Terms of Use

1) Preamble

The following paragraphs establish what data will be processed, when, for what purpose, and on what legal basis. We explain how our offered services work and how we ensure the protection of your personal data. 

All definitions refer to the General Data Protection Regulation (GDPR).

In accordance with Art. 4(1) of the GDPR, personal data mean any information relating to an identified or identifiable natural person. An identifiable person is a natural person who can be identified, either directly or indirectly.

You have the right to object pursuant to Art. 21 of the GDPR, insofar as we state our legitimate right or a legitimate right of a third party (Art. 6(1) point (f) of the GDPR) to be the legal basis for the processing of personal data:

Pursuant to Art. 21 of the GDPR you are entitled to object to the processing of personal data at any time. We will then no longer use your personal data for purposes of direct marketing or the associated profiling. 

Upon your objection we will no longer use your personal data for other purposes, unless we can demonstrate compelling legitimate grounds for the processing that override your interests or for the establishment, exercise or defence of legal claims (see Art. 21(1) of the GDPR on your “restricted right to object”). In this case you must provide grounds for the objection that result from your special situation. 

You can also object to the processing of your personal data on grounds relating to your special situation where those personal data are processed for scientific or historical research purposes or statistical purposes in accordance with Art. 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest (see Art. 21(6) of the GDPR).

This data privacy statement aims to provide a complete overview of the data processing and therefore contains several links to information and privacy policies on external websites (see also section “Social Networks and External Links” of this data privacy statement). We attempt to keep the links in this data privacy statement up-to-date. However, we cannot guarantee that all links work properly due to continuous updates of those websites. If you notice an invalid link, please let us know so that we can insert the correct link.

2) Controller

Rosa-Luxemburg-Stiftung

Gesellschaftsanalyse und politische Bildung e.V.

Office in Greece

Kallidromiou 17

106 80 Athens, Greece

Phone: (+30) 210 3617769

E-mail: [email protected]

Internet: www.rosalux.gr 

is the controller for the processing of personal data within the meaning of Art. 4(7) of the GDPR.

Authorized representative of the board of directors: 

Dr. Florian Weis (Executive Member of the Board of Directors of the Rosa Luxemburg Stiftung)

3) Contact person for data privacy issues

Contact our data protection officer for questions regarding the processing of your personal data and your data protection rights:

kpp-group GmbH

Berliner Str. 112a

13189 Berlin, Germany

Phone: (+49-30) 2067-3720

E-mail: [email protected]

4) Data Subject Rights

You have the following rights:

  • Right of access (Art. 15 of the GDPR)
  • Right to rectification (Art. 16 of the GDPR)
  • Right to erasure (Art. 17 of the GDPR)
  • Right to restriction of processing (Art. 18 et seq. of the GDPR)
  • Right to data portability (Art. 20 of the GDPR)
  • Right to object (Art. 21 of the GDPR)

For related queries send an e-mail to [email protected] . Please note that we have to ensure that you are indeed the data subject making the request. 

Without prejudice to any other administrative or judicial redress, you are also entitled to appeal to the data protection supervisory authority.

There is no automated decision making on our website. 

5) Data Security

We use technical and organisational measures in order to protect our website and other systems against loss, destruction, access, modification, or distribution of your data by unauthorized persons. However, despite regular checking, we cannot guarantee complete protection against all risks.

6) General Information: Provision of our Statutory and Contractual Services

We process the data of our members, supporters, interested parties, customers and other persons in accordance with Art. 6(1) point (b) of the GDPR, if we offer contractual services or act through our business relationships, such as with members, or if we receive services or benefits. In addition, we process data of data subjects in accordance with Art. 6(1) point (f) of the GDPR on the basis of our legitimate interests, e.g. for administrative tasks or public relations.

The data concerned, the nature, scope and purpose, and the requirement of the processing depend on the contractual relationship (e.g. event registration). This includes the persons’ inventory and master data (e.g. name, address etc.) and contact data (e.g. e-mail address, phone etc.), contractual data (e.g. services used, content and information provided, names of contacts) and – if we provide payable services or products – payment data (e.g. bank details, payment history etc.).

We delete data that are no longer required for the provision of statutory and contractual purposes. This is determined by the respective tasks and contractual relationships. In the case of business-related processing, we retain any relevant data for as long as it is necessary to process our business transactions or with regard to any warranty or liability obligations. The requirement to retain data will be reviewed every three years. In addition, the statutory data retention obligations apply.

