Data protection

1. Privacy at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. For detailed information on data protection, please refer to our privacy policy listed below this text.

Data Collection on This Website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find their contact details in the “Information on the Responsible Party” section of this privacy policy.

How do we collect your data?

Your data is collected, on the one hand, when you provide it to us. This may include, for example, data you enter into a contact form.

Other data is collected automatically or with your consent when you visit the website via our IT systems. This primarily consists of technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Some of the data is collected to ensure the website functions properly. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right at any time to receive information free of charge regarding the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you may revoke this consent at any time with future effect. Furthermore, you have the right to request the restriction of the processing of your personal data under certain circumstances. Furthermore, you have the right to file a complaint with the competent supervisory authority.

You may contact us at any time regarding this matter or any other questions about data protection.

2. Hosting

External Hosting

This website is hosted by an external service provider (host). The personal data collected on this website is stored on the host’s servers. This may primarily include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website visits, and other data generated via a website.

The use of the hoster is for the purpose of fulfilling our contractual obligations to our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of providing our online services securely, quickly, and efficiently through a professional provider (Art. 6(1)(f) GDPR).

Our hosting provider will process your data only to the extent necessary to fulfill its service obligations and will follow our instructions regarding this data.

We use the following hosting provider:

Intersolute GmbH
Rheinbahnstr. 28-34
41063 Mönchengladbach</></p><h4><span data-txn="23">Data Processing

Auftragsverarbeitung

We have entered into a Data Processing Agreement (DPA) with the aforementioned provider. This is a contract required by data protection law that ensures the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

3. General Information and Mandatory Disclosures

Data Protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations as well as this privacy policy.

When you use this website, various types of personal data are collected. Personal data is data that can be used to personally identify you. This privacy policy explains what data we collect and how we use it. It also explains how and for what purpose this is done.

Please note that data transmission over the Internet (e.g., when communicating via email) may involve security vulnerabilities. It is not possible to completely protect data from access by third parties.

Information on the Data Controller

The controller responsible for data processing on this website is:

Internationaler Club La Redoute Bonn e.V.
Kurfürstenallee 1
53177 Bonn

Phone: 0228-353858
Email: info@intclub-redoute-bonn.de

The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g., names, email addresses, etc.).

Retention Period

Unless a more specific retention period is stated in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for erasure or revoke your consent to data processing, your data will be erased unless we have other legally permissible grounds for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, erasure will occur once these grounds no longer apply.

Note on Data Transfer to the U.S. and Other Third Countries

We use, among other things, tools from companies based in the USA or other third countries that do not offer adequate data protection. When these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that a level of data protection comparable to that in the EU cannot be guaranteed in these countries. For example, U.S. companies are required to disclose personal data to security authorities without you, as the data subject, being able to take legal action against this. It cannot therefore be ruled out that U.S. authorities (e.g., intelligence agencies) may process, analyze, and permanently store your data located on U.S. servers for surveillance purposes. We have no influence over these processing activities.

Withdrawal of Your Consent to Data Processing

Many data processing operations are only possible with your explicit consent. You may withdraw consent you have already given at any time. The lawfulness of the data processing carried out prior to the withdrawal remains unaffected by the withdrawal.

Right to object to data collection in specific cases and to direct marketing (Art. 21 GDPR)

If data processing is based on Article 6(1)(e) or (f) of the GDPR, you have the right at any time to object to the processing of your personal data for reasons arising from your particular situation; this also applies to profiling protected under these provisions. The respective legal basis on which processing is based can be found in this Privacy Policy. If you object, we will no longer process your personal data in question unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims (objection under Article 21(1) of the GDPR).

If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for such marketing purposes; this also applies to profiling to the extent that it is related to such direct marketing. If you object, your personal data will no longer be used for the purposes of direct marketing (objection pursuant to Art. 21(2) GDPR).

Right to lodge a complaint with the competent supervisory authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work, or the place of the alleged violation. The right to lodge a complaint is without prejudice to any other administrative or judicial remedies.

Right to data portability

You have the right to have data that we process automatically based on your consent or in fulfillment of a contract provided to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only take place to the extent that it is technically feasible.

