Principles of data processing at the casayohana Foundation
You came to this page via a link because you want to find out about our handling of (your) personal data. To our information obligations according to the Article 12 ff. In accordance with the General Data Protection Regulation (GDPR), we are happy to present our data protection information to you below.
Who is responsible for data processing?
Responsible in the sense of data protection law is the
underthe administration of smt StitungsManagement & Treuhandgesellschaft mbH
You can find more information about our foundation, information about the persons entitled to represent and also other contact options in the imprint of our website: https://www.casayohana.org/impressum
What data will be collected and processed? And for what purposes?
If we have received data from you, we will process it in principle only for the purposes for which we have obtained or collected it.
Data processing for other purposes can only be considered if the required legal requirements in this regard are in accordance with Article 6 (6). 4 GDPR. Any information obligations under Article 13 (13). 3 GDPR and Article 14 (14). 4 We will, of course, pay attention to GDPR in this case.
What is the legal basis for this?
The legal basis for the processing of personal data is, in principle, – unless there is still specific legislation – Article 6 of the GDPR. Here are the following possibilities in particular:
- Consent (Article 6 (1) lit. a) GDPR)
- Data processing to fulfil contracts (Article 6 (1) lit. b) GDPR
- Data processing based on a balance of interests (Article 6 (1) lit. f) GDPR)
- Data processing to comply with a legal obligation (Article 6 (1) lit. c) GDPR)
If personal data is processed by you on the basis of your consent, you have the right to revokeyour consent at any time with effect for the future towards us.
If we process data on the basis of a balance of interests , you as a concerned party have the right to object to the processing of the personal data, taking into account the requirements of Article 21 of the GDPR.
How long is the data stored?
We process the data as long as this is necessary for the specific purpose.
To the extent that there are legal retention obligations – e.g. in commercial law or tax law – the personal data in question are stored for the duration of the retention obligation. Once the retention obligation has expired, it will be checked whether there is a further requirement for processing. If a requirement is no longer required, the data will be deleted.
In principle, we carry out an examination of data towards the end of a calendar year with a view to the need for further processing. Due to the amount of data, this review is carried out with regard to specific types of data or the purposes of processing.
Of course, you can request information at any time (see below) about the data stored with us about yourself and, in the event of a non-existence of requirements, you can request that the data be deleted or the processing is restricted.
Which recipients will the data be passed on to?
In principle, the disclosure of your personal data to third parties will only take place if this is necessary for the implementation of the contract with you, the disclosure on the basis of a balance of interests. in the meaning of. Article 6 ( 1 Lit. (F) GDPR is permitted, we are legally obliged to disclose it or you have given consent to this respect.
Data collection on the website
Basically, every website uses session cookies, including ours. Session cookies temporarily stored during the internet connnection and are deleted when the browser is closed. This type of cookie does not store information about the user, but only serves to control, such as before and back navogation in the browser.
When you visit our website Your IP IP address will be captured and stored in the log files. This IP address will be used by our web hoster (Strato) to detect and defend against attacks and stored for a maximum of seven days .
Google Universal Analytics
Google Web Fonts
This page uses so called Web Fonts provided by Google to provide a uniform representation of fonts. When you call a page, your browser loads the required web fonts into your browser cache to display text and fonts correctly.
For this purpose, the browser you are using must connect to the Google servers. This informs Google that our website has been accessed via your IP address. The use of Google Web Fonts happens due to the interest of an uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of article 6 para. 1 lit. F DSGVO.
If your browser does not support Web Fonts, a standard font is used by your computer.
Your rights as “affected” person
You have the right to get information about your personal data we process.
In the case of an information request that is not made in writing, we ask for your understanding that we may then require evidence from you that proves that you are the person you are claiming to be.
You also have the right to correct or delete or to restrict processing, as far as you are legally entitled to do so.
You also have the right to object to the processing within the framework of the legal requirements. The same applies to a right to data portability.
In particular, you have the right to object under Article 21 (21). 1 and 2 GDPR against the processing of your data in connection with direct mail if it is based on a balance of interests.
Our Data Protection Officer
In our foundation, due to the requirements of Articles 37 GDPR and paragraph 38 BDSG (new), we do not need a data protection officer and have not named one. That means, of course, not that we don’t care about data protection, on the contrary. Therefore, we would like to give you the opportunity to contact us with questions about data protection at:
The right to complain
You have the right to complain about the processing of personal data by us to a data protection watchdog.