Privacy Policy
Thank you for your interest in our online offering, and we appreciate your visit.
In the following statement, we would like to inform you about the nature, scope, and purpose of the collection, use, and processing of personal data in connection with your use of our website. At the same time, we want to explain your rights regarding your personal data.
In principle, visiting and using our website is possible without providing personal data. Personal data refers to all information that relates to you personally, such as your name, address, email address, or user behaviour.
However, if certain services of our website are used (e.g., registration or data transfer), personal data may be collected and processed, but this will only occur in compliance with the applicable provisions of the General Data Protection Regulation (GDPR).
To protect your data, our website employs the latest encryption technology (SSL or TLS).
1. Data Controller
(1) The data controller for data processing via this website, as defined by all applicable data protection laws (particularly Art. 4(7) GDPR), is:
Freya von Moltke Foundation for the New Kreisau
c/o Allianz SE
Merlitzstraße 9
12489 Berlin
Germany
Telephone: 030 53 8931 63 61
Fax: 030 8319 0581
E-Mail: info@fvms.de
Our full legal notice can be found via the following link: https://www.fvms.de/impressum
The data controller is a natural or legal person who determines the purposes and means of processing personal data, either alone or in collaboration with others.
(2) If you contact us via email or a contact form, the personal data you provide (e.g., your email address, and if applicable, your name and phone number) will be stored by us in accordance with Article 6(1)(1)(f) and, if applicable, Article 6(1)(1)(b) of the GDPR based on our legitimate interest to answer your inquiries. The data collected in this context will be deleted once storage is no longer required (e.g., after your inquiry has been fully resolved) or processing will be restricted if legal retention obligations exist.
(3) If we use third-party service providers for certain features of our offering or wish to use your data for promotional purposes, we will inform you in detail within this privacy policy. At the same time, we will specify the criteria for the retention duration.
2. Name and Address oft he Data Protection Officer
A data protection officer has been appointed by the person responsible for data processing and is named as follows:
Hannah Voß
Freya von Moltke Foundation for the New Kreisau
c/o Allianz SE
Merlitzstraße 9
12489 Berlin
Germany
Telephone: 030 53 8931 63 61
Fax: 030 8319 0581
E-Mail: datenschutz@fvms.de
3. Collection of Personal Data When Visiting Our Website, Cookies
(1) Cookies that are not technically necessary for the operation of the website will only be used if you have expressly consented to their use via the cookie consent tool. The legal basis for the use of these services, as outlined in this privacy policy, is Article 6(1)(1)(a) GDPR.
(2) When using our website purely for informational purposes (i.e., without registering or providing information in other ways), we collect only the personal data that your browser transmits to our server, which is necessary for the technical operation and stability of the website, as well as for ensuring its security. This data is processed in accordance with Article 6(1)(1)(f) GDPR, based on our legitimate interests. The data includes: Your IP address (possibly anonymised), Date and time of access, requested page or content, HTTP status code, Amount of data transferred, Browser type, Operating system.
(3) In addition to the data mentioned above, cookies are stored on your computer when you use our website. Cookies are small text files saved by your browser on your hard drive, enabling us to receive certain information. Cookies cannot execute programs or transmit viruses to your computer. Their purpose is to make the online experience more user-friendly and efficient, or to simplify your visit to our website (e.g., displaying the contents of your shopping cart during your next visit).
Our website specifically uses transient and persistent cookies. Transient cookies are automatically deleted when you close your browser. This includes session cookies, which store a session ID that allows different requests from your browser to be associated with a single session. This enables your computer to be recognised if you revisit our website. Session cookies are deleted when you log out or close the browser. Persistent cookies remain on your computer for a predefined period, which varies depending on the specific cookie. These cookies are automatically deleted after this period. You can delete them manually at any time via your browser’s security settings.
If the use of these cookies involves the processing of personal data, the legal basis for such processing is Article 6(1)(b) GDPR (performance of a contract), Article 6(1)(a) GDPR (consent given), or Article 6(1)(f) GDPR (legitimate interests).
(3) You can configure your browser’s security settings according to your preferences regarding the storage of cookies, for example, to reject third-party cookies or all cookies. Please use the help menu of your browser for guidance. However, if you fully or partially disable cookies, certain functions of our website may not be available to you.
4. Additional Features and Services of Our Website
(1) In addition to purely informational use, our website offers various services that you may choose to use. Typically, this requires the provision of additional personal data, which we use to deliver the respective service and process in accordance with the principles of data protection described here.
(2) For data processing, we may sometimes engage external service providers. These providers are carefully selected, contractually bound to our instructions, and regularly monitored.
(3) If personal data is shared with third parties, we will explicitly inform you about it in this privacy policy.
(4) In cases where our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you of any implications of this in the service description.
