top of page

PRIVACY NOTICE

Information around the topic of data protection of Students for Amani e.V.

We appreciate your interest in using our website. The protection of your personal data is of utmost importance to us. Below you will find information on the processing of your personal data and your rights in connection with the use of our website.

​

1. Responsible person

Responsible for data processing is:

Students for Amani e.V.

VR 2087

47447 Moers

E-Mail: info@studentsforamani.com

 

2. Data Protection Officer

You can reach our data protection officer as follows:

Philipp Nickel

Contact: philipp@studentsforamani.com

 

3. Your data subject rights

In accordance with the provisions of the General Data Protection Regulation (GDPR), you have the following rights as a data subject, provided that the respective legal requirements are met:

Information: You have the right to receive information about the processing of your personal data.

Correction: You may request the correction of inaccurate data relating to your person. In addition, you have the right to have incomplete data completed.

Deletion: In certain circumstances, you have the right to request the deletion of your personal data.

Restriction of processing: In certain cases, you may request the temporary restriction of the processing of your data.

Data portability: If you have provided data on the basis of a contract or consent, you have the right to receive this data in a structured, common and machine-readable format or to have it transferred to another controller.


 

Right of objection

 

Individual right of objection

 

You have the right to object to the processing of your personal data at any time on grounds relating to your individual situation, provided that such processing is based on Article 6(1) sentence 1(e) or Article 6(1) sentence 1(f) of the General Data Protection Regulation (GDPR). This also includes the right to object to profiling based on these provisions. In such cases, your personal data will no longer be processed for the aforementioned purposes, unless there are compelling legitimate grounds that override your interests, rights and freedoms, or the processing serves to enforce, exercise or defend legal claims.

 

Right to object to processing of data for direct marketing purposes

 

Occasionally, your data will be processed for the purpose of carrying out direct advertising. You have the right to object to the processing of your personal data for such advertising purposes at any time. This also applies to profiling, insofar as it is related to this direct advertising. If you object to the processing for direct marketing purposes, your personal data will no longer be processed for such purposes.

Withdrawal of consent: If you have previously given your consent to data processing, you are free to revoke this consent at any time for the future. The revocation does not affect the lawfulness of the data processing up to the time of the revocation. You may revoke your consent in addition to the methods described in the section "Exercising your rights" in accordance with the specific instructions on "Exercising revocation" in the section "Services & Cookies".

Exercising your rights: To exercise your aforementioned rights, please contact us by e-mail at info@studentsforamani.com or in writing at the address indicated in section 1 above. Make sure that we can clearly identify you.

Right to complain to the supervisory authority: If you believe that the processing of your personal data is unlawful, you have the right to lodge a complaint with a data protection supervisory authority. This applies in particular in the Member State of your habitual residence, your place of work or the place where you suspect the infringement.

 

4. Automated individual decision-making including profiling

Automated decisions in individual cases including profiling within the meaning of Article 22 of the DS-GVO do not take place in connection with the use of our service. Should profiling take place in the context of joint responsibility, we expressly point this out.

 

5. Details on services, cookies & co.

5.1 Own services

 

5.1.1. Log files

 

Data categories:

Event timestamps, IP addresses of accessing devices, user IDs, details of actions performed, the state of the system, information about devices used such as operating systems and browsers, URLs accessed, HTTP status codes, referrals from previous web pages, cookie data, transaction information, and error and exception entries.

 

Purpose(s):

Storage and analysis of log files for diagnostic and security purposes.

 

Legal basis(s):

Article 6(1)(f) DSGVO (legitimate interest).

 

Pursued Legitimate Interest(s):

Ensuring system integrity, fault diagnosis, security monitoring.

 

Provider privacy notice:

(reference to the privacy policy or guidelines of the company/organization processing the log files).

 

Additional Notes:

The collected log file data is used for system administration, troubleshooting and security monitoring purposes. They are usually kept for limited periods of time and may contain aggregated information about system events. Processing is carried out in accordance with the applicable data protection regulations and the provider's legitimate interest in ensuring system integrity and security.

 

5.1.2. Contact form

 

Data categories:

The personal data categories to be taken from the contact form.

 

Purpose(s):

Processing of requests and communication with users.

 

Legal basis(s):

Article 6(1)(b) DSGVO (performance of contract).

Article 6(1)(f) DSGVO (legitimate interest).

 

Pursued Legitimate Interest(s):

Responding to inquiries, customer support, communication.

