Data Protection Declaration

We are pleased that you have visited our website www.willkommen.saarland and that you have shown an interest in our association. Protecting your personal data is an important issue for us. Personal data is information about personal or material circumstances relating to an identified or identifiable natural person. Such information includes, for instance, the real name, address, telephone number and date of birth, together with all other information that can be related to an identifiable person.
As personal data is subject to special legal protection, we only collect such data to the extent necessary to make our website accessible and provide our service. Below, we will set out what personal information we record during your visit to our website and how we use it.
Our data protection practices are consistent with the statutory regulations, in particular those of the German Federal Data Protection Act (BDSG), the Telemedia Act (TMG) and the General Data Protection Regulation of the EU (GDPR). We will only collect, process and store your personal data to the extent necessary to ensure the functional provision of our website, our content and our services and to process enquiries and, where appropriate, process orders/contracts, provided that there is in each case a legitimate interest to do so within the meaning of Art. 6 (1) p.1 lit. (f) GDPR or other permissory rules. Only if you specifically give your approval in advance will your data be used, also for further purposes as precisely defined in your approval, e.g. for sending you promotional information in the newsletter.

1. Controller within the meaning of Art. (4) no. 7 GDPR

The controller within the meaning of the GDPR and other national data protection legislation of the Member States, together with other data protection provisions is:
saarland.innovation&standort e.V. (saar.is)
Franz-Josef-Röder-Straße 9
66119 Saarbrücken
E-mail: saarlandmarketing@saar-is.de

Tel.: 0681 9520-470
Fax: 0681 5846125

2. Name and address of the data protection officer

Name: David Eckstein
Address: Franz-Josef-Röder-Str. 9, 66119 Saarbrücken
E-mail: david.eckstein@saaris.de

3. Provision of the website and creation of log files

Each time our website is visited, our system automatically records data and information from the computer used to access the site. The following data is collected:
Scope of data processing 

  1. Information about the browser type and the version used
  2. The operating system running on the accessing device
  3. The IP address of the accessing device
  4. The date and time the site is accessed
  5. Websites and resources (images, files, other page content) that has been accessed on our website
  6. Websites from which the user’s system was led to our website (referrer tracking)

This data is stored in the log files of our system. This data is not stored together with the personal data of a specific user, which means that an individual visitor to the site is not identified.

  • Lawful basis for processing personal data
    Art. 6 (1) lit.(f) GDPR (legitimate interest). Our legitimate interest lies in ensuring that the purpose outlined below is achieved.
  • Purpose of data processing
    Logging takes place for the purpose of ensuring the compatibility of our website for the largest possible number of users, for combating abuse and for troubleshooting. For this purpose it is necessary to log the technical data of the computer accessing the website in order to be able to react as quickly as possible to display errors, attacks on our IT systems and/or functional errors on our website. Furthermore, the data also helps us to optimise the website and generally ensure the security of our information processing systems.
  • Duration of data storage
    The above-stated technical data is deleted as soon as it is no longer required in order to ensure the compatibility of the website for all visitors, but at the latest 3 months after our site was accessed.
  • Option to object to and remove data
    The options for objecting to and removing the data are determined in accordance with the general rules on the right to object to and delete data, as required by data-protection law, that are outlined later in this data protection declaration.

4. Special functions of the website

Our website offers you various functions which, when used, cause your personal data to be collected, processed and stored by us. Below, we explain what happens to your data:

Form for newsletter registration: 

  • Scope of processing of personal data
    The data you enter when registering for our newsletter.
  • Lawful basis for processing personal data
    Art. 6 (1) lit. (a) GDPR (consent by a clear affirmative action or behaviour)
  • Purpose of data processing
    We will only use the data you enter into the login screen of our newsletter for the purpose of sending you our newsletter, in which we provide you with information about our services and news. Following registration we will send you a confirmation e-mail that contains a link that you must click on in order to complete your registration to receive our newsletter (double opt-in).
  • Duration of data storage
    You can unsubscribe from our newsletter at any time by clicking on the unsubscribe link that appears in every newsletter. Following unsubscription we will immediately delete your data. We will also immediately delete your data in the event of an uncompleted registration. We reserve the right to delete data without giving reasons and without informing you in advance or subsequent to deletion.
  • Option to object to and remove data
    The options for objecting to and removing the data are determined in accordance with the general rules on the right to object to and delete data, as required by data-protection law, that are outlined later in this data protection declaration.

