Data protection policy
Please note that this is only a translation. Only the German original is binding.
The following privacy policy applies to the use of our blog https://reflections.news (hereinafter “Website”).
We attach great importance to privacy. The collection and processing of your personal data is carried out in compliance with the applicable data protection regulations, in particular the General Data Protection Regulation (DSGVO).
1 Responsible
Responsible for the collection, processing and use of your personal data within the meaning of Art. 4 No. 7 GDPR
Reflections on Family History Affected by Nazi Crimes
c / o Neuengamme Concentration Camp Memorial
Jean Dolidier Route 75
21039 Hamburg
info@reflections.news
Editor-in-chief: Swenja Granzow-Rauwald
For the circle of sponsors and publishers: Barbara Hartje, chairwoman of the Friends of Neuengamme Concentration Camp Memorial e.V., and Christine Eckel, Secretary General of the Amicale International KZ Neuengamme (address coincides with the address of the website)
If you wish to object to the collection, processing or use of your data by us in accordance with this Privacy Policy as a whole or for individual measures, you can address your objection to the person responsible.
You can save and print this privacy policy at any time: Data protection Reflections Blog
2 General purposes of processing
We use personal information for the purpose of operating the website, including sending a newsletter and creating user statistics.
3 What data we use and why
3.1 Hosting
The hosting services we use to provide the following services: infrastructure and platform services, computing capacity, storage and database services, security and technical maintenance services we use to operate the site.
In doing so, we or our hosting provider processes inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this website based on our legitimate interests in an efficient and secure provision of our website. Art. 6 para. 1 p. 1 f) DSGVO i.V.m. Art. 28 GDPR.
3.1.1 Access data
We collect information about you when you use this website. We automatically collect information about your usage and interaction with us and register information about your computer or mobile device. We collect, store and use data about every access to our website (so-called server log files). Access data includes:
– Name and URL of the retrieved file
– Date and time of retrieval
– transferred amount of data
– message about successful retrieval (HTTP response code)
– Browser type and browser version
– operating system
– Referer URL (i.e. the previously visited page)
– Websites accessed by the user’s system through our website
– Internet service provider of the user
– IP address and the requesting provider
We use this log data without assignment to you or other profiling for statistical evaluations for the purpose of operation, security and optimization of our website, but also for the anonymous recording of the number of visitors to our website (traffic) and the extent and nature of Use of our website and services, as well as for billing purposes, to measure the number of clicks received from cooperation partners. Based on this information, we can provide personalized and location-based content, analyze traffic, troubleshoot and improve our services.
This is also our legitimate interest in accordance with Article 6 paragraph 1 p. 1 f) GDPR.
We reserve the right to retrospectively review the log data if, on the basis of concrete evidence, there is a legitimate suspicion of unlawful use. We store IP addresses in the logfiles for a limited period of time, if this is necessary for security purposes or for the provision of services or the billing of a service, eg. Eg if you use one of our offers. After termination of the order process or after receipt of payment, we will delete the IP address if it is no longer required for security purposes. We store IP addresses even if we have a specific suspicion of a crime in connection with the use of our website. In addition, as part of your account, we save the date of your last visit (for example, when registering, logging in, clicking links, etc.). 1.1 cookies
We use so-called session cookies to optimize our website. A session cookie is a small text file that is sent by the respective servers when visiting a website and stored on your hard disk. As such, this file contains a so-called session ID, with which various requests from your browser can be assigned to the shared session. This will allow your computer to be recognized when you return to our website. These cookies are deleted after you close your browser. They serve z. For example, you can use the shopping cart feature across multiple pages.
We also use a small amount of persistent cookies (also small text files stored on your device) that remain on your device and allow us to recognize your browser the next time you visit it. These cookies are stored on your hard drive and delete themselves after the given time. Their lifespan is 1 month to 10 years. This will enable us to present our offer in a more user-friendly, effective and secure way, and to show you, for example, information tailored to your interests on the page.
Our legitimate interest in the use of cookies in accordance with Article 6 para. 1 sentence 1 f) of the DSGVO is to make our website more user-friendly, effective and secure.
The cookies store about the following data and information:
– log-in information
– Language settings
– entered search terms
– Information about the number of visits to our website and use of individual features of our website.
If the cookie is activated, it will be assigned an identification number and no assignment of your personal data to this identification number will be made. Your name, IP address or similar data that would allow the cookie to be associated with you will not be included in the cookie. Based on the cookie technology, we only receive pseudonymous information, for example, which pages of our shop were visited, which products were viewed, etc.
You can set your browser so that you are informed in advance about the setting of cookies and can decide on a case-by-case basis whether you exclude the acceptance of cookies for specific cases or in general, or that cookies are completely prevented. This may limit the functionality of the website.
