Data protection regulations and declarations of consent for "Together in Germany" users
In the following, you will find the data protection regulations of the community platform "Together in Germany", operated by Neue deutsche Medienmacher*innen e.V.
By agreeing to these data protection provisions, which are required for registration on the community platform "Together in Germany", you consent to the collection, processing and use of your personal data as described below. The collection, processing and use of your personal data as described below are carried out in the context of the establishment, implementation and settlement of your user relationship with regard to the "Together in Germany" Community Platform.
"Personal data" according to the General Data Protection Regulation (GDPR) means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Data controller and processor
A data controller is a person or entity that determines the means and purposes of the processing.
The processor, on the other hand, processes the data on behalf of the controller and acts under the supervision of the controller’s instructions.
The " Neue deutsche Medienmacher*innen e.V." acts partly as a controller and partly as a processor.
The " Neue deutsche Medienmacher*innen e.V." acts as a data controller in particular with regard to the processing concerning the creation and management of user accounts, the navigation of users on the website and the operation of "Together in Germany".
Regardless of whether "Neue deutsche Medienmacher*innen e.V." acts as a controller or processor, it will ensure the protection and confidentiality of your personal data in accordance with the provisions of the GDPR.
1. Minimum age for registration with "Together in Germany".
Registration with and use of "Together in Germany" is only permitted to persons of legal age. Minors are not permitted to register with and use "Together in Germany".
2. Your data collected by us as well as type, purpose and legal basis of processing and use
2.1 Data to be provided by you when you register
2.11 Access data
As part of the use of "Together in Germany", which requires registration, we need to collect and manage certain personal data from you as access data. These correspond to the following categories:
- Login – User Name
- E-Mail Address
Your username appears below the posts you create and is therefore visible to third parties when you create your own posts. To enable anonymous use of our service, we recommend that you choose a pseudonym as your username and not your real name. Your e-mail address and password are not visible to third parties. We will not pass this data on to third parties. You can change your password and e-mail address at any time, but not your username.
This data will be stored for the period for which you have an account with "Together in Germany". As soon as you delete your account, your access data will be deleted.
This data is needed to enable you to use the services of "Together in Germany". The legal basis for this processing of personal data is Art. 6 I b) GDPR.
2.1.2 Single Sign-On
You can also register with the "Together in Germany" community platform using an existing single sign-on account ("SSO"). Such SSO accounts allow you to log in to various services and platforms using an account you have already created. Currently, this is possible with Facebook, Google and Twitter services.
Provider: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
Provider: Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland.
Provider: Twitter International Company, One Cumberland Place Fenian Street, Dublin 2, D02 AX07, Ireland
Login to the SSO provider
If you decide to register with your SSO account, you will be redirected to your SSO provider. There you will be asked to enter your access data and log in or register with the SSO service. If you are already logged in to the SSO service at this moment, this request to log in will be skipped. Your access data to the SSO service will not be disclosed to us and will remain with your SSO provider.
Connection to the SSO service
In a second step, you connect your profile at your SSO provider with "Together in Germany". To register with "Together in Germany", we only need the email address stored in your SSO profile. We use this e-mail address for the following purpose: Should you wish to cancel the connection between your SSO profile and your profile at "Together in Germany" in the future, you can do so and continue to use "Together in Germany" via the "Forgotten password" function, see also the section "Unlinking".
If you agree to the use of your e-mail address, you can establish the connection between your SSO profile and "Together in Germany" in the SSO service. In future, you will always be able to log in to "Together in Germany" via the corresponding login button for the SSO provider you use.
Data collection by "Together in Germany”
In this context, we request your e-mail address from your SSO provider and receive a user access key generated by the SSO provider. This access key is required by "Together in Germany" for your future login via SSO.
Data collection and storage by the SSO provider
The SSO Provider will be aware when you register or log in to "Together in Germany" using your SSO credentials. Beyond that, we do not transmit any data to the SSO provider, in particular not about activities on "Together in Germany".
