The following policy aims to informs you about the way, the extent and the purpose of all personal data (“data”) handling on this website, as well as all our affiliated online profiles, including all social media profiles (hereinafter “online content”) run by us.The term „personal data“ comprises all data that can be used to personally identify you. Regarding the terminology, e.g. “processing” or “person in charge”, we refer to the definitions used in article 4 of the European Privacy and Data regulation (DSGVO)
Sea-Eye e. V. (registered association)
Wiener Straße 14
Gorden Isler (Chairman)
Jan Ribbeck (Vice Chairman)
Günther Lindner (Board Member: Financial matters)
Dominik Reisinger (Board Member: Technical matters)
Data protection officer
Types of Data Processing on this Website
- Inventory data (e.g. names, addresses)
- Contact information (e.g. e-mail addresses, phone numbers)
- Content data (e.g. typed text, photos, videos)
- Usage data (e.g. visited websites, interests in content, access times, meta/communication data, such as IP addresses, device information)
- Bank account data (e.g. IBAN/BIC for donation/sponsorship forms)
Categories of Persons Included in Data Processing
Any person who uses our online services or visits our website (hereinafter “users”).
Purpose of the Data Processing
- Offering online content and services with full functionality.
- Responding to user inquiries and questions, communicating with user.
- Safety measures.
- Measuring and assessing reach/ marketing.
“Personal data” is all information that relates to an identified or identifiable natural person (hereinafter “data subject”); An identifiable person is a natural person who identifies directly or indirectly, in particular by assigning an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or one or more special features that are an expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person. “Processing” is any process carried out with or without the help of automated processes or any such series of processes in connection with personal data. The term is extensive and covers practically every handling of data. The “person responsible” is the natural or legal person, public authority, agency or other body that alone or together with others decides on the purposes and means of processing personal data.
Relevant Legal Bases
In accordance with Art. 13 DSGVO (GDPR), we will inform you of the legal basis for our data processing. Unless the legal basis is mentioned in the data protection declaration, the following applies: The legal basis for obtaining consent is Art. 6 Para. 1 lit. a and Art. 7 DSGVO , the legal basis for processing for the performance of our services and implementation of contractual measures as well as answering inquiries is Art. 6 Para. 1 lit. b DSGVO , the legal basis for processing to fulfill our legal obligations is Art. 6 Para. 1 lit. c DSGVO , and the legal basis for processing to protect our legitimate interests is Art. 6 Para. 1 lit. f DSGVO . In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO serves as the legal basis.
Cooperation with Processors and Third Parties
If we disclose data to other people and companies (processors or third parties) as part of our processing, transmit them to them or otherwise grant them access to the data, this will only be done on the basis of legal permission (e.g. if the data is transmitted to third parties, such as payment service providers, in accordance with Art. 6 Para. 1 lit.b DSGVO for the fulfillment of the contract), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, Web hosts, etc.).
If we commission third parties to process data on the basis of a so-called “order processing contract”, this is done on the basis of Art. 28 DSGVO.
Transfers to Third Countries
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this is done as part of the use of third-party services or disclosure or transmission of data to third parties, this will only take place if it is carried out to fulfill our (pre-) contractual obligations, based on your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only if the special requirements of Art. 44 ff. DSGVO are met. That is, the processing takes place e.g. on the basis of special guarantees, such as the officially recognized determination of a data protection level corresponding to the EU (e.g. for the USA through the “Privacy Shield”) or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”).
Rights of Data Subjects
You have the right to request confirmation as to whether the data in question are being processed and for information about this data and for further information and a copy of the data in accordance with Art. 15 DSGVO (GDPR). According to. Art. 16 DSGVO you have the right to request the completion of the data concerning you or the correction of the incorrect data concerning you. In accordance with Art. 17 DSGVO, you have the right to request that the data in question be deleted immediately, or alternatively, in accordance with Art. 18 DSGVO, to request a restriction of the processing of the data.You have the right to request that the data concerning you, which you have provided to us, be received in accordance with Art. 20 DSGVO and to request their transmission to other responsible parties.In accordance with Art. 77 DSGVO you also have the right to lodge a complaint with the competent supervisory authority.
You have the right to revoke previously given consent for future collection, use or processing, according to Art. 7 Para. 3 DSGVO (GDPR).