SSL or TLS Encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address bar of the browser changes from “http://” to “https://” and by the lock icon in your browser bar.

When SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.

Access, Deletion, and Correction

Within the scope of applicable legal provisions, you have the right at any time to receive information free of charge regarding your stored personal data, its origin and recipients, and the purpose of data processing, as well as the right to have this data corrected or deleted if necessary. You may contact us at any time regarding this matter or any other questions about personal data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. You may contact us at any time regarding this matter. The right to restriction of processing applies in the following cases:

If you dispute the accuracy of your personal data stored with us, we generally need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data was or is unlawful, you may request the restriction of data processing instead of erasure.
If we no longer need your personal data, but you need it to exercise, defend, or assert legal claims, you have the right to request the restriction of the processing of your personal data instead of erasure.
If you have lodged an objection pursuant to Article 21(1) of the GDPR, a balancing of your interests against ours must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, such data—apart from its storage—may only be processed with your consent or for the purpose of asserting, exercising, or defending legal claims, or to protect the rights of another natural or legal person, or for reasons of an important public interest of the European Union or a Member State.

Objection to Promotional Emails

The use of contact data published in accordance with the legal notice requirement for the transmission of unsolicited advertising and informational materials is hereby objected to. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited transmission of advertising information, such as via spam emails.

4. Data Collection on This Website

Cookies

Our website uses so-called “cookies.” Cookies are small text files that do not cause any damage to your device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or your web browser deletes them automatically.

In some cases, cookies from third-party companies may also be stored on your device when you visit our site (third-party cookies). These enable us or you to use certain services provided by the third-party company (e.g., cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g., the shopping cart function or the display of videos). Other cookies are used to analyze user behavior or display advertisements.

Cookies that are required to carry out the electronic communication process (necessary cookies), to provide certain functions you have requested (functional cookies, e.g., for the shopping cart function), or to optimize the website (e.g., cookies for measuring website traffic) are stored on the basis of Art. 6(1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies to ensure the technically error-free and optimized provision of its services. If consent to store cookies has been requested, the storage of the relevant cookies takes place exclusively on the basis of this consent (Art. 6(1)(a) GDPR); consent may be revoked at any time.

You can configure your browser to notify you when cookies are set and to allow cookies only on a case-by-case basis, to exclude the acceptance of cookies for specific cases or generally, and to enable the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.

To the extent that cookies from third-party companies or for analytical purposes are used, we will inform you separately about this within the scope of this privacy policy and, if necessary, request your consent.

Consent with Borlabs Cookie

Our website uses Borlabs Cookie’s consent technology to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies and to document this in compliance with data protection regulations. The provider of this technology is Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg (hereinafter Borlabs).

When you visit our website, a Borlabs cookie is stored in your browser, which records the consents you have given or the revocation of these consents. This data is not shared with the provider of Borlabs Cookie.

The collected data is stored until you request its deletion, delete the Borlabs cookie yourself, or the purpose for data storage no longer applies. Mandatory statutory retention periods remain unaffected. Details regarding the data processing by Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

Borlabs Cookie Consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6(1)(c) GDPR.

Server Log Files

The website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These include:

Browser type and browser version
Operating system used
Referrer URL
Hostname of the accessing computer
Time of the server request
IP address

This data is not merged with other data sources.

The collection of this data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website—for this purpose, the server log files must be collected.

Contact form

If you send us inquiries via the contact form, your details from the inquiry form—including the contact information you provided there—will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We will not share this data without your consent.

The processing of this data is based on Article 6(1)(b) of the GDPR, provided that your inquiry relates to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries directed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if such consent was requested.

The data you enter in the contact form will remain with us until you request its deletion, revoke your consent to its storage, or the purpose for storing the data no longer applies (e.g., after your inquiry has been processed). Mandatory legal provisions—in particular retention periods—remain unaffected.

Inquiries via Email, Phone, or Fax

If you contact us via email, phone, or fax, your inquiry, including all personal data contained therein (name, inquiry), will be stored and processed by us for the purpose of handling your request. We will not disclose this data without your consent.

The processing of this data is based on Art. 6(1)(b) GDPR, provided your inquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries directed to us (Article 6(1)(f) of the GDPR) or on your consent (Article 6(1)(a) of the GDPR) if such consent was requested.