Server log files

Every time you access our website your device’s system will automatically collect data and information that are stored in server log files. These data are information that refers to an identified or identifiable natural person (the website user in this case). Every time you access our website, your browser automatically transfers the data to our website. These data include the following information: 

  •  The time you accessed our website (request to the host provider’s server),
  •  URL of the website from which you accessed our website,
  •  Your operating system,
  •  Type and version of the browser you use,
  •  Your computer’s IP address.

The purpose of this processing is to enable you to access our website with your device and to correctly display our website on your device or your browser. The data also serve to optimise our website and ensure system security. We will not evaluate those data for marketing purposes. 

The legal basis for the processing is Art. 6(1) point (f) of the GDPR. We have a legitimate interest in optimising our website for your server and enabling communications between our server and your device. To ensure the latter, the processing of your IP address is required in particular. 

The processed information will be stored only as long as it is necessary for the intended purpose or as legally required.

The data recipient is our server host, who carries out the data processing on our behalf.

The provision of personal data is not mandatory, neither legally nor contractually, and is also not required to conclude contracts. You are also not obliged to provide personal data. However, if you do not provide your personal data you will not be able to use our website, or at least not in its entirety, as a result.

Cookies

Our website uses cookies. A cookie is a text file that is stored on your device in order to make the use of a website more user-friendly. Cookies may store information and settings on a website so that you do not need to re-enter them every time you use the website. Cookies contain a cookie ID, which allows for the assignment of the device on which the cookie is stored. We use the following cookies:

  •  Cookies that contain a randomly generated, specific identification number that enables your identification or identification of your device whilst you visit our website. These cookies will be automatically deleted at the end of your visit.
  •  Cookies that contain a randomly generated, specific identification number that enables your identification or identification of your device on our website. These cookies will be automatically deleted after one year.

The purpose of the processing is to make your use of our website more user-friendly and allow you to store your settings.

The legal basis for the processing is Art. 6(1) point (f) of the GDPR. We have a legitimate interest in providing a website that saves your personal settings and facilitates your visit to our website.

 

 

Right to Object

You have the right to object. You can restrict the placement of cookies or completely disable them in your browser settings. You can also configure automatic deletion of cookies when you close the browser window. 

Here you find more information on how to delete cookies in the most commonly used browsers and how to change cookie settings:

Google Chrome: Website

Mozilla Firefox: Website

Apple Safari: Website

Microsoft Internet Explorer: Website

Microsoft Edge: Website

The provision of personal data is not mandatory, neither legally nor contractually, and is also not required to conclude contracts. You are also not obliged to provide personal data. However, if you do not provide your personal data you may not be able to use our website, or at least not in its entirety, as a result.

Other services we use also use cookies. We expressly refer to the use of cookies in the individual services. 

Transfers to third countries

If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done when we use third-party services or for the disclosure or transfer of data to third parties, this is done only if required for the fulfillment of our (pre)contractual duties, on the basis of your approval, a legal duty or our legitimate interests. Subject to legal or contractual permissions, we process data or have data processed in a third country only if the special requirements of Art. 44 et seqq. of the GDPR are met. Accordingly the data are only processed on the basis of special guarantees, such as the officially recognized establishment of a data protection level that corresponds to EU requirements (e.g. the Privacy Shield for the US) or the observance of officially recognized contractual obligations (“standard contractual clauses”).

7) Privacy Policy for Applications

We only process applicant data in line with statutory requirements for the purpose and within the framework of the application procedure. Applicant data are processed to fulfill our (pre)contractual obligations within the framework of the application procedure within the meaning of Art. 6(1) points (b) and (f) if the data processing is required, for example, as part of legal procedures (Sec. 26 of the German Federal Data Protection Act applies in addition in Germany).

The application procedure requires applicants to provide us with applicant data. Mandatory applicant data are highlighted, provided that we use an online survey or are otherwise included in job postings. In general, they include personal details, mailing address and contact data as well as documents associated with the application such as the cover letter, curriculum vitae and certificates/letters of recommendation. Applicants can also send us additional information on a voluntary basis. 

By sending us an application, applicants agree to the processing of their data for the purpose of the application procedure according to the manner and scope stipulated in this data privacy statement.

If during the application procedure, special categories of data personal data within the meaning of Art. 9(1) of the GDPR are provided voluntarily, they can be processed only in accordance with Art. 9(2) point (b) of the GDPR (e.g. health data, severe disability or ethnic background).