3.1.2 Data to fulfill our contractual obligations
We process personal data that we need to fulfill our contractual obligations, e.g. Name, address and e-mail address.
The deletion of the data takes place after expiry of the warranty periods and legal retention periods. Any data associated with a user account (see below) will in any case be retained for the time this account is maintained.
The legal basis for the processing of this data is Art. 6 (1) sentence 1 b) GDPR, because this data is needed so that we can fulfill our contractual obligations to you.
3.1.4 Newsletter and Provider MailChimp
To subscribe to the newsletter you will need the data requested in the registration process. The registration for the newsletter will be logged. After logging in, you will receive a message on the specified email address requesting confirmation of your registration (“Double Opt-in”). This is necessary so that third parties can not register with their email address. You can always revoke your consent to receive the newsletter and thus unsubscribe from the newsletter.
To send the newsletter, we use MailChimp, an offer from Rocket Science Group, LLC, 675 Ponce De Leon Ave NE # 5000, Atlanta, GA 30308, USA.
We save the registration details as long as they are needed for sending the newsletter. The logging of the application and the shipping address are stored as long as there was an interest in the proof of the originally given consent, as a rule, these are the limitation periods for civil claims, thus a maximum of three years.
The e-mail addresses of our newsletter recipients, as well as their other data described in the context of these notes, are also stored on the servers of MailChimp in the USA. MailChimp uses this information to send and evaluate the newsletters on our behalf. Furthermore, MailChimp may use this information for the purpose of optimizing or improving its own services. MailChimp will not use your information to contact you or share your information with third parties. More information on how to handle your data can be found on the MailChimp website.
MailChimp is certified under the US-EU privacy shield “Privacy Shield” and is committed to complying with EU data protection requirements. Furthermore, we have concluded a data processing agreement with MailChimp. This is a contract in which MailChimp pledges to protect the data of our users, to process it in accordance with its privacy policy on our behalf and, in particular, not to disclose it to third parties. You can view the privacy policy of MailChimp here: https://mailchimp.com/legal/privacy/?_ga=2.255169352.1178802661.1527063847-1583040711.1518177965.
Please note that the provider MailChimp, whose services we use to send this newsletter, tracks the success of a newsletter by measuring whether the newsletter was opened and whether links were clicked. This tracking information is linked to an individual e-mail address. By continuing to use the newsletter, you agree with these terms. If you don’t agree with this kind of tracking, but would like to be informed about new articles, send us an e-mail at info@reflections.news.
3.1.4.1 Login Information
To subscribe to the newsletter, it is sufficient to enter your e-mail address.
Further details are voluntary and serve to personalize the newsletter.
Legal basis for sending the newsletter is your consent acc. Art. 6 (1) sentence 1 a) in conjunction with Art. 7 DSGVO in conjunction with § 7 (2) no. 3 UWG. Legal basis for logging the application is our legitimate interest in proving that the shipment was made with your consent.
You can cancel the registration at any time, without incurring any costs other than the transmission costs according to the basic rates. A textual message to the contact details referred to in point 1 (eg e-mail, fax, letter) is sufficient. Of course, you will also find in every newsletter an unsubscribe link. At the same time, your consent to sending it via MailChimp and the statistical analyzes expire. A separate revocation of the dispatch via MailChimp or the statistical evaluation is unfortunately not possible.
Source: Sören Siebert (imprint generator of erecht24)
In order to make our newsletter interesting for you, we statistically record which links the users have clicked in the newsletter. By registering, you agree to this statistical record.
The statistical survey with the aim of improvement also includes call sites (which can be determined with the help of the IP address), access times, as well as whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. But it’s not about observing newsletter subscribers. The aim is to present contents that are of interest to readers in an appealing way
3.1.4.2 Online call and data management
In some circumstances, we will redirect you to the MailChimp site – for example, the newsletter has a link in case of display problems. You also have the opportunity to change your user data online. If you want to read the privacy policy of MailChimp, this can only be done online.
We have no control over the collection of data when visiting the MailChimp website. Cookies are used on the website. The personal data collected with it can be shared with service providers such as Google Analytics. For more information, see the privacy policy of MailChimp. However, you have the option to object to the data collection.
Here are two related links for the European area: http://www.aboutads.info/choices/ and http://www.youronlinechoices.com/.
3.1.5 E-Mail contact
When you contact us (eg via contact form or e-mail), we process your details for the processing of the request as well as for the case that follow-up questions arise.
If the data processing takes place for the execution of pre-contractual measures, which take place upon your request, or, if you are already our customer, for the execution of the contract, the legal basis for this data processing is Art. 6 para. 1 p. 1 b) DSGVO.
