This privacy policy informs you about the nature, scope, and purpose of processing personal data (hereinafter referred to as “data”) in the context of our services, as well as within our online offerings, related websites, features, and content, along with external online presences, such as our social media profiles (hereinafter collectively referred to as the “online offering”). For the terminology used, such as “processing” or “controller,” we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).
Controller Institute for Corruption Prevention e.V.
c/o Prof. Dr. Carsten Stark
Hochschule Hof
Alfons-Goppel-Platz 1
95028 Hof
Germany
Link to Imprint: https://korruptionspraevention.eu/de/impressum/
Types of Data Processed
- Basic data (e.g., personal details, names, addresses).
- Contact data (e.g., email, phone numbers).
- Content data (e.g., text entries, photos, videos).
- Usage data (e.g., visited websites, content interests, access times).
- Meta/communication data (e.g., device information, IP addresses).
Categories of Data Subjects Visitors and users of the online offering (hereinafter collectively referred to as “users”).
Purpose of Processing
- Providing the online offering, including its features and content.
- Responding to contact inquiries and communicating with users.
- Security measures.
- Reach measurement/marketing.
Terminology Used
“Personal data” refers to all information relating to an identified or identifiable natural person (“data subject”). A natural person is considered identifiable if they can be identified directly or indirectly, especially by linking to identifiers such as a name, identification number, location data, or online identifiers (e.g., cookies).
“Processing” means any operation or set of operations performed on personal data, with or without automated means.
“Pseudonymization” refers to processing personal data so that it cannot be attributed to a specific data subject without additional information, provided the additional information is stored separately and is subject to technical and organizational measures.
“Profiling” involves automated processing of personal data to evaluate certain personal aspects, particularly analyzing or predicting a person’s work performance, economic situation, health, preferences, interests, reliability, behavior, location, or movements.
“Controller” refers to the person or entity determining the purposes and means of processing personal data.
“Processor” refers to a person or entity processing personal data on behalf of the controller.
Relevant Legal Bases According to Article 13 GDPR, we inform you about the legal bases of our data processing. If not specified otherwise:
- The legal basis for obtaining consent is Article 6(1)(a) and Article 7 GDPR.
- Processing for the performance of our services or for contractual measures is based on Article 6(1)(b) GDPR.
- Processing for compliance with legal obligations is based on Article 6(1)(c) GDPR.
- Processing to protect vital interests is based on Article 6(1)(d) GDPR.
- Processing for public interest tasks or in the exercise of official authority is based on Article 6(1)(e) GDPR.
- Processing to safeguard legitimate interests is based on Article 6(1)(f) GDPR.
Security Measures We implement appropriate technical and organizational measures to ensure data security according to the current state of technology, considering implementation costs, nature, scope, purposes of processing, and risk levels.
Collaboration with Processors, Joint Controllers, and Third Parties
We only share data with third parties if legally permissible (e.g., fulfilling contractual obligations), with user consent, or based on our legitimate interests (e.g., employing contractors or hosting providers).
Data Transfers to Third Countries
Data transfer to countries outside the EU or EEA occurs only if necessary for contract performance, user consent is obtained, or other legal grounds exist.
Rights of Data Subjects
- Right to access processed data.
- Right to rectification or completion of inaccurate or incomplete data.
- Right to deletion of data under legal conditions.
- Right to restriction of processing or data portability.
- Right to lodge complaints with supervisory authorities.
Objection and Revocation Rights You can object to the future processing of your data at any time under GDPR guidelines, especially for direct marketing purposes.
Cookies and Marketing Objections Cookies are small files stored on user devices to retain session information. Users can configure their browser settings to prevent or delete cookies, which may impact functionality.
Data Deletion Data is deleted when no longer necessary for its intended purpose or due to legal retention requirements.
For further details and regular updates, please review our full privacy policy.
Newsletter
The following information outlines the content of our newsletter, the subscription, sending, and statistical evaluation processes, as well as your rights to object. By subscribing to our newsletter, you agree to receive it and to the procedures described.
Content of the Newsletter:
We send newsletters, emails, and other electronic notifications containing promotional information (hereinafter “newsletter”) only with the recipients’ consent or a legal basis. If the content of the newsletter is specifically described during registration, this content is decisive for the users’ consent. Otherwise, our newsletters include information about our services and company.
Double-Opt-In and Logging:
The subscription to our newsletter follows a double-opt-in process. After registration, you will receive an email requesting confirmation of your subscription. This confirmation is necessary to ensure that no one can subscribe using another person’s email address. Newsletter subscriptions are logged to provide evidence of the subscription process in compliance with legal requirements. The logging includes storing the registration and confirmation times as well as the IP address. Changes to your data stored with the service provider are also recorded.
Registration Data:
To subscribe to the newsletter, it is sufficient to provide your email address. Optionally, we may request your name to address you personally in the newsletter.
Legal Basis:
The newsletter is sent, and performance measurements are conducted, based on the recipients’ consent pursuant to Art. 6(1)(a), Art. 7 GDPR in conjunction with § 7(2)(3) UWG or, if consent is not required, on our legitimate interests in direct marketing pursuant to Art. 6(1)(f) GDPR in conjunction with § 7(3) UWG.
The logging of the subscription process is based on our legitimate interests pursuant to Art. 6(1)(f) GDPR. Our interest lies in using a user-friendly and secure newsletter system that serves our business interests and meets user expectations while allowing us to provide evidence of consent.
Unsubscribing/Revoking Consent:
You can cancel the receipt of our newsletter at any time, i.e., revoke your consent. A link to unsubscribe can be found at the end of every newsletter. We may store unsubscribed email addresses for up to three years based on our legitimate interests to prove previously given consent. The processing of this data is limited to defense against potential claims. Individual deletion requests are possible at any time, provided previous consent is confirmed.
Newsletter Service Provider
The newsletter is sent via the service provider The Newsletter Plugin, Web Agile S.a.s. di Fietta. You can view the service provider’s privacy policy here: https://www.thenewsletterplugin.com/documentation/gdpr-compliancy.
The service provider is used based on our legitimate interests pursuant to Art. 6(1)(f) GDPR and a data processing agreement pursuant to Art. 28(3)(1) GDPR.
The service provider may use recipient data in pseudonymized form—i.e., without assigning it to a user—for optimizing or improving their services, e.g., technical optimization of the newsletter sending process or presentation, or for statistical purposes. However, the service provider does not use the data of our newsletter recipients to contact them directly or pass it on to third parties.
Created using the privacy policy generator by RA Dr. Thomas Schwenke.