map service Tableau. This is an offer of Tableau Software LLC, North Edge 1621 N 34th St. Seattle, WA 98103, USA (hereinafter: “Tableau”). If you call up an Internet page of our online offer on which a map provided by Tableau is integrated, a connection is established to the Tableau servers, meaning that Tableau always receives your IP address in this context. Tableau also uses cookies for its service. We have no influence on the further data processing by Tableau. As part of the technical process, personal data may be stored on Tableau servers in the USA. In this context, it cannot be ruled out that US security authorities may gain access to this data. In this respect, the USA does not practice data protection on a level comparable to the EU.

Further information on data protection at Tableau can be found at: https://www.tableau.com/de-de/privacy.

The legal basis for the use of Tableau is your consent according to Art. 6 (1)(a) of the GDPR.

Google reCAPTCHA

In order to protect against misuse of our web forms and spam, we use the reCAPTCHA service of the Google Corporation in the context of some forms on this website. By verifying a manual input, this service prevents automated software (so-called bots) from carrying out harmful activities on the website. The service includes transmittal of the IP address, and possibly other data required by Google for the reCAPTCHA service, to Google. In accordance with Art. 6 (1)(f) of the GDPR, this serves to protect our legitimate interests in the protection of our online offering from misuse and in the trouble-free presentation of our online presence, which in our analysis outweigh any other interests. It cannot be ruled out that data will be transmitted to the USA in this context and that US security authorities may be able to access the data under certain circumstances.

Further information on Google reCAPTCHA and Google’s privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/.

Use of YouTube

Our website contains videos for which we use a plugin from the Google-run site YouTube (“YouTube”). The operator of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland (“Google”).

We use the YouTube service in extended data protection mode to protect your privacy as much as possible. If you call up a web page from our online offer on which a YouTube video is embedded, Google initially only receives the information necessary for linking it, and no cookies are set for usage analysis. Only when you play the embedded video does Google receive further information; in the process, Google may also set cookies to analyze your user behavior. When you play the video, Google’s YouTube servers are told, for example, which page of our online offering you are using to play the video.

If you are logged in to your YouTube account at that time, you allow YouTube to directly associate your browsing behaviour with your personal profile. We therefore recommend that you only play embedded YouTube videos if you agree to the associated data processing by Google. You can prevent the data allocation to your Google profile by logging out of your YouTube account first. For further information on the handling of user data please refer to the Google privacy statement at https://policies.google.com/privacy which also applies to YouTube.

We use YouTube so that we can show you videos and thus better inform you about us and our services. The legal basis for the integration of the videos is our legitimate interest within the meaning of Article 6(1)(f) of the GDPR; the playing of the videos and the associated further data processing, however, only take place on the basis of your consent within the meaning of Article 6(1)(a) of the GDPR.

Communication with us

There are various ways of contacting us, including but not limited to the contact form on our website. In addition, we will be happy to inform you regularly by e-mailing you our newsletter.

Contact form

If you wish to use the contact form of our website, we will collect the personal data that you provide in the contact form, including but not limited to your name and e-mail address. In addition, we record the IP address and the date and time of the enquiry. We process any data transmitted through the contact form exclusively for the purpose of answering your enquiry or reacting to your concern.

It is up to you to decide what information you provide in the contact form. In accordance with Article 6(1)(a) of the GDPR, your consent constitutes the legal basis for processing your data.

After the matter has been dealt with, the data is stored for some time in case you have any further questions. Without prejudice to the relevant legal retention periods, you may request deletion of the data at any time, otherwise the data will be deleted once the matter has been conclusively dealt with.

Newsletter

If you subscribe to our newsletter, we will use your e-mail address for advertising purposes of our own until you unsubscribe from the newsletter. We will regularly send you information by e-mail on current topics as well as e-mails informing you of special occasions such as special offers. Such e-mails may be personalized and individualized on the basis of information we have about you.

Unless you have given us your consent in writing, we use the so-called double opt-in procedure for subscription to our newsletter, i.e. we will send you our newsletter by e-mail only once you have expressly confirmed that you want us to activate transmission of the newsletter. We will then send you a notification e-mail and ask you to confirm, by clicking on one of the links contained in that e-mail, that you wish to receive our newsletter.

