Data Privacy Statement
We are pleased that you have visited our website. The protection of your personal data is an important concern for us, and we want you to feel secure when visiting our website. We shall protect your privacy and your personal data. We shall process your personal data in conformity with the content of this Data Privacy Statement, the country-specific data protection provisions applicable to us and the General Data Protection Regulation (»GDPR«).
We provide you below with an overview of which information we collect during your visit to our websites and how this is used:
1. Name and address of the controller
As the operator of the website www.adk-bw.de, Die Akademie für Darstellende Kunst Baden Württemberg GmbH, Akademiehof 1, D-71638 Ludwigsburg, Germany, (“we”) is the controller within the meaning of the GDPR and other country-specific data protection provisions.
2. Data protection officer
If you have any concerns relating to data protection law, you may at any time contact our data protection officer at:
D 71711 Murr
3. Personal Data
Personal data is any information that relates to an identified or identifiable natural person; a natural person is regarded as identifiable if he/she can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more particular characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.
Personal data will also include information about your use of our website. Normally, this is brought about by using log files or cookies. Further information on log files and cookies can be found further below.
4. Purpose of use and personal data concerned
The scope and nature of the collection, processing and use of your data will depend upon whether you visit our website merely for obtaining information generally available or make use of services beyond this.
a) Use for information purposes
In principle, you do not need to provide personal data in order to use our website for merely information purposes. In this case, when you access our websites, we shall, rather, only collect the data possibly automatically transferred to us by your Internet browser, such as for example:
- the referrer (the website visited beforehand)
- the website or file requested
- the browser type and version
- the operating system used
- the type of device used
- the time of access
- the IP address in anonymised form (the IP address will be used only to determine the place of access)
In this respect, the IP address of your computer will be stored in so-called log files only for the duration of your use of the website and will then be immediately erased or be anonymised by truncation. The remaining data will be stored for a limited period. We shall use this data for the operation of our website, in particular in order to find and eliminate faults in the website, determine the degree of utilisation of the website and carry out adaptations or improvements.
b) Using our website for utilising further services
If you utilise further services of our company via our website, you may possibly have to provide personal data for this. Your data will, in this respect, be processed exclusively for the purpose of rendering the service desired by you.
Personal data that you enter via a form on the websites of the Akademie für Darstellende Kunst Baden-Württemberg GmbH will be used to establish contact with you and to provide you with the desired information and answers.
As an international company, all our employees are dependent on having the same level of knowledge. For this reason, we transmit customer data to our branches, representatives, distributors and suppliers of commercial products as far as this is necessary in individual cases. Beyond that, no personal data will be transferred to third parties.
7. Data security
All information that you transfer to us will be stored on servers within the European Union. By means of technical and organisational measures, we shall secure our website and other systems against your data being lost, destroyed, accessed, altered or disseminated by unauthorised persons. In particular, your personal data is transmitted in encrypted form by us. We use the TLS 1.2 coding system (Transport Layer Security).
8. web analysis by Matomo (formerly PIWIK)
On our website we use the open source software tool Matomo (formerly PIWIK) to analyze the surfing behavior of our users. The software sets a cookie on the user’s computer (for cookies see above). If individual pages of our website are accessed, the following data is stored:
- The website accessed
- The website from which the user accessed the requested web page
- The subpages called from the called web page
- The time spent on the website
- Frequency of a call of a site
- Two bytes of the IP address of the calling system of the user
The software runs exclusively on the servers of our website. A storage of the personal data of the users takes place only there. The data will not be passed on to third parties.
The software is set so that the IP addresses are not stored completely, but 2 bytes of the IP address are masked (e.g.: 192.168.xxx.xxx). In this way, it is no longer possible to assign the shortened IP address to the calling computer.
9. Our Social Media Presences / Data Processing through Social Networks
We maintain publicly accessible profiles on social networks. The social networks we use in detail can be found below.
Social networks such as Facebook etc. can usually analyze your user behavior comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media sites triggers numerous processing processes relevant to data protection. In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your terminal device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-related advertising can be displayed inside and outside the respective social media presence. If you have an account with the respective social network, interest-related advertising can be displayed on all devices on which you are logged in or were logged in.
10. legal basis
Our social media sites are designed to ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. The analysis processes initiated by the social networks may be based on different legal bases, which must be stated by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a DSGVO).
Person responsible and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing processes triggered during this visit. You can assert your rights (information, correction, deletion, restriction of processing, data transferability and complaint) both against us and against the operator of the respective social media portal (e.g. Facebook).
Please note that despite our joint responsibility with the social media portal operators, we do not have full influence on the data processing procedures of the social media portals. Our options are largely based on the corporate policy of the respective provider.
The data collected directly by us via the social media presence is deleted from our systems as soon as the purpose for its storage no longer applies, you request us to delete, your consent to storage revoke or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected.
Social networks in detail
11. Your Rights
You have the right:
- to obtain, free of charge, information on the personal data stored by us concerning you (right of access to information)
- to demand confirmation of whether we process personal data concerning you (right to confirmation)
- to demand that we erase, without delay, the personal data concerning you insofar as processing of this data is no longer necessary, and the further prerequisites for erasure under the GDPR are met (right to erasure)
- to demand that incorrect personal data concerning you be rectified and completed (right to rectification)
- to demand that the processing of your personal data be restricted (right to restriction of processing)
- to receive in a structured, commonly used and machine-readable format the personal data concerning you (right to data portability)
- to object to the processing of your personal data (right to object)
- You have the right not to be subject to a decision that is based solely on automated processing, including profiling, and has legal effect on you or impairs you in a similar manner (right to decide in individual cases)
- to at any time, with effect for the future, revoke your consent to the processing of your personal data
- to lodge a complaint with the supervisory authority competent for data protection if you are of the opinion that the processing of the personal data concerning you violates the GDPR (right to lodge a complaint)
For further information on your rights, please contact our data protection officer.
12. Erasure and blocking of personal data after the intended purpose has been fulfilled
We process and store personal data only as long as necessary for fulfilling the intended purpose, but for no longer than until the statutory retention and storage periods expire. Once the intended purpose has been fulfilled, and the statutory retention and storage periods have expired, the personal data will be erased or blocked in accordance with the provisions of data protection law.
13. Right of complaint
The competent lead supervisory authority for data protection pursuant to Art. 56 GDPR in the case of any complaints is the data protection officer for data privacy and freedom of information Baden-Württemberg Dr. Stefan Brink
D 70173 Stuttgart
Postfach 10 29 32
D 70025 Stuttgart