We are pleased that you are interested in the German Optical Museum Foundation, which we refer to as the "D.O.M." in the following statement.
Environmental protection, your privacy, and transparency are an especially high priority for the D.O.M. Foundation's council.
For this reason, the council consistently works toward paper-free communication with the Foundation's members, benefactors, sponsors, and the general public in compliance with the GDPR.
There are only less than 10 people whose duties involve the (automated) processing of personal data, which means that the Foundation is not required to appoint a privacy officer under section 38 of the new German Privacy Act (BDSG, Bundesdatenschutzgesetz). The persons listed below are referred to as Data Processing Officers in the following statement.
Since the D.O.M. only requires a minimal number of set data processing operations and systems for its charitable activities, we are publicly documenting these below in accordance with GDPR article 30 (Records of Processing Activities) for the sake of transparency:
Users of these systems (Data Processing Officers ) are the director of the DOM and his staff.
System administration according to the four-eye-principle is guaranteed.
It is generally possible to use the D.O.M. Web site without entering any personal data. However, if an affected person (a "data subject") would like to utilize special services provided by the Foundation through our Web site, it may be necessary to process personal data. Should personal data need to be processed without there being a legal foundation for processing of this nature, we will generally seek the permission of the data subject.
We process personal data, such as a data subject's name, address, e-mail address, or telephone number, at all times in line with the General Data Protection Regulation and pursuant to national privacy legislation applicable to the D.O.M. By means of this Data Privacy Statement, our Foundation would like to inform the general public about the nature, scope, and purpose of the personal data that we collect, use, and process. Additionally, this Data Privacy Statement explains to data subjects the rights to which they are entitled.
As the controller of the operations through which data is processed, the D.O.M. has implemented numerous technical and organizational measures to ensure that the personal data processed via this Web site is protected as comprehensively as possible. Nevertheless, Internet-based data transmission is by its nature vulnerable to security flaws and, consequently, absolute protection can never be guaranteed. For this reason, every data subject has the option of transmitting their personal data by alternative means, for example, by telephone.
The D.O.M.'s Data Privacy Statement relies on terminology used by European legislators and regulators when enacting the General Data Protection Regulation (GDPR). We seek to make our Data Privacy Statement easy to read and understand for the general public as well as our clients and business partners. To ensure that this does occur, we would first like to explain the terminology we use.
The terms we use in our Data Privacy statement include the following:
Personal data means any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
A data subject is any identified or identifiable natural person whose personal data is processed by the controller of the data processing activities.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
Restriction of processing means the marking of stored personal data with the aim of limiting its processing in the future.
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.
Controller means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
Recipient means a natural or legal person, public authority, agency, or another body, to which the personal data is disclosed, whether a third party or not. However, public authorities that may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law are not regarded as recipients.
Third party means a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
Consent of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
For the purposes of the General Data Protection Regulation, other European Union privacy legislation applicable in Member States, and other privacy rules and regulations, the D.O.M., represented by its Director as per §8 of its Foundation Statute, is the controller.
By using cookies, the D.O.M. can provide Web site users with more user-friendly services that would otherwise not be possible.
The data subject can at any time stop cookies being saved by our Web site through his/her Web browser's corresponding settings and at the same time permanently object to cookies being saved. Furthermore, cookies that have already been saved can be deleted at any time using the Web browser or other software programs. This is a function available in all common Web browsers. If the data subject deactivates his/her Web browser's cookie-saving function, it may in some cases no longer be possible to use the complete functionality of our Web site.
Every time a data subject or automated system navigates to the D.O.M.'s Web site, it collects a range of general data and information. This general data and information is saved in the server's log files. The following may be collected: (1) the browser types and versions used, (2) the operating system used by the system accessing the Web site, (3) the Web site from which a visiting system navigates to our Web site (the "referrer"), (4) the sub-Web sites that a visiting system navigates to on our Web site, (5) the date and time of Web site access, (6) the Internet Protocol (IP) address, (7) the visiting system's Internet service provider, and (8) other data and information of a similar nature that can be used to avert danger in case our information technology systems are attacked.
The D.O.M. does not infer details about the data subject when using this general data and information. Rather, this information is required to (1) present the content of our Web site correctly, (2) optimize the content and advertisement of our Web site, (3) assure ongoing operability of our information technology systems and our Web site's technology, and (4) supply information required for criminal prosecution to prosecution authorities in the event of a cyberattack. This data and information, which is collected anonymously, is therefore analyzed by the D.O.M. for statistical purposes and, moreover, with the goal of increasing the protection and security of data in our organization so that an optimal level of protection for the personal data processed by us can in the end be assured. The anonymous data in the server log files is stored separately from all personal data provided by a data subject.
