IMPRINT

Privacy information

​

Privacy policy

​

We are very pleased about your interest in our organization. Data protection has a particularly high priority for us. This privacy policy informs you about how Footprints International e.V., hereinafter referred to as FPI, handles your data that we process via our websites and social media channels.

​

 

To ensure fair processing, this privacy statement contains general information about our handling of your data as well as information about your rights under the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

The use of our website is generally possible without any indication of personal data. 

However, if a data subject wants to use special services of our organization via our website, processing of personal data could become necessary. This is particularly the case if you make a donation.

As the controller, we have implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, Internet-based data transmissions can always be subject to security vulnerabilities, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.

​

 

The processing of personal data, for example the name, address, e-mail address or telephone number of a data subject, is carried out in compliance with the relevant data protection regulations, in particular the DSGVO and the BDSG. Data processing by us only takes place on the basis of a legal permission. We process personal data only with your consent (Art. 6(1)(a) DSGVO), for the performance of a contract to which you are a party, or at your request for the performance of pre-contractual measures (Art. 6(1)(b) DSGVO), for the performance of a legal obligation (Art. 6(1)(c) DSGVO). Letter c) DSGVO) or if the processing is necessary to protect our legitimate interests or the legitimate interests of a third party, unless your interests or fundamental rights and freedoms which require the protection of personal data override (Art. 6 para. 1 S letter f) DSGVO).

 

Paragraph I

​

 

1. definitions

This data protection declaration is based on the terms used by the European Directive and Ordinance Maker when adopting the General Data Protection Regulation (DS-GVO). Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terminology used in advance.

We use the following terms, among others, in this data protection declaration:

 

a) personal data

Personal data means any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

​

b) Data subject

Data subject means any identified or identifiable natural person whose personal data are processed by the controller.

 

c) Processing

Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

​

 

d) Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

​

 

e) Profiling

Profiling is any type of automated processing of personal data that consists of using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to that natural person's job performance, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location.

f) Pseudonymization

Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separate and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

​

 

g) Controller or person responsible for processing.

The controller or data processor is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.

​

 

h) Processor

Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

i) Recipient

Recipient means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients.

​

 

j) Third Party

Third party means a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.

​

 

k) Consent

Consent shall mean any freely given indication of the data subject's wishes for the specific case in an informed and unambiguous manner, in the form of a statement or any other unambiguous affirmative act by which the data subject indicates that he or she consents to the processing of personal data relating to him or her.

2. name and address of the controller.

The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is:

 

Footprints International e.V.

Wilstedter Str. 90

24558 Henstedt Ulzburg

e-mail: jw at footprints-international.org

​

 

3. name and address of the data protection officer

Legally, due to the size of the association, we are not obliged to appoint a data protection officer. However, any data subject may contact us directly at any time with any questions or suggestions regarding data protection (see above for address).

​

 

4. server log files

During the purely informative use of our website, general information that your browser transmits to our server is initially stored automatically (i.e. not via registration). This includes by default: browser type/version, operating system used, page accessed, the previously visited page (referrer URL), IP address, date and time of the server request and HTTP status code. 

The processing is carried out to protect our legitimate interests and is based on the legal basis of Art. 6 (1) f) DSGVO. This processing serves the technical administration and security of the website. The stored data is deleted after seven days, unless there is a justified suspicion of unlawful use based on concrete indications and further examination and processing of the information is necessary for this reason.

We are not able to identify you as a data subject on the basis of the stored information. Articles 15 to 22 of the GDPR therefore do not apply pursuant to Article 11 (2) of the GDPR, unless you provide additional information that enables us to identify you in order to exercise your rights set out in these articles.

5. cookies

This website uses cookies. Cookies are text files that are placed and stored on a computer system via an Internet browser. Numerous Internet pages and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters by which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the visited Internet pages and servers to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.

Through the use of cookies, the users of this website can be provided with more user-friendly services that would not be possible without the cookie setting.

By means of a cookie, the information and offers on our website can be optimized for the user. Cookies enable us, as already mentioned, to recognize the users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, the user of a website that uses cookies does not have to re-enter his or her access data each time he or she visits the website, because this is handled by the website and the cookie stored on the user's computer system. Another example is the cookie of a shopping cart in an online store. The online store remembers the items that a customer has placed in the virtual shopping cart via a cookie.

The data subject can prevent the setting of cookies by our website at any time by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs.

This is possible in all common Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.

6. collection of general data and information

This website collects a series of general data and information with each call of the website by a data subject or an automated system.

This general data and information is stored in the log files of the server. The following can be recorded:

(1) browser types and versions used,

(2) the operating system used by the accessing system,

(3) the website from which an accessing system arrives at our website (so-called referrer),

(4) the sub-websites that are accessed via an accessing system on our website,

(5) the date and time of an access to the Internet site,

(6) an Internet protocol address (IP address),

(7) the Internet service provider of the accessing system, and

(8) other similar data and information that serve to avert danger in the event of attacks on our information technology systems.

