Data Protection Policy

1. Collection and storage of personal data when visiting the website and the nature and purpose of their use

The website Bürgerhaus BüHa gGmbH is hosted by Strato AG in Germany. This deployment only collects statistical, anonymous traffic. 

Every time a user accesses a page from Bürgerhaus BüHa gGmbH’s offer and every time a file is called up, statistical data about this process are stored in a log file [so-called “Bürgerhaus BüHa gGmbH”). Log files]. These data are not personal. It can not be understood which user has retrieved which data. 

The following information is collected without your intervention and stored until automated deletion:

  • IP address of the requesting computer
  • the page from which the file was requested
  • the name of the retrieved file
  • the date and time of the request
  • the amount of data transferred
  • the access status
  • Type description of the web browser used

The data mentioned are processed by us or by the provider for the following purposes:

  • Ensuring a smooth connection setup of our websites
  • Ensuring comfortable use of our websites
  • Evaluation of system security and stability

Data processing takes place on the basis of Art. 6 para. 1 sentence 1, f DSGVO. The legitimate interest follows from the data collection purposes listed above. In no case we use the collected data for the purpose of drawing conclusions about you.

1.2. SSL encryption, data security

We use encryption methods for the data transmission of your data via SSL [Secure Sockets Layer] over HTTPS [Hypertext Transfer Protocol Secure] according to the current state of the art.

1.3. cookies

This website does not use permanent cookies. Similarly, other techniques are used that serve to understand the access behavior of users can. 

Explanation: Many websites use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies are used to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and stored by your browser. Most commonly used cookies are called “session cookies”. They are automatically deleted after the visit. Other cookies remain stored on your device until you delete them. These cookies generally allow you to recognize your browser the next time you visit it. You can set your browser to that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies in certain cases or in general, and activate the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of some websites.

1.4. Analysis tools and social media plug-ins

This website does not use any analysis tools or social media plug-ins. 

Explanation: Many other websites use analysis tools such as Google Analytics. Google Analytics uses the cookies mentioned above. These are text files that are stored on your computer and allow an analysis of the use of the website by the site operator. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. 

Some other websites use social media plug-ins, such as the Facebook plug-in (like button). When you visit such other sites, the plugin establishes a direct connection between your browser and the Facebook server. Facebook receives the information that you have visited the corresponding page with your IP address.

1.5. Affected rights [right to information, correction, deletion, etc.]

The website of our site Bürgerhaus BüHa gGmbH is created according to the principle of data economy. We deliberately refrain from any technologies that could track user behavior. 

You have the following rights under the GDPR:

  • Right to information – Art. 15 GDPR 
    The right of access gives the data subject comprehensive insight into the data that will be used for him and some other important criteria, such as the processing purposes or the duration of the storage. The exceptions to this right governed by § 34 BDSG apply.
  • Right to rectification – Art. 16 GDPR 
    The right of correction includes the possibility for the data subject to have his or her false personal data corrected.
  • Right to cancellation – Art. 17 DSGVO 
    The right to delete includes the possibility for the data subject to have their data deleted. However, this is only possible if the person-related personal data are no longer necessary, are processed unlawfully or a consent has been revoked. The exceptions to this right governed by § 35 BDSG apply.
  • Right to Restrict Processing – Art. 18 GDPR 
    The right to restrict processing includes the possibility for the data subject to prevent the further processing of his or her personal data for the time being. A limitation occurs above all in the examination phase of other rights perceived by the person concerned.
  • Right to Restrict Processing – Art. 18 GDPR 
    The right to restrict processing includes the possibility for the data subject to prevent the further processing of his or her personal data for the time being. A limitation occurs above all in the examination phase of other rights perceived by the person concerned.
  • Right to Data Transferability – Art. 20 GDPR 
    The right to data portability includes the possibility for the data subject to receive the personal data that he / she wants in a standard, machine-readable format from the person responsible, in order to have it forwarded to another person responsible if necessary. According to Article 20 (3) sentence 2 DSGVO, however, this right is not available if data processing serves the purpose of performing public duties. This is not the case with BfDI if the processing of personal data is for fiscal purposes.
  • Right to objection – Art. 21 GDPR 
    The right of opposition includes the possibility for data subjects to object in a particular situation to the further processing of their personal data, insofar as this is justified by the performance of public duties or public and private interests. The law does not apply in accordance with § 36 BDSG if a public body is obliged by law to process. This is the case at BfDI through Art. 57 DSGVO.

1.6. Disclosure of data

A transfer of your personal data to third parties for purposes other than those listed below generally does not take place. 

We only share your personal information with third parties if:

  • You have given your express consent in accordance with Art. 6 para. 1 sentence 1, a DSGVO
  • the disclosure pursuant to Art. 6 para. 1 sentence 1, f DSGVO is required for the assertion, exercise or defense of legal claims and there is no reason to believe that you
  • have a predominantly legitimate interest in not disclosing your data,
  • in the event that there is a legal obligation to disclose pursuant to Art. 6 para. 1 sentence 1, c DSGVO

1.7. Updating and changing this privacy policy

This privacy policy of Bürgerhaus BüHa gGmbH’s internet offer is currently valid and has the processing status May 2018. 

Due to the further development of our website or due to changed legal or regulatory requirements, it may be necessary to modify this privacy policy.

2. Data collection in the context of the prospective customer / supplier relationship

Dear Customers, Interested Parties and Suppliers, 

in the course of the EU General Data Protection Regulation (EU-GDPR), new data protection obligations are imposed on us as the person responsible for the processing of personal data. According to Art. 13 EU-GDPR, we inform you about the following points:

2.1. Purposes of processing your personal data

  • Answering inquiries
  • contract management
  • Customer Service
  • Supplier management
  • Compliance with legal requirements (eg KitaFöG, SGB VIII etc.)

2.2. Legal basis for the processing of your data

  • EU-GDPR Art. 6 (1) a) allows us to process your data based on your consent for specific purposes.
  • EU-DSGVO Art. 6 (1) b) covers the data processing required for the performance of a contract and for pre-contractual measures.
  • EU-DSGVO Art. 6 (1) c) allows us to process your data on the basis of a legal obligation, eg retention obligations under financial and tax law.
  • Art. 6 (1) f) EU-DSGVO allows us to process your personal data if we or a third party has legitimate interests in this processing and does not conflict with your interests, fundamental rights or fundamental freedoms, eg: 
    – Advertising 
    – Video surveillance as our house right 
    – Avoidance of damage and / or liability of the company through appropriate measures 
    – Assertion, exercise or defense of legal claims

2.3. Duration of data storage

General : After elimination of the purpose of the data processing and expiry of the statutory retention periods, your personal data will be deleted. Usually there are 6 or 10-year storage requirements for companies. 

Special storage duration for:

  • Video recordings max. 72 hours

If the storage is based on your consent, we will delete your personal data if you revoke your consent.

2.4. Recipient of your personal data

At our company , only employees will have access to the extent required to access the personal information they need to perform their job. All employees are committed to confidentiality and privacy. 

Used service providers may receive your data for the purposes described if they meet the confidentiality requirements. These can be, for example, companies in the categories: Land Berlin (Senate, district), IT services, printing and mailing services, data destruction. These service providers are so-called AV service providers (processors), who are particularly contractually bound by legal requirements. 

Banking / Finance service 

Public agencies, eg tax offices receive your personal data only if legally. Obligations exist.

2.5. Your privacy rights

They have the right to information under Article 15 of the EU GDPR, the right of correction under Article 16 of the EU GDPR, the right to a cancellation under Article 17 EU GDPR, the right to restriction of processing under Article 18 EU GDPR and the law to appeal from Article 21 EU GDPR. In addition, you have a right of appeal to a data protection supervisory authority under Article 77 EU GDPR.