 

Further notes:

The data collected via the contact form is used exclusively to process inquiries and to communicate with users. The data submitted may include name, email address, telephone number and an-other information necessary to respond to the request. The processing is carried out in accordance with the applicable data protection regulations and the legitimate interests of the provider in effective communication and customer service.

 

5.1.3. Newsletter registration

 

Data categories: The personal data categories to be taken from the newsletter registration.

 

Purpose(s):

Sending newsletters and information to subscribers.

 

Legal basis:

Article 6(1)(a) DSGVO (consent) via double opt-in procedure.

 

Pursued Legitimate Interest(s):

Providing relevant information to subscribers

 

Further information:

By subscribing to the newsletter, subscribers agree to receive information by email on a regular basis. The data submitted may include email address, name and other contact details as appropriate. Subscribers normally have the option to unsubscribe from the newsletter at any time. The processing is carried out in accordance with the applicable data protection regulations and the consent of the subscribers.

 

5.2. Third party services integration

We incorporate third party services to enable you to use their functions, ser-vices and features. These integrated third-party services are designed and provided by the respective providers. We therefore have no influence on the design, content and function of these third-party services or the processing of personal data by their providers. In this respect, please obtain information directly from the providers of the integrated services.


 

5.2.1. Wix

Provider/Receiver:

Wix.com Ltd.

40 Namal Tel Aviv St.

Tel Aviv, Israel 6350671

 

Purpose(s):

Provision of website creation and hosting services.

 

Legal basis(s):

Article 6(1)(b) DSGVO (performance of contract).

Article 6(1)(f) DSGVO (legitimate interest).

 

Pursued Legitimate Interest(s):

Provision of website creation and hosting services to support online presences.

 

Provider privacy notice:

https://de.wix.com/about/privacy

 

Other notices:

Wix is committed to protecting the privacy and security of your data. Your data will be processed and used in accordance with the applicable data protection regulations in order to provide the services you have requested.

Storage periods or criteria for determining them:

Immediately after delivery by the web server.

 

Source of data:

Directly collected when the website/service is called up.

​

 

5.2.2. Facebook

 

Provider/Receiver:

Meta Platforms Inc, 1601 Willow Road, Menlo Park, California 94025, USA.

 

Purpose(s):

Facebook profile communication.

 

Legal basis(s):

Article 6(1)(f) DSGVO.

 

Pursued Legitimate Interest(s):

Enabling communication via the Facebook profile.

 

Privacy notice of the provider:

www.facebook.com/policy.php

 

Further notes:

We use the Shariff solution, which means that only after you have clicked on the Facebook button does your browser establish a direct connection to Facebook.
 

 

5.2.3. Instagram

 

Provider/Receiver:

Meta Platforms Inc, 1601 Willow Road, Menlo Park, California 94025, USA.

 

Purpose(s):

Instagram profile communication.

 

Legal basis(s):

Article 6(1)(f) DSGVO.

 

Pursued Legitimate Interest(s):

Enabling communication via the Facebook profile.

 

Privacy notice of the provider:

www.facebook.com/policy.php

 

Further notes:

We use the Shariff solution, which means that only after you have clicked on the Instagram button does your browser establish a direct connection to Instagram.
 

 

5.2.4. LinkedIn

 

Provider/Receiver:

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

 

Purpose(s):

LinkedIn profile communication.

 

Legal basis(s):

Article 6(1)(f) DSGVO.

 

Pursued Legitimate Interest(s):

Enabling communication via the LinkedIn profile.

 

Provider privacy notice:

LinkedIn Privacy Policy

 

Further notes:

We use the Shariff solution, which means that only after you have clicked on the LinkedIn button does your browser establish a direct connection to LinkedIn.
 

 

5.2.5. PayPal

 

Provider/Receiver:

PayPal (Europe) S.à r.l. et Cie, S.C.A.

22-24 Boulevard Royal

L-2449 Luxembourg

Luxembourg

 

Purpose(s):

Processing of online payments and transactions.

 

Legal basis(s):

Article 6(1)(b) DSGVO (performance of contract).

Article 6(1)(f) DSGVO (legitimate interest).

 

Pursued Legitimate Interest(s):

Efficient and secure processing of payments and transactions.

 

Privacy notice of the provider:

https://www.paypal.com/myaccount/privacy/privacyhub

 

Additional Notes:

PayPal uses state-of-the-art security measures to ensure the confidentiality and security of your data. Your financial information will not be shared with the payee.