When using these general data and information, we do not draw any conclusions about the data subject. Rather, this information is required in order to:

(1) correctly deliver the contents of our website,

(2) optimize the content of our website and the advertising for it,

(3) ensure the long-term functionality of our information technology systems and the technology of our website, and

(4) to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.

This anonymously collected data and information is, on the one hand, evaluated statistically and, on the other hand, with the aim of increasing the data protection and data security of our organization, and ultimately ensuring an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from any personal data provided by a data subject.

7. contact possibility via the website

Based on statutory provisions, our website contains data that enable a quick electronic contact to our organization, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or by using a contact form, the personal data transmitted by the data subject will be stored automatically. Such personal data transmitted on a voluntary basis by a data subject to the controller will be stored for the purpose of processing or contacting the data subject. No disclosure of such personal data to third parties will take place.

​

 

8. routine erasure and blocking of personal data.

The controller processes and stores personal data of the data subject only for the period of time necessary to achieve the purpose of storage or insofar as this has been provided for by the European Directive and Regulation or other legislator in laws or regulations to which the controller is subject.

If the storage purpose ceases to apply or if a storage period prescribed by the European Directive and Regulation Maker or another competent legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions. 

9. rights of the data subject

 

As a data subject, you have the right to assert your data subject rights against us. In particular, you have the following rights:

 

• In accordance with Art. 15 DSGVO and Section 34 BDSG, you have the right to request information as to whether and, if so, to what extent we are processing personal data relating to you or not. 

• You have the right to demand that we correct your data in accordance with Art. 16 DSGVO.

• You have the right, in accordance with Art. 17 DSGVO and § 35 BDSG, to demand that we delete your personal data.

• You have the right to have the processing of your personal data restricted in accordance with Art. 18 DSGVO.

• You have the right, in accordance with Art. 20 DSGVO, to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format and to transfer this data to another controller.

• If you have given us separate consent to data processing, you may revoke this consent at any time in accordance with Article 7 (3) DSGVO. Such a revocation will not affect the lawfulness of the processing that was carried out on the basis of the consent until the revocation.

• If you believe that a processing of personal data concerning you violates the provisions of the GDPR, you have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR.

10. privacy policies of the individual social media providers.

If you decide to share this page on a social network, personal data will be transmitted, which may give the providers insight into your surfing behavior. For more information on what data the providers collect and how it is used, please refer to the respective privacy policies.

• Facebook: https://de-de.facebook.com/about/privacy/ 

• Google: https://www.google.de/intl/de/policies/privacy/ 

• Instagram: https://help.instagram.com/519522125107875

​

 

13. retrieval of images from Instagram

This site retrieves images from time to time, especially during media campaigns, via an interface of the service Instagram. By calling up this website, no data is yet transmitted to Instagram. However, if you click on the linked images, you will be redirected to Instagram and data will be transferred through Instagram. Instagram is a service that qualifies as an audiovisual platform and allows users to share photos and videos and also to redistribute such data in other social networks. The operating company of the Instagram services is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA. Further information and the applicable privacy policy of Instagram can be found at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.

14. our social media appearances

Data processing through social networks

We maintain publicly accessible profiles on social networks. The social networks used by us in detail can be found below.

Social networks such as Facebook, Instagram, etc. can generally analyze your user behavior extensively when you visit their website or a website with integrated social media content (e.g. Like buttons or advertising banners). By visiting our social media presences, numerous data protection-relevant processing operations are triggered.

In detail:

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your terminal device or by recording your IP address.

With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, you can be shown interest-based advertising inside and outside the respective social media presence. Provided you have an account with the respective social network, the interest-based advertising may be displayed on all devices on which you are or were logged in.

Please also note that we cannot track all processing on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

Legal basis

Our social media presences are intended to ensure the most comprehensive presence possible on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO. The analysis processes initiated by the social networks may be based on deviating legal bases to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) lit. a DSGVO).

Responsible party and assertion of rights

If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both vis-à-vis us and vis-à-vis the operator of the respective social media portal (e.g. vis-à-vis Facebook).

Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely determined by the corporate policy of the respective provider.

Storage period

The data collected directly by us via the social media presence is deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Mandatory legal provisions - in particular retention periods - remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

 

Social networks in detail

 

- Facebook

We have a profile on Facebook. The provider is Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA. Facebook has certification in accordance with the EU-US Privacy Shield.

There is an agreement with Facebook on joint responsibility for the processing of data (Controller Addendum). This specifies the data processing operations for which we or Facebook is responsible when you visit our Facebook fan page. The Controller Addendum can be viewed at the following link:

https://www.facebook.com/legal/terms/page_controller_addendum

You can adjust your advertising settings independently in your user account. To do so, click on the following link and log in:

https://www.facebook.com/settings?tab=ads

For details, please refer to Facebook's privacy policy:

https://www.facebook.com/about/privacy/

 

- Instagram

We have a profile on Instagram. The provider is Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA. For details on how they handle your personal data, please refer to Instagram's privacy policy:

https://help.instagram.com/519522125107875

Deletion of inappropriate posts and comments 

 

Via our social - media presences we offer a forum to discuss, exchange opinions or comment on our activities. Unfortunately, it also happens that users of the social network post inappropriate content, insult other users or claim untrue facts. In order to protect the personal rights of other users or to safeguard our interests, we delete such posts if we can.

