Dataprotection Notice

Unofficial translation. The German version is valid.
Thank you for visiting our website and for your interest in our project. We respect your privacy and guarantee the protection of your personal data by processing your personal data in accordance with the content of this data protection regulation and the applicable data protection laws.

The protection of your privacy when processing personal data is an important concern for us.

Responsible:
Arms Information Centre (RIB e.V.)
Stühlinger Str. 7
79106 Freiburg

Logfiles
Our hosting provider raises data about every access to the server on which this service is located (so-called server log files) on the basis of our legitimate interests in the sense of GDPR§6(1)(f). The access data includes the name of the website accessed, files accessed, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited site), IP address and the requesting provider.
For security reasons (e.g. to clarify misuse or fraud), log file information is stored for a maximum period of 14 days and then deleted. Data whose further storage is required to give evidence is excluded from deletion until the respective incident has been finally clarified.
We cannot offer you the option to object to this collection, as the server protocol is essential to ensure the readiness of this website and in case of attacks on the website.

We ourselves store the following:
If our website is accessed by unregistered access:
The application that runs this site („WordPress“ + plugins) stores some access methods to this website for up to 14 days. Logged are incorrect login attempts, access attempts to access non-existent content and blocking of IP addresses from incorrect login attempts. So during a „regular“ visit to this website, usually nothing about your person is stored.

A web analysis system is currently not in use. Further information may be listed separately at a later point.
Registered users will be informed separately about deviating log files.

Contact

You can enter your personal data on our website to contact us. Only the information under the data marked with „mandatory field“ is mandatory. Providing further data may be helpful for processing your request, but is not mandatory (voluntary information). With your consent, this data will be used and stored exclusively for the purpose of processing your message (GDPR §6(1)(a)). It will not be used for other purposes or passed on to third parties unless you expressly agree to this (consent).

We will delete the inquiries as long as they are no longer necessary. We check the necessity every three months; furthermore, the legal archiving obligations apply.

Personal data

Personal data are data about your person. This includes your name, your address and your email address. You do not have to disclose any personal data to visit our website. In some cases, we need your name, address and other information to provide you with the requested service.

The same applies in the event that we supply you with information material on request or if we are to answer your inquiries. In these cases we will always point this out to you. Furthermore, we only store the data that you have automatically or voluntarily provided us with.

If you use one of our services, we generally only collect the data that is necessary to provide you with our service. It is possible that we may ask you for further information, but this is voluntary. Whenever we process personal data, we do so in order to provide you with our service or to pursue our commercial goals.

Collaboration with Third Parties

 If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transfer it to them or otherwise grant them access to the data, this is only done on the basis of a legal authorization (e.g. if a transfer of the data to third parties, such as payment service providers, is necessary for the performance of the contract in accordance with GDPR §6(1)(b), if you have consented, if a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).

If we commission third parties to process data on the basis of a so-called „contract processing agreement“, this is done on the basis of GDPR §28.

Google Maps

The Provider uses the component „Google Maps“ of the company Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter „Google“, for directions to the location.
Google is certified according to the „EU-US Privacy Shield“ and thus guarantees compliance with the data protection regulations of the EU when processing data in the USA.
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
When the „Google Maps“ component is called up, Google sets cookies in order to process user settings and data when displaying the page and the associated functions on which the „Google Maps“ component is integrated. It cannot be ruled out that external Google servers in the USA may be used for this purpose. 

The legal basis for this is GDPR §6(1)(f). The provider has a legitimate interest in optimizing the functionality of the website.
Through the connection Google can recognize from which website an inquiry is sent and to which IP address the representation of the approach is transmitted. 

If the user does not agree with this processing, it is possible to prevent the installation of cookies by adjusting the browser settings accordingly. For further details, please refer to the „Cookies“ section above.

The use of „Google Maps“ and the information obtained via „Google Maps“ is subject to the Google Terms of Use (https://www.google.de/accounts/TOS) and the additional terms and conditions (https://www.google.com/intl/de_de/help/terms_maps.html) for Google Maps.
Google offers further information, in particular on the possibilities of preventing the use of data, under the following links:
https://policies.google.com/privacy
https://adssettings.google.com/authenticated

We have no influence on the further processing and use of the data by Google and therefore cannot accept any responsibility for this.

If you do not want Google to collect, process or use data about you via our website, you can deactivate JavaScript in your browser settings. In this case, you will not be able to use the map display and possibly other functions as intended.

PayPal

Donation buttons of the service PayPal are integrated. If you have a PayPal account and would like to make a donation, this is possible by clicking on the appropriate button. By using the PayPal donation button a connection between your browser and the PayPal server is established. PayPal receives the information that you have visited our site with your IP address. Paypal collects the payment information you enter to process the payment (https://www.paypal.com/de/webapps/mpp/ua/privacy-full). For the payment the terms and conditions and the privacy policy of PayPal apply, which are available within the respective websites or transaction applications. For the assertion of rights of affected parties against PayPal, we refer to PayPal’s privacy policy, which can be found under the aforementioned link.

We use PayPal as an external payment service provider on the basis of our legitimate interest according to Art. 6 para. 1 lit. b. GDPR to offer our donors a simple and secure payment option.

The data processed by PayPal includes inventory data, such as name and address, bank data, such as account or credit card numbers, passwords, TANs and checksums, as well as the donation amount and recipient related data. This information is required to complete the transactions. However, the data entered is only processed by the payment service providers and stored by them. This means that we do not receive any account or credit card related information, but only the information of the confirmation of the payment.

At the same time, we store the following data entered by you (name, address, amount and purpose of donation) for the purpose of issuing a donation receipt.

Antispam-Bee

Even if the comment function is currently disabled, the security plugin Antispam-Bee is active. This analyzes comments if necessary and also uses the IP address of the commenter.

Page of the provider: https://de.wordpress.org/plugins/antispam-bee/

Cookies

When you visit our website, we may store information on your computer in the form of cookies. Cookies are small files that are transferred from an Internet server to your browser and temporarily stored on its hard drive. Only the Internet Protocol address is stored – no personal data. This information, which is stored in the cookies, makes it possible to automatically recognize you the next time you visit our website, which makes it easier for you to use the site.

Of course you can also visit our website without accepting cookies. If you do not want your computer to be recognized on your next visit, you can also refuse the use of cookies by changing the settings in your browser to „refuse cookies“. You will find the respective procedure in the operating instructions of your browser. If you refuse the use of cookies, however, the use of some areas of our website may be restricted.

Security

We have taken technical and administrative security measures to protect your personal data against loss, destruction, manipulation and unauthorized access. All persons involved as well as all service providers working for us are bound to the valid data protection laws.

Whenever we collect and process personal data, it is encrypted before it is transferred. This means that your data cannot be misused by third parties. Our security precautions are subject to a continuous improvement process and our privacy policy is constantly being revised. Please make sure that you have the latest version.

Your Rights

You have the following rights toward us with regard to the personal data concerning you:

– Right of revocation according to GDPR §7(3)
– Right to information according to GDPR §15
– Right of correction according to GDPR §16
– Right to deletion (right to be forgotten) according to GDPR §17
– Right to limit processing in accordance with Art. 18 GDPR §18
– Right to data transferability according to GDPR §29
– Right to object to processing in accordance with GDPR §21

You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

Changes to our data protection and privacy policy

We reserve the right to change our privacy policy if new technologies make this necessary. Please make sure that you have the latest version.

Version: 12. Nov.