Right to Object
You can object to the future processing of your data in accordance with Art. 21 DSGVO (GDPR) at any time. The objection can also be made specifically with regards to processing for direct marketing purposes.
Cookies and Right to Object to Direct Marketing
Deletion of Data
The data processed by us is deleted or its processing restricted in accordance with Art. 17 and 18 DSGVO (GDPR). Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory retention requirements. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. That is, the data will be locked and not processed for other purposes. That applies e.g. for data that must be kept for commercial or tax reasons.According to legal requirements in Germany, storage is carried out in particular for 6 years in accordance with Section 257 (1) HGB (trading books, inventories, opening balance sheets, annual accounts, trading letters, booking receipts, etc.) and for 10 years in accordance with Section 147 (1) AO (books, records , Management reports, booking vouchers, commercial and business letters, documents relevant for taxation, etc.).According to legal requirements in Austria, storage is carried out for 7 years in particular in accordance with Section 132 (1) BAO (accounting documents, receipts/ invoices, accounts, receipts, business papers, statement of income and expenses, etc.) for 22 years in connection with land and for 10 years for documents in connection with electronically provided services, telecommunication, radio and television services, which are provided to non-entrepreneurs in EU member states and for which the Mini-One-Stop-Shop (MOSS) is used.
Business Related Processing
We also process:
- Contract data (e.g. sponsoring membership).
- Payment data (e.g., bank details, payment history)
from our customers, prospects and business partners for the purpose of providing contractual services (e.g. sponsoring memberships), service and customer care, marketing, advertising and market research.
The hosting services used by us serve to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating this online offer. We, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data from customers, interested parties and visitors to this online offer based on our legitimate interests in the efficient and secure provision of this online offer in accordance with. Art. 6 para. 1 lit. f DSGVO (GDPR) in accordance with Art. 28 DSGVO (conclusion of an order processing contract).
Collection of Access Data and Log Files
We, or our hosting provider, based on our legitimate interests within the meaning of Art. 6 Para. 1 lit. f. DSGVO (GDPR) data about every access to the server on which this service is located (so-called server log files). The access data include the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider. For security reasons (e.g. to investigate misuse or fraud), log file information is stored for a maximum of 7 days and then deleted. Data whose further storage is required for evidence purposes are excluded from deletion until the respective incident has been finally clarified.
Administration, Financial Accounting, Office Organization, Contact Management
We process data in the context of administrative tasks as well as the organization of our company, financial accounting and compliance with legal obligations, such as for example archiving. We process the same data that we process as part of the provision of our contractual services. The processing bases are Art. 6 Para. 1 lit. c. DSGVO (GDPR), Art. 6 Para. 1 lit. f. DSGVO. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in processing lies in the administration, financial accounting, office organization, archiving of data, i.e. tasks that serve to maintain our business activities, perform our tasks and provide our services. The deletion of the data with regard to contractual services and contractual communication corresponds to the information mentioned in these processing activities.
We disclose or transmit data to financial management, consultants, such as a tax consultant or auditor, as well as other tollgates and payment service providers.
Furthermore, based on our business interests, we store information about suppliers, organizers and other business partners, e.g. for establishing contact in the future. We generally store this mostly company-related data permanently.
Data Collection Via Our Donation Forms
Our donation forms are provided to us by the service provider Altruja, Altruja GmbH, Augustenstraße 62, 80333 Munich. Altruja guarantees complete data protection and legally secure data storage. Altruja handles payment processing for us through a secure and certified environment. The data of the donation transactions are encrypted with SSL at all times and stored in certified European data centers. The processing of personal data is exclusively for the intended purpose. Altruja employees are committed to data secrecy under the DSGVO (GDPR) and the BDSG-new. Your data will not be passed on to third parties. If you use the payment services PayPal and Sofort-Überweisung provided by Altruja, please note the respective terms of PayPal (www.paypal.com/de/webapps/mpp/ua/privacy-full) and Sofort-Überweisung (https: //www.klarna.com/sofort/datenschutz/).
When contacting us (e.g. via contact form, e-mail, telephone or via social media), the information provided by the user for processing the contact request is processed in accordance with Art. 6 para. 1 lit. b) DSGVO (GDPR). The information provided by users can be stored in a customer relationship management system (“CRM system”) or a comparable system.
We delete the requests if they are no longer necessary.