Due to statutory regulations, the D.O.M.'s Web site contains details that enable fast, electronic contact with our Foundation and direct communication with us, with these details also including an e-mail address. If a data subject contacts the controller by e-mail or using the contact form, the personal data transmitted by the data subject will be saved automatically. Personal data transmitted from the data subject to the controller in a voluntary manner such as this is saved for the purpose of processing or contacting the data subject. At no stage is this personal data shared with third parties.
The controller processes and saves the data subject's personal data only for the period of time required to achieve the purpose for which it is saved or only if the controller is required to save data on account of legislation or regulations that are passed by European Union legislators and regulators or other legislators and the controller is subject to the legislation or regulations.
Should there no longer be any reason to save the data or if a retention period prescribed by a European Union directive or regulation or by other relevant law expires, the personal data will be restricted from processing or deleted as a matter of routine and in accordance with statutory regulations.
Under law enacted by European Union legislators and regulators, each data subject has the right to obtain from the controller confirmation as to whether or not personal data concerning him or her is being processed. If a data subject would like to utilize this right of confirmation, he or she can contact one of our Data Processing Officers at any time.
Any data subject whose personal data is processed has the right granted by European Union legislators and regulators to obtain free information about the personal data saved by the controller in relation to him or her and to obtain a copy of this information at any time. Further, European Union legislators and regulators empower the data subject to demand access to the following information:
· the purposes of the processing
· the categories of personal data concerned
· the recipients or categories of recipient to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organizations
· where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period
· the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing
· the right to lodge a complaint with a supervisory authority, where the personal data is not collected from the data subject, any available information as to its source
· the existence of automated decision-making, including profiling, referred to in GDPR article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject
In addition, the data subject also has a right of information regarding personal data that has been transferred to a third country or an international organization.
If that is the case, the data subject also has the right to be informed of the appropriate safeguards relating to the transfer.
If a data subject would like to utilize these rights of access and information, he or she can contact one of our Data Processing Officers at any time.
Any data subject whose personal data is processed has the right granted by European Union legislators and regulators to obtain without undue delay the rectification of inaccurate personal data concerning him or her. Moreover, and taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.
If a data subject would like to utilize this right of rectification, he or she can contact one of our Data Processing Officers at any time.
Any data subject whose personal data is processed has the right granted by European Union legislators and regulators to obtain from the controller the erasure of personal data concerning him or her without undue delay where one of the following grounds applies and processing is not required:
The personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
The data subject withdraws consent on which the processing is based according to point (a) of GDPR article 6(1), or point (a) of GDPR article 9(2), and where there is no other legal ground for the processing.
The data subject objects to the processing pursuant to GDPR article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to GDPR article 21(2).
The personal data has been unlawfully processed.
The personal data has to be erased for compliance with a legal obligation in European Union or Member State law to which the controller is subject.
The personal data has been collected in relation to the offer of information society services referred to in GDPR article 8(1).
Where one of the above grounds applies and a data subject would like to have the personal data saved at the D.O.M. erased, he or she can contact one of our Data Processing Officers at any time.
A Data Processing Officer will arrange to have the erasure request taken care of promptly.
Where the D.O.M. has made the personal data public and, as controller, is obliged pursuant to GDPR article 17(1) to erase the personal data, the D.O.M., taking account of available technology and the cost of implementation, will take reasonable steps, including technical measures, to inform other controllers processing the personal data that the data subject has requested the erasure by these other controllers of any links to, or copy or replication of, this personal data, provided it is not necessary to process the data. A Data Processing Officer will arrange the operations required for the specific situation.
Any data subject whose personal data is processed has the right granted by European Union legislators and regulators to obtain the controller's restriction of processing where one of the following applies:
The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
The processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of its use instead.
The controller no longer needs the personal data for the purposes of the processing, but it is required by the data subject for the establishment, exercise, or defense of legal claims.
The data subject has objected to processing pursuant to GDPR article 21(1) pending the verification of whether the legitimate grounds of the controller override those of the data subject.
Where one of the above requirements is met and a data subject would like to have the processing of personal data saved at the D.O.M. restricted, he or she can contact one of our Data Processing Officers at any time. A Data Processing Officer will arrange to have the processing restricted.