If you have explicitly subscribed to our newsletter, your consent constitutes the legal basis for processing of your data in accordance with Article 6(1)(a) of the GDPR. Under the applicable legal provisions, we may send you our newsletter without having obtained your express consent based on the fact that you have ordered certain goods or services from us and we have therefore received your e-mail address and you have not objected to receiving information from us by e-mail. In this case, our legitimate interest in direct mailing constitutes the legal basis in accordance with Article 6(1)(f) of the GDPR.

If you do no longer wish to receive our newsletters, you can revoke your consent at any time with effect for the future and/or object to receiving the newsletter without incurring any costs other than the transmission costs in accordance with the basic tariffs. Simply use the unsubscribe link contained in every newsletter or send a message to us or our data controller.

Rapidmail

We use Rapidmail to send our newsletter. Rapidmail is an offer of rapidmail GmbH, Augustinerplatz 2, 79098 Freiburg i.Br., Germany. (hereinafter: “Rapidmail”). The email addresses of our newsletter recipients, as well as other data processed as part of the newsletter dispatch, are stored on Rapidmail’s servers in Germany. Rapidmail also offers various analysis options regarding the extent to which the newsletters sent are opened and used, e.g. how many users an email was sent to, whether emails were rejected, and whether users unsubscribed from the list after receiving an email. The analyses are performed on a group basis and are not used by us for individual evaluation. Further information on data protection in connection with Rapidmail can be found at: https://www.rapidmail.de/datensicherheit.

Rapidmail uses the information provided and collected to send and evaluate the newsletters on our behalf. We have concluded an order processing agreement with Rapidmail.

The legal basis for the cooperation with Rapidmail is your explicit consent according to Art. 6 (1)(a) of the GDPR.

Social Media

Our website contains links to the social networks Facebook and Instagram, and the short message service Twitter. The links are identified by the logo of their relevant providers.

Clicking on a link opens the relevant social media web pages; this Privacy Statement does not apply to such web pages. For further details on the provisions applicable on such web pages please refer to the relevant privacy statements of each of the providers; you can find them at:

LinkedIn: https://de.linkedin.com/legal/privacy-policy?trk=d_org_guest_company_overview_footer-privacy-policy

Twitter: https://twitter.com/en/privacy

Xing: https://www.xing.com/privacy

FlickR: https://www.flickr.com/help/privacy

YouTube: https://policies.google.com/privacy?hl=de

Instagram: https://help.instagram.com/155833707900388

No personal information is forwarded to the relevant providers before clicking on the links. Calling up the linked website also constitutes the basis for data processing by the relevant website provider.

Integration of FlickR

A plugin from FlickR, a service of Oath (EMEA) Limited, 5-7 Point Square, North Wall Quay, Dublin 1, Ireland, is integrated into our online offering for the display of image and photo material. When the corresponding subpage is called up, a direct connection is established with the Flickr servers. Flickr receives the information that your browser has called up the corresponding page of our online offer, regardless of whether you have an account with Flickr or not. If you have a corresponding account and are logged in, Flickr can directly assign the visit to your Flickr account. If you do not want Flickr to directly associate the data collected via our online offer to your account, you must log out of your Flickr account before visiting our online offer.

As part of the technical process, it is possible that data is stored on Flickr servers in the USA. In this context, it cannot be ruled out that US security authorities gain access to this data. In this respect, the USA does not practice data protection on a level comparable to the EU.

The legal basis for the data processing that takes place is your consent in accordance with Art. 6 (1)(a) of the GDPR. You can revoke your consent at any time with effect for the future.

For more information on data protection at Flickr, please visit: https://policies.oath.com/ie/de/oath/privacy/products/flickr/index.html.

Facebook fan page

In addition to our own online offer, we also operate a fan page on the social network Facebook. Via the fan page we distribute information about our activities and offer a channel for communication.

Delimitation of responsibility

Within the scope of the possibilities provided by Facebook, we try to ensure the protection of your privacy and your private data. Insofar as your personal data is processed by us in connection with your visit to the Fanpage, the explanations in this data protection declaration apply without restriction. Due to the integration of the Fanpage into the Facebook offer, it should also be noted that personal data is processed by Facebook at the same time. We have no influence on the data processing by Facebook; in particular, Facebook does not act as a processor for us under our responsibility. For data processing by Facebook, the guidelines of Facebook apply – at least according to Facebook – which can be found at https://de-de.facebook.com/policy.php.

