PRIVACY POLICY

Thank you for visiting our website and for your interest. We see data protection as a customer-oriented quality feature, and the protection of your personal data and the safeguarding of your personality rights are important to us.

 

With this privacy policy, we want to transparently provide all visitors to our website with information about the type, scope and purpose of the personal data we collect, use and process, and to enlighten you about the rights to which you are entitled.

 

Our website can generally be used without the provision of personal data. However, the processing of your personal data may become necessary if you use our services through the website.

 

The data that is automatically collected when you visit our website, or the personal data you input when you use our services, will be processed in accordance with the current legal provisions for the protection of personal data.

 

If the processing of your personal data is necessary and there is no legal basis for such processing, we will always obtain consent for the necessary processing purpose.

 

As the company responsible for processing, we have laid down technical and organisational measures to ensure the highest possible level of protection of your personal data.

 

However, please note that there may be security gaps with respect to data transmission via the World Wide Web.

 

You may also contact us by telephone if you would like to use our services and do not wish to transmit data via the World Wide Web.


1. Controller’s contact details

 

The Controller within the meaning of the General Data Protection Regulation is:

 

Filmakademie Baden-Württemberg GmbH
Akademiehof 10, 71638
Ludwigsburg Tel.: +49 7141 969 0
Email: info@filmakademie.de


Herr Stephan Hartinger
Coseco GmbH
Telefon: 08232 80988-70
Email: datenschutz@coseco.de


2. Collection of general access information

 

The server log file information that your browser transmits to us every time you visit our website will be recorded automatically. These are:

 

  • The accessing computer’s IP address (internet protocol address);
  • The website from which you visit us (referrer);
  • The webpage that you visit on our site;
  • Date and duration of your visit;
  • Browser type and settings;
  • Operating system.

 

Please note that this data cannot be assigned to specific persons. We will only use this technical access information for the following purposes:

 

  • To improve our websites’ attractiveness and usability;
  • To detect technical problems on our website at an early stage;
  • To deliver the contents of our website correctly;
  • To provide law enforcement agencies with the information necessary for prosecution in the event of a cyberattack.

 

This data will be stored for a maximum of 7 days as a technical precaution to protect the data processing systems against unauthorized access.


3. Collection and passing on of personal data

 

We will only use your personal data for the purposes stated on this data protection information page.

 

Our website has the following input masks for the collection of personal data: Registration on our web site


3.1. Submission of application documents

 

In case of your application (online application or by email), we will collect and process various personal application data.

 

These include, in particular, your

 

  • Contact information (name, address, telephone number and email address);
  • Application documents (application letter, curriculum vitae, certificates or other evidence of formal training and qualifications).

 

As part of an online application through the application form, transmission will be carried out exclusively via an encrypted page in accordance with the currently recognised state of the art, so that your personal data and your application documents will be protected against manipulation and unauthorised access.

 

After dispatch, you will receive an email confirming receipt of your application documents.

 

Your personal application data will be collected and processed exclusively for the purpose of filling positions within our company. Your data will only be forwarded to the internal units and departments of our company responsible for the specific application procedure. Your personal application data will not be passed on to other companies without your prior express consent. Your application data will not be used by or passed on to third parties beyond these limits.

 

Your personal application data will be deleted automatically three months after the application process has been completed. This does not apply if statutory provisions prevent deletion, if further storage is necessary for the purpose of providing evidence, or if you have expressly consented to longer storage, e.g. for future job advertisements.

 

If an employment contract is concluded with an applicant, the transmitted data will be stored for the purpose of implementing the employment relationship in accordance with the statutory provisions.


3.2. Making contact by email

 

On our website, we offer you the option of contacting us by email.

 

The personal data you transmit will be stored automatically if you contact us by email or through a contact form.

 

Such personal data which you provide to us voluntarily will be stored for the purpose of processing your inquiry or contacting the person concerned. This personal data will not be passed on to third parties.


4. What are cookies used for?

 

Our website uses so-called cookies in several places. Detailed information and which cookies are used can be found in our cookie policy.


