Privacy

Digitalstadt Darmstadt GmbH takes your privacy very seriously and processes your personal data in accordance with the applicable legal data protection requirements. Personal data within the meaning of this information is all information that can be related to you personally, e.g. name, address, email and IP address, user behavior.

With the following data protection information we inform you about the processing of your personal data by us. We will also give you an overview of your data protection rights. Which data is processed in detail and how it is used depends largely on the services used, requested or agreed upon.

1.Responsible body and data protection officer

(1) The responsible body according to Article 4 paragraph 7 of the General Data Protection Regulation (GDPR) or the service provider according to Section 13 of the Telemedia Act (TMG) is:

Digitalstadt Darmstadt GmbH
Im Carree 1
64283 Darmstadt

(2) You can reach our data protection officer at:

Digitalstadt Darmstadt GmbH
Der Datenschutzbeauftragte
Im Carree 1
64283 Darmstadt

E-Mail: info@digitalstadt-darmstadt.de

2. Source of personal data

We process personal data that we receive from you when you visit our website, when you contact us by email or via a contact form.

3. Categories of personal data processed

(1) If you visit or use our website purely for information purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (the legal basis is Article 6 (1) (f) GDPR):

  • Your IP address (host),
  • Date, time and duration of your visit (date:time),
  • Content of the request,
  • Access status/http status code (statuscode),
  • amount of data transferred (byte),
  • Website from which the request comes (referrer),
  • Your browser and operating system (user_agent).

This data is used exclusively for internal statistical purposes.

(2) In addition to the data mentioned above, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard disk and associated with the browser you use. They allow certain information to be sent to the location that placed the cookie. Cookies cannot run programs or transmit viruses to your computer.

(3) Most browsers are set to accept cookies. However, you can deactivate the storage of cookies in your browser at any time or set your browser so that you receive a message as soon as cookies are sent. However, we would like to point out that you may then not be able to use all functions of this website.

(4) This stored information will be stored separately from any other data you may have provided to us. In particular, the data from the cookies is not linked to your other data.

(5) If you contact us by email or via a contact form, the data you provide (name, email address, telephone number if applicable) will be stored by us in order to answer your questions.

4. Categories of recipients of personal data

(1) We commission individual processes and services to be carried out by carefully selected service providers who comply with data protection regulations. These external service providers are bound by our instructions and are regularly monitored. They will not pass on your data to third parties.

(2) With regard to the transfer of data to other recipients, we will only pass on information about you if required by law, if you have consented or if we are authorized to do so. If these conditions are met, recipients of personal data may include:

  • Public bodies and institutions (e.g. tax authorities, law enforcement authorities) if there is a legal or official obligation.
  • Other companies or similar institutions to which we transmit personal data in order to carry out the business relationship with you.
  • Other companies within the group (e.g. for processing payment transactions or for risk management due to legal obligations).

5. Purposes for which the personal data are to be processed and legal basis for processing

We process your personal data in compliance with the applicable statutory data protection regulations. Processing is lawful if the following conditions are met:

  • Consent (Article 6 paragraph 1 a) GDPR:
  • The legality of processing personal data is given if consent is given to processing for specified purposes (e.g. processing your request, using the data for marketing purposes). Consent given can be revoked at any time with future effect. This also applies to the revocation of declarations of consent that were given to us before the GDPR came into force, i.e. before 25 May 2018.
  • Due to contractual obligations (Article 6 paragraph 1 b) GDPR

6. Intention to transfer personal data to a third country or an international organization

An active transfer of personal data to a third country only takes place if this has been expressly stated within the framework of the aforementioned services.

7. Criteria for determining the period for which personal data will be stored

(1) The data will be stored in accordance with statutory provisions on data processing and in compliance with statutory retention periods. We process and use your data exclusively for the purposes for which you have authorized us and for as long as the data is required for these purposes.

(2) If the data are no longer required for the purpose or to fulfil legal obligations, they will generally be deleted, unless their further processing – limited and, where appropriate, restricted – is necessary for the following purposes:

  • The fulfillment of commercial and tax law retention obligations: These include the German Commercial Code (HGB) and the German Tax Code (AO). Thereafter, the retention and documentation periods are set at up to 10 years.
  • Preservation of evidence within the framework of the statutory limitation periods: According to Sections 195 et seq. of the German Civil Code (BGB), the regular limitation period is three years, but under special circumstances it can be up to 30 years.