Any data subject whose personal data is processed has the right granted by European Union legislators and regulators to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used, and machine-readable format. The data subject also has the right to transmit that data to another controller without hindrance from the controller to which the personal data has been provided, where the processing is based on consent pursuant to point (a) of GDPR article 6(1) or point (a) of GDPR article 9(2) or on a contract pursuant to point (b) of GDPR article 6(1), and the processing is carried out by automated means. However, this latter right does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Additionally, in exercising his or her right to data portability pursuant to GDPR article 20(1), the data subject has the right to have the personal data transmitted directly from one controller to another where technically feasible and where the rights and freedoms of others are not adversely affected.
If a data subject would like to utilize this right to data portability, he or she can contact one of our Data Processing Officers at any time.
Any data subject whose personal data is processed has the right granted by European Union legislators and regulators to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of GDPR article 6(1), including profiling based on those provisions.
In the event of an objection, the D.O.M. will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims.
Where the D.O.M. processes personal data for direct marketing purposes, the data subject has the right to object at any time to processing of personal data concerning him or her for such marketing. The right to objection includes profiling, to the extent that it is related to such direct marketing. Where the data subject objects to the D.O.M. processing for direct marketing purposes, the D.O.M. will no longer process the personal data for such purposes.
In addition, where personal data is processed for scientific or historical research purposes or statistical purposes pursuant to GDPR article 89(1), the data subject, on grounds relating to his or her particular situation, has the right to object to processing of personal data concerning him or her, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
To exercise his or her right of objection, the data subject can directly contact the Chairperson of the D.O.M. Foundation or another member of the Foundation's council. Furthermore, in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, the data subject has the option of exercising his or her right to object by automated means using technical specifications.
Any data subject whose personal data is processed has the right granted by European Union legislators and regulators not to be subject to a decision based solely on automated processing, including profiling, which has legal consequences for him or her or significantly affects him or her in a similar manner. However, this right does not apply if the decision: (1) is necessary for entering into, or performance of, a contract between the data subject and the controller, or (2) is authorized by European Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject's rights, freedoms, and legitimate interests, or (3) is based on the data subject's explicit consent.
If the decision is (1) required for entering into or performance of a contract between the data subject and controller, or (2) based on the data subject's explicit consent, the D.O.M. will implement suitable measures to safeguard the data subject's rights, freedoms, and legitimate interests, which involves at least the right for the data subject to obtain human intervention from the controller, to express his or her point of view, and to contest the decision.
If a data subject would like to utilize rights relating to automated decisions, he or she can contact one of our Data Processing Officers at any time.
Any data subject whose personal data is processed has the right granted by European Union legislators and regulators to withdraw his or her consent to the processing of that personal data at any time.
If a data subject would like to utilize his or her right to withdraw consent, he or she can contact one of our Data Processing Officers at any time.
The controller has integrated the Google Analytics component into this Web site (using the anonymization function). Google Analytics is a Web analytics service. Web analytics involves the collection, storage, and analysis of data regarding the behavior of Web site visitors. A Web analytics service records data that includes the Web site from which a data subject has arrived at another (called the "referrer"), the sub-Web sites that are accessed on a Web site, and the length of time spent on a sub-Web site. Web analytics is used primarily to optimize Web sites and for cost-benefit analyses on Internet advertising.
The company operating the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.
The controller adds the "_gat._anonymizelp" feature for the Web analytics provided by Google Analytics. This feature abbreviates and anonymizes the IP address of the data subject's Internet connection when our Web site is visited from a Member State of the European Union or European Economic Area.
The purpose of the Google Analytics component is to analyze the flows of visitors to our Web site. Google uses the acquired data and information for purposes such as analysis of our Web site's usage, composing online reports for us that display the activities on our Web site, and rendering other services associated with the usage of our Web site.
Google Analytics saves a cookie on the data subject's information technology system. There is an explanation of what cookies are earlier in this statement. Saving cookies enables Google to analyze how our Web site is used. Every time an individual page is visited on this Web site, the latter being operated by the controller and featuring an integrated Google Analytics component, the Web browser on the data subject's information technology system automatically causes the relevant Google Analytics component to transfer data to Google for online analysis. As part of this technological operation, Google gains knowledge of personal data such as the data subject's IP address, which is used to enable Google to perform actions such as tracking visitor origin and clicks, which is in turn used to calculate commission.
The cookie is used to save personal information, for example, time of visit, place the visit was from, and frequency of the data subject's visits to our Web site. Every time our Web site is visited, this personal data, including the IP address for the data subject's Internet connection, is transferred to Google in the United States. This personal data is stored by Google in the United States. In some cases, Google shares the personal data collected through these technological processes with third parties.
