General Information

Thank you for visiting our website at westerwelle-foundation.com and for your interest in our company.
The protection of your personal data, such as date of birth, name, telephone number, address, etc., is important to us.

The purpose of this privacy policy is to inform you about the processing of personal data that we collect from you when you visit our website. Our data protection practice is in line with current legal provisions of the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). The following privacy policy serves to fulfill the information obligations resulting from the DSGVO. These can be found, for example, in Art. 13 and Art. 14 et seq. GDPR.

Responsibility

The body responsible within the meaning of Art. 4 No. 7 GDPR alone or jointly with others decides on the purposes and means of processing personal data. With regard to our website, the responsible body is:

Westerwelle Foundation
Civil Law Foundation
Gartenstrasse 6, 10115 Berlin
Germany
Email: office@westerwelle-foundation.com
Tel: 015906228393

Personal Information

We do not collect any personal data (e.g. names, addresses, telephone numbers or e-mail addresses) via our website or our media portal, unless you have given us your consent to provide us with such data voluntarily (e.g. when applying for our Young Founders program). or the relevant legislation on the protection of your data allows this. Please note the special regulation for our Westerwelle Young Founders Program further down in this text.

We may collect information on our website that, by itself, cannot be used to directly identify you. However, in certain cases – especially in combination with other data – this information can constitute “personal data” within the meaning of the law. We may also collect information on our website that does not identify you directly or indirectly, such as aggregated information about all users of our website.

Providing the website and log file creation

When you access our website, our system automatically collects data and information from the device being used (e.g., computer, mobile phone, tablet, etc.).

What personal data is collected and to what extent is it processed?
(1) Information about the type and version of the browser
(2) The operating system of the accessing device
(3) Hostname of the accessing computer
(4) The IP address of the accessing device
(5) Date and time of access
(6) Websites and resources (images, files, other page content) accessed on our website
(7) Websites from which the user’s system accessed our website (referral tracking)
(8) Confirmation of whether the access was successful
(9) Amount of data transmitted

These data are stored in our system’s log files. The storage of this data does not occur alongside personal data of a specific user, and therefore, individual page visitors are not identified.

Legal Basis for the Processing of Personal Data

Art. 6(1)(f) GDPR (legitimate interest). Our legitimate interest is to ensure the achievement of the purpose described below.

Purpose of Data Processing

The temporary (automated) storage of data is necessary for the functioning of a website visit to enable the delivery of the website. The storage and processing of personal data are also carried out to maintain the compatibility of our website for as many visitors as possible and for combating misuse and troubleshooting. This requires logging the technical data of the accessing computer to respond as early as possible to display errors, attacks on our IT systems, and/or malfunctions of our website’s functionality. Additionally, the data is used for optimizing the website and ensuring the general security of our information technology systems.

Duration of Storage

The deletion of the aforementioned technical data occurs as soon as they are no longer needed to ensure the compatibility of the website for all visitors, but no later than 3 months after accessing our website.

Objection and Deletion Options

You can object to the processing at any time in accordance with Art. 21 GDPR and request the deletion of data under Art. 17 GDPR. Information about your rights and how to exercise them can be found in the lower section of this privacy policy.

Special functions of this website

Our site offers you various functions which we use to collect, process and store personal data. Below we explain what happens to this personal data:

Login Section

What personal data is collected and to what extent is it processed?

We will process registration and login information that you have entered to fulfill the purpose stated below.

Legal basis for processing personal data

Article 6 paragraph 1 lit. b GDPR (implementation of (pre)contractual measures)

Purpose of data processing

Our website provides an optional login section which contains information not accessible to the general public. In order to verify your authorization to use the login section or the protected documents, you must enter your login credentials (e-mail or user name and password) in the appropriate form.

Duration of storage

The data collected will be stored for as long as you maintain a user account with us.

Possibility of objection and deletion

You can find out which rights you are entitled to and how you can assert them in the “Your rights” section of this data protection declaration.

Requirement to provide personal data

In order to access protected areas of our website it is contractually required to use the user login. It is not possible to access any protected content without entering personal data. If you would like to use our user login, you must fill out the fields marked as mandatory (user name and password). Entering the data requires the existence of a user account. Registration is not possible if the data you have entered is incorrect. If you enter the data incorrectly or not at all, the protected area cannot be used. However, the rest of the page can still be used without logging in.

Newsletter registration form

What personal data is collected and to what extent is it processed?

By registering for the newsletter on our website, we receive the e-mail address you entered in the registration field and, if necessary, further contact details if you provide them to us through the newsletter registration form.

Legal basis for processing personal data

Article 6 paragraph 1 lit. a GDPR (consent through clear affirmative action or behavior)

Purpose of data processing

The data entered in the newsletter registration form is used by us exclusively for sending our newsletter, in which we provide information about all of our services and our news. After registration, we will send you a confirmation e-mail containing a link that you must click to complete newsletter registration (double opt-in).

Duration of storage

You can unsubscribe from our newsletter at any time by clicking on the unsubscribe link, which is also included in every newsletter. Your data will be deleted by us immediately after you have unsubscribed. We will also delete your data immediately if you have not completed your registration. We reserve the right to delete your data without giving reasons and without prior or subsequent information.

Possibility of objection and deletion

You can revoke your consent at any time in accordance with Art. 7 Para. 3 GDPR. However, the processing that has taken place up to the time of the revocation remains unaffected. With regard to further rights, we refer to the section “Your rights” in this privacy policy.

Requirement to provide personal data

If you would like to receive our newsletter, you must fill in the fields marked as mandatory and confirm the correctness of your e-mail address by clicking on the double opt-in link. The information you provide for newsletter registering is neither necessary to enter into a contract with us nor is it legally binding. They are used exclusively for sending our newsletter. If you do not fill in the necessary fields to register for the newsletter, we will not be able to provide you with our newsletter service.

Statistical Analysis of Website Visits – Webtrackers

We collect, process, and store the following data when this website or individual files of the website are accessed: IP address, the website from which the file was accessed, the file name, date and time of access, amount of data transferred, and a message about the success of the access (so-called web logs). We use this access data exclusively in a non-personalized form to continually improve our online offerings and for statistical purposes. In addition to this, we use the following web trackers to evaluate visits to this website:

Google Analytics
We use the Google Analytics service from Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Email: support-deutschland@google.com, Website: http://www.google.com/. The transmission of personal data also occurs to the USA. Regarding the transmission of personal data to the USA, there is an adequacy decision within the EU-US Data Privacy Framework by the EU Commission in accordance with Article 45 of the GDPR (hereafter: DPF – https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The service operator is certified under the DPF, which ensures that the usual level of protection under the GDPR applies to the data transmission.

The legal basis for processing personal data is your consent in accordance with Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, which you have provided on our website.

Google Analytics is a web tracker that analyzes the behavior of website visitors and their interactions with our website, providing us with evaluations and forecasts on the content and products of our website and their popularity (commonly referred to as tracking). We have integrated Google Analytics to enable the service to compile an analysis of the browsing behavior of page users. To do this, Google collects the page interactions of website visitors with our website and any information obtained from reading cookies or other storage technologies, statistically processing it for us. Google Analytics uses data processing technologies that allow tracking of individual page visitors and their interaction with other Google services, such as the Google Ads advertising network. Data from other Google services are also used to fill data gaps through machine learning technologies, modeled statistics, and forecasting functions, in order to create extensive statistics on the content of our website. If Google Analytics is active on our website, the data determined by Google Analytics is transferred to the servers of the company Google Ireland Limited. As part of order processing, personal data may also be transmitted to the servers of the parent company, Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. We use Google Analytics to continually optimize and make our online offering more accessible. This is a so-called reach measurement.

Regarding the processing, the service or we collect the following data: data on the interactions of page visitors with the content of the website, data on the use of the services displayed on our website, data from external Google services if they interact with our website, such as advertising data or data on behavior related to advertising, data on approximate geographical origin, the browser used, the operating system, and other information about the end device used.

Google Analytics will store the data relevant for web tracking as long as necessary to fulfill the booked web service. Data collection and storage are anonymized. If there is a possibility to establish a personal reference to specific actions after the fact through individual interactions by page visitors, we will delete the data collected when the purpose is achieved. The data will be deleted at the latest when it is no longer subject to legal retention requirements. In general, we will delete this data at the latest after 12 months. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

You can revoke your consent at any time. Further information on revoking your consent can be found either with the consent itself or at the end of this privacy policy.

For more information on handling the transmitted data, please refer to the provider’s privacy policy at https://policies.google.com/privacy.

The provider also offers an opt-out option at https://tools.google.com/dlpage/gaoptout?hl=de.

 

Google Tag Manager
We use the Google Tag Manager service from Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Email: support-deutschland@google.com, Website: http://www.google.com/. The transmission of personal data also occurs to the USA. Regarding the transmission of personal data to the USA, there is an adequacy decision within the EU-US Data Privacy Framework by the EU Commission in accordance with Article 45 of the GDPR (hereafter: DPF – https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The service operator is certified under the DPF, which ensures that the usual level of protection under the GDPR applies to the data transmission.

The legal basis for processing personal data is your consent in accordance with Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, which you have provided on our website.

Google Tag Manager is a background service used by Google to retrieve static content, reducing bandwidth usage and preloading necessary catalog files. The service particularly loads background data for Google Fonts and Google Maps.

As part of order processing, personal data may also be transmitted to the servers of the parent company, Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

You can revoke your consent at any time. Further information on revoking your consent can be found either with the consent itself or at the end of this privacy policy.

For more information on handling the transmitted data, please refer to the provider’s privacy policy at https://policies.google.com/privacy.

The provider also offers an opt-out option at https://policies.google.com/privacy.

Gstatic
We use the Gstatic service from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Email: support-deutschland@google.com, Website: http://www.google.com/. The transmission of personal data also occurs to the USA. Regarding the transmission of personal data to the USA, there is an adequacy decision within the EU-US Data Privacy Framework by the EU Commission in accordance with Article 45 of the GDPR (hereafter: DPF – https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The service operator is certified under the DPF, which ensures that the usual level of protection under the GDPR applies to the data transmission.

The legal basis for processing personal data is your consent in accordance with Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, which you have provided on our website.

Gstatic is a background service used by Google to retrieve static content, reducing bandwidth usage and preloading necessary catalog files. The service particularly loads background data for Google Fonts and Google Maps.

As part of order processing, personal data may also be transmitted to the servers of the parent company, Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

You can revoke your consent at any time. Further information on revoking your consent can be found either with the consent itself or at the end of this privacy policy.

For more information on handling the transmitted data, please refer to the provider’s privacy policy at https://policies.google.com/privacy.

The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

Integration of External Web Services and Data Processing Outside the EU

On our website, we use active content from external providers, known as web services. By accessing our website, these external providers may receive personal information about your visit to our website. This may involve processing data outside the EU. You can prevent this by installing a corresponding browser plugin or disabling script execution in your browser. This may lead to functional limitations on websites you visit.

We use the following external web services:

Google Cloud APIs

We use the Google Cloud APIs service from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Email: support-deutschland@google.com, Website: http://www.google.com/. The transmission of personal data also occurs to the USA. Regarding the transmission of personal data to the USA, there is an adequacy decision within the EU-US Data Privacy Framework by the EU Commission in accordance with Article 45 of the GDPR (hereafter: DPF – https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The service operator is certified under the DPF, which ensures that the usual level of protection under the GDPR applies to the data transmission.

The legal basis for processing personal data is your consent in accordance with Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, which you have provided on our website.

We use Google APIs to load additional services from Google on the website. Google APIs are a collection of interfaces for communication between various Google services that are used on your website. The service is used, in particular, for displaying Google Fonts and providing the Google Maps map.

Regarding the processing, the service or we collect the following data: IP address.

If the service is active on our website, our website establishes a connection to the servers of the company Google Ireland Limited and transmits the necessary data. As part of order processing, personal data may also be transmitted to the servers of the parent company, Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. When using the Google service on our website, information from other Google services may also be transmitted and processed by Google to provide background services for displaying and processing the services provided by Google. This may also involve data transmission to Google services such as Google Cloud, Google Maps, Google Ads, and Google Fonts, according to Google’s privacy policy and under the legal responsibility of Google. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

You can revoke your consent at any time. Further information on revoking your consent can be found either with the consent itself or at the end of this privacy policy.

For more information on handling the transmitted data, please refer to the provider’s privacy policy at https://policies.google.com/privacy.

The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

Google Fonts

We use the Google Fonts service from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Email: support-deutschland@google.com, Website: http://www.google.com/. The transmission of personal data also occurs to the USA. Regarding the transmission of personal data to the USA, there is an adequacy decision within the EU-US Data Privacy Framework by the EU Commission in accordance with Article 45 of the GDPR (hereafter: DPF – https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en). The service operator is certified under the DPF, which ensures that the usual level of protection under the GDPR applies to the data transmission.

The legal basis for processing personal data is your consent in accordance with Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, which you have provided on our website.

We use the Google Fonts service to integrate attractive fonts on our site in order to display our website in an optically improved version. The service may also be used on our website if other Google services on our website require the loading of Google Fonts fonts. This is the case, for example, if our website uses Google services that require Google Fonts to be executed.

Regarding the processing, the service or we collect the following data: font data, the IP address of the page visitor, statistics on font usage, and other data from Google services related to our website.

If the service is active on our website, our website establishes a connection to the servers of the company Google Ireland Limited and transmits the necessary data. As part of order processing, personal data may also be transmitted to the servers of the parent company, Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. When using the Google service on our website, information from other Google services may also be transmitted and processed by Google to provide background services for displaying and processing the services provided by Google. This may also involve data transmission to Google services such as Google APIs, Google Cloud, and Google Ads according to Google’s privacy policy. You can access the certification under the EU-US Data Privacy Framework at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.

You can revoke your consent at any time. Further information on revoking your consent can be found either with the consent itself or at the end of this privacy policy.

For more information on handling the transmitted data, please refer to the provider’s privacy policy at https://policies.google.com/privacy.

The provider also offers an opt-out option at https://support.google.com/My-Ad-Center-Help/answer/12155451?hl=de.

Legal Text Snippets and Modules

We use the Legal Text Snippets and Modules service from Website-Check GmbH, Beethovenstraße 24, 66111 Saarbrücken, Germany, Email: support@website-check.de, Website: https://www.website-check.de/. The transmission of personal data exclusively occurs to servers within the European Union.

The legal basis for processing is Art. 6(1)(c) GDPR. The use of the service helps us to fulfill our legal obligations.

With the help of the service, the content of our legal texts is loaded on our website. The current legal texts are loaded through this integration. This integration may also include loading additional technical modules related to the legal texts or legally required elements.

You can find information about your rights regarding data processing at the end of this privacy policy.

For more information on how the transmitted data is handled, please refer to the provider’s privacy policy at https://www.website-check.de/datenschutzerklaerung/.

About the usage of cookies

What personal data is collected and to what extent is it processed?

On various pages, we integrate and use cookies to enable certain functions of our website and to integrate external web services. These so-called “cookies” are small text files that your browser can store on your access device. These text files contain a characteristic string that uniquely identifies the browser when you return to our website. The process of saving a cookie file is also referred to as “setting a cookie.” Cookies can be set by both the website itself and external web services. The cookies are set by our website or external web services to maintain the full functionality of our website, improve user-friendliness, or pursue the purpose you have consented to. The cookie technology also allows us to recognize individual visitors using pseudonyms, such as an individual or random ID, so that we can offer more individual services. Details are listed in the following table.

Legal basis for the processing of personal data

If cookies are processed based on consent according to Art. 6 (1) lit. a GDPR, this consent is also considered consent under § 25 (1) TTDSG for setting the cookie on the user’s terminal device. If another legal basis is mentioned in accordance with the GDPR (e.g., for the performance of a contract or to fulfill legal obligations), storage or setting is based on an exception under § 25 (2) TTDSG. This occurs “when the sole purpose of storing information on the end user’s device or the sole purpose of accessing information already stored on the end user’s device is to transmit a message over a public telecommunications network” or “when storing information on the end user’s device or accessing information already stored on the end user’s device is absolutely necessary to provide a telemedia service expressly requested by the user.” The relevant legal basis is determined by the cookie table listed later in this section.

Purpose of data processing

The cookies are set by our website or external web services to maintain the full functionality of our website, improve user-friendliness, or pursue the purpose you have consented to. The cookie technology also allows us to recognize individual visitors using pseudonyms, such as an individual or random IDs, so that we can offer more individual services. Details are listed in the following table.

Storage duration

The storage of our cookies continues until they are deleted in your browser or, if it is a session cookie, until the session expires. Details are listed in the following table.

Objection and removal options

You can configure your browser according to your preferences to generally prevent the setting of cookies. You can then decide on a case-by-case basis whether to accept cookies or accept cookies as a general rule. Cookies can be used for various purposes, such as recognizing that your access device is already connected to our website (permanent cookies) or storing recently viewed offers (session cookies). If you have explicitly granted us permission to process your personal data, you can revoke this consent at any time. Please note that the legality of processing performed on the basis of consent before revocation is not affected by the revocation.

List of cookies used

Cookie Name _ga
Server westerwelle-foundation.com
Provider Google Analytics
Purpose This cookie assigns an ID to a user so that the web tracker can aggregate the user’s actions under this ID.
Legal basis Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR (consent)
Storage Duration approx. 24 Months
Type Analytics

 

Cookie Name _ga_*
Server westerwelle-foundation.com
Provider Google Analytics
Purpose This cookie, in connection with Google Analytics or Google Tag Manager, stores a unique ID for a website visitor and tracks how the visitor uses the website
Legal basis Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR (consent)
Storage Duration approx. 24 Months
Type Analytics

 

Cookie Name cookie_notice_accepted
Server westerwelle-foundation.com
Provider Website Operator
Purpose A cookie that stores the user’s decision regarding the cookie banner in the event of consent being granted
Legal basis Art. 6(1)(c) GDPR (compliance with a legal obligation
Storage Duration approx. 30 days
Type Cookie-Banner

Children

Westerwelle Foundation will not knowingly collect personal data from children without expressly pointing out that such data should only be transmitted with the parents’ consent if legal provisions are applicable. Generally, we will only use or share personal information from children as required by law, to obtain legally required parental consent, or to protect children.

Communication Security

Your personal data is protected by technical and organizational measures during collection, storage and processing so that it is not accessible to third parties. If you send information in an unencrypted fashion (i.e. by email), we can not guarantee complete data security on the transmission path to our IT systems, so we recommend encrypted communication or using the postal service for information with a high need for confidentiality.

Additional Disclosures About the Collection and Use of Personal Information in Our Programs

You have the opportunity to apply to our programs, to which the additional terms of this section apply.

Collection, processing and storage of personal data

Personal data from applicants is collected and processed using the online tool Google Forms. More information can be found here: https://privacy.google.com/intl/en_uk/businesses/compliance/#?modal_active=none
In addition, we use the Microsoft Office software to process personal data of our applicants. The personal data of our applicants are stored both on local hard drives and in a cloud.

Use for a specific purpose

Any personal data that you may enter during application (e.g. your first and last name, your e-mail address, your country and your occupation) is used by Westerwelle Foundation exclusively for the purpose of identifying the applicant and ensuring your eligibility to apply. We may also use your personal information to evaluate whether you are a successful applicant.
We reserve the right to statistically evaluate anonymous data sets.

Westerwelle Foundation will not use your personal data for other purposes or pass it on to third parties for advertising purposes.

Legal compliance; deletion of data

Any data collected or processed in connection with your application will be deleted or blocked in accordance with statutory provisions. In particular, your data will be deleted when it is no longer required to achieve the purpose for which it was stored or to comply with statutory retention periods. Westerwelle Foundation will delete your personal data after an unsuccessful application.
You can request the deletion of your application at any time. Please send your name, address and email address to the following address: office@westerwelle-foundation.com. We will delete your application and all associated data unless we are required by law to keep it; Such storage may be necessary, for example, for tax reasons.

Transmission to recipients within the EEA

Data transfer to other responsible persons

In principle, your personal data will only be passed on to other persons responsible for data processing if this is necessary to fulfill a contract, if we or the third party have a legitimate interest in the disclosure of that data or if you have given your consent. If data is passed on to third parties based on a legitimate interest, this is explained in this privacy policy. In addition, data can be transmitted to other responsible parties if we are obliged to do so due to legal regulations or enforceable official or court orders.

Service providers (general)

We have contracted external service providers with tasks such as sales and marketing services, contract management, payment processing, programming and data hosting. We have carefully selected these service providers and check them regularly, especially with regard to the careful handling and protection of the data stored with them. All service providers are bound to secrecy and to compliance with legal regulations.

Transfer to recipients outside the EEA

We may also transfer personal data to recipients located outside the EEA in so-called third countries. In these cases, we either ensure that the data recipient offers an appropriate level of data protection (e.g. due to an adequacy decision by the European Commission for the respective country or due to the agreement of so-called EU model clauses with the recipient) before the transmission or that you have consented to the transmission.

You have the right to receive an overview of the third-country recipients and a copy of the specifically agreed provisions to ensure an appropriate level of data protection.