8. Data protection rights

(1) Every data subject has the right to information pursuant to Article 15 GDPR, the right to rectification pursuant to Article 16 GDPR, the right to erasure pursuant to Article 17 GDPR, the right to restriction of processing pursuant to Article 18 GDPR, the right to object pursuant to Article 21 GDPR and the right to data portability pursuant to Article 20 GDPR. The restrictions under Sections 34 and 35 of the Federal Data Protection Act (BDSG) apply to the right to information and the right to erasure. In addition, you have the right to lodge a complaint with a competent data protection supervisory authority (Article 77 GDPR in conjunction with Section 19 BDSG).

(2) You may revoke your consent to the processing of personal data at any time with future effect. This also applies to the revocation of declarations of consent that were given to us before the General Data Protection Regulation came into force, i.e. before May 25, 2018.

(3) You have the right to object at any time, for reasons related to your particular situation, to the processing of personal data concerning you which is based on Article 6(1) e) GDPR (data processing in the public interest) and Article 6 paragraph 1 f) GDPR (data processing on the basis of a balance of interests); this also applies to profiling based on this provision within the meaning of Article 4 No. 4 GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

In individual cases, we process your personal data to conduct direct advertising. You have the right to object at any time to the processing of personal data concerning you for the purposes of such advertising; this also applies to profiling insofar as it is related to such direct advertising.

If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

The objection can be made in any form and should, if possible, be addressed to:

Digitalstadt Darmstadt GmbH
Der Datenschutzbeauftragte
Rheinstraße 75
64295 Darmstadt

E-Mail: info@digitalstadt-darmstadt.de


9. Changes to the privacy policy

We continuously develop and optimize our services. So we may add new functionality. Should this affect the way in which your personal data is processed, we will inform you in a timely manner in our privacy policy.

Status: May 18, 2018

Privacy Notice: Use of Social Media

Facebook

Digitalstadt Darmstadt has set up a Facebook fan page on the social network Facebook at https://www.facebook.com/DigitalstadtDarmstadt. Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). The reference in the digitalstadt-darmstadt.de service to Facebook and the Digitalstadt Darmstadt fan page is made via a link (button). Only when this link is clicked by the user of the digitalstadt-darmstadt.de service does a connection to the Facebook servers arise. The user then leaves the Digitalstadt Darmstadt GmbH website and retrieves the content from Facebook servers. The website digitalstadt-darmstadt.de does not use active social plugins from the social network Facebook. Digitalstadt Darmstadt GmbH does not store any personal data of fans at any time. A temporary exception applies to competitions or raffles (see the terms and conditions of participation for competitions, contests and raffles via the social media channels of the Science City of Darmstadt: https://www.darmstadt.de/nutzungsbedingungen). The data entered by users on the fan page, such as comments, videos or images, will not be used or passed on by Digitalstadt Darmstadt GmbH for any other purposes at any time. Digitalstadt Darmstadt GmbH, as the operator of its Facebook fan page, has no influence whatsoever on the processing of data by Facebook. It cannot be ruled out that Facebook will use the data and/or pass it on to third parties. These can include habits, personal relationships, preferences and other aspects. The purpose and scope of data collection, the further processing and use of the data by Facebook as well as the related rights and setting options for protecting the privacy of users can be found in Facebook’s privacy policy: https://www.facebook.com/about/privacy/. If a user is a Facebook member and does not want Facebook to collect data about him or her via this service and link it to his or her member data stored on Facebook, he or she must log out of Facebook before visiting the website. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads.

Twitter

Digitalstadt Darmstadt GmbH has a Twitter account at the address https://twitter.com/DA_Digitalstadt set up a Twitter account. Twitter is operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). The reference in the digitalstadt-darmstadt.de service to Twitter is made via a link (button). Only when this link is used by the user of the digitalstadt-darmstadt.de service does a connection to the Twitter servers arise. The user then leaves the Digitalstadt Darmstadt GmbH website and retrieves the content from Twitter servers. The digitalstadt-darmstadt.de website does not use active social plugins from the social network Twitter. Digitalstadt Darmstadt GmbH, as the operator of its Twitter account, has no influence whatsoever on the processing of data by Twitter. It cannot be ruled out that Twitter will use the data and/or pass it on to third parties. This could include habits, personal relationships, preferences, and other aspects. Further information on this can be found in Twitter’s privacy policy at http://twitter.com/privacy.