If you wish to disconnect "Together in Germany" from your SSO account, please log in to your SSO provider and make the necessary changes to your profile there. In this case, you can only continue to use "Together in Germany" if you log in with your e-mail address and a password. You can set your own password on TIG using the "Forgotten password" function.
2.1.3 Mandatory data
Beyond the access data, you are not obliged to provide any further personal data. "Together in Germany" can therefore also be used anonymously.
2.2 Further data that you can provide voluntarily
When registering - but also later you can voluntarily provide additional information (hereinafter referred to as "voluntary information"). These voluntary details make it easier for other users of "Together in Germany" to get to know you better and thus, for example, to provide you with more targeted advice.
Voluntary information may include, for example, information about your language skills or your expertise on a particular topic.
- Advanced knowledge
Your voluntary information is always visible to other users of "Together in Germany".
You can change or delete your voluntary information at any time. As soon as you delete your account, your voluntary information will also be deleted.
The legal basis for the collection and processing of your voluntarily provided data is your consent (Art. 6 para. 1 sentence 1 lit. a GDPR).
2.3 Your profile page
You consent to a profile page being created for you under your username upon completion of your registration, which also lists any voluntary information you may have provided.
You also agree that you can be found under your username on "Together in Germany" and that your profile page can be viewed by other persons.
The legal basis for the collection and processing of your personal data in connection with the profile page is your consent (Art. 6 para. 1 sentence 1 lit. a GDPR).
2.4 Your content and comments
Once you have registered, you can publish your own content and comments on the content of other users on "Together in Germany". The content and comments you publish are visible to third parties at all times.
You agree that the content you publish and comments on other content may be viewed by third parties at any time under your username.
You can delete the content you have published on "Together in Germany" and your comments on the content of other users at any time.
The legal basis for the collection and processing of your personal data in connection with content and comments is your consent (Art. 6 para. 1 sentence 1 lit. a GDPR).
2.5 Log files (log file)
Every time you access a website, your browser automatically sends certain information to the website server, which then stores it in a so-called log file. This includes, for example, information about
• the type and version of the browser you are using,
• the operating system you are using
• the website from which you came to the current page,
• the host name (IP address) of your computer and
• the date and time at which the page was accessed.
Subject to any statutory retention obligations, we delete or anonymise your IP address after you leave the Internet pages of "Together in Germany".
Furthermore, we use the information transmitted by your browser to our server in anonymised form – that is, without it being possible to draw conclusions about you - to analyse and improve our services. In this way we can, for example, discover possible errors or determine on which days and at which times "Together in Germany" is used particularly heavily. Anonymised data is no longer personal data.
The legal basis for the processing of the IP address is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in ensuring a smooth connection setup, guaranteeing comfortable use of our network or in evaluating and ensuring system security and stability.
We do not draw any direct conclusions about your identity. This is not possible on the basis of this information. The data is stored and deleted after the aforementioned purposes have been achieved, at the latest after seven days. Any further storage will only take place if the user's IP address is deleted or anonymised beforehand so that it is no longer possible to assign it to a person.
Cookies are very small text files used by Internet sites that your browser stores on your computer. So-called "session cookies" are temporarily stored in the main memory and automatically deleted when the browser is closed. So-called "permanent cookies" are stored on the hard disk for a fixed, longer period of time; they are automatically deleted after the respective fixed period of time has expired.
We use technically necessary, functional and analysis cookies. The legal basis for the use of technically necessary cookies is Art. 6 para. 1 sentence 1 lit. f GDPR, whereby our legitimate interest lies in providing a well-functioning website.
We use the web analysis service Matomo to analyse and regularly improve the use of our website.
The legal basis for the use of Matomo is Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest is that we can use the statistics obtained to improve our offer and make it more interesting for you as a user.
For the evaluation, a digital fingerprint is used that is valid for 24 hours. The information collected in this way is stored exclusively on servers in Germany.