If during the application procedure, special categories of data personal data within the meaning of Art. 9(1) of the GDPR are provided voluntarily, they can be processed only in accordance with Art. 9(2) point (a) of the GDPR (e.g. health data if they are necessary for the job).

Applicants can send us their applications using the online form on our website. The data will be encrypted using the latest technology and transferred to us.

Applicants can also send us their applications by email. However, we note that e-mails are generally not encrypted and applicants must provide the encryption themselves. We are not responsible for the transfer of the application from the sender to our server and therefore recommend using the online form or regular mail. Applicants can still send us their application by mail, in addition to the application using the online form and e-mail.

We may further process the data provided by successful applicants for the purpose of the employment relationship. If an application is not successful we will delete the applicant data. We will also delete applicant data in case of the revocation of the application, to which applicants are entitled at any time. 

Subject to a justified revocation received from the applicant, data will be deleted after the end of a period of six months so that we are able to respond to any follow-up questions of the application and fulfil our burden of proof under the German Equal Treatment Act (Gleichbehandlungsgesetz). Travel reimbursement receipts will be stored according to tax specifications.

8) Information on Google Services

 

We use different services of Google, Inc. (“Google”), 1600 Amphitheatre Parkway, Mountain View, CA 94043, US, on our website. 

Please find more information about the individual specific services of Google that are used on this website further below.

Since we include Google services, Google might collect and process information (including personal data). It cannot be excluded that Google also transfers this information to a server in a third country.

As stated in Google’s Privacy Shield certification (at https://www.privacyshield.gov/list under the search term “Google”), Google has committed to observe the EU–US Privacy Shield Framework and the Swiss–US Privacy Shield Framework on the collection, use and storage of personal data from EU member states and Switzerland, respectively. Google, including Google, LLC and its wholly owned subsidiaries in the US, have declared with its certification that they will observe the Privacy Shield principles. You will find more information at https://www.google.de/policies/privacy/frameworks/.

We cannot influence what data Google actually collects and processes. However, Google states that it may process the following information (including personal data):

  • Log data (in particular the IP address)
  • Location-related data
  • Unique application numbers
  • Cookies and similar technologies 

If you have logged in to your Google account, Google – depending on your account settings – can add the processed information to your account and treat them as personal data, see in particular https://www.google.com/policies/privacy/partners/.  

Google states the following:

“We may link personal data from a service to information and personal data from other Google services. This simplifies sharing of content with friends and acquaintances, for example. According to your account settings, your activities on other websites and in apps may be linked to your personal data to improve Google services and advertisements shown by Google.” (https://www.google.com/intl/de/policies/privacy/index.html)

You can avoid having these data added by logging out from your Google account or making the necessary settings in your Google account. You can also prevent the storing of cookies – if Google places them – by making the necessary settings in your browser. However, we note that you may not be able to fully use all functions of this website in this case.

For more information on deleting cookies in the most common browsers, refer here:

For detailed information, please refer to Google’s privacy policy at https://www.google.com/policies/privacy/.

For information regarding Google’s privacy settings please refer to https://privacy.google.com/take-control.html.

9) Use of YouTube

We use YouTube videos and YouTube plug-ins on our website. YouTube is a service of YouTube, LLC (“YouTube”), 901 Cherry Ave., San Bruno, CA 94066, US, and is provided by YouTube. YouTube, LLC is a subsidiary of Google, Inc. (“Google”), 1600 Amphitheatre Parkway, Mountain View, CA 94043, US.

We have integrated YouTube by embedding the service on our website using iframe tags. If an iframe tag is loaded, YouTube or Google may collect and process information (including personal data). We cannot exclude that YouTube or Google will transfer the information to a server in a third country. 

Refer to section 9 of this data privacy statement (“Information about Google Services”) for more information regarding Google’s Privacy Shield certification and other relevant data about data processing by Google as part of your use of Google services.

We do not collect any data when you view a YouTube video on our website. 

We have integrated YouTube to present you several videos that you can view directly on our website.

The legal basis for this type of processing of personal data is Art. 6 (1) point (f) of the GDPR. The legitimate interest required for this lies in the great benefit that YouTube offers. By including external videos we decrease the load on our servers and can use those resources for other purposes. Among other things, this can increase the stability of our servers. YouTube or Google also has a legitimate interest in the (personal) data collected in order to improve their own services.

The provision of personal data is not mandatory, neither legally nor contractually, and is also not required to conclude contracts. You are also not obliged to provide personal data. However, if you do not provide your personal data you may not be able to use our website, or at least not in its entirety, as a result. 