YouTube

The Digital City of Darmstadt has been featured on the video portal YouTube at https://www.youtube.com/user/DarmstadtStadt a so-called YouTube channel has been set up. YouTube is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The digitalstadt-darmstadt.de website uses plug-ins from the video portal YouTube. When a page of the digitalstadt-damstadt.de service is accessed that contains a plug-in (e.g. share function), the browser used by the user establishes a direct connection to the Google servers. The content of the plug-in is transmitted directly from the provider to the user’s browser and integrated into the page. By integrating the plug-in, Google receives the information that the user’s browser has accessed the corresponding page of the digitalstadt-darmstadt.de service, even if the user does not have a profile of a Google service or is not currently logged in to there. This information (the user’s IP address) is transmitted from the user’s browser directly to a Google server in the USA and stored there. Further information on how Google handles user data can be found in Google’s privacy policy on https://www.google.de/intl/de/policies/privacy. If the user is logged in to Facebook, Twitter, YouTube or Instagram, the provider of these services is able to directly assign the visit to the darmstadt.de service to the user’s profile on Facebook, Twitter, YouTube or Instagram. If the user interacts with a plugin, for example by pressing the “Share” button, the corresponding information can also be transmitted directly to a Facebook, Twitter, YouTube or Instagram server and stored there. The information may also be published on the user’s Facebook, Twitter, YouTube or Instagram account and may be displayed to the user’s contacts stored there.

Privacy Notice: Use of plugins and tools

Google Maps

This website uses the Google Maps service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To use the functions of Google Maps, it is necessary to save the user’s IP address. This information is usually transferred to a Google server in the USA and stored there. Digitalstadt Darmstadt GmbH, as the provider of this site, has no influence on this data transfer.

Google Maps is used in the interest of an attractive presentation of the online offers and to make the locations indicated on the website easy to find. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f. DSGVO dar.

You can find more information about how user data is handled in Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/.

Google Web Fonts

The Digitalstadt Darmstadt GmbH website uses so-called web fonts provided by Google for the uniform display of fonts. When you visit a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

For this purpose, the browser you use must connect to Google’s servers. This allows Google to know that our website was accessed via your IP address. We use Google Web Fonts in the interest of a uniform and appealing presentation of our online offerings. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f. DSGVO dar.

If your browser does not support web fonts, a standard font from your computer will be used.

Further information about Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.

Google Analytics

The controller has integrated the Google Analytics component (with anonymization function) on this website. Google Analytics is a web analysis service. Web analysis is the collection, gathering, and evaluation of data on the behavior of website visitors. A web analysis service collects, among other things, data about the website from which a data subject came to a website (so-called referrers), which subpages of the website were accessed, or how often and for what duration a subpage was viewed. Web analysis is primarily used to optimize a website and for the cost-benefit analysis of online advertising. The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. The controller uses the addition “_gat._anonymizeIp” for web analysis via Google Analytics. By means of this add-on, the IP address of the data subject’s internet connection is shortened and anonymized by Google if access to our website is made from a Member State of the European Union or from another contracting state to the Agreement on the European Economic Area.

The purpose of the Google Analytics component is to analyze visitor flows on our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us which show the activities on our websites, and to provide other services related to the use of our website. Google Analytics sets a cookie on the information technology system of the data subject. What cookies are has already been explained above. By setting the cookie, Google is enabled to analyze the use of our website. With each call-up to one of the individual pages of this Internet site, which is operated by the controller and on which a Google Analytics component was integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. As part of this technical procedure, Google receives knowledge of personal data, such as the IP address of the data subject, which Google uses, among other things, to trace the origin of visitors and clicks and subsequently enable commission settlements. The cookie is used to store personal information, such as the access time, the location from which access was made and the frequency of visits to our website by the data subject. With each visit to our website, this personal data, including the IP address of the internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass this personal data collected via the technical procedure on to third parties. The data subject may, as already explained above, prevent the setting of cookies through our website at any time by means of a corresponding setting of the internet browser used and thus permanently deny the setting of cookies. Such a setting of the internet browser used would also prevent Google from placing a cookie on the information technology system of the data subject. In addition, a cookie already set by Google Analytics can be deleted at any time via the internet browser or other software programs. Furthermore, the data subject has the option of objecting to the collection of data generated by Google Analytics relating to the use of this website as well as the processing of this data by Google and the chance to prevent such collection. To do so, the data subject must download and install a browser add-on available at https://tools.google.com/dlpage/gaoptout. This browser add-on informs Google Analytics via JavaScript that no data and information relating to website visits may be transmitted to Google Analytics. Google considers the installation of the browser add-on as an objection. If the information technology system of the data subject is deleted, formatted, or reinstalled at a later date, the data subject must reinstall the browser add-on to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or another person within their sphere of control, it is possible to reinstall or reactivate the browser add-on. Further information and the applicable data protection provisions of Google can be found at https://www.google.de/intl/de/policies/privacy/ and at http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail at this link: https://www.google.com/intl/de_de/analytics/.