Use and application of tracking and analysis tools and social plug-ins

Use of Matomo

Data is collected and stored on this website using Matomo web analysis service software (www.matomo.org), a service of InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, (“Matomo”) on the basis of our legitimate interest in the statistical analysis of user behaviour for optimisation and marketing purposes pursuant to Art. 6(1)(f) GDPR. Pseudonymised user profiles can be created and evaluated from this data for the same purpose. Cookies may be used for this purpose. Cookies are small text files that are stored locally in the cache of the website visitor's internet browser. The cookies enable the recognition of the internet browser, among other things. The data collected with the Matomo technology (including your pseudonymised IP address) will be processed on our servers.

 

The European Commission has decided by means of a so-called adequacy decision pursuant to Art. 45 GDPR that New Zealand offers an adequate level of protection for personal data.

 

The information generated by the cookie in the pseudonymous user profile will not be used to personally identify visitors to this website, and will not be combined with personal data about the bearer of the pseudonym.

 

If you do not agree to the storage and evaluation of this data from your visit, then you can subsequently object to the storage and use at any time with a click of the mouse. In this case, a so-called opt-out cookie will be stored in your browser, which means that Matomo will not collect any session data. Please note that the complete deletion of your cookies means that the opt-out cookie will also be deleted and you may have to reactivate it.

 

You can decide here whether a unique web analysis cookie may be stored in your browser to enable the website’s operator to collect and analyse various statistical data.

 

5. Processing of information by third parties


FMX discloses personal data to:


I) Service providers


In the maintenance of its website and in its service provision, FMX uses service providers to process data for the purposes detailed in this data protection policy. Our website makes use of the cookies of our service providers, which enable the compilation of statistics and analysis on the use of the website. For more information on the cookies, see FMX Cookie Policy.


II) Statutory reasons


FMX may disclose your personal data to third parties if access to personal data or other processing of personal data is required to i) fulfill statutory responsibilities or a court order; ii) detecting, preventing or handling misuses, security risks or technical issues.


III) Presence on Social Media


We maintain an online presence on social networks and platforms so that we can communicate with customers, users, and other interested parties that are active on these platforms and provide them with information about our services. When visiting each of these platforms, you as a user agree to the terms and conditions and the data processing guidelines of the corresponding operator.


Please be aware that user data may also be processed outside the European Union. This may present risks for users – making it more difficult for them to exercise their rights, for example.


Furthermore, user data is predominantly processed for the purposes of market research and advertising. For example, usage profiles can be created on the basis of user behavior and the user interests deduced from this behavior. Usage profiles can in turn be used, for instance, to place within and outside of these platforms advertisements that are likely to be of interest to users. For these purposes, cookies containing details of users’ behavior and interests are generally stored on users’ computers. Usage profiles may also be used to store data independently of users’ devices (particularly if users are members of the relevant platforms and are logged into them).


Users’ personally identifiable information is processed in line with our legitimate interests in providing information to users and communicating with them effectively, in accordance with Art. 6(1)(f) GDPR. If users are asked for consent to the aforementioned data processing by the relevant platform providers, the legal basis for processing is Art. 6(1)(a) and Art. 7 GDPR.

For a detailed description of the relevant processing and ways of objecting (opt-out), please refer to the following links to information from the providers.


Please be advised that requests for information and the exercising of user rights can also be handled most effectively by the providers. Only the provider has access to users’ data and can take any appropriate action directly as well as offer information. If you still require assistance, however, please get in touch with us.


Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland)
Privacy Policy: https://www.facebook.com/about/privacy/
Opt-Out Option: https://www.facebook.com/settings?tab=ads


Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA)
Privacy Policy: https://twitter.com/en/privacy
Opt-Out Option: https://twitter.com/personalization


Instagram (Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland)
Privacy Policy: https://help.instagram.com/519522125107875
Opt-Out Option: https://help.instagram.com/196883487377501


Linktree
To enable visitors of our Instagram page to use hyperlinks to FMX's profiles on other social media platforms, our website, and this privacy policy, we use the service linktr.ee provided by Bolster Creative PTY LTD, 37 Islington Street, Collingwood, Melbourne, Australia. When you use the link page, your IP address is transmitted to the provider. This is anonymized by the provider of the service and not processed further. Likewise, no cookies are used by the provider. You can find more information about data protection at Linktree here: https://linktr.ee/trust-centre


LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland)
Privacy Policy: https://www.linkedin.com/legal/privacy-policy
Opt-Out Option: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

 

5.1. YouTube


Embedded Videos


Our webpages may contain YouTube plugins or videos published on the "YouTube" platform, for example here. YouTube is a service of Google Inc. When you visit our webpages that contain a YouTube plugin or video, a connection to the YouTube servers is established and YouTube is informed which of our webpages you have visited. In the process, YouTube places cookies on your device.