Contact form(s):

  • Scope of processing of personal data
    The data you enter into our contact forms.
  • Lawful basis for processing personal data
    Art. 6 (1) lit. (a) GDPR (consent by a clear affirmative action or behaviour)
  • Purpose of data processing
    We will only use the data collected via our contact form(s) for processing the specific contact request received via the contact form.
  • Duration of data storage
    Once your enquiry has been processed, the collected data will immediately be deleted, provided that there is no statutory retention period.
  • Option to object to and remove data
    The options for objecting to and removing the data are determined in accordance with the general rules on the right to object to and delete data, as required by data-protection law, that are outlined later in this data protection declaration.

5. Statistical evaluation of visits to the website – webtracker

We collect, process and store the following data when our website, or individual web files, is/are accessed: IP address, the website from which the file was accessed, the name of the file, the data and time of access, the volume of data transferred and message about the success of the website access (so-called web log). We only use this access data in non-personally identifiable form for the purpose of continuously improving our website and for statistical purposes.
We also use the following webtracker for evaluating visits to this website:
Matomo (formerly Piwik) 

  • Scope of processing of personal data
    Our website contains a tracking code from Matomo (formerly Piwik), an open source web analysis tool (https://matomo.org). We, alone, perform the web tracking without relating data to individuals in any way. No data is transferred to third parties. We host Matomo ourselves. In so doing, we only collect, process and store usage data on how our site is used, e.g.: referrer links, the session length at certain URLs, the clickstream data and also data about your browser settings, such as the manufacturer of the browser and its version, the screen resolution and the operating system used. Where appropriate, we also collect and store parts of your IP address and information about the loading speed of our website. We can extract anonymous usage profiles and statistical information from this data. We also use cookies in line with Matomo web tracking in order to differentiate repeat visitors to the site from first time users. Cookies are small text files stored locally in the cache of your web browser, which contain a specific ID. Where applicable, they also contain further technical information. The data collected in this connection are not merged with other personal data which we may have available without your explicit consent. The data is therefore not deanonymised.
  • Lawful basis for processing personal data
    Data is not related to individuals. Matomo does not make the behaviour of data subjects on the Internet trackable. If it is still possible for data to be related to individuals, e.g. if a user should log in to our website, we will obtain explicit consent before relating data to individuals in accordance with Art. 6 (1) lit. (a) GDPR (consent).
  • Purpose of data processing
    The performance of web tracking serves to analyse user flows in order to enable us to anonymously monitor the functionality and user-friendliness of our website and to continuously improve it. It serves solely to collect statistical, non-personal data.
  • Duration of data storage
    We store all of the web tracking data collected using Matomo for an indefinite period, because this data is only available to us in anonymised form.
  • Option to object to and remove data
    You can prevent the aforementioned data from being collected and processed by installing a JavaScript Blocker such as www.noscript.net or, to prevent the collection of other website analytics data, www.ghostery.com. Furthermore, you can also click the following opt-out button to disable web tracking via Matomo:

Here, you can decide whether to allow a unique web analysis cookie to be stored in your browser in order to allow the operator of the website to collect and analyse a range of statistical data.
If you decide against this, click on the following link to download the Piwik deactivation cookie to your browser.

If it is possible for data to be related to individuals, (e.g. following a log in), you can withdraw your consent at any time in accordance with the rules outlined later in this data protection declaration.

6. Integration of external web services and processing of data outside the EU

On our website we use active JavaScript content from external providers, otherwise known as web services. By accessing our website, these external providers may receive personal information about your visit to our website. This means that data may be processed outside the EU. You can prevent this by installing a JavaScript Blocker such as the ‘NoScript’ browser plugin (www.noscript.net) or by deactivating JavaScript in your browser. This may cause functional restrictions on the websites that you visit.
We use the following external web services:

