Privacy policy
In the following, we provide you with information on how we, as the controller, process your personal data when using our website. The processing of personal data (e.g. name, address, email address or telephone number of a data subject) is carried out in accordance with statutory provisions, in particular in accordance with the requirements of the General Data Protection Regulation (GDPR) and the Bundesdatenschutzgesetz (BDSG) (Federal Data Protection Act).
I. Controller
The DINA.International project is carried out by the following partners under joint responsibility as the controller within the meaning of the GDPR and the national data protection laws of the member states as well as other data protection regulations:
Stiftung Deutsch-Russischer Jugendaustausch gGmbH, Mittelweg 117b, 20149 Hamburg, Germany
Phone: +49 40 8788679-0, email: info(at)stiftung-drja.de
Deutsch-Polnisches Jugendwerk, Friedhofsgasse 2, 14473 Potsdam, Germany
Deutsch-Französisches Jugendwerk, Molkenmarkt 1, 10179 Berlin, Germany
Koordinierungszentrum Deutsch-Israelischer Jugendaustausch – ConAct, Altes Rathaus – Markt 26, 06886 Lutherstadt Wittenberg, Germany
Koordinierungszentrum Deutsch-Tschechischer Jugendaustausch – Tandem, Maximilianstr. 7, 93047 Regensburg, Germany
Fachstelle für Internationale Jugendarbeit der Bundesrepublik Deutschland e.V.– IJAB, Godesberger Allee 142-148, 53175 Bonn, Germany
Within the scope of this joint responsibility as the controller, the partners manage the personal data of the users of the DINA.International platform in a joint database in accordance with their written consent. The partners are joint controllers in this regard. This applies in particular to the personal data of the users, which they provide while registering on dina.international. Each user can assign themselves to one of the partners during the registration process. With regard to the processing of any other personal data on the dina.international website, the Stiftung Deutsch-Russischer Jugendaustausch gGmbH shall be the controller under data protection law. Should a partner withdraw from the cooperation, this partner shall henceforth be the only controller for the personal data of those users who had chosen to assign themselves to this partner voluntarily.
The Stiftung Deutsch-Russischer Jugendaustausch gGmbH also assumes responsibility as regards the exercising of the rights of the data subjects and fulfilling the duties to provide information pursuant to Articles 13 and 14 of the GDPR.
Where reference is made to the “controller” in the following, this refers to Stiftung Deutsch-Russischer Jugendaustausch gGmbH.
II. Data protection officer
You can contact the data protection officer of the Stiftung Deutsch-Russischer Jugendaustausch gGmbH as follows:
Stiftung deutsch-russischer Jugendaustausch gGmbH – z.H. des Datenschutzbeauftragten – Mittelweg 117b, 20149 Hamburg, Germany and via email: datenschutz (at) stiftung-drja.de Phone: +49 40/878867930
III. General information on the processing of data
Personal data comprises any information relating to an identified or identifiable natural person, such as their name or email address. “Processing of data” means in particular the collection, storage, use and transmission of your data.
Article 6(1) sentence 1 lit. (a) GDPR shall serve as the legal basis whenever we obtain the consent of the data subject for processing operations involving personal data.
When processing personal data that is necessary for the performance of a contract to which the data subject is party, Article 6(1) sentence 1 lit. (b) GDPR shall serve as the legal basis. This shall also apply to processing operations that are necessary for taking steps prior to entering into a contract. Where processing of personal data is necessary to comply with a legal obligation to which our company is subject, Article 6(1) sentence 1 lit. (c) GDPR shall serve as the legal basis.
In the event that vital interests of the data subject or another natural person make it necessary to process personal data, 6(1) sentence 1 lit. (d) GDPR shall serve as the legal basis.
If the processing is necessary to protect a legitimate interest pursued by our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the first-mentioned interest, Article 6(1) sentence 1 lit. (f) GDPR shall serve as the legal basis for processing.
The personal data of data subjects shall be erased or made unavailable as soon as the purpose of storage ceases to apply. Storage after the purpose of storage has ceased to apply may take place if this is provided for by law. Data will also be made unavailable or erased if a storage period defined by the aforementioned standards expires, unless there is a necessity for the continued storage of the data in order to enter into or fulfil a contract.
