Dear visitors,
thank you for visiting our website. To ensure that you feel safe and comfortable when visiting our website, we would like to inform you about how we handle your data.
DATA PROTECTION OF THE ASSOCIATION
The registered association DERTOUR Foundation collects personal data of its members and donors for the association’s work. The collection and processing is conducted exclusively in compliance with the legal requirements, in particular the General Data Protection Regulation (GDPR).
For more information, please see our privacy policy below.
Duty to provide information when collecting personal data pursuant to Art. 13 GDPR
1.Name and contact details of the controller and, if applicable, their representative
controller within the meaning of Article 13 (1) lit. a) GDPR is:
DERTOUR Foundation e.V.
Emil-von-Behring-Straße 6
60439 Frankfurt am Main
Germany
Authorised representative of the Management Board:
Sören Hartmann (Chairman), Leif Vase Larsen (Deputy Chairman), Klaus Franke (Treasurer)
2. Purposes and legal basis of processing
DERTOUR Foundation e.V. processes the following personal data:
3. Recipients of the personal data
In the context of donor and member administration, personal data is hosted by DER Touristik Deutschland GmbH.
4. Third country transfer
In order to realize your donation, your IP address must be transmitted to the subcontractor MaxMind, Inc., 51 Pleasant Street # 1020, Malden MA 02148 in the USA. For the country in which the aforementioned subcontractor is based and processes the personal data, there is currently no adequacy decision by the EU Commission as defined in Art. 45 (1), (3) GDPR. This means that the EU Commission has not yet positively determined that the country-specific level of data protection in the USA corresponds to that of the European Union on the basis of the GDPR. The GDPR requires so-called “appropriate safeguards” for a data transfer to a third country or to international organizations, Art. 46 (2), (3) GDPR. These can be, for example, internal company data protection regulations or standard data protection contracts, that have been approved by a supervisory authority. However, such are not currently used by the subcontractor. Therefore, there is a risk that the state (U.S.) authorities may direct requests for information against this company as a data recipient and thus the state (U.S.) authorities may see your personal data. In principle, this also corresponds to the European legal regulations, e.g. for the purpose of danger prevention. However, the permissibility threshold for such data processing is higher in the EU than in the country of the data recipient. In this context, we would like to point out that there are practically no effective legal remedies available against this. The transmission of your IP address to the subcontractor MaxMind, Inc. is therefore only legitimized by your consent pursuant to Art. 49 (1) lit. a GDPR.
5. Storage period
6. Data subjects’ rights
7. Obligation to provide the data
The association exclusively collects data required for administrative purposes. If these are not provided, membership and the proper issuance of donation receipts are not possible.
8. Use of Cookies
Cookies are text files that are stored on a user’s hard drive when visiting a website. They are not harmful to your computer and cannot be seen by third parties. They enable information to be stored for a specified period of time and allow the user’s computer to be identified.
By accepting our cookies, they remain on your computer for a period of 30 days, unless you delete them. During an online booking, cookies are temporarily stored for the duration of the booking and are automatically deleted after 30 minutes of inactivity or after closing the website.
You may object to obtaining and storing your data via this service at any time. To prevent the activation of cookies, disable them in your browser. Please be aware, however, that disabling cookies may restrict the use of the website and the services offered.
9. Data security
To protect your data from unauthorised access, we use an encryption procedure. You can recognise this process through the closed lock which appears in the status bar of your browser, and the address line which begins with “https://”.