The follow-up comments can be received by users with their consent in accordance with Art. 6 para. 1 lit. a DSGVO (GDPR). The users will receive a confirmation email to check whether they are the owner of the email address entered. Users can unsubscribe from ongoing comment subscriptions at any time. The confirmation email will contain information about the cancellation options.
With the following information we inform you about the content of our newsletter as well as the registration, sending and statistical evaluation procedure as well as your right to object. By subscribing to our newsletter, you agree to the receiving of e-mails and the procedures described.
Content of the newsletter: We send newsletters, emails and other electronic notifications with advertising information (hereinafter “newsletter”) only with the consent of the recipient or a legal permission. Insofar as the content of a newsletter is specifically described, it is decisive for the consent of the user. Our newsletters also contain information about our services and us.
Double opt-in and logging: The registration for our newsletter takes place in a so-called double opt-in procedure. That is, After registering, you will receive an email asking you to confirm your registration. This confirmation is necessary so that nobody can register with someone else’s email address. The registrations for the newsletter are logged in order to be able to demonstrate the registration process in accordance with the legal requirements. This includes storing the time of registration and confirmation, as well as the IP address. Changes to your data stored by the shipping service provider are also logged.
Registration data: To register for the newsletter, it is sufficient to provide your email address. Optionally, we ask you to provide a name in order to address you personally in the newsletter.
Germany: The newsletter is sent and the success measurement associated with it is based on the consent of the recipient in accordance with Art. 6 para. 1 lit. a, Art. 7 DSGVO (GDPR) in conjunction with § 7 Para. 2 No. 3 UWG or on the basis of the legal permission acc. to Section 7 (3) UWG.
The logging of the registration process is based on our legitimate interests in accordance with Art. 6 para. 1 lit. f DSGVO (GDPR). Our interest is focused on the use of a user-friendly and secure newsletter system that serves both our business interests and the expectations of the users and also allows us to prove consent.
Cancellation/ revocation: You can cancel the receipt of our newsletter at any time, i.e. withdraw your consent. You will find a link to cancel the newsletter at the end of each newsletter. We can save the unsubscribed email addresses for up to three years based on our legitimate interests before we delete them for the purpose of sending the newsletter in order to be able to prove a previously given consent. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for cancellation is possible at any time, provided that the previous consent is confirmed.
Newsletter – Service Provider
The newsletter is sent using the mail service provider “MailChimp”, a newsletter mailing platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE # 5000, Atlanta, GA 30308, USA. You can read the data protection regulations of the shipping service provider here: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC d / b / a MailChimp is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with the European data protection level (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active).
The service provider is based on our legitimate interests according to Art. 6 para. 1 lit. f DSGVO (GDPR) and an order processing contract in accordance with 28 para. 3 sentence 1 DSGVO (GDPR). The email service provider can process the recipient’s data in pseudonymous form, i.e. use without assignment to a user, to optimize or improve their own services, e.g. for technical optimization of the dispatch and presentation of the newsletter or for statistical purposes. However, the email service provider does not use the data of our newsletter recipients to contact them themselves or to pass the data on to third parties.
Newsletter – Measuring Success
The newsletters contain a so-called “web beacon”, i.e. a pixel-sized file that is retrieved from our server when the newsletter is opened or, if we use a service provider, from their server. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval, are initially collected. This information is used to technically improve the services based on the technical data or the target groups and their reading behavior based on their access locations (which can be determined using the IP address) or the access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our aim nor, if used, that of the service provider to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
Online Presence in Social Media
We maintain online presences within social networks and platforms in order to communicate with the customers, interested parties and users active there and to be able to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and the data processing guidelines of the respective operators apply. Unless otherwise stated in our data protection declaration, we process the data of users provided that they communicate with us within social networks and platforms, e.g. write texts on our online profiles or send us messages.
Integration of Services and Content from Third Parties
We use content or service offers from third party providers within our online offer based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Article 6 (1) lit. f. DSGVO (GDPR) to be able to include services such as videos or fonts (hereinafter referred to as “content”) in our content. This always presupposes that the third-party providers of this content perceive the IP address of the user, since without the IP address they would not be able to send the content to their browser. The IP address is therefore required to display this content. We strive to only use content whose respective providers only use the IP address to deliver the content. Third party providers can also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information can also be stored in cookies on the user’s device and contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as being linked to such information from other sources.
