DATA PROTECTION DECLARATION BY AND DECLARATION OF CONSENT FOR GOETHE-INSTITUT E.V.
 

The Goethe-Institut takes the protection of your data very seriously. With this privacy policy we want to transparently inform you about which personal data ("your data") we collect, process and use if you visit our website.

If not stated otherwise the wording of „Data“ and „Information“ is mostly referred to provided text or media by the User.

 

1. INFORMATIONAL USE OF THE WEBSITE

You can visit our website and use some of our internet offers without providing any personal information. Whenever a web page is called up, the web server merely automatically stores access data in so-called server log files which are automatically communicated by your browser. This includes data such as the name of the requested file, the last visited website, the date and time of the retrieval, the browser used, the amount of data transmitted, your IP address, the requesting provider etc. Within the scope of a processing procedure on our behalf, a third-party provider provides the services for hosting and displaying the website. This service provider is located within a country in the European Union or the European Economic Area.

For the purpose of a shorter loading time of our online presence, we also use a so-called Content Delivery Network ("CDN"), in which the website is delivered via the web server of a CDN provider working for us within the scope of order processing. Accordingly, access data is also collected on the web servers of the provider.

All access data is stored for a period of 14 days. The access data is evaluated to provide solely to ensure interference-free operation of the website, error analysis, and to improve our service. This data is evaluated to provide analytical information of interest in provided data of the webservice. The use of a CDN provider, as well as the procedure described here, serves to safeguard our legitimate interests, which are predominant in the context of a weighing up of interests in accordance with Art. 6 (1) lit. f. GDPR regarding the correct representation of our offer.

 

2. DATA COLLECTION AND USE FOR THE CONTRACT EXECUTION

We collect personal data if you provide this to us when contacting us (for example, via a contact form or email) or when registering for a user account on cinidb.africa. The specific data collected in detail and that information which is mandatory and that which is voluntary, can be found in the respective input forms.

 

3. REGISTRATION ON CINIDB.AFRICA ACCOUNT AND DELETION

For you to leave comments or contributions, engage with other users, participate in entering or changing information, uploading media a registration and creation of a "cinidb.africa account" is required. For registration we process your registration data (email address and password). The password and address is encrypted and stored to manage the login process. To finalise the registration the applied user is send an eMail to confirm the registration and thereby accept the legal documents provided on the frontpage of the website.

a) Personal information and content created by you

Compulsory information only pertains to that data which is provided in the context of the creation of the cinidb.africa account and which we absolutely need for the implementation of our offers or the execution of any contractual relationship existing with you.

We collect and process the data you have provided in the context of the execution of this contract as per Art. 6 (1) lit. b GDPR

• to check your application to create a cinidb.africa account

• to provide the services you participate in (blogs, forums, comments, self-presentation, institutions such as festivals, schools, agencies and so on, communities, chats, Linking etc.)

• to fulfil our obligations under contracts already in existence with you. You may voluntarily provide further personal information and content (so-called user-generated content), such as a photo of you, texts in the form of blog or forum contributions, contributions to discussions, etc. The specific data collected in detail and that information which is mandatory and that which is voluntary, can be found in the respective input forms. We process the data voluntarily provided in order to safeguard the predominant common interests in a diverse exchange within the framework of our platform in accordance with Art. 6 (1) lit. f GDPR.

b) Data publication

If, in accordance with Art. 6 (1) Clause 1 lit. a GDPR, you consent to the processing of your data in order to create a user account, other users may see the data you have left using the cinidb.africa account, such as your name or username, your contributions, including creation date and time, your memberships in groups, your friends, your learning lists, your files, your online status, your ratings, the duration of your membership, your gender, and your guestbook entries, skills, work, educational data and others provided by you.

c) Deletion

If you do not confirm your registration within 14 days, your cinidb.africa account will be deleted along with the data provided during registration. If you confirm the registration, a user account will be created in accordance with the present explanation. The deletion of your cinidb.africa account and your data stored there is possible at any time and can be done either via a message with the header "account delete" sent to the contact details provided below.

After deletion of your user account, your data will be blocked from further use and deleted after expiry of the statutory fiscal and commercial retention periods. If any statutory fiscal or commercial data retention requirements for individual data do not apply, these will be deleted immediately after the respective contract has been processed. Any other state of affairs is only valid if you have expressly consented to the further use of your data or if we reserve the right to use the data beyond that in a manner permitted by law and about which we will inform you below.

 

4. GOOGLE RECAPTCHA AND GOOGLE MAPS

a) Google reCAPTCHA

For the purpose of protection against misuse of our web forms as well as against spam we use the Google reCAPTCHA service as part of some forms on this website. By checking a manual entry, this service prevents automated software (so-called bots) from performing abusive activity on the site. In accordance with Art. 6 (1) Clause 1 lit. f the preservation of our justified legitimate interests in the protection of our website against misuse as well as an interference-free representation of our online presence.

Google reCAPTCHA is an offer from Google LLC (www.google.com).

