Privacy Policy

Privacy Policy Declaration

Responsibility

AT-Verband
Waldburgstraße 96
D-70563 Stuttgart

Phone: +49 (0) 711-7355282
Fax: +49 (0) 711-7355280
E-Mail: info@at-verband.de
Internet: www.at-verband.de
Authorized Representative Chairman: Dieter Steinbach, Registered Association (e.V.) Register of Associations: VR4586

Types of data processed

- Inventory data (e.g. names, addresses).
- Contact data (e.g. e-mail, telephone numbers).
- Content data (e.g. text entries, photographs, videos).
- Usage data (e.g. websites visited, interest in content, access times).
- Meta/communication data (e.g. device information, IP addresses).

Categories of persons concerned

Visitors and users of the website (in the following we will refer to the persons concerned in the following as "users").

Purpose of the processing

- Provision of the online offer, its functions and contents.
- Answering of contact requests and communication with users.
- Security measures.
- Measurement of the outreach.

Terminology used

"Personal data" are any information relating to an identified or identifiable natural person ( hereinafter referred to as "concerned person" ); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. a cookie) or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

"Processing" means any operation or set of operations which is performed upon personal data, whether or not by automatic means. The term is broad and covers virtually all processing of data.

"Pseudonymisation" shall mean the processing of personal data in such a way that the personal data cannot be related to a specific data subject without the use of supplementary information, provided that this supplementary information is kept separate and is subject to technical and organisational measures ensuring that the personal data is not related to an identified or identifiable natural person.

"Profiling" shall mean any automated processing of personal data consisting in using such personal data to evaluate certain personal aspects relating to a natural person, in particular in order to analyse or predict aspects relating to the performance of work, economic situation, health, personal preferences, interests, reliability, conduct, location or change of location of that natural person.

The term " responsible person " shall mean the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.

"Processor" shall mean any natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

In accordance with Art. 13 DSGVO, we inform you of the legal basis of our data processing. If the legal basis is not stated in the data protection declaration, the following applies: The legal basis for obtaining consents is Art. 6 Para. 1 lit. a and Art. 7 DSGVO, the legal basis for processing for the purpose of fulfilling our services and implementing contractual measures and answering enquiries is Art. 6 Para. 1 lit. b DSGVO, the legal basis for processing for the purpose of fulfilling our legal obligations is Art. 6 Para. 1 lit. c DSGVO, and the legal basis for processing for the purpose of safeguarding our legitimate interests is Art. 6 Para. 1 lit. f DSGVO. In the event that vital interests of the concerned person or another natural person require the processing of personal data, Article 6 paragraph 1 lit. d DSGVO serves as the legal basis.

Security measures

In accordance with Art. 32 DSGVO and taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the varying probability of occurrence and severity of the risk to the rights and freedoms of natural persons, we take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk.

Such measures shall include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical access to data, as well as access, input, disclosure, safeguarding of availability and segregation of data relating to them. Furthermore, we have established procedures to ensure that data subjects' rights are exercised, data is deleted, and we respond to data threats. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and through data protection-friendly default settings (Art. 25 DSGVO).

Cooperation with contract processors and third parties

If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transfer it to them or otherwise grant them access to the data, this will only be done on the basis of a legal authorisation (e.g. if the data must be transferred to third parties, such as payment service providers, in accordance with Art. 6 Para. 1 letter b DSGVO for the fulfilment of the contract), if you have given your consent, if a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosters, etc.).

If we commission third parties to process data on the basis of a so-called "contract processing agreement", this is done on the basis of Art. 28 DSGVO.

Transfers to third countries

If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done in the context of using the services of third parties or disclosure or transfer of data to third parties, this will only take place if it is done to fulfil our (pre-)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we will only process or transfer data to a third country if the special requirements of Art. 44 ff. DSGVO. In other words, processing is carried out, for example, on the basis of special guarantees, such as the officially recognised determination of a level of data protection corresponding to that of the EU (e.g. for the USA through the "Privacy Shield") or compliance with officially recognised special contractual obligations (so-called "standard contractual clauses").

Rights of persons concerned

You have the right to request confirmation whether or not data in question is being processed and to obtain information about this data and to receive further information and a copy of the data in accordance with Art. 15 DSGVO.

You have accordingly. Art. 16 DPA, the right to request the completion of data concerning you or the correction of incorrect data concerning you.

Under Art. 17 DSGVO, you have the right to demand that data concerning you be deleted immediately, or alternatively, under Art. 18 DSGVO, to demand that the processing of the data be restricted.