We use Matomo with the extension "AnonymizeIP". This means that IP addresses are processed in abbreviated form, which means that they cannot be directly linked to a person. The IP address transmitted by your browser via Matomo is not merged with other data collected by us. The Matomo programme is an open-source project. Information from the third-party provider on data protection is available at https://matomo.org/privacy-policy/.
3. Transmission or passing on of your data to third parties
As a matter of principle, we do not transfer your data to third parties without your consent.
3.1 Legal obligation
We may, however, be legally obliged to pass on data in individual cases on the orders of a competent authority if and to the extent that this is necessary for the purposes of criminal prosecution, for the prevention of danger by the police authorities of the federal states, for the fulfilment of the statutory tasks of the federal and state authorities for the protection of the constitution, the Federal Intelligence Service or the Military Counter-Intelligence Service or the Federal Criminal Police Office as part of its task of preventing threats of international terrorism or for the enforcement of intellectual property rights.
However, a technical transfer may take place if and to the extent that this is necessary for the operation of the website "Together in Germany" or for other reasons for the establishment, implementation or settlement of your user relationship with us.
3.2 Involvement of processors for the hosting of the website
The legal basis for the use of the order processor is a legitimate interest according to Art. 6 para. 1 p. 1 lit. f GDPR. The legitimate interest is the provision of our services, in particular the operation of "Together in Germany". A conflicting interest is not apparent because we have concluded a contract with the respective contractors in accordance with Art. 28 GDPR.
4 Protection of your data
In order to protect your data, for example, against manipulation, loss and unauthorised access by third parties, we use technical and organisational measures to ensure an appropriate level of protection for your personal data. In particular, we transmit your personal data in encrypted form. We use the TLS (Transport Layer Security) coding system for this purpose. All information that you transmit to us is encrypted and stored on servers within Germany. We continuously check and improve our security measures according to the current state of the art.
6. Your rights
You can first request information from us as to whether personal data relating to you is being processed. If this is the case, you have the right to obtain information about this personal data and further information. This information includes the purposes of processing, the categories of personal data, the recipients or categories of recipients, if possible, the planned duration of the processing or otherwise at least the criteria for determining this duration.
If we do not collect personal information from you directly, you have a right to any available information about the origin of the data.
We will be happy to provide you with a copy of your personal data that we process free of charge.
Consent to the collection, processing and use of your personal data, which you have given to us by agreeing to these data protection provisions, may be revoked in whole or in part with effect for the future. The same applies to any subsequent, more extensive consent to the collection, processing or use of your personal data. The consequence of such a revocation may be that you can no longer use "Together in Germany".
Furthermore, you can also request the correction of incorrect data at any time, which also includes the completion of incomplete data, taking into account the processing purposes.
If the legal requirements are met, you can also request your right to erasure or restriction of the processing. You can also delete your data yourself at any time by deleting your account with "Together in Germany": To do so, please go to your account, click on the link "Delete profile" and follow the instructions there. Your account - i.e. your profile page and the data we have about you - will be automatically deleted in this case. You can also manually delete your content and comments yourself at any time.
Furthermore, you have a right to data portability. This means that upon request, you will receive the personal data you have provided to us in a structured, common and machine-readable format from us. You have the right to transfer this data to another responsible party without hindrance from us.
You have the right to object to data processing and the right to lodge a complaint with a supervisory authority.
To enforce these rights, please feel free to contact us using the contact details provided in 7. If necessary, we will request proof of your identity before we implement your request. This serves to protect your data from manipulation or deletion by third parties.
If you have commented on the content of other users, we will remove your username from these comments when we delete your account. The comments as such will not be deleted. Before your account is deleted, however, you have the option of manually deleting your comments yourself at any time.
7. Responsible body, data protection officer and contact
The "responsible party" in the sense of data protection law is the "Neue deutsche Medienmacher*innen e.V.", Potsdamer Str. 99, 10785 Berlin, represented by the board of directors Thembi Wolf, ibid.
You can also contact our data protection officer directly at firstname.lastname@example.org
The competent data protection authority for the data controller is the Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin.