Privacy policy

Principles of data processing at the casayohana Foundation

You came to this page via a link because you want to find out about our handling of (your) personal data. To our information obligations according to the Article 12 ff. In accordance with the General Data Protection Regulation (GDPR), we are happy to present our data protection information to you below.

 

Who is responsible for data processing?

Responsible in the sense of data protection law is the

Foundation casayohana
underthe administration of smt StitungsManagement & Treuhandgesellschaft mbH
Rundfunkplatz 2
80335 Munich

You can find more information about our foundation, information about the persons entitled to represent and also other contact options in the imprint of our website: https://www.casayohana.org/impressum

 

What data will be collected and processed? And for what purposes?

If we have received data from you, we will process it in principle only for the purposes for which we have obtained or collected it.

Data processing for other purposes can only be considered if the required legal requirements in this regard are in accordance with Article 6 (6). 4 GDPR. Any information obligations under Article 13 (13). 3 GDPR and Article 14 (14). 4 We will, of course, pay attention to GDPR in this case.

 

What is the legal basis for this?

The legal basis for the processing of personal data is, in principle, – unless there is still specific legislation – Article 6 of the GDPR. Here are the following possibilities in particular:

  • Consent (Article 6 (1) lit. a) GDPR)
  • Data processing to fulfil contracts (Article 6 (1) lit. b) GDPR
  • Data processing based on a balance of interests (Article 6 (1) lit. f) GDPR)
  • Data processing to comply with a legal obligation (Article 6 (1) lit. c) GDPR)

If personal data is processed by you on the basis of your consent, you have the right to revokeyour consent at any time with effect for the future towards us.

If we process data on the basis of a balance of interests , you as a concerned party have the right to object to the processing of the personal data, taking into account the requirements of Article 21 of the GDPR.

 

How long is the data stored?

We process the data as long as this is necessary for the specific purpose.

To the extent that there are legal retention obligations – e.g. in commercial law or tax law – the personal data in question are stored for the duration of the retention obligation. Once the retention obligation has expired, it will be checked whether there is a further requirement for processing. If a requirement is no longer required, the data will be deleted.

In principle, we carry out an examination of data towards the end of a calendar year with a view to the need for further processing. Due to the amount of data, this review is carried out with regard to specific types of data or the purposes of processing.

Of course, you can request information at any time (see below) about the data stored with us about yourself and, in the event of a non-existence of requirements, you can request that the data be deleted or the processing is restricted.

 

Which recipients will the data be passed on to?

In principle, the disclosure of your personal data to third parties will only take place if this is necessary for the implementation of the contract with you, the disclosure on the basis of a balance of interests. in the meaning of. Article 6 ( 1 Lit. (F) GDPR is permitted, we are legally obliged to disclose it or you have given consent to this respect.

 

Data collection on the website

Cookies

Basically, every website uses session cookies, including ours. Session cookies temporarily stored during the internet connnection and are deleted when the browser is closed. This type of cookie does not store information about the user, but only serves to control, such as before and back navogation in the browser.

Server-Log-Files

When you visit our website Your IP IP address will be captured and stored in the log files. This IP address will be used by our web hoster (Strato) to detect and defend against attacks and stored for a maximum of seven days .

Google Universal Analytics

Based on our eligible interests (i.e., interest in the analysis and optimization of our operation and our online offer within the meaning of Art. 6 (1) lit. DSGVO), Google Analytics uses a web analytics service provided by Google LLC (“Google”). Google uses Cookies. The information generated by the cookie about the use of the online offer by the users are usually transmitted to a Google server in the USA and stored there. Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with further services related to the use of this online offer and the internet usage. In this case, pseudonymous usage profiles of the users can be created from the processed data. We use Google Analytics in the version as “Universal Analytics.” “Universal Analytics” means a process of Google Analytics, in which the user analysis is based on a pseudonymous user ID and thus a pseudonymous profile of the user is created with information from the use of different devices (so-called “cross-device tracking”) , We use Google Analytics with activated IP anonymization only. This means that the IP address of the users will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases the full IP address will be sent to a Google server in the US and shortened there. The IP address submitted by the user’s browser will not be merged with other data provided by Google. Users can prevent the storage of cookies by setting their browser software accordingly; Users may also prevent the collection by Google of the data generated by the cookie and related to their use of the online offers and the processing of such data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de. We also offer you the possibility to disable the collection of your website usage data for this website by clicking on the following link: Disable data by Google Analytics for this website. In this case, a special opt-out cookie is set that prevents the future collection of your usage data when you visit this website.
For more information about Google’s data usage, hiring and disparaging options, please read Google’s Privacy Policy (https://policies.google.com/technologies/ads) as well as in the settings for the display of advertising impressions by Google (https://adssettings.google.com/authenticated). The personal data of the users will be deleted or anonymised after 14 months. The legal basis for this is Article 6 (6). 1 lit f GDPR.

Google Web Fonts

This page uses so called Web Fonts provided by Google to provide a uniform representation of fonts. When you call a page, your browser loads the required web fonts into your browser cache to display text and fonts correctly.

For this purpose, the browser you are using must connect to the Google servers. This informs Google that our website has been accessed via your IP address. The use of Google Web Fonts happens due to the interest of an uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of article 6 para. 1 lit. F DSGVO.

If your browser does not support Web Fonts, a standard font is used by your computer.

For more information about Google Web Fonts, visit https://developers.google.com/fonts/faq and Google’s privacy policy: https://policies.google.com/privacy?hl=de.

Your rights as “affected” person

You have the right to get information about your personal data we process.

In the case of an information request that is not made in writing, we ask for your understanding that we may then require evidence from you that proves that you are the person you are claiming to be.

You also have the right to correct or delete or to restrict processing, as far as you are legally entitled to do so.

You also have the right to object to the processing within the framework of the legal requirements. The same applies to a right to data portability.

In particular, you have the right to object under Article 21 (21). 1 and 2 GDPR against the processing of your data in connection with direct mail if it is based on a balance of interests.

 

Our Data Protection Officer

In our foundation, due to the requirements of Articles 37 GDPR and paragraph 38 BDSG (new), we do not need a data protection officer and have not named one. That means, of course, not that we don’t care about data protection, on the contrary. Therefore, we would like to give you the opportunity to contact us with questions about data protection at:

Email: datenschutz@casayohana.org

 

The right to complain

You have the right to complain about the processing of personal data by us to a data protection watchdog.

Status: 04.11.2018