Your rights

In accordance with statutory provisions, you are entitled (a) to request information about which personal data we have stored about you, (b) to request the correction of incorrect personal data or the deletion of personal data, insofar as we are not obliged to store this data (c) to request information about who we may share your personal data with and (d) to revoke your consent to the handling of your personal data at any time. Specifically, you have the following rights:

Right to information

You have the right to request confirmation as to whether we are processing your personal data. If this is the case, you have a right to know what specific information about you we are processing, as specified in Art. 15 Para. 1 GDPR, provided that the rights and freedoms of other persons are not impaired (cf. Art. 15 Para. 4 GDPR). We would also be happy to provide you with a copy of the data.

Right to rectification

In accordance with Article 16 GDPR, you have the right to have any incorrectly stored personal data (e.g. address, name, etc.) corrected at any time. You can also request that the data we have stored be completed at any time. A corresponding adjustment will be made immediately.

Right to deletion

According to Art. 17 Para. Para. 1 DSGVO you have the right to request the deletion of your personal information if

  • the data is either no longer needed;
  • the legal basis for processing no longer applies due to the revocation of your consent;
  • you have objected to processing and there are no legitimate grounds for it;
  • your data is processed unlawfully;
  • a legal obligation requires this or a collection has taken place in accordance with Article 8 (1) GDPR.

According to Art. 17 (3) GDPR, the right does not exist if

  • the processing is necessary to exercise the right to freedom of expression and information;
  • your data has been collected on the basis of a legal obligation;
  • the processing is necessary for reasons of public interest;
  • the data is required to assert, exercise or defend legal claims.

Right to restriction of processing

In accordance with Art. 18 Para. 1 GDPR, you have the right to demand the restriction of the processing of your personal data.

This is the case when

  • the accuracy of the personal data is contested by you;
  • the processing is unlawful and you do not consent to deletion;
  • the data is no longer required for the purpose of processing, but the data collected is used to assert, exercise or defend legal claims;
  • an objection to the processing pursuant to Article 21 (1) GDPR has been filed and it is still unclear which interests prevail.

Right of revocation

If you have given us your express consent to the processing of your personal data (Art. 6 Para. 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR), you can revoke this consent at any time. Please note that this does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

Right to objection

According to Article 21 GDPR, you have the right to object at any time to the processing of personal data relating to you that has been collected on the basis of Article 6 Paragraph 1 Letter f (within the scope of a legitimate interest). You are only entitled to this right if special circumstances speak against the storage and processing.

Right to data portability

In accordance with Art. 20 GDPR, you have the right to have your personal data transmitted. We provide the data in a structured, common and machine-readable format. The data can either be sent to you or to a person named by you.
On request, we will provide you with the following data in accordance with Article 20 (1) GDPR:

  • Data collected on the basis of express consent in accordance with Article 6 Paragraph 1 Letter a GDPR or Article 9 Paragraph Letter a GDPR;
  • Data that we have received from you in accordance with Article 6 (1) (b) GDPR within the framework of existing contracts;
  • Data processed as part of an automated process.

We will transfer the personal data directly to a responsible person of your choice, insofar as this is technically feasible. Please note that we are not permitted to transfer data that encroach on the freedoms and rights of other people in accordance with Article 20 (4) GDPR.

Right of appeal to the supervisory authority in accordance with Article 77 (1) GDPR

If you suspect that your data is being processed illegally, you can of course seek judicial clarification of the problem at any time. In addition, you have every other legal option. Irrespective of this, you have the option of contacting a supervisory authority in accordance with Article 77 (1) GDPR. You have the right to lodge a complaint according to Art. 77 GDPR in the EU member state of your residence, your place of work and/or the place of the alleged infringement, i.e. you can choose the supervisory authority to which you turn from the places mentioned above. The supervisory authority to which the complaint was lodged will then inform you of the status and results of your submission, including the possibility of a judicial remedy in accordance with Article 78 GDPR.

How do you exercise your rights?

You can exercise your rights at any time by using the contact details below:

Westerwelle Foundation
Gartenstraße 6
10115 Berlin
Germany
E-Mail: office@westerwelle-foundation.com
Phone: 015906228393

The revocation of your consent or the deletion or blocking of personal data can mean that we can no longer provide certain services and functions. The revocation of the consent does not affect the legality of the processing carried out on the basis of the consent up to the point of revocation.

If you have any questions or complaints, you can also contact the Berlin Data Protection Authority (0049 030 13889-0).

Updates

In the course of the further development of the Internet, we will also continuously update our privacy policy. We will announce changes on this website in good time. You should therefore visit this page regularly to find out about the current status of the privacy policy.

© Westerwelle Foundation - All rights reserved.