From a data protection perspective, it can be assumed that Facebook and we are jointly responsible for the operation of the fan page and the evaluation of user data when visiting the fan page. In accordance with the requirements of data protection law, we have reached an internal agreement with Facebook on the delimitation of responsibility. This is a standard agreement provided by Facebook. This can be viewed at https://de-de.facebook.com/legal/terms/page_controller_addendum.

Facebook Insights

Facebook offers the operators of fan pages the possibility of obtaining an overview of the use of the fan page and its users via the Page Insights functions. Via Page Insights, mainly statistical data can be accessed and evaluated. We use the data from Page Insights to make the Fanpage as attractive and efficient as possible. For this purpose, Facebook provides us with data that Facebook itself has generated.

The legal basis for the data processing is our legitimate interest according to Article 6(1)(f) of the GDPR. Our legitimate interest lies in the optimization of our Facebook presence.

Facebook provides further information on the functionality and responsibility for the Page Insights function at https://www.facebook.com/legal/terms/page_controller_addendum.

Facebook Business Manager

We use Facebook Business Manager to manage our social media pages. This management platform is provided by Facebook. This tool is used to establish an authorization concept as part of the management of a fan page. Via the tool, it is also possible to view the success of any advertising campaigns or similar activities as part of an analysis. As part of this technical process, it is possible that data will be transferred to Facebook on servers in the USA. It cannot be ruled out that US security authorities may gain access to this data.

The legal basis for data processing is our legitimate interest according to Article 6(1)(f) of the GDPR. Our legitimate interest lies in the management and optimization of our Facebook presence.

For more information on data protection at Facebook, please visit https://www.facebook.com/about/privacy.

Facebook Messenger

Facebook offers users who are registered with Facebook the possibility of direct communication via Facebook Messenger. If you contact us via Messenger, the transmitted data will be stored and used by us solely for the purpose of responding to your inquiry. The legal basis for the processing of your data is your consent within the meaning of Article 6(1)(a) of the GDPR and our legitimate interest within the meaning of Article 6(1)(f) of the GDPR. Our legitimate interest lies in the recording and processing of customer inquiries, in the evaluation of customer inquiries, as well as in abuse control.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For your personal data, this is the case when the respective conversation has ended. For us, the conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified. The user has the option to revoke his consent to the processing of personal data at any time; in this case, the data will be deleted immediately if there is no basis for further storage.

Further information about Facebook

If you have any questions about our use of personal data in connection with the use of the fan page on Facebook, you are welcome to contact us and our data protection officer at any time. The contact details and communication channels are explained in our privacy policy. Should you have questions regarding data protection on Facebook, we would request that you contact Facebook directly. General information on the secure use of social networks is also provided by the German Federal Office for Information Security (BSI) on its website at https://www.bsi-fuer-buerger.de/BSIFB/DE/DigitaleGesellschaft/SozialeNetze/sozialeNetze_node.html.

Instagram account

In addition to our own online offer and our Facebook fan page, we also operate an account on the social network Instagram. Via the Instagram account, we also provide information about our activities and offer a channel for communication. The social network Instagram is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter: “Facebook”).

Responsibility for data protection

Within the scope of the possibilities provided by Facebook, we try to ensure the protection of your privacy and your private data. Insofar as your personal data is processed by us in connection with your visit to the Instagram account, the explanations in this data protection declaration apply without restriction. Due to the integration of the account into the Facebook offer, it should also be noted that personal data is processed by Facebook at the same time. We have no influence on the data processing by Facebook; in particular, Facebook does not act as a processor for us under our responsibility. For data processing by Facebook, the Facebook guidelines apply – at least according to Facebook – which can be found at https://de-de.facebook.com/help/instagram/519522125107875.

In terms of data protection law, two separate responsibilities – Facebook’s on the one hand, and ours on the other – for the operation of the account on Instagram and the associated communication and evaluation options are to be assumed. Insofar as your personal data is processed by us in connection with your visit to our Instagram presence, and insofar as we alone decide on the purposes and means of this data processing, we are responsible for this data processing. This is usually the case if you communicate directly with us via the “Instagram Direct Messaging” function and thereby transmit your data to us. Insofar as your personal data is processed by Facebook, and Facebook alone decides on the purposes and means of data processing, Facebook alone is responsible for this data processing. This applies in particular to the evaluation of user behavior by Facebook for its own purposes.