If you are logged into your YouTube account while visiting our webpages that contain a YouTube plugin or video, it is possible for YouTube to associate your visit to our webpages with your YouTube account.


If you are logged into your YouTube account during your visit to our webpages that contain a YouTube plugin or video and activate a YouTube plugin by selecting a video button on our webpages or leave a comment on our video uploaded to YouTube, YouTube will assign this information to your YouTube account.


If you do not want YouTube to collect, process or use data about your visit to our webpages and link it to your user account, you must log out of YouTube before visiting our webpages and block the setting of cookies by YouTube in your browser or delete cookies set by YouTube in the past from your computer.


YouTube’s data protection provisions, available at https://www.google.com/intl/en/policies/privacy/, provide information about the collection, processing and use of personal data by YouTube and Google.

 

Youtube Channel

 

FMX uses the video portal (hereinafter “YouTube platform”) provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“YouTube”). We use the YouTube technical platform and its services to operate our own YouTube channel at: https://www.youtube.com/@FMXconference

 

Any views you express as a user via the interactive functions supported by the YouTube platform (e.g. “Share”, “Like”, or “Comment”) are your sole responsibility.


This privacy statement provides information about how data is processed by YouTube and how we process data on our YouTube channel.

 

5.1.1. What data do we process in the context of using YouTube?


We do not directly process any data in the context of our YouTube channel. However, any data you enter on the YouTube platform as a registered user (e.g. your user name and any content published under your own account), is processed by us as follows:


- We may share or respond to your comments


- We may write a post that references your profile


In this case, the data you have entered on the YouTube platform (specifically your (user) name and any content published under your own account), is processed by being added to our account and shared with our fans.


5.1.2. Legal basis and legitimate interests in relation to our data processing activities


We process personal data on the basis of legitimate interest in effective dialogue and exchange with YouTube users and visitors to our profile, as well as in relation to communication with YouTube users, including representing FMX, in accordance with Article 6 Paragraph 1 a) GDPR. Insofar as visitors publish or share special categories of personal data in comments or private messages, etc., data processing is based on this information having been made public (Article 9 Paragraph 2 e) GDPR) and/or the data subject having given explicit consent to data processing (Article 9 Paragraph 2 a) GDPR).


5.1.3. What data does YouTube process?


The data collected from you when you use YouTube is processed by YouTube and may be transferred to countries outside the European Union. Data entered when visiting our fan page may be forwarded to Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, headquartered in the USA, and processed there. We have no control over the nature and extent of data processing by YouTube or over the processing and use or sharing of this data with third parties, in particular in countries outside the European Union.


Google’s privacy policy explains what data it processes and the purposes for which data are used: https://policies.google.com/privacy?hl=en-GB


Fundamentally, data processing involves:


• First name and surname


• Telephone number


• E-mail address


• Credit card number


• Information about your device (e.g. hardware, operating system, device ID, mobile network)


• Protocol data (e.g. IP address, referring URL, date and time of request, browser type, location)

 

Please note that even if you do not have your own YouTube profile, YouTube will still collect data from you if you use third-party websites and apps which use YouTube services or with which YouTube jointly offers services. This includes, for example, information about websites and apps you have visited and used as well as interactions with advertisers.


Furthermore, cookies and similar technologies can be used to record your visits to these websites and link them to your profile. This data can then be used to offer you personalised content or advertising.