For further information on the legal basis of processing and the storage period with regard to specific personal data, please refer to the respective subsection.
IV. Rights of the data subject
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights in relation to the controller (if applicable, subject to further requirements set out in the relevant regulations):
– Right of access (Art. 15 GDPR),
– Right to rectification and erasure (Art. 16, 17 GDPR),
– Right to restriction of processing (Art. 18 GDPR),
– Right to withdraw consent, if you have given consent to processing,
– Right to data portability (Art. 19 GDPR).
Where we process personal data as explained above in order to protect our legitimate interests that prevail in the context of a balance of interests, you may object to this processing with effect for the future, but only on grounds arising relating to your particular situation (Art. 21 GDPR). If the processing is carried out for direct marketing purposes, you may exercise this right at any time regardless of the reasons. After you have legitimately exercised your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or if the processing serves the establishment, exercise or defence of legal claims. This restriction does not apply if the processing is for direct marketing purposes.
If you feel that we are not respecting your rights to the extent that we should, you have the right to complain to a data protection supervisory authority about our processing of your personal data. Before you do so, however, we would appreciate it if you would contact us with your criticism first so that we can remedy the cause of the complaint ourselves.
V. Visiting the website and log files
1. Scope of the processing of personal data
Each time our website is accessed, our system automatically records the following data and information from the computer system of the accessing computer.
(1) Information on the type of browser and the version used
(2) The user’s operating system
(3) The user’s Internet service provider
(4) The user’s IP address
(5) Date and time of access
(6) Websites that direct the user’s system to our website
(7) Websites that the user’s system is directed to from our website
This data is stored in the log files of our system.
2. Legal basis for the processing of personal data
The legal basis for the collection and storage of data shall be Art. 6(1) lit. (f) GDPR.
3. Purpose of the processing of data
It is necessary to store your IP address temporarily to be able to display the website to you. For this purpose, the IP address must be stored for the duration of the session. The other data is collected for technical reasons to ensure stability and security.
This also gives rise to the legitimate interest in processing according to Art.6(1) lit. (f) GDPR.
4. Storage period
The data is erased as soon as it is no longer necessary in relation to the purposes for which it was collected. Where data is collected for the purpose of providing the website, this is the case when the respective session has ended.
Where data is stored in log files, this is the case after seven days at the latest. It is possible to store data beyond this period. In this case, the users’ IP addresses are erased or altered to prevent the identification of the accessing client.
VI. Categories of recipients of personal data
Personal data is only transferred to third parties in the cases mentioned in this declaration or if we expressly inform you of this elsewhere. For example, when registering with DINA.international, the above-mentioned partners have joint access to the data stored in the database. However, the data is not processed for purposes other than to operate the platform. In addition, we sometimes use external order processors (Art. 28 GDPR) to provide our services (e.g. host providers, email providers). These process personal data exclusively within the European Union, however.
VII. Registration
1. Description and scope of the processing of data
You have the option of registering on our website, which requires the provision of personal data. The data is entered into a form, transmitted to and stored by us. The following data is always collected during the registration process:
– First name
– Last name (optional)
– Email address
– Password
– Institution (optional)
The following data is also stored at the time of registration:
– The IP address of the user
– Date and time of registration
By registering, a user account will be created for you. You can manage this user account on your own on the website. The following information linked to your user account is also permanently stored:
– Registration date
– IP address during registration
– Last login date
– Date of potentially failed login attempts
2. Legal basis for the processing of data
If consent has been given, the legal basis for the processing of data shall be Art. 6(1) lit. (a) GDPR. If the registration serves the performance of a contract to which you are party or the implementation of steps prior to entering into a contract, the legal basis for the processing of the data shall also be Art. 6(1) lit. (b) GDPR.
3. Purpose of the processing of data
Your registration is necessary for the performance of a contract with you or for the implementation of steps prior to entering into a contract. Your registration is also required for the provision of certain content and services on our website. In addition, we use the data collected to contact the registered users, for whom we maintain a user account, for processing, for example for changes to the terms of use.
4. Storage period
The data is generally stored indefinitely. The storage ends with the expiry of three years after the contract has ended.
VIII. Groups, projects and other personal content
1. Scope of the processing of personal data
The platform provides you with the option of posting your own content (e.g. groups, projects, events etc.).