  • Doubleclick
    A web service provided by the company Google Ireland Limited, Gordon  House, Barrow Street, 4 Dublin, Ireland (hereinafter: Doubleclick) is downloaded to our website. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to Doubleclick. The lawful basis for data processing is Art. 6 (1) lit. (f) GDPR. The legitimate interest lies in the error-free function of the website. Doubleclick has self-certified itself in line with the EU-US Privacy Shield agreement (see https://www.privacyshield.gov/list). The data is deleted as soon as the purpose for which it was collected has been fulfilled. Further information on how the transferred data is handled can be found in the data protection declaration of Doubleclick: https://policies.google.com/privacy. You can prevent the collection and processing of your data by Doubleclick by deactivating the execution of script code in your browser or by installing a script blocker in your browser (you can find these for instance at www.noscript.net or www.ghostery.com).
  • Google
    A web service provided by the company Google Ireland Limited, Gordon  House, Barrow Street, 4 Dublin, Ireland (hereinafter: Google) is downloaded to our website. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to Google. The lawful basis for data processing is Art. 6 (1) lit. (f) GDPR. The legitimate interest lies in the error-free function of the website. Google has self-certified itself in line with the EU-US Privacy Shield agreement (see https://www.privacyshield.gov/list). The data is deleted as soon as the purpose for which it was collected has been fulfilled. Further information on how the transferred data is handled can be found in the data protection declaration of Google: https://policies.google.com/privacy. You can prevent the collection and processing of your data by Google by deactivating the execution of script code in your browser or by installing a script blocker in your browser (you can find these for instance at www.noscript.net or www.ghostery.com).
  • gstatic
    A web service provided by the company Google Ireland Limited, Gordon  House, Barrow Street, 4 Dublin, Ireland (hereinafter: gstatic) is downloaded to our website. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to gstatic. The lawful basis for data processing is Art. 6 (1) lit. (f) GDPR. The legitimate interest lies in the error-free function of the website. gstatic has self-certified itself in line with the EU-US Privacy Shield agreement (see https://www.privacyshield.gov/list). The data is deleted as soon as the purpose for which it was collected has been fulfilled. Further information on how the transferred data is handled can be found in the data protection declaration of gstatic: https://policies.google.com/privacy. You can prevent the collection and processing of your data by gstatic by deactivating the execution of script code in your browser or by installing a script blocker in your browser (you can find these for instance at www.noscript.net or www.ghostery.com).
  • Newsletter2go
    A web service provided by the company Newsletter2Go GmbH, Nürnberger Strasse 8, 10787 Berlin, DE (hereinafter: Newsletter2go) is downloaded to our website. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to Newsletter2go. The lawful basis for data processing is Art. 6 (1) lit. (f) GDPR. The legitimate interest lies in the error-free function of the website. The data is deleted as soon as the purpose for which it was collected has been fulfilled. Further information on how the transferred data is handled can be found in the data protection declaration of Newsletter2go: https://www.newsletter2go.de/datenschutz/. You can prevent the collection and processing of your data by Newsletter2go by deactivating the execution of  script code in your browser or by installing a script blocker in your browser (you can find these for instance at www.noscript.net or www.ghostery.com).
  • Vimeo
    A web service provided by the company Vimeo, Inc., 555 West 18th Street in 10011 New York, USA (hereinafter: Vimeo) is downloaded to our website. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to Vimeo. The lawful basis for data processing is Art.  Art. 6 (1) lit. (f) GDPR. The legitimate interest lies in the error-free function of the website. Vimeo has self-certified itself in line with the EU-US Privacy Shield agreement (see https://www.privacyshield.gov/list). The data is deleted as soon as the purpose for which it was collected has been fulfilled. Further information on how the transferred data is handled can be found in the data protection declaration of Vimeo: https://vimeo.com/privacy. You can prevent the collection and processing of your data by Vimeo by deactivating the execution of script code in your browser or by installing a script blocker in your browser (you can find these for instance at www.noscript.net or www.ghostery.com).
  • YouTube
    A web service provided by the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: YouTube) is downloaded to our website. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to YouTube. The lawful basis for data processing is Art. 6 (1) lit. (f) GDPR. The legitimate interest lies in the error-free function of the website. YouTube has self-certified itself in line with the EU-US Privacy Shield agreement (see https://www.privacyshield.gov/list). The data is deleted as soon as the purpose for which it was collected has been fulfilled. Further information on how the transferred data is handled can be found in the data protection declaration of YouTube: https://policies.google.com/privacy. You can prevent the collection and processing of your data by YouTube by deactivating the execution of script code in your browser or by installing a script blocker in your browser (you can find these for instance at www.noscript.net or www.ghostery.com).
  • ytimg
    A web service provided by the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: ytimg) is downloaded to our website. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to ytimg. The lawful basis for data processing is Art. 6 (1) lit. (f) GDPR. The legitimate interest lies in the error-free function of the website. ytimg has self-certified itself in line with the EU-US Privacy Shield agreement (see https://www.privacyshield.gov/list). The data is deleted as soon as the purpose for which it was collected has been fulfilled. Further information on how the transferred data is handled can be found in the data protection declaration of ytimg: https://policies.google.com/privacy. You can prevent the collection and processing of your data by ytimg by deactivating the execution of script code in your browser or by installing a script blocker in your browser (you can find these for instance at www.noscript.net or www.ghostery.com).
  • website-check.de
    A quality seal of the company Website-Check GmbH, Beethovenstraße 24, 66111 Saarbrücken, DE (hereinafter: website-check.de) is downloaded to our website. We include this quality seal on our website in order to demonstrate that we take the subject of “data protection” seriously. No personal data is transferred to Website-Check GmbH, the issuer of the quality seal, as a result of the inclusion of the Website-Check quality seal. In this connection, Website-Check GmbH only receives your IP address to allow the quality seal to be distributed.  For Website-Check GmbH your IP address does not relate to any personal data. The lawful basis for data processing is Art. Art. 6 (1) lit. (f) GDPR (legitimate interest). Our legitimate interest lies in ensuring that the Website-Check quality seal can appear properly on the website. Further information on how the transferred data is handled can be found in the data protection declaration of website-check.de: https://www.website-check.de/datenschutzerklaerung/. You can prevent the Website-Check quality seal from being loaded – and, therefore, the transmission of your (for Website-Check GmbH) IP address – by deactivating the execution of script code from Website-Check GmbH in your browser or by installing a script blocker in your browser (you can find these for instance at www.noscript.net or www.ghostery.com).