Information about how to contact YouTube can be found here: https://www.google.com/intl/de_de/+/policy/imprint.html


Information about how YouTube uses information retained when you visit the YouTube platform for its own purposes or shares such information with third parties is also provided in Google’s privacy policy: https://policies.google.com/privacy?en-gb


Please note that under certain circumstances YouTube may combine personal information with information, including personal information, from other Google services. More information about this is provided here: https://www.google.com/intl/de/policies/privacy/example/combine-personal-information.html


If you have your own account, your activities on other websites and in apps may be linked to your personal data in order to improve the services offered by YouTube or Google or advertising embedded by them. However, this depends on your account settings. More information about this is provided here: https://policies.google.com/privacy/example/your-activity-on-other-sites-and-apps?en-gb

 

5.1.4. How can you restrict how YouTube processes your data?


You can check and update how your data is processed in the Google Activity Controls. You can use the Google Dashboard to check and manage certain types of information linked to your Google account. You can view and edit your ad preferences in the Google ad personalisation settings. You can find information about this and other settings and options (with related links) here: https://policies.google.com/privacy?hl=en-GB


You can also set up your browser to block all cookies, including provider cookies, or to warn you as soon as a provider sets a cookie. Furthermore, on a mobile device, you can restrict a service’s access to contact and calendar information, photos, location data, etc. in the device settings. However, the available options will be determined by your device’s operating system. The service’s privacy policy contains more information about access to your personal data and how it is updated: https://policies.google.com/privacy?hl=en-GB


5.1.5. Your rights as a data subject


Please see Paragraph 7.

 


5.1.6. Contact details for our data protection officer


Please see Paragraph 1.

 

 

5.2. Facebook


5.2.1. Joint responsibility for data processing


FMX operates a Facebook fan page on the online platform provided by the social media network Facebook Ireland Limited (“Facebook Ireland”).


Together with Facebook Ireland we are jointly responsible for data processing in connection with this fan page in accordance with the regulations set out in Article 4, point 7 of the General Data Protection Regulation (GDPR). The scope of our responsibility includes data processing associated with Page Insights in particular (see C. b) below).


When you visit this fan page, your personal data is processed by Facebook Ireland and by us (the data controllers).


This data protection information will explain the extent to which your personal data (hereinafter simply “data”) is processed in this context.
The underlying terms of service of Facebook Ireland (including other conditions and directives listed therein) are published here:


https://www.facebook.com/legal/terms,


supplemented by the Page Insights Controller Addendum, which is available here


https://www.facebook.com/legal/terms/page_controller_addendum


These two documents alone contain the relevant provisions regulating how data is processed.


5.2.2. Data processing and its purposes


a) Operation of our fan page


Dialogue and communication


We operate our Facebook fan page as a means of making contact and engaging in dialogue with users of and visitors to the Facebook Ireland social network. Sometimes we use our page to provide information about FMX and its products and services (e.g. past or current events, promotional campaigns and special offers, etc.).


b) Use of Insights and cookies


We use the “Insights” service provided by Facebook Ireland on our fan page to obtain anonymised statistical data relating to users of our fan page.


When you visit our fan page, Facebook Ireland saves a data package called a cookie on your device. This cookie contains a user identifier assigned to you. If you are a registered Facebook user, this user ID can be linked to your data. The information saved in the cookie is processed by Facebook. It is also possible for third parties to use information from Facebook cookies to provide services to companies that advertise on Facebook.


If they are not deleted, cookies remain active for two years.


For more information about Page Insights, please read the Page Insights Addendum between Facebook Ireland and us which explains about responsibility for data processing:


https://www.facebook.com/legal/terms/page_controller_addendum


Facebook’s Cookie Policy provides more information about how Facebook Ireland uses cookies:


https://www.facebook.com/policies/cookies/


5.2.3. Legal basis and legitimate interests in relation to our data processing activities


We process personal data on the basis of a legitimate interest in effective dialogue and exchange with Facebook users and visitors to our profile, as well as in relation to communication with Facebook users, including representing FMX, in accordance with Article 6 Paragraph 1 a) GDPR.


5.2.4. Sharing of data and data transfer to the USA


Data entered when visiting our fan page may be forwarded to Facebook Inc., which is headquartered in the USA, and processed there.


We do not share data in the context of operating our fan page.


5.2.5. Submitting objections for your Facebook account


As a Facebook user, you have the possibility to set ad preferences in your Facebook account determining the extent to which your user activity is recorded when you visit our fan page. Facebook also has a form for submitting objections:


https://www.facebook.com/help/contact/1994830130782319


5.2.6. Your rights as a data subject


Please see Paragraph 7.


5.2.7. Contact details for our data protection officer


Please see Paragraph 1.

