Daimlerring 8b | 65205 Wiesbaden

info@ii-ec.org

Privacy Policy

Private Policy

Privacy Policy

This privacy policy informs you about the nature, scope, and purpose of the processing of personal data (hereinafter referred to as "data") within our online offerings, the associated websites, functions, and contents, as well as external online presences such as our social media profiles (hereinafter collectively referred to as "Online Offering"). Regarding the terminology used, such as "processing" or "controller," we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

Controller

Immanuel-International e.V.
Daimlerring 8b
65205 Wiesbaden-Nordenstadt, Germany
Email: info@immanuel-international.org
1st Chairman: Manfred Richter
Link to the Legal Notice: http://ii-ec.org/impressum/

Types of Processed Data:

  • Inventory data (e.g., names, addresses).
  • Contact data (e.g., email, phone numbers).
  • Content data (e.g., text inputs, photographs, videos).
  • Usage data (e.g., visited websites, interest in content, access times).
  • Meta/communication data (e.g., device information, IP addresses).

Categories of Data Subjects

Visitors and users of the online offering (hereinafter referred to collectively as "users").

Purpose of Processing

  • Providing the online offering, its functions, and content.
  • Responding to contact inquiries and communicating with users.
  • Security measures.
  • Reach measurement/marketing.

Terminology Used

"Personal data" refers to all information related to an identified or identifiable natural person (hereinafter referred to as "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by assigning to an identifier such as a name, identification number, location data, online identifier (e.g., cookie), or to one or more specific characteristics that express the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.

"Processing" refers to any operation or series of operations performed on personal data, whether or not by automated means. The term is broad and includes practically any handling of data.

"Pseudonymization" refers to the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data cannot be assigned to an identified or identifiable natural person.

"Profiling" refers to any automated processing of personal data involving the use of such data to evaluate certain personal aspects relating to a natural person, particularly to analyze or predict aspects concerning the performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements of that natural person.

A "controller" is a natural or legal person, authority, agency, or other body which alone or jointly with others determines the purposes and means of the processing of personal data.

A "processor" is a natural or legal person, authority, agency, or other body which processes personal data on behalf of the controller.

Relevant Legal Bases

In accordance with Art. 13 GDPR, we inform you about the legal bases for our data processing activities. If the legal basis is not mentioned in this privacy policy, the following applies: The legal basis for obtaining consent is Art. 6 (1) lit. a and Art. 7 GDPR, the legal basis for processing for the performance of our services and the execution of contractual measures as well as for answering inquiries is Art. 6 (1) lit. b GDPR, the legal basis for processing to fulfill our legal obligations is Art. 6 (1) lit. c GDPR, and the legal basis for processing to protect our legitimate interests is Art. 6 (1) lit. f GDPR. In cases where processing of personal data is required to protect the vital interests of the data subject or another natural person, Art. 6 (1) lit. d GDPR serves as the legal basis.

Security Measures

In accordance with Art. 32 GDPR, we take appropriate technical and organizational measures, considering the state of the art, the implementation costs, and the nature, scope, context, and purposes of processing, as well as the varying probabilities of occurrence and severity of risks to the rights and freedoms of natural persons, to ensure a level of protection appropriate to the risk.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical access to the data, as well as access, input, sharing, ensuring availability, and separation of data. Furthermore, we have procedures in place to ensure the exercise of data subject rights, data deletion, and response to data breaches. Additionally, we consider data protection already in the development or selection of hardware, software, and procedures, in accordance with the principle of data protection through technology design and by using data protection-friendly default settings (Art. 25 GDPR).

Collaboration with Processors and Third Parties

If we disclose data to other persons and companies (processors or third parties), transmit them, or grant them access to the data, this will only be done based on a legal permission (e.g., if data transmission to third parties, such as payment service providers, is necessary for contract fulfillment according to Art. 6 (1) lit. b GDPR), if you have given your consent, if a legal obligation requires it, or based on our legitimate interests (e.g., when using agents, web hosting providers, etc.).

If we commission third parties to process data based on a "data processing agreement," this is done in accordance with Art. 28 GDPR.

Transfers to Third Countries

If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if this happens in the course of using services from third parties or disclosing or transmitting data to third parties, this will only occur if it is necessary to fulfill our (pre-)contractual obligations, based on your consent, due to a legal obligation, or based on our legitimate interests. Subject to legal or contractual permissions, we only process or allow data to be processed in a third country if the special conditions of Art. 44 et seq. GDPR are met. This means, for example, that processing takes place based on special guarantees, such as the officially recognized determination of an adequate level of data protection corresponding to that of the EU (e.g., for the USA through the "Privacy Shield") or adherence to officially recognized special contractual obligations (so-called "Standard Contractual Clauses").