 

 

5.2.6. HelpDirect

 

Provider/Receiver:

HelpDirect e.V.

Sample street 123

12345 Musterstadt

Germany

 

Purpose(s):

Receipt of donations for charitable purposes.

 

Legal basis(s):

Article 6(1)(b) DSGVO (performance of contract).

Article 6(1)(f) DSGVO (legitimate interest).

 

Pursued Legitimate Interest(s):

Promoting charitable purposes by receiving donations.

 

Privacy notice of the provider:

https://www.helpdirect.org/informationen/datenschutz/

 

Additional Notes:

HelpDirect takes the privacy of your personal information seriously and uses appropriate security measures to ensure the confidentiality of your information. The information you provide will only be used for the specified donation purpose.

 

 

5.3 Cookies and similar technologies

Our website uses cookies to offer you a wide range of functions, to make your use more comfortable and to optimize our offers. Cookies are small text files that are generated by a web server and stored on your computer by your web browser during your online visit.

We use both "session cookies", which are automatically deleted when your browser session ends, and long-term cookies. These long-term cookies are primarily used to provide you, as a returning visitor, with persistent settings and to customize our website according to your preferences. Long-term cookies also allow us to analyze the usage behavior of visitors, but within the validity period of the cookie.

In addition, when integrating certain services from third parties ("third party cookies"), further cookies may be set. In the context of usage-based online advertising, tracking pixels may also be used. These small graphics on websites enable the recording and evaluation of log files for statistical analysis. The information gained in this way is stored in the cookie file in the user's browser.

If you do not wish to store cookies on your device, you can prevent this by making the appropriate settings in your Internet browser. Please note, however, that this may limit the functionality and scope of our offer. Certain cookies are only set with your prior consent. You also have the option to object to certain cookies. Further detailed information on the type, scope, purposes, legal basis and options for objecting to data processing in connection with these cookies can be found in the following tables.


 

5.3.1 Implemented technologies

Students for Amani e.V. does not use any implemented technologies on the web site.


 

5.3.2 First Party Cookies

5.3.2.1. fedops.logger.defaultOverrides

Data categories:

Cookie ID

 

Purpose(s):

Presentation of the website

 

Legal basis(s):

Article 6(1)(b) and (f) DSGVO.

 

Legitimate interests pursued:

To consider selected language for the presentation of the website

 

Recipients or categories of recipients:

Hosting provider, external service provider for technical support.

 

Cookie validity/storage period:

Duration of browser session


Obligation to provide the personal data and, if applicable, consequences of not providing it:

If you do not accept the cookie, any language settings selected will not be taken into account, even for the duration of a browser session.


Source of data:

Direct collection when calling up the website/service.


 

5.3.2.2. hs

Data categories:
Cookie ID

Purpose(s):
Presentation of the website

Legal basis:
Article 6(1)(b) and (f) DSGVO.

Legitimate interests pursued:
To consider selected language for the presentation of the website

Recipients or categories of recipients:
Hosting provider, external service provider for technical support.

Cookie validity/storage period:
Duration of browser session

Obligation to provide the personal data and, if applicable, consequences of not providing it:
If you do not accept the cookie, any language settings selected will not be taken into account, even for the duration of a browser session.

Source of data:
Direct collection when calling up the website/service.


 

5.3.2.3. ssr-caching

Data categories:
Cache data (rendered web page content).

Purpose(s):
To provide faster web page load times by storing and reusing rendered content.

Legal basis(s):
Article 6(1)(b) DSGVO (performance of contract).
Article 6(1)(f) DSGVO (legitimate interest).

Pursued legitimate interests:
Improving the user experience by reducing loading times and op-timizing the use of resources.

Recipients or categories of recipients:
Internal system administrators and developers

Storage duration:
The length of time cache data is stored varies by configuration and is typically determined by settings and policies.

Obligation to provide personal data and consequences of non-provision, if applicable:
Cache data is processed automatically based on the web pages visited and does not require explicit provision of personal data.

Source of the data:
The data is generated by the server-side rendering of the web page content and included in the cache.


5.3.2.4. svSession

Data categories:
Cookie ID

Purpose(s):
The "svSession" cookie enables basic website functionality, such as navigating between pages and accessing protected areas.

Legal basis(s):
Processing is carried out pursuant to Article 6(1)(b) DSGVO (performance of contract) and (f) DSGVO (legitimate interest).