 

 

5.3. LinkedIn


5.3.1. Information on the collection of personal data


1. As joint operators of our LinkedIn page, FMX together with the operator of the social network, the LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, hereinafter referred to as “LinkedIn”, are the controller as defined in Article 4 paragraph 7 of the General Data Protection Regulation (GDPR). When you visit our LinkedIn page, your personal data are processed by the controller.


2. Use of the LinkedIn portal is based on the Terms of Use of LinkedIn at https://www.linkedin.com/legal/user-agreement and the other terms, conditions and guidelines stipulated on the website. These particularly include the LinkedIn Privacy Policy at https://www.linkedin.com/legal/privacy-policy and Cookie Policy at https://www.linkedin.com/legal/cookie-policy.


3. Information on how LinkedIn handles personal data on the LinkedIn portal can be found in the LinkedIn Privacy Policy at https://www.linkedin.com/legal/privacy-policy, in the LinkedIn Cookie Policy at https://www.linkedin.com/legal/cookie-policy and on the LinkedIn Help pages at https://www.linkedin.com/help/linkedin?trk=microsites-frontend_legal_privacy-policy&lang=en or https://www.linkedin.com/help/linkedin?trk=microsites-frontend_legal_user-agreement&lang=en.


5.3.2. Information on data processing


1. To provide you with our LinkedIn page and the corresponding services, we process your data according to the following legal bases: On the basis of an assessment of interests pursuant to Article 6 paragraph 1 lit. a) GDPR.


2. In connection with each data processing activity, we refer to the corresponding terms and concepts in the GDPR so that you can identify the basis on which we process personal data.


5.3.3. Collection of personal data when you visit our LinkedIn page


1. We operate this LinkedIn page to present FMX to, and to communicate with, the users of LinkedIn and other interested individuals who visit our LinkedIn page. We only want to find out which content and information attract the interest of the users of our LinkedIn page so that we can continue to make our page more attractive. The processing of the personal data of the users is carried out based on our legitimate interests in an optimized presentation of FMX. The legal basis for the data processing is Article 6 paragraph 1 lit. a) GDPR.

 

2. LinkedIn (the LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) processes personal data and information for market research and advertising purposes. LinkedIn evaluates your pattern of use to present its advertisements in a more targeted manner. Furthermore, LinkedIn enables us as the operator of the LinkedIn page to receive statistics, which it produces based on the visits of users of our LinkedIn page. The purpose of these statistics is to enable us to control the marketing of our business activities. The statistics allow us to, for example, obtain knowledge of the profiles of the users who visit and view our LinkedIn page, read posts or use applications on the page; to provide the users with more relevant content and to develop functions that may be more interesting for the users. These use profiles can in turn also be used to, for example, publish advertisements that are likely to correspond to the users’ interests both within and outside of the networks. For these purposes, cookies are normally installed on users’ devices. These cookies store information on the pattern of use and interests of the users. Furthermore, data can also be stored in the use profiles independent of the devices used by the users. This is particularly the case if users are members of LinkedIn and are logged into their account.

 

3. To gain a better understanding of how we can make our LinkedIn page more interesting for users, demographic and geographic evaluations are produced based on the information recorded by LinkedIn and provided to us. We can use this information to publish interest-based advertisements in a targeted manner without obtaining direct knowledge of the identity of the user. If you use LinkedIn on several different devices, the collection and evaluation can also occur across different devices when the users are registered members of LinkedIn and are logged into their own profile.

 

4. The user statistics produced are only transmitted to us in anonymized form. We have no access to the data that form the basis of these statistics.

 

5. In its Privacy Policy, LinkedIn states that some of the information collected may also be processed outside the European Union, including in the USA. This may lead to risks for you, especially with regard to it being more difficult for you to enforce your rights.

 

6. We do not disclose any personal data to third parties.

 

5.3.4. Possibilities to object on LinkedIn

1. Users of LinkedIn can use the LinkedIn settings for advertising preferences to influence the extent to which their user behavior is allowed to be recorded when they visit our LinkedIn page. Further possibilities can be found in the LinkedIn settings at https://www.linkedin.com/psettings/privacy, https://www.linkedin.com/psettings/advertising, https://www.linkedin.com/psettings/messages, https://www.linkedin.com/psettings/account and https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

 

2. Users can additionally prevent the processing of information via the cookies used by LinkedIn by blocking cookies from third parties or those from LinkedIn in their own browser settings.