For more information, refer to YouTube’s or Google’s privacy policies at www.google.com/policies/privacy/.

To learn more about Google’s privacy settings, visit https://privacy.google.com/take-control.html?categories_activeEl=sign-in.

10) Newsletter

By subscribing to our newsletter, you agree to receiving it and the described procedures.

Newsletter content: We send newsletters, e-mails and other electronic notifications containing advertising information (hereinafter “newsletters”) only with the recipients’ consent or a legal permission. If the contents of a newsletter are specifically described within the scope of a registration, they are decisive for user consent.

Double opt-in and logging: You register to receive our newsletter by means of the double opt-in procedure. This means that after registration you will receive an e-mail asking you to confirm your registration. This confirmation is necessary to prevent other persons from logging in with other e-mail addresses. Subscriptions to the newsletter are logged to fulfill our statutory burden of proof with regard to the registration process. This includes the storage of the login and confirmation time, as well as the IP address. Changes to your data stored with the service provider for newsletter distribution are also logged.

Registration data: You only need to enter your e-mail address to subscribe to our newsletter. Optionally we ask you to provide a name so we can address you in the newsletter.

Distribution of the newsletter and the performance measurement associated with it are based on the recipient’s consent in accordance with Art. 6(1) point (a) and Art. 7 of the GDPR in connection with Sect. 107(2) of the German Telecommunications Act or, if no consent is required, on the basis of our legitimate interests in direct marketing in accordance with Art. 6(1) point (f) of the GDPR in connection with Sect. 107(2) and (3) of the German Telecommunications Act.

The registration procedure is logged on the basis of our legitimate interests in accordance with Art. 6(1) point (f) of the GDPR. We are interested in the use of a user-friendly and secure newsletter system that serves both our business interests and complies with the expectations of users, and also allows us to prove consent.

Cancellation/revocation: You can unsubscribe from our newsletter at any time, i.e. revoke your consent. You will find a respective link at the end of each newsletter. We may store the unsubscribed e-mail addresses for up to three years on the basis of our legitimate interests before we delete them in order to be able to prove a previously given consent. The processing of these data is limited to a possible defence against claims. An individual request for deletion is possible at any time, provided that at the same time the previously given consent is confirmed.

11) Newsletter Distribution Service Provider

The newsletter is distributed by the service provider Mailchimp, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA. You can find the provider’s privacy policy at https://mailchimp.com/legal/privacy/. We have commissioned the provider on the basis of our legitimate interests in accordance with Art. 6(1) point (f) of the GDPR and an order processing agreement pursuant to Art. 28(3) sent. 1 of the GDPR.

The service provider can use the recipient’s data in pseudonymised form, i.e. without assignment to a user, to optimise or improve its own services, e.g. to technically optimise the distribution and presentation of the newsletter or for statistical purposes. However, the service provider will not use the data of our newsletter recipients to write them or to pass the data on to third parties.

12) Social Share Function

The social media buttons of Twitter, Facebook, do not automatically transmit data to the service provider when you visit the website. No use-specific data are transmitted to the provider if you click the share button. 

In addition to this website, we are also present in various social media networks, which you can access via corresponding buttons on our website. If you visit such a social media site, personal data may be transferred to the provider of the social network. In addition to storing the data you have entered in this social media network, the social media network provider may also process other information.

In addition, the social media network provider may process the most important data of the computer system from which you visit it such as your IP address, processor type and browser version used, including plug-ins.

This network can assign the visit to this account if you are logged in with your personal user account of the respective network while visiting such a website.

The purpose and scope of the data collection by the respective social media network as well as the further processing of your data there and your rights in this regard can be found in the respective regulations of the responsible party.

Facebook: https://www.facebook.com/about/privacy/

Twitter: https://twitter.com/en/privacy

Instagram: https://help.instagram.com/155833707900388

Google: https://policies.google.com/privacy?hl=en-GB

Flickr: https://policies.oath.com/ie/en/oath/privacy/index.html

Soundcloud: https://soundcloud.com/pages/privacy

 

Please note that our website contains further links to external third-party websites. We have no influence on the processing of data on these third-party websites.

 

13) Changes to the Data Privacy Statement

We may need to adapt this data privacy statement due to legal changes or changes to our internal processes..

Status: 23.05.2018

 

Office in Greece
Kallidromiou 17, Athens
GR-10680

 

Headquarters at Berlin
Franz-Mehring-Platz 1,
DE-10243
www.rosalux.de