Pursued legitimate interests:
The "svSession" cookie supports the optimal use of the website and facilitates navigation for the user.

Recipients or categories of recipients:
The "svSession" cookie may be viewed by internal system administrators and support staff.

Cookie validity/storage period:
The validity of the "svSession" cookie extends for the duration of the browser session.

Obligation to provide personal data and consequences of non-provision, if any:
The processing of "svSession" cookie data is automatic and does not require the explicit provision of personal data. Without the cookie, the optimal functionality of the website may be impaired.

Source of data:
The information for the "svSession" cookie is generated automatically during the visit of the website.


 

5.3.2.5. XSRF-TOKEN

Data categories:
Cookie ID

Purpose(s):
The "XSRF-TOKEN" cookie protects against Cross-Site Request Forgery (CSRF) attacks by generating a unique identifier for the current user account.

Legal basis(s):
Processing is carried out pursuant to Article 6(1)(b) DSGVO (performance of contract) and (f) DSGVO (legitimate interest).

Legitimate interest pursued:
The "XSRF-TOKEN" cookie ensures the security of the website and protects user accounts from unauthorized actions.

Recipients or categories of recipients:
Internal system administrators and developers

Cookie validity/storage period:
The validity of the "XSRF-TOKEN" cookie extends for the duration of the browser session.

Obligation to provide personal data and consequences of non-provision, if any:
The "XSRF-TOKEN" cookie is generated automatically and does not require any ex-plicit provision of personal data. Without the cookie, the security of the website may be compromised.

Source of data:
The "XSRF-TOKEN" cookie is generated by the user's interaction with the website.

 

5.4. Services jointly responsible with third-party providers

In some situations, we share responsibility with a third party provider. This may be the case when integrating their services on our website as well as in our presences on the third party's platforms. For more detailed information about the nature, scope, purposes, legal basis, and your ability to exercise your data subject rights in connection with these services, please see the tables below. The data processing on the part of the respective third-party provider can be found in its privacy policy. You have the right to assert your data subject rights both with us and directly with the relevant service provider. With regard to the processes for which the service provider is responsible, the service provider will usually be able to react more quickly. We therefore recommend that you contact them directly.

 

5.4.1 Facebook Fanpage

We act in cooperation with Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, as well as Facebook Inc., Facebook Headquarters, 471 Emerson St., Palo Alto, CA 94301-160, USA, as joint responsible parties for our Facebook fan page (contact the data protection officer). Through our fa-cebook fan page, we gain access to the Facebook Insight service, which provides us with statistical information about usage only.

The privacy policies of the companies with which we are jointly responsible for the Facebook fan page can be found at the following links: Data Policy (Facebook Ireland) and Data Policy (Facebook Inc.).

Functionality:
Interaction by/with users

Data categories:
Date and time of interaction, type of end device, operating system used if applicable, type and content of interaction (e.g. likes, direct messages, comments), profile name and picture.

Purpose(s):
Interacting with users, improving the user experience, receiving and processing requests, complaints or other feedback.

Legal basis(s):
Article 6(1)(b) and (f) DSGVO.
Recipients or categories of recipients:

Internal departments, in particular marketing, With regard to the recipients of the jointly responsible persons, we refer to their data protection notices.

Third country transfer; adequacy decision:
We do not transfer your data to a third country. We point out that the jointly responsible party Facebook Inc. is located in a third country without an adequacy decision. Regarding the third country transfer by the jointly responsible parties, we refer to their privacy notices.

Storage periods or criteria for determining them:
Unless there is a legal obligation to retain data: after termination of the user relationship, after complete response to the direct communication, after removal of the commenting contribution, and also, if applicable, deletion of illegal content. Regarding the storage by the jointly responsible parties, we refer to their data protection information.

Obligation to provide personal data and, if applicable, consequences of not providing it:
No obligation to provide

Source of data:
Direct collection during interaction by the user

​

6. Links to other websites

There are so-called hyperlinks to websites of other providers on our website. After clicking on these links, you will be redirected from our website directly to the website of the other provider. You will recognize this, among other things, by the change of URL.

​

7. Changes to this privacy notice

Since changes in the law or changes in our internal company processes may make it necessary to adapt this data protection declaration, which we reserve the right to do accordingly, we ask you to read this data protection declaration again each time you visit the website.

Status: August 2023

bottom of page