 

5.3.5. Nature of joint responsibility


The agreements with LinkedIn, including those concerning joint responsibility, mainly indicate that information requests and the enforcement of further rights of the data subject should most appropriately be carried out directly via LinkedIn. As the provider of the social network LinkedIn, LinkedIn solely has the direct means of access and the information required to be able to process your inquiries and requests. LinkedIn can additionally take any required measures directly and provide information. If you nevertheless require our support, please feel free to contact us at any time.


5.3.6. Your rights as a data subject


Please see Paragraph 7.

 


5.3.7. Contact details for our data protection officer


Please see Paragraph 1.

 

 


6. Deletion, blocking and duration of the storage of personal data

 

We will only process and store your personal data for the period of time required to achieve the respective storage purpose or which is stipulated by law. After a storage purpose ceases to subsist or after expiry of the statutorily stipulated storage period, the personal data will be routinely blocked for further processing or deleted in accordance with the statutory provisions.


7. Data subject’s privacy rights

 

You can contact us in writing at any time if you have any questions about your personal data. You have the following rights under the GDPR:


7.1 Right to information (Article 15 GDPR)

 

You have the right to receive information at any time about which categories and information concerning your personal data we are processing for which purpose and how long and according to which criteria these data will be stored, and whether an automated decision-making process including profiling has been applied in this connection. You also have the right to know to which recipients or categories of recipients your data has been or is still being disclosed, in particular recipients in third countries or international organisations. In this case, you also have the right to be informed about appropriate safeguards in connection with the transmission of your personal data.

 

In addition to the right to lodge complaints with the supervisory authority and the right to information about your data’s provenance, you have the right to have your personal data erased and rectified and the right to restrict or object to the processing of your personal data.

 

In all the above cases, you have the right to request a free copy of your personal data that we have processed from the data processor. We are entitled to charge an appropriate administrative fee for all additional copies that you request or which go beyond the data subject's right to information.


7.2 Right to rectification (Article 16 GDPR)

 

You have the right to request the immediate rectification of your incorrect personal data and, taking into account the purposes of the processing, to request the completion of incomplete personal data including by means of providing a supplementary statement.

 

You can contact our data protection officer or the data controller at any time if you wish to exercise your right to rectification.


7.3 Right to erasure (Article 17 GDPR)

 

You have the right to demand the immediate erasure of your data (“right to be forgotten”) especially if the storage of the data is no longer necessary, if you revoke your consent to data processing, if your data was processed unlawfully or was collected unlawfully and if there is a legal obligation to erase under EU or national law.

 

However, the right to be forgotten shall not apply if there is an overriding right to freedom of expression or information, if data storage is necessary for the fulfilment of a legal obligation (e.g. storage obligations), if archiving purposes prevent erasure or if the storage serves to establish, exercise or defend legal claims.


7.4 Right to restriction of processing (Article 18 GDPR)

 

You have the right to request the controller to restrict the processing of your data if you dispute the data's accuracy, if the processing is unlawful and you oppose the erasure of your personal data and instead request a restriction of its processing, if the necessity for the processing purpose ceases or if you have objected to the processing in accordance with Article 21(1), as long as it is has not yet been established whether there are any legitimate reasons on our part which outweigh yours.


7.5 Right to data portability (Article 20 GDPR)

 

You have the right to the portability of your personal data which you have provided to our company in a standard format, so that you can have your personal data transmitted to another controller without hindrance, provided, for example, that you have given your consent and the processing is carried out using an automated procedure.


7.6 Right to object (Article 21 GDPR)

 

You have the right to object at any time to the collection, processing or use of your personal data for the purposes of direct advertising or market and opinion research as well as general business data processing, unless we can prove compelling reasons worthy of protection for processing which outweigh your interests, rights and freedoms. Furthermore, you cannot exercise your right to object if a statutory provision stipulates or requires the data’s collection, processing or use.


7.7 Right to lodge a complaint with the Data Protection Supervisory Authority (Article 77 GDPR in conjunction with Section 19 of the German Federal Data Protection Act)

 

You have the right to lodge a complaint with the competent supervisory authority if you believe there has been an infringement in the processing of your personal data.