We process further personal data only if you consent to it (Article 6 (1) sentence 1 a) GDPR) or we have a legitimate interest in the processing of your data (Article 6 (1) sentence 1 f) GDPR) , A legitimate interest lies z. For example, responding to your email.
3.1.6 Use of the comment function
If you use the comment function, cookies will only be set if you agree to the storage of data such as name, e-mail, etc.
4 WordPress.com Stats
We use WordPress.com Stats, an analysis service provided by Automattic Inc.
60 29th Street # 343, San Francisco, CA 94110.
WordPress.com Stats uses so-called “cookies”, text files that are stored on your computer and that allow an analysis of your use of the website. This company uses tracking technology from Quantcast Inc., 201 3rd St, Floor 2, San Francisco, CA 94103-3153, USA. The information generated by the cookie about the use of this website by the site visitors are usually transmitted to a server in the US and stored there.
This is also our legitimate interest in accordance with Article 6 paragraph 1 p. 1 f) GDPR.
Your IP address will be anonymized before it is saved. You can prevent the installation of cookies by setting your browser software accordingly. In addition, you may object to the collection and use of the information by Quantcast with effect for the future by editing your preferences at https://www.quantcast.com/opt-out/.
Source: Pattern by lawyer Thomas Schwenke (pattern Schwenke).
If you delete the cookies on your computer, you must set the opt-out cookie again.
5 Google Webfonts
On this page so-called Google Web Font s are used for a better display .To display texts corresponding to the user of the page, web fonts are loaded in their browser cache.Your browser will connect to Google and inform Google at the same time that your IP address has contacted our website. The uniform presentation of our content is a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. In the case of non-support, a standard font is used.
For information about how Google may use your information, please visit: Google Privacy Policy: https://policies.google.com/privacy?hl=en .
6 Wordfence Security
With the software Wordfence Security this site is protected against viruses etc.The provider for this is Defiant, 800 5th Ave Ste 4100, Seattle, WA 98104, USA ( https://www.defiant.com/ ). Here you will find information about the cookies set by Wordfence: https://www.wordfence.com/help/general-data-protection-regulation/
Defiant stores IP addresses, among other things, to block IP addresses or set them to a so-called “white list” of trusted IP addresses.Securing the website and its users is a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.
For details, see the privacy policy of the plugin: https://www.wordfence.com/privacy-policy/
For the blog, a contract processing contract was concluded with Defiant.
7 Storage
Unless specifically stated, we store personal data only as long as necessary to fulfill the purposes pursued.
In some cases, the legislator provides for the retention of personal data, for example in tax or commercial law. In these cases, the data will be stored by us only for these legal purposes, but not otherwise processed and deleted after expiration of the statutory retention period.
8 Your rights as data controller
Under applicable law, you have various rights to your personal information. If you would like to assert these rights, please send your request by e-mail or by post with a clear identification of your person to the address specified in section 1.
Below is an overview of your rights.
8.1 Right to confirmation and information
You have the right to clear information about the processing of your personal data.
In detail:
You have the right at any time to obtain confirmation from us as to whether personal data relating to you is being processed. If this is the case, you have the right to ask us for free information about your personal data stored together with a copy of this data. Furthermore, there is a right to the following information:
1. the processing purposes;
2. the categories of personal data being processed;
3. the recipients or categories of recipients to whom the personal data have been disclosed or are still being disclosed, in particular to recipients in third countries or to international organizations;
4. if possible, the planned duration for which the personal data are stored or, if this is not possible, the criteria for determining that duration;
5. the right of rectification or erasure of personal data concerning you or restriction of processing by the controller or a right to object to such processing;
6. the existence of a right of appeal to a supervisory authority;
7. if the personal data is not collected from you, all available information about the source of the data;
8. the existence of automated decision-making including profiling in accordance with Art. 22 (1) and (4) GDPR and – at least in these cases – meaningful information about the logic involved, as well as the implications and intended effects of such processing for you.
If personal data are transmitted to a third country or to an international organization, you have the right to be informed about the appropriate guarantees under Art. 46 GDPR in connection with the transfer.
8.2 Right to rectification
You have the right to demand that we correct and, if necessary, complete your personal data.
In detail:
You have the right to demand immediate correction of incorrect personal data concerning you. Taking into account the purposes of processing, you have the right to request the completion of incomplete personal data, including by means of a supplementary statement. Recht auf Datenübertragbarkeit
8.3 Right to be deleted (“Right to be forgotten”)
In a number of cases, we are required to delete your personal information.
In detail:
According to Art. 17 (1) GDPR, you have the right to ask us to delete your personal data without delay and we are obliged to delete your personal data immediately if one of the following reasons applies:
1. The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
2. They revoke their consent on which the processing was based in accordance with Article 6 (1) sentence 1 a) GDPR or Article 9 (2) (a) GDPR and there is no other legal basis for the processing.
3. In accordance with Art. 21 para. 1 DSGVO, you object to the processing and there are no prior justifiable reasons for the processing, or you object to the processing according to Art. 21 (2) GDPR.
4. The personal data were processed unlawfully.
5. The deletion of personal data is required to fulfill a legal obligation under Union or national law to which we are subject.
6. The personal data were collected in relation to information society services offered pursuant to Art. 8 (1) GDPR.
If we have made the personal data publicly available and if we are obliged to delete it in accordance with Art. 17 (1) GDPR, we shall take appropriate measures, including technical ones, for data controllers who are responsible for the personal data, taking into account the available technology and the implementation costs Process Data, informing you that you have requested deletion of any links to such personal information or copies or replications of such Personal Information.
8.4 Right to restriction of processing
In a number of cases, you may request that we restrict the processing of your personal information.
In detail:
You have the right to require us to restrict processing if any of the following conditions apply:
1. The accuracy of your personal information is contested by you for a period of time that allows us to verify the accuracy of your personal information.
2. the processing is unlawful and you have objected to the deletion of personal data and have instead requested the restriction of the use of personal data;
3. we no longer need your personal data for the purposes of processing, but you need the data to assert, exercise or defend your rights, or
4. You have objected to the processing according to Art. 21 (1) GDPR, as long as it is not certain that the justified reasons of our company outweigh yours.
You have the right to receive, transmit or transmit any personal data relating to you in a machine-readable manner.
In detail:
You have the right to receive the personal information you provide to us in a structured, common and machine-readable format, and you have the right to submit that information to another person without hindrance, provided that
1) a) GDPR or Article 9 (2) (a) GDPR or a contract pursuant to Article 6 (1) (b) of the GDPR; and 1. the processing is based on a consent pursuant to Art. 6 para
2. the processing is done using automated procedures.
In exercising your right to data portability in accordance with paragraph 1, you have the right to obtain that the personal data are transmitted directly by us to another person responsible, as far as this is technically feasible.
8.5 Right to Objection to Processing of Personal data
You have the right to object to the lawful processing of your personal data by us if this is based on your particular situation and if our interests in processing do not prevail.
In detail:
You have the right to object at any time to the processing of personal data concerning you pursuant to Article 6 (1) sentence 1 (e) or (f) GDPR for reasons arising from your particular situation; this also applies to profiling based on these provisions. We no longer process personal information, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purposes of asserting, exercising or defending legal claims.
If personal data are processed by us in order to operate direct mail, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct mail.
You have the right, for reasons arising from your particular situation, to object to the processing of personal data concerning you for scientific or historical research purposes or for statistical purposes under Article 89 (1) of the GDPR Unless the processing is necessary to fulfill a public interest task.
8.6 Automated decisions including profiling
You have the right not to be subjected to a decision based solely on automated processing – including profiling – that will have legal effect or similarly affect you in a similar manner.
There is no automated decision-making based on personal data collected.
8.7 Right to revoke a data protection consent
You have the right to revoke your consent to the processing of personal data at any time.
8.8 Right to complain to a supervisory authority
You have the right to complain to a supervisory authority, in particular in the Member State of your place of residence, your place of work or the place of the alleged infringement, if you believe that the processing of your personal data is unlawful.
9 Data Security
We make every effort to ensure the security of your data within the framework of applicable data protection laws and technical possibilities.
Your personal data will be transmitted encrypted with us. This applies to your orders and also to the customer login. We use the SSL (Secure Socket Layer) coding system, but point out that data transmission over the Internet (for example, when communicating by e-mail) may have security vulnerabilities. A complete protection of the data from access by third parties is not possible.
To safeguard your data, we maintain technical and organizational security measures in accordance with Art. 32 DSGVO, which we always adapt to state-of-the-art technology.
We also do not warrant that our offer will be available at specific times; Disturbances, interruptions or failures can not be excluded. The servers we use are regularly backed up carefully.
10 Transfer of data to third parties, no data transfer to non-EU countries
Basically, we only use your personal data within our company.
If and to the extent that we engage third parties in the performance of contracts (such as logistics service providers), they will only receive personal data to the extent that the transmission is required for the corresponding service.
In the event that we outsource certain parts of the data processing (“order processing”), we contractually obligate processors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the data subject’s rights.
Data transmission to agencies or persons outside the EU outside of the case referred to in paragraph 4 does not take place and is not planned.
NB: Only the German version of the Data Protection policy is valid.