Instagram Insights

Facebook offers Instagram account operators the option of obtaining an overview of the use of the account and its users via the “Instagram Insights” function. Via Instagram Insights, mainly statistical data can be accessed and evaluated. We use the data from Instagram Insights to make the Instagram account as attractive and efficient as possible. For this purpose, Facebook provides us with data that Facebook itself has generated on its own responsibility. The data we receive from Facebook is mostly anonymized data and statistics. Insofar as we receive personal data in this context, we are responsible for our own further processing of this data to evaluate the use of our Instagram account.

The legal basis for the data processing is our legitimate interest according to Article 6(1)(f) of the GDPR. Our legitimate interest lies in the optimization of our Instagram presence.

Facebook provides further information on Instagram Insights at https://www.facebook.com/help/instagram/788388387972460.

Instagram Direct Messaging

On Instagram, you have the option of communicating directly with us via the “Instagram Direct Messaging” function. If you contact us via the Instagram Direct Messaging function, the transmitted data will be stored and used by us exclusively for the purpose of responding to your inquiry. The legal basis for the processing of your data is your consent within the meaning of Article 6(1)(a) of the GDPR and our legitimate interest within the meaning of Article 6(1)(f) of the GDPR. Our legitimate interest lies in the recording and processing of customer inquiries, in the evaluation of customer inquiries, and in abuse control.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For your personal data, this is the case when the respective conversation has ended. For us, the conversation is ended when it can be inferred from the circumstances that the facts concerned have been conclusively clarified. You have the option to revoke your consent to the processing of personal data at any time; in this case, the data will be deleted by us immediately if there is no basis for further storage.

Further information on Instagram

If you have any questions about our use of personal data in connection with the use of our Instagram account, please feel free to contact us and our data protection officer at any time. The contact details and communication channels are explained in our privacy policy. Should you have questions regarding data protection on the social network Instagram offered by Facebook, we would request that you contact Facebook directly. We would also like to point out at this point that the German Federal Office for Information Security (BSI) provides general information on the safe use of social networks on its website at https://www.bsi-fuer-buerger.de/BSIFB/DE/DigitaleGesellschaft/SozialeNetze/sozialeNetze_node.html.

Twitter account

In addition to our own website, we also operate an account on the short news service Twitter. The Twitter account provides information about our activities and offers a channel for communication. The short message service Twitter is operated by Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA (hereinafter: “Twitter”).

We point out that you use the Twitter short message service and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. sharing, rating).

Processing of personal data

The data collected about you when using the service is processed by Twitter and, where applicable, transferred to countries outside the European Union. The data processed includes, among other things, your IP address, the app you use, information about the terminal device you use (including device ID and app ID), information about websites you have visited, your location and your mobile phone provider. This data is assigned to the data of your Twitter account. We have no influence on the type and scope of the data processed by Twitter, the type of processing and use or the transfer of this data to third parties. Information on what data is processed by Twitter and for what purposes can be found in Twitter’s data protection statement at https://twitter.com/privacy?lang=de. The option to view your own data can be found at https://help.twitter.com/de/managing-your-account/accessing-your-twitter-data.

We process the data you enter on Twitter, in particular your user name and the content published under your account, insofar as we retweet your tweets if necessary, reply to them, or write tweets from us that refer to your account. The data you freely publish and distribute on Twitter is included by us in this way in our offer and made available to our followers in order to make our channel more attractive.

You have options to restrict the processing of your data in the general settings of your Twitter account and under the item “Privacy and security”. In addition, you can restrict Twitter’s access to contact and calendar data, photos, location data, etc. in the settings options for mobile devices. However, this depends on the operating system used. More information on these points is available on the following Twitter support pages: https://support.twitter.com/articles/105576#.

Twitter Analytics

Twitter offers the operators of Twitter accounts the possibility of obtaining an overview of the use of the account and its users via the “Twitter Analytics” function. Twitter Analytics can be used primarily to call up and evaluate statistical data. We use the data from Twitter Analytics to make the Twitter account as attractive and efficient as possible. For this purpose, Twitter provides us with data that Twitter itself has generated on its own responsibility. The data we receive from Twitter is mostly anonymized data and statistics. If we receive personal data in this context, we are responsible for our further processing of this data to evaluate the use of our Twitter accounts. Twitter provides further information on Twitter Analytics at https://business.twitter.com/de/advertising/analytics.html.