As already explained above, the data subject can at any time stop cookies being saved by our Web site through his/her Web browser's corresponding settings and at the same time permanently object to cookies being saved. Web browser settings along these lines generally also prevent Google from saving a cookie on the data subject's information technology system. Furthermore, cookies that have already been saved by Google Analytics can be deleted at any time using the Web browser or other software programs.
You can find more information and Google's applicable privacy provisions at https://www.google.de/intl/de/policies/privacy/ and http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail at https://www.google.com/intl/de_de/analytics/.
The controller has integrated components of PayPal into this Web site. PayPal is an online payment service provider. Payments are transacted through PayPal accounts, which effectively act as online bank accounts for private or commercial use. Moreover, PayPal offers the option of processing virtual payments via credit card if a user does not have a PayPal account. PayPal accounts are held under an e-mail address, for which reason they do not have an account number. PayPal makes it possible to trigger online payments to third parties and to receive payments too. PayPal also acts in a fiduciary capacity and offers purchase protection for buyers.
The company operating PayPal in Europe is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.
If a data subject selects the PayPal payment option during our online shop's order process, the data subject's data will be transferred to PayPal automatically. By selecting this payment option, the data subject gives his or her consent to the transfer of personal data required to process payment.
The personal data transferred to PayPal usually includes the data subject's first name, surname, physical address, e-mail address, IP address, landline phone number, mobile phone number, or other data as necessary to process payment. Personal data related to the respective order is also required in order to fulfill the purchase agreement.
Data is transferred in order to process payment and prevent fraud. Note that the controller will transfer personal data to PayPal when there is a legitimate interest for doing so. The personal data exchanged between PayPal and the controller may in some cases be transferred by PayPal to credit agencies. Where this occurs, it is for the purposes of verifying the data subject's identity and creditworthiness.
PayPal may potentially share personal data with affiliated companies and service providers or subcontractors to the extent that it is required to fulfill contractual obligations or if the data is to be processed by an external contractor.
The data subject is free to withdraw his or her consent to PayPal's handling of personal data. A withdrawal of consent does not have an effect on personal data that is compelled to be processed, used, or transferred so that payment can be transacted (as contractually agreed).
You can view PayPal's applicable privacy provisions at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
For our Foundation, point (a) of GDPR article 6(1) serves as the legal basis for the processing operations for which we seek consent regarding a specific, intended purpose. If it is necessary to process personal data to perform a contract for which the counterparty is the data subject, as is the case for processing operations required for the delivery of goods, provision of another service, or rendering of consideration, for example, the data is processed on the basis of point (b) of GDPR article 6(1). The same applies to processing operations required to conduct precontractual activities, for instance, when inquiries are made about our products or services. If our Foundation is subject to a legal obligation that requires us to process personal data, for example, to fulfill tax obligations, the personal data is processed on the basis of point (c) of GDPR article 6(1). In exceptional cases, it may become necessary to process personal data to safeguard the vital interests of the data subject or another natural person. In such cases, the personal data is processed on the basis of point (d) of GDPR article 6(1). Finally, processing operations may be performed on the basis of point (f) of GDPR article 6(1). This legal basis applies to processing operations not incorporated under any of the above legal bases if it is necessary to process personal data to safeguard a legitimate interest of our Foundation or a third party, provided the interests, fundamental rights, and fundamental freedoms of the data subject are not overriding. We are explicitly permitted to perform such processing operations as they have been specially mentioned in European Union legislation. In this regard, European Union legislation takes the view that a legitimate interest may potentially be assumed if the data subject is a client of the controller (GDPR recitals, item 47, second sentence).
If personal data is processed on the basis of point (f) of GDPR article 6(1), our legitimate interest is the performance of our business activities to the benefit of the well-being of all our employees and shareholders.
The period for which personal data is stored is calculated based on the relevant statutory retention period. The corresponding data is deleted as a matter of routine when the period expires, provided it is no longer required to perform or initiate contracts.
Please be aware that the law (e.g. tax regulations) partly requires you to supply personal data, and contractual regulations (e.g. details about the contract party) may do so too. When entering into the contract, it may occasionally be the case that the data subject provides personal data which must then be processed by us. For example, the data subject is obliged to provide us personal data if our Foundation enters into a contract with him or her. Not providing the personal data would result in not being able to enter into a contract with the data subject. Before providing personal data, the data subject must contact one of our Data Processing Officers. A Data Processing Officer gives the data subject a case-specific explanation of whether the provision of personal data is required by law or contract or to enter into the contract, whether there is an obligation to provide personal data, and the consequences that not providing personal data would have.
As a responsible Foundation, we do not make decisions automatically or conduct profiling.