Datenschutzerklärung | Wolfstein 750

This privacy policy is intended to inform you about the types of personal data (hereinafter referred to as "data") we process, the purposes for which we do so, and the scope of the processing. It applies to all personal data processing activities we carry out – both in the provision of our services and particularly on our websites, in mobile applications, and within our external online presences such as our social media profiles (collectively referred to as the "online offering").

All terms used are intended to be gender-neutral.

Controller:
Leon Niebergall
In Immetshausen 7
67752 Wolfstein
Germany
Authorized Representatives: Frank Becker, Dustin Scheidt
Email: vorstand@verkehrsverein-wolfstein.de

Data Protection Officer Contact:
Email: vorstand@verkehrsverein-wolfstein.de

Summary of Processing

Types of Data Processed:

Master data
Payment data
Location data
Contact data
Content data
Contract data
Usage data
Meta/communication data

Categories of Data Subjects:

Communication partners
Users
Members
Business and contractual partners

Purposes of Processing:

Providing contractual services and customer support
Responding to inquiries and communication
Security measures
Direct marketing
Administration and response to requests
Feedback
Marketing
Provision of the online offering and user-friendliness
IT infrastructure management

Legal Bases for Processing

Processing is carried out based on the following GDPR articles:

Consent (Art. 6 para. 1 lit. a GDPR)
Performance of a contract or pre-contractual inquiries (Art. 6 para. 1 lit. b GDPR)
Legitimate interests (Art. 6 para. 1 lit. f GDPR)

Additionally, national data protection regulations (e.g. the German Federal Data Protection Act – BDSG) may apply.

Security Measures

We take appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including protection of confidentiality, integrity, and availability of data. These include access control, input control, separation of data, and procedures for exercising data subject rights, data deletion, and incident response. We also consider data protection in hardware/software development and default privacy settings.

TLS encryption (https):
We use TLS encryption to protect your data transmitted via our online offering. You can recognize a secure connection by the "https://" prefix in your browser's address bar.

Disclosure of Personal Data

We may disclose or transfer data to other entities or individuals (e.g. IT service providers or content providers). In such cases, we ensure compliance with data protection laws and conclude necessary agreements to safeguard your data.

Data Processing in Third Countries

Data may be transferred to countries outside the EU/EEA only in compliance with legal requirements, including adequacy decisions, standard contractual clauses, or certifications under Art. 44–49 GDPR.

Deletion of Data

We delete data as soon as it is no longer required and there is no legal basis for further processing (e.g. statutory retention, claims defense). If deletion is not possible, data is restricted instead.

Use of Cookies

We use cookies and similar technologies to store and retrieve data on user devices. Cookies may serve functionality, security, comfort, or analytics purposes. Where required by law, we obtain your consent in advance.

Types of Cookies:

Session cookies: Automatically deleted when the user closes their browser.
Persistent cookies: Remain stored for a defined period, e.g. to retain login status or preferences.

You may revoke consent or object to cookie use at any time, e.g. via browser settings or services like www.youronlinechoices.com.

Statutory or Organizational Purposes

We process data of members, supporters, and partners when necessary for fulfilling our organizational or statutory duties. Data is deleted when no longer required, subject to legal obligations and claims defense.

Provision of Online Services and Web Hosting

We process user data to deliver our online services, including IP addresses to enable website delivery and ensure IT security.

Data such as IP addresses, browser versions, access times, and visited pages may be recorded in server log files for up to 30 days and used for operational stability and security.

Contact and Inquiry Management

If you contact us (e.g. via form, email, or phone), we process your data to respond and manage your inquiry. This includes metadata such as IP addresses and usage data.

Newsletters and Electronic Communication

We send newsletters only with consent or legal permission. A double opt-in process is used for registration, and subscription data (e.g. email address, IP, timestamp) is stored for verification.

Recipients can unsubscribe at any time via a link in each newsletter. We may analyze open/click rates using tracking pixels.

Social Media Presence

We maintain profiles on platforms like Instagram and Facebook. Data may be processed outside the EU and used for profiling and advertising. Cookies and cross-device tracking may be used.

Facebook Pages: We share joint responsibility with Meta Platforms Ireland Ltd. for the collection (not further processing) of page visitor data. Users may exercise rights directly with Facebook.

Plugins and Embedded Content

We integrate content from third-party providers (e.g. Google Maps, YouTube), which may involve data processing (e.g. IP addresses, device info). Providers may use cookies and tracking technologies.

Changes to This Policy

We may update this privacy policy to reflect changes in legal requirements or our processing activities. We encourage you to review this policy regularly.

Rights of Data Subjects

Under GDPR, you have the following rights:

Right to object to processing (Art. 21)
Right to withdraw consent at any time
Right of access to your data
Right to rectification of inaccurate data
Right to erasure ("right to be forgotten")
Right to restriction of processing
Right to data portability
Right to lodge a complaint with a supervisory authority

Definitions

Personal Data: Information relating to an identifiable person (e.g. name, ID number, location data).
Location Data: Information about the geographical position of a device/person.
Controller: The entity that determines the purposes and means of processing personal data.
Processing: Any operation involving personal data, whether automated or manual.

Generated using Datenschutz-Generator.de by Dr. Thomas Schwenke