Google LLC is headquartered in the United States. This country has an adequacy ruling from the European Commission. This goes back to the EU US Privacy Shield, under which Google LLC is certified. A current certificate can be viewed here: https://www.privacyshield.gov/list

Google reCAPTCHA uses a code embedded in the website, a so-called JavaScript, as part of the review methods that allow an analysis of your use of the website, such as cookies. The automatically collected information about your use of this website, including your IP address, is usually transmitted to a Google server in the USA and stored there. In addition, other cookies stored by Google services in your browser are evaluated by Google reCAPTCHA.

There is no readout or storage of personal data from the input fields of the respective form. For more information about Google's privacy policy, visit www.google.com/policies/privacy/.

You can prevent Google's collection of the data generated by the JavaScript or the cookie related to your use of the website (including your IP address), as well as the processing of this data by Google, by preventing the running of JavaScripts or setting of cookies in your browser settings. Please note that this may limit the functionality of our web site for your use. For more information about Google's privacy policy and setting options, visit www.google.com/policies/privacy/.

 

5. DATA COLLECTION AND USE FOR THE PURPOSES OF DIRECT ADVERTISING

a) Email newsletters

If you subscribe to one of our newsletters, we will use the information required or separately provided by you to periodically send you the subscribed email newsletter. The sending of email newsletters takes place on the basis of your separate explicit consent according to Art. 6 (1) lit. a GDPR. For security reasons, we use the so-called double opt-in procedure: We will only send you a newsletter by email if you have previously confirmed your newsletter subscription. For this purpose, we will send you an email confirming the subscription via the link contained therein. We want to make sure that only you as the owner of the specified email address can subscribe to the newsletter.

The newsletter is sent as part of a processing order on our behalf by a service provider, to which we pass on your email address.

You may object to this use of your email address at any time by sending a message to the contact details provided below or through a dedicated link in the email message, without incurring any costs other than the transmission costs according to the basic tariffs.

 

6. COOKIES

In order to make the visit to our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. This serves to safeguard our legitimate interests, which predominate in the context of a weighing up of interests, in an optimised presentation of our offer pursuant to Art. 6 (1) lit. f GDPR. These are small text files that are stored on your device.

Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your device and allow us to recognise your browser the next time you visit it and possibly enable you to log in automatically (persistent cookies). For example, if you activate the option "Remember me" by ticking a checkmark at goethe.de, a cookie will be set which we will use to recognize you within a certain period of time when calling up goethe.de.

You can view the duration of the persistent cookies via your browser. You can set your browser so that you are informed about the setting of cookies and individually decide on their acceptance or exclude the acceptance of cookies for specific cases or in general. Each browser differs in the way it manages the cookie settings. This is described in the Help menu of each browser, which explains how to change your cookie settings. These can be found for the respective browser under the following links:

Internet Explorer™: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies

Safari™: https://support.apple.com/kb/ph21411?locale=en_US

Chrome™: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=de&answer=95647

Firefox™: https://support.mozilla.org/en/kb/cookies-allow-and-recognize

Failure to accept cookies may limit the functionality of our website.

7. WEB ANALYTICS

 

10. DATA DISTRIBUTION TO THIRD PARTIES

We don't provide data to third parties.

 

11. DATA PROTECTION

We protect our website and other systems through technical and organisational measures against the loss, destruction, access, modification or dissemination of your data by unauthorised persons, such as during the creation of the cinidb.africa account or a later login through an SSL encryption.

 

12. YOUR RIGHTS AND DATA PROTECTION CONTACT INFORMATION

As a data subject, you have the following rights:

• according to Art. 15 GDPR, you have the right to demand information on the personal data processed by us in the scope specified therein;

• in accordance with Art. 16 GDPR, you have the right to demand without delay the correction of incorrect personal data or completion of personal data stored with us;

• according to Art. 17 GDPR, you have the right to demand the deletion of your personal data stored by us, unless further processing is required

o to exercise the right to freedom of expression and information;

o to fulfil a legal obligation;

o for reasons of public interest or

o to assert, exercise or defend legal claims

• according to Art. 18 GDPR, you have the right to demand the restriction of the processing of your personal data, insofar as

o the accuracy of the data is disputed by you; o the processing is illegal, but you reject its deletion;

o we no longer need the data, but you need it for asserting, exercising or defending legal claims, or

o you have filed an objection against the processing in accordance with Art. 21 GDPR;

• according to Art. 20 GDPR, you have the right to receive your personal data, which you have provided to us, in a structured, common and machine-readable format, or to request the transfer to another responsible party;

• according to Art. 77 GDPR, you have the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.

If you have any questions regarding the collection, processing or use of your personal data, information, correction, restriction of, processing or deletion of data, and revocation of any consent granted or objection to a particular use of data and the right to data portability, please contact our company data protection officer:

Die Datenschutzbeauftragte
Goethe-Institut e.V.
Oskar-von-Miller-Ring 18
80333 München
datenschutz@goethe.de

 

13. RIGHT OF OBJECTION

To the extent that we process personal data as explained above in order to safeguard our legitimate interests, which are predominant in the context of a weighing up of interests, you can object to this processing with effect for the future. If the processing is for the purpose of direct marketing, you can exercise this right at any time as described above. Insofar as the processing takes place for other purposes, you are only entitled to a right of objection if there are reasons that arise from your particular situation.

After exercising your right to object, we will not further process your personal data for these purposes, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.

This does not apply if the processing is for direct marketing purposes. In that case we will not process your personal data for this purpose. .