You have the right to request that the data concerning you which you have made available to us be preserved in accordance with Art. 20 DSGVO and to demand that it be passed on to other responsible parties.

You also have the right to submit a complaint to the competent supervisory authority in accordance with Art. 77 DSGVO.

Right of withdrawal

You have the right to revoke consents granted in accordance with Art. 7 Para. 3 DSGVO with effect for the future.

Right of objection

You can object to the future processing of data concerning you at any time in accordance with Art. 21 DSGVO. In particular, you may object to processing for the purposes of direct advertising.

Cookies and right of objection for direct mail

Cookies" are small files that are stored on the user's computer. Different information can be stored within the cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after his visit to an online offer. Temporary cookies, or "session cookies" or "transient cookies", are cookies that are deleted after a user leaves an online offer and closes his browser. In such a cookie, for example, the contents of a shopping cart in an online shop or a login status can be stored. Cookies are described as "permanent" or "persistent" if they remain stored even after the browser is closed. For example, the login status can be saved if the user visits it after several days. Likewise, the interests of the users can be stored in such a cookie, which are used for range measurement or marketing purposes. Third-party cookies" are cookies that are offered by providers other than the person responsible for operating the online service (otherwise, if they are only the cookies of this person, they are called "first-party cookies").

We may use temporary and permanent cookies and provide information about this in our privacy policy.

If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional limitations of this online offer.

A general objection to the use of cookies used for online marketing purposes can be declared for a large number of services, especially in the case of tracking, via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be achieved by deactivating them in the browser settings. Please note that not all functions of this online offer can be used then.

Deletion of data

The data processed by us will be deleted or restricted in their processing in accordance with articles 17 and 18 DSGVO. Unless expressly stated within the scope of this data protection declaration, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory storage obligations. If the data are not deleted because they are required for other and legally permissible purposes, their processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.

According to the legal requirements in Germany, the storage takes place in particular for 10 years according to §§ 147 Para. 1 AO, 257 Para. 1 nos. 1 and 4, para. 4 HGB (books, records, management reports, accounting vouchers, commercial books, documents relevant for taxation, etc.) and 6 years according to § 257 Para. 1 nos. 2 and 3, Para. 4 HGB (commercial letters).

In accordance with legal requirements in Austria, the retention is in particular for 7 J in accordance with § 132 Para. 1 BAO (accounting documents, vouchers/invoices, accounts, vouchers, commercial documents, statement of income and expenditure, etc.), for 22 years in connection with real estate and for 10 years for documents in connection with electronically provided services, telecommunications, radio and television services which are provided to non-entrepreneurs in EU member states and for which the Mini-One-Stop-Shop (MOSS) is used.

Provision of our services in accordance with the articles of association an business

We process the data of our members, supporters, interested parties, customers or other persons in accordance with Art. 6 Para. 1 lit. b. DSGVO, insofar as we offer contractual services to them or act within the framework of existing business relationships, e.g. to members, or are ourselves recipients of services and benefits. Otherwise, we process the data of data subjects in accordance with Art. 6 Paragraph 1 lit. f. DSGVO on the basis of our legitimate interests, e.g. if it concerns administrative tasks or public relations work.

The data processed, the type, scope and purpose of such processing and the necessity of processing them are determined by the underlying contractual relationship. This basically includes inventory and master data of the persons (e.g. name, address, etc.), as well as contact data (e.g. e-mail address, telephone, etc.), contractual data (e.g. services used, contents and information provided, names of contact persons) and, if we offer services or products subject to payment, payment data (e.g. bank details, payment history, etc.).

We delete data that is no longer required for the provision of our statutory and business purposes. This is determined according to the respective tasks and contractual relationships. In the case of business processing, we retain the data for as long as they may be relevant to the business transaction and also with regard to any warranty or liability obligations. The necessity of storing the data is reviewed every three years; otherwise the statutory storage obligations apply.

Contact

When contacting us (e.g. via contact form, e-mail, telephone or social media), the user's details are processed for the purpose of handling the contact request and its processing in accordance with Art. 6 Para. 1 lit. b) DSGVO. The user's details may be stored in a customer relationship management system ("CRM system") or comparable enquiry organisation.

We delete the enquiries if they are no longer required. We review the necessity every two years; furthermore, the statutory archiving obligations apply.

This website uses cookies. By using this website, you accept the use of cookies. Data Privacy Information