7. Information on the use of cookies

Scope of processing of personal data
We use cookies on various pages of our website in order to facilitate the use of certain functions. These so-called ‘cookies’ are small text files that your browser can store on your computer. These text files contain a distinctive character string that allows your browser to be uniquely identified when you next visit our website. The process of storing a cookie file on a computer is also known as ‘setting a cookie’.

Lawful basis for processing personal data
Art. 6 (1) lit. (f) GDPR (legitimate interest). Our legitimate interest lies in maintaining the full functionality of our website, improving its usability and facilitating the individual addressing of customers. We are only able to identify individual website visitors using cookie technology if the website visitor entrusts us with the corresponding personal data in advance and on the basis of specific consent.

Purpose of data processing
Our website sets the cookies in order to maintain the full functionality of our website and improve its usability. Cookie technology also allows us to recognise individual site visitors by their pseudonyms, e.g. an individual, personalised user-defined ID, which makes it possible for us to offer more individualised services.

Duration of data storage
Our cookies are stored until they are deleted from your browser or if the cookie is a session cookie, which expires following the end of the session.

Option to object to and remove data
You can configure your browser yourself to generally prevent the setting of cookies. You can then decide whether to accept cookies on a case-by-case basis or to allow cookies to be accepted as the default setting. Cookies can be used for different purposes, e.g. to identify whether your PC has already connected to our website in the past (persistent cookies) or to save products that you most recently viewed (session cookies). We use cookies to provide you with increased user convenience. We recommend that you allow our website to set cookies to enable you to use our convenience functions. The options for objecting to and removing the data are determined in accordance with the general rules on the right to object to and delete data, as required by data-protection law, that are outlined later in this data protection declaration.

8. Data security and data protection, communication by e-mail

Your personal data is protected by technical and organisational measures such that it is not accessible to third parties during collection, storage and processing. In the case of unencrypted communications by e-mail we cannot ensure the complete security of data during the course of transmission of the data to our IT systems. Therefore, we recommend encrypted communication or delivery by post for information for which a high-level of confidentiality is required.

9. Withdrawal of consent – information about data and change requests – deletion & blocking of data

At appropriate intervals you are entitled, free of charge, to obtain information about your stored data and, at any time, have the right to correct, block or delete such data. We will then delete your data upon first request, unless this is prevented by statutory regulations. You can withdraw consent that you have granted to us to use your personal data at any time. You can, at any time, send requests for disclosure, deletion or correction of your data – and we would also be pleased to receive your suggestions – to the following address:

saarland.innovation&standort e.V.(saar.is)
Franz-Josef-Röder-Straße 9
66119 Saarbrücken
E-mail: saarlandmarketing@saar-is.de

Tel.: 0681 9520-470
Fax: 0681 5846125

10. Right to data portability

You are entitled to receive from us your personal data provided to us in a structured, commonly used and machine-readable format. You may also request, upon your initial instruction, that we immediately transfer this data to a third party, provided that processing is based on consent in accordance with Art. 6 (1) lit. (a) GDPR or Art. 9 (2) lit. (a) GDPR or on a contract in accordance with Art. 6 (1) lit. (b) GDPR and processing is carried out by us in the course of automated data processing. When exercising this right to data portability, you are furthermore entitled to invoke your right to have your personal data transferred directly from one controller to another, provided this is technically feasible. This may not affect the freedoms and rights of other persons. The right to data portability does not apply to the processing of personal data necessary for performing a task carried out in the public interest or in the exercising of official authority vested in the controller.

11. Right to lodge a complaint with the supervisory authority pursuant to Art. 77 (1) GDPR

If you suspect that your data is being processing unlawfully on our website you can, of course, seek legal clarification of the problem at any time. Irrespective of this, you are also entitled to contact a supervisory authority for assistance. You have the right to complain in the EU Member State where you reside or work, or where the supposed infringement took place, i.e. you can choose which supervisory authority to contact from the aforestated places. The supervisory authority to which the complaint was submitted will then inform you of the status and the results of your submission, including the option for judicial redress in accordance with Art. 78 GDPR.

 

Prepared by: 

© IT-Recht-Kanzlei DURY – www.dury.de

© Website-Check GmbH – www.website-check.de