Privacy policy for users / visitors of our website

Data protection declaration for users / visitors to our website

 

Name and contact of the person responsible according to Article 4 Paragraph 7 GDPR:

NHA NorthHessenAccelerate – Innovation, Digitization and Collaboration e.V. Ludwig-Erhard-Strasse 10 34131 Kassel, Germany

Executive Board:

Manuel Bork, Alexander Katzung, Moritz Strube, Kai-Lorenz Wittrock

Managing Director: Dr. Gerold Kreuter

Phone: +49 (0) 561 – 82793-750

Email: info@nha-ev.de

Internet: www.nha-ev.de

According to Art. 37 GDPR in conjunction with Section 38 BDSG, we are not obliged to appoint a data protection officer. For data protection inquiries or for further information on the processing of your personal data, you can reach us by post at the above address with the addition – data protection – or by email at info@nha-ev.de.

I. Information about the collection of personal data

In the following we inform you about the collection of personal data when using our website. Personal data are e.g. B. Name, address, email addresses, user behavior. If you contact us by e-mail or using a contact form, the data you provide (your e-mail address, possibly your name and telephone number) will be saved by us in order to answer your questions. We delete the data arising in this context after storage is no longer required, or processing is restricted if there are statutory retention requirements. Our offer is basically aimed at adults. Persons under the age of 18 should not transmit any personal data to us without the consent of their parents or legal guardians.

II. Collection of personal data when you visit our website

If you only use the website for informational purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server.

 If you would like to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (e.g. to avert danger and to rectify faults) (legal basis is Art. 6 Para. 1 sentence 1 lit.f GDPR – our legitimate interests):

  • IP address – the date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status / HTTP status code
  • amount of data transferred in each case
  • Website from which the request came
  • Browser type
  • Operating system and its interface
  • Language and version of the browser software.

This data is collected and processed by our processor, who hosts and provides the website for us. This data will be deleted after a storage period of 60 days.

III. Use of cookies

 

The following cookies are used:

Necessary cookies:

Elementor (type: HTML, sequence: persistent)

Purpose: Used in conjunction with the website’s WordPress theme. The cookie allows the website owner to implement or change the content of the website in real time.

Cookiebot

Purpose: Is required to collect the website’s cookies and manage the consents


IV. Links to other websites and networks (social media)

We maintain online presences within social networks and link to them as part of our website and to other online presences (e.g. those of our cooperation companies) in order to offer our users further / current information about our association and our activities. We would also like to point out that when you click on the corresponding link on our website, you will be forwarded to these social networks and, in this case, data from users outside the EU and thus to insecure third countries such as the USA can also be transmitted . We have no influence on this. When you simply visit our website, no data is transmitted to the providers of the social networks.

The association, as the person responsible for this website, does not pass on any personal data to the respective site operator. The respective site operators are responsible for the processing of your personal data themselves or jointly with the association. The website operators linked on our website have their own data protection declarations for use in Europe; In these you will also find a detailed description of the processing carried out by the third-party providers and the associated options for objection (opt-out). You can see it here:

 

V. Further functions and offers on our website

In addition to purely informational use We offer various services on our website that you can use if you are interested. To do this, you usually have to provide additional personal data that we use to provide the respective service and for which the aforementioned data processing principles apply. In some cases, we also use external service providers (e.g. host and service providers) as so-called contract processors in accordance with Art. 28 GDPR, which are assigned to our legal sphere, to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are checked regularly.

VI. Creation of anonymized visitor statistics

We use the Koko Analytics plug-in on this website. This plugin does not set any cookies. If (sub) pages of our website are called up, the following data is saved: the subpage called up and the time of the call, the page from which the user came to our website, the pages that are accessed from the called up subpage. The data collected is immediately anonymized and stored on our own server. It is explicitly not passed on to third parties. The legal basis on which we process personal data using Koko Analytics is Article 6 (1) (f) of the GDPR. We need the data to analyze the surfing behavior of the users and to obtain information about the use of the content of this website. This enables us to continuously optimize the website and its user-friendliness. Our legitimate interest in accordance with Art. 6 Paragraph 1 lit. f GDPR is based on these purposes. By anonymizing the IP address, we take into account the interests of users in the protection of personal data. The data is never used to personally identify the user of the website and is not merged with other data. You can also use / activate the Do-Not-Track (DNT) function of your browser to completely prevent the creation of visitor statistics about your visit.