The data you send to us via contact requests will remain with us until you request its deletion, revoke your consent to its storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions—in particular statutory retention periods—remain unaffected.

5. Plugins and Tools

Google Web Fonts (local hosting)

This site uses so-called web fonts provided by Google to ensure consistent font display. The Google Fonts are installed locally. No connection to Google’s servers is established.

For more information about Google Web Fonts, visit https://developers.google.com/fonts/faq and Google’s Privacy Policy: https://policies.google.com/privacy?hl=de.

Google Maps

This site uses the Google Maps mapping service. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To use the features of Google Maps, it is necessary to store your IP address. This information is generally transmitted to a Google server in the United States and stored there. The provider of this site has no influence over this data transmission. When Google Maps is activated, Google may use Google Web Fonts for the purpose of uniformly displaying fonts. When you access Google Maps, your browser loads the required web fonts into its cache to display text and fonts correctly.

The use of Google Maps is in the interest of an appealing presentation of our online offerings and to make it easy to find the locations listed on our website. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR. If consent has been requested, processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR; consent may be revoked at any time.

Data transfers to the U.S. are based on the EU Commission’s Standard Contractual Clauses. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

For more information on the handling of user data, please refer to Google’s Privacy Policy: https://policies.google.com/privacy?hl=de.

Wordfence

We have integrated Wordfence into this website. The provider is Defiant Inc., Defiant, Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter Wordfence).

Wordfence serves to protect our website from unauthorized access or malicious cyberattacks. For this purpose, our website establishes a permanent connection to Wordfence’s servers so that Wordfence can compare the accesses made to our website with its databases and block them if necessary.

The use of Wordfence is based on Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in protecting its website as effectively as possible against cyberattacks. If consent has been obtained, processing is based exclusively on Article 6(1)(a) of the GDPR; consent may be withdrawn at any time.

Data transfers to the U.S. are based on the EU Commission’s Standard Contractual Clauses. Details can be found here: https://www.wordfence.com/help/general-data-protection-regulation/.

6. Audio and Video Conferences

Data Processing

We use online conferencing tools, among other means, to communicate with our customers. The specific tools we use are listed below. When you communicate with us via video or audio conference over the internet, your personal data is collected and processed by us and the provider of the respective conferencing tool.

The conference tools collect all data that you provide or use to access the tools (email address and/or your phone number). Furthermore, the conference tools process the duration of the conference, the start and end times of your participation in the conference, the number of participants, and other “contextual information” related to the communication process (metadata).

Furthermore, the tool provider processes all technical data necessary for handling the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.

If content is exchanged, uploaded, or otherwise made available within the tool, this content is also stored on the tool provider’s servers. Such content includes, in particular, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared while using the service.

Please note that we do not have full control over the data processing operations of the tools used. Our options depend largely on the corporate policies of the respective provider. For further information on data processing by the conferencing tools, please refer to the privacy policies of the respective tools, which we have listed below this text.

Purpose and Legal Basis

The conference tools are used to communicate with prospective or existing contractual partners or to offer specific services to our customers (Art. 6(1)(b) GDPR). Furthermore, the use of these tools serves to generally simplify and expedite communication with us or our company (legitimate interest within the meaning of Art. 6(1)(f) GDPR). Where consent has been requested, the use of the relevant tools is based on this consent; consent may be revoked at any time with future effect.

Retention Period

The data collected directly by us via the video and conferencing tools is deleted from our systems as soon as you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies. Stored cookies remain on your device until you delete them. Mandatory statutory retention periods remain unaffected.

We have no influence over the storage period of your data that is stored by the operators of the conference tools for their own purposes. For details on this, please contact the operators of the conference tools directly.

Conference Tools Used

We use the following conference tools:

Zoom

We use Zoom. The provider of this service is Zoom Communications Inc., San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. For details on data processing, please refer to Zoom’s privacy policy: https://zoom.us/de-de/privacy.html.

Data transfers to the U.S. are based on the EU Commission’s Standard Contractual Clauses. Details can be found here: https://zoom.us/de-de/privacy.html.