7.8 Right to withdrawal of consent (Art. 7(3) GDPR)

 

You can withdraw your consent to the processing of your personal data at any time and without giving reasons. This also applies to the revocation of declarations of consent given to us prior to the EU General Data Protection Regulation’s entry into force.


8. Legal basis of the processing

 

Article 6(1)(a) of the General Data Protection Regulation (GDPR) is the legal basis for the processing of personal data for which we obtain the data subject’s consent.

 

Article 6(6) GDPR is the legal basis for the processing of personal data required for the performance of a contract to which the data subject is a contractual party. This provision also covers processing operations necessary to implement pre-contractual measures.

 

Article 6(1)(c) GDPR is the legal basis for a processing of personal data necessary to fulfil a legal obligation to which our company is subject.

 

Article 6(1)(f) GDPR is the legal basis for processing that is necessary to protect a legitimate interest of our company or a third party, and if the data subject’s interests, fundamental rights and freedoms do not outweigh the first-mentioned interest. Our company’s legitimate interest lies in the performance of our business activities and in the analysis, optimisation and maintenance of our online offer’s security.


9. Transfer of data to third parties

 

We generally do not sell or lease out user data. Data will only be transmitted to third parties beyond the scope described in this privacy policy if this is necessary for the processing of the respective requested service.

 

We will only transfer data if there is a legal obligation to do so. This is the case if state institutions (e.g. law enforcement authorities) request information in writing or if there is a court order.

 

No personal data will be transferred to so-called third countries outside the EU/EEA.


10. Data protection provisions about the application and use of YouTube

 

On this website, the controller has integrated components of YouTube. YouTube is an Internet video portal that enables video publishers to set video clips and other users free of charge, which also provides free viewing, review and commenting on them. YouTube allows you to publish all kinds of videos, so you can access both full movies and TV broadcasts, as well as music videos, trailers, and videos made by users via the Internet portal.

 

The operating company of YouTube is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

 

With each call-up to one of the individual pages of this Internet site, which is operated by the controller and on which a YouTube component (YouTube video) was integrated, the Internet browser on the information technology system of the data subject is automatically prompted to download a display of the corresponding YouTube component. Further information about YouTube may be obtained under www.youtube.com/yt/about/en/. During the course of this technical procedure, YouTube and Google gain knowledge of what specific sub-page of our website was visited by the data subject.

 

If the data subject is logged in on YouTube, YouTube recognizes with each call-up to a sub-page that contains a YouTube video, which specific sub-page of our Internet site was visited by the data subject. This information is collected by YouTube and Google and assigned to the respective YouTube account of the data subject.

 

YouTube and Google will receive information through the YouTube component that the data subject has visited our website, if the data subject at the time of the call to our website is logged in on YouTube; this occurs regardless of whether the person clicks on a YouTube video or not.If such a transmission of this information to YouTube and Google is not desirable for the data subject, the delivery may be prevented if the data subject logs off from their own YouTube account before a call-up to our website is made.

 

YouTube's data protection provisions, available at https://www.google.com/intl/en/policies/privacy/, provide information about the collection, processing and use of personal data by YouTube and Google.


11. Data protection provisions about the application and use of Vimeo

 

On this website, the controller has integrated components of Vimeo. Vimeo is an Internet video portal that enables video publishers to set video clips and other users free of charge, which also provides free viewing, review and commenting on them. Vimeo allows you to publish all kinds of videos, so you can access both full movies and TV broadcasts, as well as music videos, trailers, and videos made by users via the Internet portal.

 

The operating company of Vimeo is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

 

With each call-up to one of the individual pages of this Internet site, which is operated by the controller and on which a Vimeo component (Vimeo video) was integrated, the Internet browser on the information technology system of the data subject is automatically prompted to download a display of the corresponding Vimeo component. During the course of this technical procedure, Vimeo gains knowledge of what specific sub-page of our website was visited by the data subject.

 

If the data subject is logged in on Vimeo, Vimeo recognizes with each call-up to a sub-page that contains a Vimeo video, which specific sub-page of our Internet site was visited by the data subject. This information is collected by Vimeo and assigned to the respective Vimeo account of the data subject.

 

Vimeo will receive information through the Vimeo component that the data subject has visited our website, if the data subject at the time of the call to our website is logged in on Vimeo; this occurs regardless of whether the person clicks on a Vimeo video or not. If such a transmission of this information to Vimeo is not desirable for the data subject, the delivery may be prevented if the data subject logs off from their own Vimeo account before a call-up to our website is made.