5. Duration of Personal Data Storage
Personal data is stored for the duration of the relevant legal retention period, particularly under commercial and tax laws. After the expiration of these legal retention periods, data that is no longer required for contract fulfilment or initiation, and for which there is no legitimate interest on our part for further storage, will be deleted.
6. Legal Bases for Data Processing
Unless explicitly referenced otherwise in this privacy policy, data processing is generally based on the following legal grounds.
(1) If you have given your consent for the processing of your personal data for one or more specific purposes, the processing is carried out on the basis of Article 6(1)(a) GDPR.
(2) If the processing is necessary for the performance of a contractual relationship to which you are a party (e.g., for the delivery of products following an order or the implementation of pre-contractual measures, particularly to respond to an enquiry you have made), the processing is carried out on the basis of Article 6(1)(b) GDPR.
(3) If the processing is necessary to fulfil a legal obligation (e.g., a tax obligation) to which we are subject, the processing is carried out on the basis of Article 6(1)(c) GDPR.
(4) If the processing is necessary to protect your vital interests or those of another natural person, it is based on Article 6(1)(d) GDPR.
(5) If none of the aforementioned legal grounds apply, data processing is carried out on the basis of Article 6(1)(f) GDPR. This allows processing to safeguard our legitimate interests or those of a third party, provided your interests, fundamental rights, and freedoms do not outweigh them.
7. Your Rights
You have the following rights regarding the personal data that concerns you.
(1) Right to Access (Article 15 GDPR)
You have the right to request, free of charge, information and a copy of the personal data processed by us that concerns you. Additionally, you are entitled to information about (1) the purposes of the processing, (2) the categories of personal data being processed, (3) the recipients or categories of recipients to whom personal data has been disclosed or will be disclosed, especially recipients in third countries or international organisations, (4) if possible, the planned duration for which personal data will be stored, or, if this is not possible, the criteria used to determine this duration, (5) the existence of a right to request the correction or deletion of your personal data, to restrict the processing by the controller, or to object to such processing, (6) the right to lodge a complaint with a supervisory authority, (7) all available information about the source of the data, if the personal data was not collected from you directly, (8) the existence of automated decision-making, including profiling as described in Article 22(1) and (4) GDPR, and—at least in these cases—meaningful information about the logic involved, as well as the scope and intended impact of such processing on you as the data subject, and (9) the appropriate safeguards pursuant to Article 46 GDPR in connection with the transfer of personal data, if the data is transferred to a third country or an international organisation.
(2) Right to Rectification (Article 16 GDPR)
You have the right to request the correction of inaccurate personal data without undue delay. Additionally, you have the right to request the completion of incomplete personal data, including by means of providing a supplementary statement.
(3) Right to Erasure (Article 17 GDPR, “Right to Be Forgotten”)
You have the right to request the immediate deletion of your personal data if one of the following reasons applies: (1) the personal data is no longer necessary for the purposes for which it was collected or otherwise processed, (2) you withdraw your consent on which the processing was based according to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, and there is no other legal ground for processing, (3) you object to the processing pursuant to Article 21(1) GDPR, and there are no overriding legitimate grounds for processing, or you object to the processing pursuant to Article 21(2) GDPR, (4) the personal data has been unlawfully processed, (5) the deletion of personal data is necessary for compliance with a legal obligation under Union or Member State law to which we are subject, or (6) the personal data has been collected in relation to the offer of information society services as referred to in Article 8(1) GDPR.
(4) Right to Restriction of Processing (Article 18 GDPR)
You have the right to request that we restrict the processing of your personal data if one of the following conditions is met: (1) you contest the accuracy of the personal data, for a period enabling us to verify its accuracy, (2) the processing is unlawful, and you oppose the deletion of the personal data and instead request the restriction of its use, (3) we no longer need the personal data for processing purposes, but you require it for the establishment, exercise, or defence of legal claims, or (4) you have objected to the processing pursuant to Article 21(1) GDPR, pending the verification of whether our legitimate grounds override yours.
(5) Right to Notification (Article 19 GDPR)
We have an obligation to notify all recipients to whom your personal data has been disclosed of any correction, deletion, or restriction of processing pursuant to Articles 16, 17(1), and 18 GDPR, unless this proves impossible or involves disproportionate effort. You have the right to be informed about these recipients upon request.
(6) Right to Data Portability (Article 20 GDPR)
You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format and to transmit those data to another controller without hindrance from us, provided that the processing is based on consent under Article 6(1)(a) or Article 9(2)(a) GDPR or on a contract under Article 6(1)(b) GDPR, and the processing is carried out by automated means. You also have the right to request that the personal data be transmitted directly by us to another controller, where technically feasible.
(7) Additionally, pursuant to Article 77(3) GDPR, you have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data by us.
8. Right to Object or Withdraw Consent (Article 7(3) GDPR)
(1) If you have given your consent for the processing of your data, you may withdraw it at any time. The withdrawal will affect the lawfulness of any future processing of your personal data after it has been communicated to us.