Direct messages

On Twitter, you have the option of communicating directly with us via the “Direct Messages” function. If you contact us via the direct messaging function, the data transmitted will be stored and used by us solely for the purpose of responding to your inquiry. The legal basis for the processing of your data is your consent within the meaning of GDPR Art. 6(1)(a) and our legitimate interest within the meaning of GDPR Art. 6(1)(f). Our legitimate interest lies in the recording and processing of customer inquiries, in the evaluation of customer inquiries and in the control of abuse.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For your personal data, this is the case when the respective conversation has ended. For us, the conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified. You have the option of revoking your consent to the processing of personal data at any time; in this case, the data will be deleted by us immediately if there is no basis for further storage.

Twitter buttons, Twitter widgets

Twitter buttons or Twitter widgets integrated into websites and the use of cookies enable Twitter to record your visits to these websites and assign them to your Twitter account. The information generated by the cookies is transferred to a Twitter server and stored there. It cannot be ruled out that data is transmitted to the USA and that government agencies may be able to access this data. Based on the data collected by the cookies, content or advertising can be offered tailored to you. Information on this and the available setting options can be found at https://help.twitter.com/de/using-twitter/tailored-suggestions and https://help.twitter.com/de/rules-and-policies/twitter-cookies.

Further information on Twitter

If you have any questions about our use of personal data in connection with the use of our Twitter accounts, please feel free to contact us and our data protection officer at any time. The contact details and communication channels are explained in our privacy policy. Insofar as you have questions regarding data protection at Twitter, we would ask you to contact Twitter directly.

Your rights; contact

We are strongly committed to explaining how we process personal data and to inform you about your rights as transparently as possible. If you want more detailed information or wish to exercise your rights, you can contact us at any time so that we can take care of your concerns.

Rights of persons concerned

You have extensive rights with respect to the processing of your personal data. First of all, you have an extensive right to information and under certain circumstances may demand correction and/or deletion or blocking of your personal data. You can also demand restriction of processing and you have a right of objection. You also have a right to data portability with a view to personal data that you have transmitted to us.

If you wish to assert any of your rights and/or want more detailed information concerning your rights, please contact our customer service. Alternatively, you may contact our data protection officer.

Revocation of consent and objection

You may at any time revoke your consent with future effect. Revocation of the consent does not affect the legality of any processing performed on the basis of such consent given up until the revocation thereof. In such cases as well, please contact our customer service and/or our data protection officer.

Insofar as the processing of your personal data is not based on consent given by you but on another legal basis, you can object to the data processing. Your objection will lead to a review and, if necessary, to termination of the data processing. You will be informed of the outcome of the review and – if the data processing is to be continued nonetheless – you will receive further information from us on why the data processing is admissible.

Data protection officer; contact

We have appointed an external data protection officer who supports us in data protection issues and who you can contact directly. If you have questions regarding our handling of personal data or if you require other information on data protection issues, please do not hesitate to contact our Data Protection Officer and his team:

RA Dr. Sebastian Meyer, LL.M.
c/o BRANDI Rechtsanwälte

Adenauerplatz 1, 33602 Bielefeld
Phone: 0521 / 96535-812
E-mail: datenschutz@che.de

Complaints

If you are of the opinion that the processing of your personal data does not comply with this Privacy Statement or the applicable data protection provisions, you have the right to file a complaint with a supervisory authority. You can file a complaint with our data protection officer. Our data protection officer will review the matter and inform you of the outcome of the review.

Further information; amendments

Links to other websites

Our online service may contain links to other websites. Generally, these links are identified as such. We cannot control to what extent linked websites comply with the applicable data protection provisions. We therefore recommend that for other providers’ data protection statements, you refer to the information given on their respective websites.

Amendments of this Privacy Statement

Any revision of this Privacy Statement is identified by the date specified (see below). We reserve the right to amend this Privacy Statement at any time with effect for the future. Amendments will be made, among other things, in case of technical adjustments of the website or changes of the data protection laws. The Privacy Statement as amended from time to time is always made available directly through our website. We recommend obtaining information on any changes of this Privacy Statement on a regular basis.

This Privacy Statement was last revised in: September 2021