2. Legal basis for the processing of personal data
Submitting personal data in this context is voluntary. The legal basis for the processing of the data shall be Art. 6(1) lit. (a) GDPR.
3. Purpose of the processing of data
The personal data is processed for the sole purpose of displaying the data you have provided.
4. Storage period
The data is generally stored indefinitely. The storage ends when you delete the data yourself or with the expiry of three years after the contract has ended.
IX. Contact
1. Scope of the processing of personal data
If you contact us by email, post, via a contact form or in any other way, the data you provide (e.g. your email address, name and telephone number, if applicable) will be processed by us in order to manage or respond to your request.
2. Legal basis for the processing of personal data
If you submit your data in a precontractual context to us, for example with a request to send you an offer or with questions regarding our products, the legal basis shall be Art. 6(1) lit. (b) GDPR. If you have given us consent to contact you, the legal basis shall be Art. 6(1) lit. (a) GDPR. In all other cases, Art. 6(1) lit. (f) GDPR shall be the legal basis.
3. Purpose of the processing of data
The processing of personal data serves the sole purpose of managing your contact request. This may also constitute the necessary legitimate interest in processing the data.
4. Storage period
Your data will be deleted once the circumstances indicate that your enquiry or the matter in question has been fully resolved.
X. Video conferencing system
1. Scope of the processing of personal data
You can use the platform to hold video conferences. We use the BigBlueButton software for this purpose. If you decide to participate in a video conference, the following data may be processed:
– The name you have chosen,
– Rooms allocated to you
– Your video if you make it available in the meeting
– Your audio comments if you make them available in the meeting
– Your shared documents (e.g. presentations, spreadsheets, graphics, texts, audio, video) if you make them available in the meeting.
– Your shared messages if you make them available in the meeting
– Your shared notes if you make them available in the meeting
– Your shared drawings if you make them available in the meeting
– Your shared surveys and survey responses if you make them available in the meeting
– Other information shared by you if you make it available in the meeting
– IP address of the device you are using
– Access date/time
– Access method
– Resource that was used for access
– Resource accessed
2. Legal basis for the processing of personal data
The legal basis for the processing of personal data in the context of video conferences shall be Art. 6(1) lit. (a) GDPR.
3. Purpose of the processing of data
The purpose of processing is to enable and conduct video conferences and associated functions visible to you, such as chats, screen sharing, etc.
4. Storage period
The processed data will only be stored for the duration of the video conference. In case of deviations in individual cases, you will be informed of these in advance and, if legally required, asked for appropriate consent. Your vote in surveys identifiable by name may be stored for a longer period of time if this is necessary for legal reasons, for example as evidence for a decision that was made. If this is not necessary, the anonymous survey results will be stored if at all.
XI. Cookies
1. Scope of the processing of personal data
Our website uses cookies that are technically required. Cookies are text files that are stored on your computer system. We use cookies to make our website more user-friendly. Some elements of our website require that the accessing browser can be identified even after a page change.
We also use cookies on our website that enable us to analyse our users’ surfing behaviour. When accessing our website, a user is informed that cookies are used for analysis purposes and is asked to consent to the processing of their personal data used in this context. A reference to this data protection declaration is also made in this context. These types of cookies will not be used if consent is not given.
2. Legal basis for the processing of personal data
For technically required cookies, the legal basis for the processing of personal data using cookies shall be Art. 6(1) lit. (a) GDPR or Art. 6(1) lit. (f) GDPR.
3. Purpose of the processing of data
The purpose of using technically required cookies is to simplify the use of our website for you. Some functions of our website cannot be provided without the use of cookies. These require that a browser can be recognised even after a page change. The user data collected by technically required cookies is not used to create user profiles.
Analysis cookies are used to improve the quality of our website and its content. By using analysis cookies, we learn how our website is being used and can therefore optimise our offer continuously.
4. Storage period
Technically required cookies are usually erased when the browser is closed, i.e. at the end of the session.
Other cookies used are erased automatically after a specified period of time. This period extends beyond the end of a session and depends on the type of cookie. You can view the storage times for the individual cookies in the settings of your browser. Here, you can also delete cookies before the storage period expires.