(2) If the processing of your personal data is based on legitimate interests, you have the right to object to the processing. This applies particularly if the processing is not necessary for the performance of a contract. In such cases, we ask you to explain why you believe we should not process your data as described. Upon receiving a valid objection, we will examine the situation and either stop or adjust the processing, or provide compelling legitimate reasons for continuing the processing.
(3) Naturally, you can object to the processing of your personal data for advertising or data analysis purposes at any time. Please direct your objection to:
Hannah Voß
Freya von Moltke Foundation for the New Kreisau
c/o Allianz SE
Merlitzstraße 9
12489 Berlin
Germany
Telephone: 030 53 8931 63 61
Fax: 030 8319 0581
E-Mail: info@fvms.de
9. Registration for Current Events
(1) If you register for current events via our website, it is necessary for you to provide personal data required for the event registration. Mandatory fields for event participation are marked separately; additional information is voluntary.
(2) The personal data provided by you will be used exclusively for the registration and implementation of the respective event. The legal basis for this processing is Article 6(1)(b) GDPR.
(3) The data collected in this context will not be shared with third parties and will be deleted following the conclusion of the event and the expiry of any applicable statutory retention periods, or restricted prior to deletion if retention is legally required.
(4) To prevent unauthorised access by third parties to your personal data, especially financial data, the registration process is encrypted using TLS technology.
10. Newsletter
(1) With your consent, you can subscribe to our newsletter to receive information about our current events, projects, and offers. The products and services promoted in the newsletter are specified in the consent declaration.
(2) We use a double opt-in procedure for newsletter registration. After signing up, you will receive an email at the address you provided asking for confirmation that you wish to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. We also store the IP addresses you used for registration and confirmation, as well as the timestamps for these actions. This procedure ensures we can verify your subscription and investigate any potential misuse of your data.
(3) The only mandatory information for receiving the newsletter is your email address. Providing additional data, marked separately, is voluntary and used to personalise the newsletter. After your confirmation, we store your email address to send you the newsletter. The legal basis for this processing is Article 6(1)(a) GDPR.
(4) You may revoke your consent to receive the newsletter at any time and unsubscribe. You can withdraw your consent by clicking the unsubscribe link in any newsletter email, sending an email to info@fvms.de, or contacting us through the details provided in the legal notice.
(5) Please note that when sending newsletters, we analyse your user behaviour. The emails we send contain web beacons or tracking pixels—small image files stored on our website. For analysis, we link the data specified in Section 3 of this privacy policy and the web beacons to your email address and a unique ID. The data is collected exclusively in pseudonymised form, meaning the IDs are not directly linked to your personal data. If you do not want your usage behaviour to be tracked, you can opt out of this tracking by clicking the unsubscribe link in the newsletter or contacting us via other means. The information is stored as long as you are subscribed to the newsletter. After unsubscribing, we store the data purely statistically and anonymously.
11. Integration of YouTube-Videos
(1) We have integrated YouTube videos (Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) into our online offerings. These videos are stored on http://www.youtube.com and can be played directly from our website.
(2) When you visit a page on our website containing a YouTube video, YouTube receives information that you have accessed the corresponding subpage. Additionally, the data specified in Section 3 of this privacy policy is transmitted. This occurs regardless of whether you are logged into a YouTube account or do not have an account. If you are logged into Google, your data is associated with your account. If you do not want your data to be linked to your YouTube profile, you must log out before activating the button. YouTube stores your data as a user profile and uses it for advertising, market research, or tailoring its website to user needs. Such analysis occurs even for users who are not logged in. You have the right to object to the creation of these user profiles, and you must contact YouTube to exercise this right.
(3) The legal basis for integrating YouTube videos is Article 6(1)(f) GDPR, reflecting YouTube’s legitimate interest in a user-friendly online offering.
(4) For further information on the purpose and scope of data collection and processing by YouTube, please refer to their privacy policy at https://www.google.de/intl/de/policies/privacy. Additional details about your rights and privacy settings are also provided there. Google processes your personal data in the USA and is certified under the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.
12. Use of the Twingle Service (Donation Processing)
(1) To process donations, we use the Twingle service provided by Twingle GmbH. This service enables donations to be made via standard payment methods.
(2) Twingle GmbH provides the technical platform for processing donations and stores the data you voluntarily provide as part of the donation process. This data typically includes your name, address, and payment method.
(3) The legal basis for the data processing in this context is Article 6(1)(b) GDPR.
(4) You may revoke your consent to the processing of your data at any time. Please direct your revocation request directly to Twingle GmbH.
(5) The provider’s address is: Prinzenallee 74, 13357 Berlin, Germany. For more information about their data protection practices, please refer to Twingle GmbH’s privacy policy, available at: https://www.twingle.de/datenschutz/.