Google Ads

The controller has integrated Google Remarketing services on this website. Google Remarketing is a function of Google AdWords that enables a company to display advertisements to Internet users who have previously visited the company’s website. The integration of Google Remarketing therefore allows a company to create user-related advertising and thus display interest-relevant advertisements to the Internet user. The operator of the Google Remarketing services is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. The purpose of Google Remarketing is to display interest-relevant advertising. Google Remarketing enables us to display advertisements via the Google advertising network or on other Internet sites that are tailored to the individual needs and interests of Internet users. Google Remarketing sets a cookie on the information technology system of the data subject. What cookies are has already been explained above. By setting the cookie, Google is able to recognize visitors to our website when they subsequently visit websites that are also members of the Google advertising network. With each visit to a website on which the Google Remarketing service has been integrated, the data subject’s Internet browser automatically identifies itself with Google. As part of this technical process, Google receives information about personal data, such as the IP address or the user’s browsing behavior, which Google uses, among other things, to display interest-relevant advertising.

The cookie is used to store personal information, such as the websites visited by the data subject. With each visit to our website, personal data, including the IP address of the internet connection used by the data subject, is therefore transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass this personal data collected via the technical process on to third parties. The data subject may, as already explained above, prevent the setting of cookies through our website at any time by means of a corresponding setting of the internet browser used and thus permanently deny the setting of cookies. Such a setting of the internet browser used would also prevent Google from placing a cookie on the information technology system of the data subject. In addition, a cookie already set by Google Analytics can be deleted at any time via the internet browser or other software programs. Furthermore, the data subject has the option of objecting to interest-based advertising by Google. To do so, the data subject must access the link www.google.de/settings/ads from each of the Internet browsers they use and configure the desired settings there. Further information and Google’s applicable privacy policy can be found at https://www.google.de/intl/de/policies/privacy/.

Mouseflow

This website uses Mouseflow, a web analysis tool from Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark. The data is processed to analyze this website and its visitors. For this purpose, data is collected and stored for marketing and optimization purposes. User profiles can be created from this data under a pseudonym. Cookies can be used for this purpose. The Mouseflow web analysis tool records randomly selected individual visits (only with anonymized IP addresses). This creates a log of mouse movements and clicks with the intention of randomly replaying individual website visits and deriving potential improvements for the website. The data collected with Mouseflow will not be used to personally identify the visitor to this website without the express consent of the data subject and will not be merged with personal data about the bearer of the pseudonym. The processing is based on Art. 6 (1) f) GDPR out of the legitimate interest in direct customer communication and in the needs-based design of the website.

You have the right to object at any time to the processing of personal data concerning you based on Art. 6 (1) f GDPR for reasons related to your particular situation. To do so, you can globally deactivate recording on all websites that use Mouseflow for your currently used browser by using the following link: https://mouseflow.de/opt-out/

Hello user, we are pleased that you are using the social media channels of Digitalstadt Darmstadt GmbH and want to share your opinions, questions, suggestions and criticism with us. The comments on our postings reflect solely the opinions of individual users. Digitalstadt Darmstadt GmbH assumes no liability for the accuracy and completeness of the content.

Our top priority when communicating via social media platforms is to treat each other fairly and respectfully. Since each user is responsible for their own contributions and only an honest and constructive exchange benefits us all, we ask you to do the following:

  • Treat users the way you would like to be treated by other users.
  • Do you have a different opinion? No problem, but please remain objective and respectful and avoid provocations, insults and off-topic comments.
  • Please do not attack anyone personally, because behind every user there is a human being.
  • Don’t force your personal opinion on anyone, because everyone has the right to their own opinion.
  • You should only disclose personal information publicly with caution.

This list represents violations of our netiquette rules, for which we reserve the right to hide or even delete user posts or comments:

  • Criminal content
  • Content that may violate the rights of third parties, in particular insults and degradation of users or persons
  • Repeated commenting on swear words or provocations
  • Calls for violence and threats against individuals, institutions or companies
  • Hate propaganda and racism
  • Pornography and obscenities
  • Content harmful to minors
  • Calls for donations and advertising
  • Misuse of the comment function as advertising space for other websites or services
  • Comments that deviate completely from the actual topic of the post
  • Links to websites that do not serve to deepen the topic
  • Foreign language posts that cannot be checked for content by the social media team of Digitalstadt Darmstadt GmbH
  • Spam posts (exactly the same posts posted multiple times)
  • Uncommented use of quotations or text excerpts without source reference
  • Violation of third-party rights (e.g. copyright and personal rights, right to one’s own image)
  • Posting personal information of other people
  • Links to websites that contain one or more of the listed items

In the event of violations of our netiquette, especially in serious or repeated cases, we will block the responsible user. Criminally relevant content will also be reported.

Field of action