We integrate the videos of the “Vimeo” platform from Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA. Data protection declaration: https://vimeo.com/privacy.
We integrate the videos of the platform “YouTube” from Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.
We integrate the fonts (“Google Fonts”) from the provider Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.
Use of Facebook Social Plugins
On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. DSGVO (GDPR)), we use social plugins (“plugins”) from the social network facebook.com, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland (“Facebook”). The plugins can represent interaction elements or content (e.g. videos, graphics or text contributions) and can be recognized by one of the Facebook logos (white “f” on a blue tile, the terms “like”, “like” or a “thumbs up”) “Sign) or are marked with the addition” Facebook Social Plugin “. The list and the appearance of the Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins/.
Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
When a user accesses a part of this online offer that contains such a plugin, their device establishes a direct connection to the Facebook servers. The content of the plug-in is transmitted from Facebook directly to the user’s device, which integrates it into the online offer. User profiles of the users can be created from the processed data. We therefore have no influence on the scope of the data that Facebook collects with the help of this plugin and therefore inform users according to our level of knowledge.
By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online offer. If the user is logged into Facebook, Facebook can assign the visit to their Facebook account. If users interact with the plugins, for example by pressing the Like button or leaving a comment, the corresponding information is transmitted from their device directly to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out and save their IP address. According to Facebook, only an anonymized IP address is saved in Germany.
The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as the related rights and setting options for protecting the privacy of users can be found in Facebook’s data protection information: https://www.facebook.com/about/privacy/.
If a user is a Facebook member and does not want Facebook to collect data about them via this online offer and link it to their member data stored on Facebook, they must log out of Facebook before using our online offer and delete his cookies. Further settings and revocations of consent regarding the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/. The settings are platform independent, i.e. they are adopted for all devices, such as desktop computers or mobile devices.
Due to our legitimate interests in analysis, optimization and economic operation of our online offer and for these purposes, our online offer includes the so-called “Facebook pixel” of the social network Facebook, which is provided by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025 , USA, or if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland is operated (“Facebook”).
Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
With the help of the Facebook pixel, Facebook is able, on the one hand, to determine the visitors of our online offer as a target group for the display of advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to only display the Facebook ads we have placed to those Facebook users who have shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products that determined on the basis of the visited websites), which we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook pixel, we would also like to ensure that our Facebook ads correspond to the potential interest of the users and aren’t a nuisance. With the help of the Facebook pixel, we can also understand the effectiveness of Facebook advertisements for statistical and market research purposes, by seeing whether users were forwarded to our website after clicking on a Facebook advertisement (so-called “conversion”).
The processing of the data by Facebook takes place within the framework of Facebook’s data usage guidelines. Accordingly, general information on the display of Facebook ads in the data usage guidelines of Facebook: https://www.facebook.com/policy.php. Special information and details about the Facebook pixel and how it works can be found in the help section of Facebook: https://www.facebook.com/business/help/651294705016616.
You can object to the recording by the Facebook pixel and the use of your data to display Facebook ads. To set which types of advertisements are displayed to you on Facebook, you can call up the page set up by Facebook and follow the instructions on the settings for usage-based advertising there: https://www.facebook.com/settings?tab=ads. The settings are platform independent, i. e. they are adopted for all devices, such as desktop computers or mobile devices.
You can prevent Facebook Pixel from collecting the processing related to your use of the website by clicking on the following link. Please note that a cookie is set so that the objection to data processing only lasts until you remove cookies stored in your browser software.
Functions and contents of the Twitter service are integrated into our online offer, offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. For this purpose, e.g. B. include content such as images, videos or texts and buttons that can be operated by users to express a favor or subscribe to the authors of the respective content and our own contributions. If the users are members of the Twitter platform, Twitter can relate the above-mentioned content and functions to the user profiles there. Twitter is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active). Data protection declaration: https://twitter.com/de/privacy, opt-out: https://twitter.com/personalization.
Functions and content of the Instagram service may be integrated into our online offer, offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. For this purpose, e.g. B. Contents such as images, videos or texts and buttons belong that can be operated by users to express a favor or subscribe to the authors of the respective content as well as our own contributions. If the users are members of the Instagram platform, Instagram can relate the above-mentioned content and functions to the user profiles there.