We also store information about a deleted post and the person responsible for it in a database. This serves to be able to provide evidence about the content of the post and the person responsible for it in the event of legal proceedings for the deletion or other infringement. This processing serves our legitimate interest to protect the right of other users and our interests and is based on the legal basis of Art. 6 (1) (f) DSGVO. This processing is carried out by us as the sole controller.

​

 

15. use of web fonts

External fonts, Google Fonts, are used on these web pages. Google Fonts is a service of Google Inc ("Google"). The integration of these web fonts takes place through a server call, usually a Google server in the USA. This transmits to the server which of our Internet pages you have visited. The IP address of the browser of the end device of the visitor to these Internet pages is also stored by Google. You can find more information in Google's privacy policy, which you can access here:

http://www.google.com/fonts#AboutPlace:about

http://www.google.com/policies/privacy/

​

 

16. SSL encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

17. legal basis of processing

Art. 6 I lit. a DS-GVO serves our organization as the legal basis for processing operations in which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, the processing is based on Art. 6 I lit. b DS-GVO. If our organization is subject to a legal obligation by which a processing of personal data becomes necessary, the processing is based on Art. 6 I lit. c DS-GVO. Processing operations not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to protect a legitimate interest of our organization or a third party, provided that the interests, fundamental rights and freedoms of the data subject are not overridden.

​

 

18. legitimate interests in processing pursued by the controller or a third party.

If the processing of personal data is based on Article 6 I lit. f DS-GVO, our legitimate interest is the performance of our activities for the benefit of the well-being of all our employees.

​

 

19. Duration for which the personal data are stored.

The criterion for the duration of the storage of personal data is the respective statutory retention period. After expiration of the period, the corresponding data is routinely deleted, provided that it is no longer required for the fulfillment or initiation of the contract. This applies in particular to data of donors who have a school sponsorship with FPI.

​

 

20. legal or contractual requirements to provide the personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of not providing the data

We inform you that the provision of personal data is sometimes required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner).

Sometimes it may be necessary for the conclusion of a contract, for example the registration for a school sponsorship, that a data subject provides us with personal data, which subsequently must be processed by us. For example, the data subject is obliged to provide us with personal data if our organization concludes a contract with him or her. Failure to provide the personal data would, under certain circumstances, mean that the contract or sponsorship could not be concluded with the data subject.

Before providing personal data by the data subject, the data subject must contact one of our employees. Our employee will explain to the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data, and what the consequences of not providing the personal data would be.

21. existence of automated decision making

As a responsible organization, we do not use automated decision making or profiling.

​

 

22. Right of objection

In accordance with Article 21(1) DSGVO, you have the right to object to processing based on the legal basis of Article 6(1)(e) or (f) DSGVO on grounds relating to your particular situation. If personal data about you is processed by us for the purpose of direct marketing, such as personal letters, you may object to such processing pursuant to Article 21 (2) and (3) DSGVO.

​

 

23. Contact form

Our websites contain forms through which you can send us information. Thus, you can send us messages via the contact form or register for certain actions or campaigns via other forms. The transfer of your data is encrypted. The data fields marked as mandatory in a form must be filled in so that your request can be processed by us. Failure to provide this information will result in us not being able to process your request. The provision of further data is voluntary. To send us a message, you can alternatively use our contact e-mail address provided. We process the data provided in a form for the purpose of responding to your request or to make the requested registration for a specific action or campaign and to carry it out.

The legal basis for the data processing is Art. 6 para. 1 b) DSGVO.

​

 

24. integrated services and contents of third parties

 

We use services, services and content (hereinafter collectively referred to as "content") provided by third-party providers on our website. For such integration, processing of your IP address is technically necessary so that the content can be sent to your browser. Your IP address is therefore transmitted to the respective third-party providers.

This data processing is carried out in each case to protect our legitimate interests in the optimization and economic operation of our website and is based on the legal basis of Art. 6 (1) f) DSGVO. 

You can object to this data processing at any time via the settings of the browser used or certain browser extensions. One such extension is, for example, the Matrix-based firewall uMatrix for the browsers Firefox and Google Chrome. Please note that this may result in functional restrictions on the website.

We have integrated content from the following services provided by third-party providers into our website:

• "YouTube" of YouTube LLC (901 Cherry Ave., San Bruno, CA 94066, USA; "YouTube") and.

• Vimeo, Inc., 555 West 18th Street, New York, New York 10011, USA

for the display of videos.