 

Vimeo's data protection provisions, available at https://vimeo.com/privacy, provide information about the collection, processing and use of personal data by Vimeo.


12. Statutory or contractual provisions concerning the provision of personal data and the possible consequences of non-provision

 

Please note that in specific cases (e.g. tax regulations) the provision of personal data is prescribed by law or may result from contractual regulations (e.g. information concerning the contractual partner(s)). For instance, the conclusion of a contract may require the respective person/contractual partner to make available their personal data so that we can process their request (e.g. an order) in the first place. An obligation to provide personal data arises especially when concluding contracts. In such cases, a contract cannot be concluded with the person concerned if no personal data is provided. A data subject may contact our data protection officer or the data controller before providing personal data. The data protection officer or the controller shall then inform the data subject whether the provision of the required personal data is statutorily or contractually stipulated or is necessary for the contract’s conclusion, and whether the data subject's concerns give rise to an obligation to provide the personal data or what consequences the failure to provide the requested data will have for the data subject.


13. Existence of an automated decision-making process

 

As a responsible company, we refrain from automatic decision-making or profiling in our business relations.


14. Data protection provisions about the application and use of Kaltura

 

On this website, the controller has integrated components of Kaltura. The Kaltura Platform is a set of online hosted software (“SaaS”) tools for hosting, managing and distributing video content over the Internet.

 

The operating company of Kaltura is Kaltura, Inc., 250 Park Avenue South, 10th Floor, New York, NY 10003, UNITED STATES OF AMERICA.

 

When you interact with the Kaltura Platform through an Account Owner’s account, Kaltura collects your Personal Information. Examples of activities where you might interact with the Kaltura Platform include:

 

  • Viewing videos on the Internet provided from a Kaltura Platform account.
  • Uploading content to the Kaltura Platform.
  • Appearing on videos hosted on the Kaltura Platform.
  • Hosting and/or participating in live meetings or other forms of real-time communication through Kaltura’s products.
  • Using applications connected to the Kaltura Platform, logging in to applications connected to the Kaltura Platform, or downloading a Kaltura mobile application.
  • Interacting with the Kaltura APIs.
  • Opening a free trial account or other partner account for the Kaltura Platform or for individual Kaltura products.
  • Downloading a Kaltura application from sites like the Apple App Store and Google Play.
  • Interacting with Kaltura on behalf of an Account Owner (for example, if you are an Account Owner’s account or business administrator or a technical contact you may provide your contact information to Kaltura for service or billing purposes).

 

Please note the additional and detailed information about the type of personal data collected, and the way it is used in Kaltura's privacy policy, available at https://corp.kaltura.com/privacy-policy/#platform.


15. Newsletter

Newsletter data

If you would like to receive the newsletter offered on the website, we need an email address from you as well as information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter. Further data will not be collected or only on a voluntary basis. We use these data exclusively for sending the requested information and do not pass them on to third parties.

 

The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 para. 1 GDPR). You can revoke your consent to the storage of the data, the email address as well as its use for sending the newsletter at any time, e.g. via the "unsubscribe" link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

 

The data you have provided us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you have cancelled your subscription.

 

GetResponse

This website uses GetResponse for sending newsletters. Provider is GetResponse Sp.z o.o., ul. ARKONSKA 6/A3, 80-387 GEDANSK, Poland.

 

GetResponse is a service with which, among other things, the dispatch of newsletters can be organized and analyzed. The data you enter for the purpose of newsletter subscription will be stored on the servers of GetResponse.

 

Data analysis by GetResponse

When we send newsletters using GetResponse, we can determine whether a newsletter message was opened and which links were clicked if necessary.

 

GetResponse also allows us to divide the newsletter recipients according to different categories (so-called tagging). The newsletter recipients can be divided, for example, by gender, personal interests (e.g., games or visual effects) or their activity (e.g., student or professional). By doing so, we can better adapt the newsletter to the respective target groups and, for example, make targeted mailings to smaller groups. For further information, please visit: www.getresponse.de.

 

If you do not wish to have your data analyized by GetResponse, you must therefore unsubscribe from the newsletter. For this purpose, we provide a corresponding link in each newsletter message.