We use cookies to optimize your user experience on our website. There are cookies that are essential for the operation of the website and others for anonymous statistics collection. There are also cookies that are offered by external media, such as Meta or our donation tool. Please note that - depending on your settings - some functions may not be available. Further details on the cookies used can be found in the respective categories.

Data privacy

The protection of your personal data is important to us. Below you will find comprehensive information on how we process your personal data when you use our website.

If you have any questions about how we handle your personal data, please do not hesitate to contact us at kontakt@clubkinder.de.

1. Person responsible for data processing + data protection

The controller within the meaning of the General Data Protection Regulation (GDPR) is

clubkinder e.V.

Fruchtallee 19a

20259 Hamburg

Phone: +49 1520 9368595

E-mail: kontakt@clubkinder.de

Contact options for data protection inquiries: kontakt@clubkinder.de

2. Processing of data when accessing our website

When you access our website, we only collect the personal data that your browser transmits to our server.

This is the following (log file) data, which is technically necessary to display our website to you and to ensure its stability and security:

- IP address

- Date and time of the server request

- Time zone difference to Greenwich Mean Time (GMT)

- Content of the request (specific website accessed)

- Access status/HTTP status code

- Website from which the request comes / referrer URL

- Browser type, language and browser version

- Operating system used and its interface

Translated with DeepL.com (free version)

The legal basis for this data processing is Art. 6 para. 1 lit. f GDPR. Insofar as absolutely necessary access to information stored in the user's terminal equipment takes place, the legal basis is also § 25 para. 2 no. 2 TDDDG. The legitimate interest lies in the flawless presentation of our website and ensuring the stability and security of our website.

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, the user has no option to object.

The data is deleted as soon as it is no longer required for the purpose for which it was collected. This is usually the case after one month at the latest.

In order to detect systemic problems on websites, it makes sense to store logs for more than 7 days. Errors often only occur sporadically and are therefore not recognizable in short periods of time. The same applies to optimizing performance and security: bots or crawlers that negatively affect our website often return at longer intervals. Within 30 days, we can classify them as either problematic or non-problematic.

3. Cookies

Our website uses so-called cookies. What are cookies? Cookies are data that are stored on your computer by a website that you visit and enable your browser to be reassigned. Cookies are used to transmit information to the site that sets the cookie. Cookies can store various information, such as your language setting, the duration of your visit to our website or the entries you make there. This prevents you from having to re-enter required form data each time you use the website, for example. The information stored in cookies can also be used to recognize preferences and target content according to areas of interest.

There are different types of cookies:

- Session cookies are data sets that are only temporarily stored in the working memory and are deleted when you close your browser.

- Permanent or persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. With this type of cookie, the information can also be stored in text files on your computer. However, you can also delete these cookies at any time via your browser settings.

First-party cookies are set by the website you are currently visiting. Only this website may read information from these cookies. Third-party cookies are set by organizations that are not operators of the website you are visiting. These cookies are used by marketing companies, for example. You can find more information about the cookies used on this website in our cookie consent tool, which can be found in the footer under “Cookies”.

The legal basis for the use of cookies is your consent in accordance with Section 25 (1) TDDDG, Art. 6 (1) sentence 1 lit. a) GDPR. If the use of cookies is deemed absolutely necessary, this is done on the basis of Section 25 (2) TDDDG and further data processing in accordance with Art. 6 (1) c) or f) GDPR.

4. Matomo

Our website uses the open source web analysis service Matomo, a service of “InnoCraft Ltd”, a company based in 7 Waterloo Quay, PO625 Wellington, New Zealand. As InnoCraft is based outside the EU, InnoCraft has appointed a representative in the EU: ePrivacy Holding GmbH, Große Bleichen 21, 20354 Hamburg, Germany (privacy@innocraft.com).

We use the data collected by Matomo for the statistical analysis of user behavior for the purpose of optimizing the functionality and stability of the website and for marketing purposes. Our interest in and purpose of data processing lies in the optimization of our website, the adaptation of content and the improvement of our offer.

Matomo uses cookies that make it possible to analyze the use of the website. For this purpose, the usage information collected in the cookie (including your shortened IP address) is transmitted to the Matomo server located in the EU and stored for usage analysis purposes. Matomo does not transmit any data to servers that are outside our control. Your IP address is immediately anonymized during this process so that you as a user are not identifiable to us. The information collected about your use of this website is not passed on to third parties.

We only store the analysis data for as long as required for the purpose of data processing, but for a maximum of 15 months. Information on the duration of storage by Matomo can be obtained from the provider or at https://matomo.org/privacy.

You can prevent the setting of (individual or all) cookies by selecting the appropriate settings on your browser; however, in this case you may not be able to use all functions of this website to their full extent. If you do not agree to the storage and analysis of your usage data from your visit to our website, you can also prevent Matomo from collecting this data at any time by clicking on the following link. An opt-out cookie will then be set via your browser, which means that Matomo will not collect any session data. Please note: If you delete your cookies, the opt-out cookie will also be deleted and must be set again by you.

The legal basis for this data processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR, as well as § 25 para. 2 TDDDG. You can revoke your consent at any time with effect for the future by accessing the cookie settings in our Consent Management Platform and changing your selection there.

5. Instagram

Our website also uses social plugins (“plugins”) from Instagram (operator: Meta Platforms, Inc., 1601 Willow Road, Menlo Park California 94025, USA. The entity responsible for handling data subject rights within the EU/EEA is Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland).

When you access a page of our website that contains such a plugin, your browser establishes a direct connection to Instagram's servers. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has accessed the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is transmitted directly from your browser to an Instagram server in the USA and stored there.

If you are logged in to Instagram, Instagram can directly associate your visit to our website with your Instagram account. If you interact with the plugins, for example by clicking on them, this information is also transmitted directly to an Instagram server and stored there. The information is also published on your Instagram account and displayed there to your contacts.

The legal basis for the use of Instagram plugins is your consent in accordance with Art. 6 (1) (a) GDPR and Section 25 (2) TDDDG.

If you do not want Instagram to assign the data collected via our website directly to your Instagram account, you must log out of Instagram before visiting our website.

You can find more information on this in Instagram's privacy policy:

https://www.instagram.com/legal/privacy/

Where data is processed outside the EU/EEA, Meta Platforms, Inc. is certified under the Data Privacy Framework (DPF) program and is included in the Data Privacy Framework list of the International Trade Administration (ITA). This means that Meta Platforms, Inc. has publicly committed to complying with the DPF obligations and that any data transfer to the USA is harmless based on the current adequacy decision of the European Commission of July 10, 2023.

6. Request by e-mail or telephone

If you send us an inquiry by email, we will use the data you provide to process and respond to your request.

You provide this data on a voluntary basis and it is processed to answer your request with your consent in accordance with Art. 6 para. 1 lit. a GDPR.

If the data you provide relates to communication channels (e.g. email address or telephone number), you also consent to us contacting you via this communication channel in order to respond to your request. You can revoke this consent at any time for the future.

The legal basis for this data processing is Art. 6 para. 1 lit. b in the case of pre- or contractual relationships and/or otherwise lit. f GDPR.

If you contact us by telephone, your connection data (telephone number, date, time, waiting time, call time) will be transmitted to us. We reserve the right to store this information if you provide us with topic preferences, suggestions, ideas for improvement or criticism during the conversation.

Our interest in this processing lies in the continuous improvement of our work. You can object to this processing at any time.

We base this processing on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.

We will delete your data that we have received in the course of contacting you as soon as it is no longer required to achieve the purpose for which it was collected, i.e. your request has been fully processed and no further communication with you is required or requested by you.

7. Use of our online donation form

If you make a donation, the address and payment details you provide in the donation form will be used by us to carry out the transaction and to manage the donation relationship.

The provision of your personal data as part of the donation is voluntary, but necessary for the execution of the donation. Your data is processed as part of the processing of the donation in accordance with Art. 6 para. 1 lit. b GDPR for the fulfillment of a contract.

Further contact for information on the use of the donation or sending appeals for donations is based on our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.

Our donation form is provided by the “FundraisingBox” (operator: Wikando GmbH, Schießgrabenstr. 32, 86150 Augsburg).

The transmission of your data entered in the donation form to Wikando GmbH takes place in order to process your donation in accordance with Art. 6 para. 1 lit. b GDPR.

The data you enter in the donation form is collected securely using sandbox technology. Your data will only be processed by Wikando GmbH in secure, certified data centers in Germany as part of order processing in accordance with Art. 28 GDPR and transmitted to us via a secure connection using current data encryption methods.

The respective payment service providers also receive your payment data for payment processing directly using this encrypted connection. The legal basis for this data processing is Art. 6 para. 1 lit. b for the pre-contractual/contractual relationship and lit. f GDPR.

Current information about the security procedure used and data processing can be found here: https://www.fundraisingbox.com/security/.

Donate via credit card

If you donate by credit card (e.g. VISA, Mastercard, American Express), your credit card details are sent to the payment service provider via 256-bit SSL encryption. The accuracy of the card data is compared with the respective credit card company and the creditworthiness and validity are checked. The legal basis for this data processing is Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. b GDPR (processing for the performance of a contract).

We do not receive your credit card details and are only informed about the successful payment.

Donate via PayPal

If you donate via PayPal, you will be forwarded directly to the PayPal website after submitting the donation form, where you can complete the donation in the usual way.

When donating or paying via PayPal, your payment data will be forwarded to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg, as part of the payment processing. If you select this payment method, your required payment data will be transmitted to PayPal. The transmission of your data to PayPal is based on Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. b GDPR (processing for the performance of a contract). You can withdraw your previously given consent at any time; data processing operations carried out in the past remain effective if you withdraw your consent.

PayPal reserves the right to carry out a credit check for the payment methods credit card via PayPal, direct debit via PayPal or - if offered - “purchase on account” or “payment by installments” via PayPal. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 para. 1 lit. f GDPR on the basis of PayPal's legitimate interest in determining your solvency. PayPal uses the result of the credit check with regard to the statistical probability of non-payment for the purpose of deciding on the provision of the respective payment method. The credit report may contain probability values (so-called score values). If score values are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical procedure. The calculation of the score values includes, but is not limited to, address data.

Further data protection information, including information on the credit agencies used, can be found in PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for contractual payment processing.

We do not receive your account data and are only informed about the successful payment.

8. Your rights

You have the following rights vis-à-vis us with regard to your personal data:

You have the right to

- information,

- Correction of incorrect data,

- erasure,

- restriction of the processing of personal data,

- objection to the processing and

- data portability.

You can also object to the processing of personal data for advertising purposes, including the analysis of customer data for advertising purposes, at any time without giving reasons. If data processing is based on your consent, you have the right to withdraw this consent with effect for the future. The easiest way to exercise your rights is to contact kontakt@clubkinder.de.

You also have the right to complain to a competent data protection supervisory authority about the processing of your personal data by us.

Rights in data processing based on legitimate interest

In accordance with Art. 21 para. 1 GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 para. 1 lit. e GDPR (data processing in the public interest) or on Art. 6 para. 1 lit. f GDPR (data processing to safeguard a legitimate interest); this also applies to profiling based on this provision.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.

Rights in the case of direct advertising

If we process your personal data for direct marketing purposes, you have the right under Art. 21 (2) GDPR to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

If you object to processing for the purposes of direct marketing, we will no longer process your personal data for these purposes.

9. Data security

We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological progress.

For example, our online donation form is accessed via an encrypted SSL connection and your data is transmitted via this connection. Your data is encrypted on the way from your computer to us and can only be read again on our server. A security certificate confirms authenticity.

We must point out that, due to the structure of the Internet, unwanted access to data by third parties can occur. It is therefore also your responsibility to protect your data against misuse through encryption or in some other way. Without appropriate protective measures, unencrypted data in particular can be read by third parties, even if it is sent by e-mail.

10. data transfer and intended data transfer to a third country or an international organization

Your data will not be transferred to third parties unless we are legally obliged to do so, or the transfer of data is necessary for the performance of the contractual relationship, or you have previously expressly consented to the transfer of your data.

External service providers and partner companies, such as online payment providers or a shipping company commissioned with the delivery, will only receive your data if this is necessary to process your order. In these cases, however, the scope of the transmitted data is limited to the necessary minimum. Insofar as our service providers process your personal data on our behalf, we ensure that they comply with the provisions of the data protection laws in the same way as part of order processing in accordance with Art. 28 GDPR. Please also note the data protection notices of the respective providers. The respective service provider is responsible for the content of external services, whereby we check the services for compliance with the legal requirements within the scope of reasonableness.

We attach great importance to processing your data within the EU/EEA. However, we may use service providers who process data outside the EU/EEA. In these cases, we ensure that an appropriate level of data protection comparable to the standards within the EU is established at the recipient before your personal data is transferred. This can be achieved, for example, by means of EU standard contracts or binding corporate rules or special agreements to which the company may be subject.

11. links to websites of other providers

Our websites may contain links to websites of other providers that are not covered by this privacy policy. Insofar as the collection, processing or use of personal data is associated with the use of the websites of other providers, please refer to the data protection information of the respective providers.

12. changes to the privacy policy

We reserve the right to amend this data protection declaration at any time in compliance with the applicable data protection regulations.