VII. Use of our contact form

If you send us inquiries using the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions.

The processing of the data entered by you in the contact form (e-mail, name, free text information, your role / function) is therefore based on your consent (Art. 6 Para. 1 lit. a GDPR) or – depending on the type of contact – also on the basis of (pre-) contractual measures in accordance with Article 6 Paragraph 1 lit. GDPR. You can revoke this consent at any time. An informal e-mail to us is sufficient for this. The legality of the data processing operations carried out before the revocation remains unaffected by the revocation. The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.

Please also note the information below on the transfer of personal data to insecure third countries in the context of electronic communication.

VIII. Contact via email (email client on your computer)

In particular, visitors can send us messages by e-mail or by using the “contact button”, voluntarily providing personal data. In order to receive an answer from you, at least a valid e-mail address and your last name are required. The person making the request can provide all further information voluntarily and is not obliged to do so. By sending the email, the visitor consents to the processing of the transmitted personal data. The data processing takes place exclusively for the purpose of handling and answering inquiries. This is done on the basis of voluntarily given consent in accordance with Art. 6 Paragraph 1 Clause 1 Letter a) GDPR or – depending on the type of contact – also on the basis of (pre-) contractual measures in accordance with Art. 6 Paragraph 1 lit. b . GDPR. The data received from you via this communication channel and processed by us will be automatically deleted as soon as the request has been dealt with and there are no reasons for further storage (e.g. subsequent commissioning, etc.). As soon as the purpose of the data processing (e.g. answering your request by our company) has been fulfilled, we will delete your data, provided that there are no statutory retention requirements.


Transfer of personal data to third countries outside the EU / EEA:

Due to the use of Microsoft Office 365 (recipient: “Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Dublin 18, Ireland “) in our association, it is not excluded that personal data that accrues or is processed through electronic communication or contractual relationship with you (see point” Use of our contact form “and” Contact via e-mail ”in this data protection declaration), as part of our respective legal relationship, can also be transmitted to servers outside the EU / EEA, for example to the USA. If we pass on personal data to service providers outside the European Economic Area (EEA) through the Microsoft Office 365 service we use in the U.S.A., it will be transmitted if there are suitable guarantees in accordance with Art. 44 ff. GDPR. Information on the processing of personal data by Microsoft is available from the following link: https://privacy.microsoft.com/de-de/privacystatement . You can request detailed information on this and the level of data protection from our service providers in third countries using the contact information mentioned above.

IX. What rights do you have with regard to your personal data and the data processing carried out by us?

You have rights with regard to your personal data. Special legal regulations can prevent the fulfillment of general data protection rights. You have the data protection rights listed below against us:

Information desk

According to Art. 15 GDPR, you can request information about your personal data processed by us. This includes, for example, information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed as well as the planned storage duration of the data.


Rectification
According to Art. 16 GDPR, you can immediately request the correction of incorrect or the completion of your personal data stored by us.

Deletion
In accordance with Art. 17 GDPR, you have the right to request the deletion of your personal data stored by us, unless processing to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defense of legal claims is necessary.

Restriction of processing
According to Art. 18 GDPR, you can request the restriction of the processing of your personal data if you dispute the correctness of the data, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it to assert it, Need to exercise or defend legal claims or you have objected to processing in accordance with Art. 21 GDPR.

Data portability
In accordance with Art. 20 GDPR, you can receive your personal data that you have provided to us in a structured, common and machine-readable format or request that it be transmitted to another person responsible. If you request the direct transfer of the data to another person responsible, this will only be done if it is technically feasible.

Revocation and objection
According to Art. 7 Para. 3 GDPR, you have the right to revoke your once given consent (which you have given, for example, via our cookie manager, which was displayed to you at the beginning of your visit to our website) to us at any time (e.g. in writing, by e-mail or via the corresponding function of the cookie manager on this page). As a result, we are no longer allowed to continue the data processing based on this consent in the future.

If we process your data to safeguard legitimate interests, you can object to this processing for reasons that arise from your particular situation. We will then no longer process your personal data unless we can prove compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.

Right to complain

In accordance with Art. 77 GDPR, you can complain to the responsible supervisory authority about our processing of your personal data at any time. The supervisory authority responsible for us is the Hessian Commissioner for Data Protection and Freedom of Information, based in Gustav-Stresemann-Ring 1, 65189 Wiesbaden.

Status of the data protection declaration: June 15, 2021.