I. General information

This declaration provides information on the protection of your personal data when you access the website of the Federal Working Group for Safety and Health at Work – Basi – and when you use other services.

Data protection serves to protect your personal data. Personal data is any information relating to an identified or identifiable natural person, e.g. name, address or your e-mail address. We try to process personal data as sparingly as possible when you visit our website. It is therefore generally possible to visit our website without having to disclose your identity to us. If you use the contact form or one of the email addresses provided on our website, for example, this requires you to disclose your identity to us. We cannot answer anonymous inquiries.

The responsible body for the website is

Federal Working Group for Safety and Health at Work (Basi) e.V.
Alte Heerstr. 111, 53757 Sankt Augustin

represented by the managing director: Dr. Christian Felten

We take the protection of your personal data and the laws serving this protection seriously. When you visit our website (www.basi.de) and its subpages, personal data is processed, the scope of which is explained below.

We place links on our website that take you to third-party websites. You can recognize this, for example, by the change in the address line of your browser. You will then leave our website. We have no influence on how your personal data is handled on these third-party websites and are not responsible for this.

II Data processing when you visit our website

Each time our website is accessed and each time a file is retrieved, access data about this process is stored in a log file.

This data set consists of:

• the name of the file the date and time of the request,
• of the page from which the file was requested,
• the amount of data transferred,
• the access status (file transferred, file not found, etc.),
• a description of the type of web browser and operating system used,
• the IP address of the client,
• Cookies that are set by the application.

Stored data is collected exclusively for statistical purposes.

This website uses cookies. Cookies are used to make the website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.

This website uses the following types of cookies, the scope and function of which are explained below:

• Transient cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
• Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in your browser’s security settings.

You can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies. We would like to point out that you may not be able to use all functions of this website.

III. web analysis service Matomo

1. scope of the processing of personal data

Our website uses Matomo (formerly Piwik), an open source software for the statistical analysis of visitor access. Matomo uses cookies that are stored on your computer and enable an anonymized analysis of your use of the website. It is not possible to draw conclusions about a specific person, as your IP address is anonymized immediately after processing and before storage.

2. legal basis for the processing of personal data

The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f GDPR.

3. purpose of data processing

Matomo is used for the purpose of improving the quality of our website and its content. This enables us to find out how the website is used and to constantly optimize our offering.

4. duration of storage, possibility of objection and removal

The cookies used by Matomo are stored on the user’s computer and transmitted by it to our website. As a user, you therefore have full control over the use of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically.

You can object to the storage and analysis of this data by Matomo at any time

You have the option of preventing the actions you take here from being analyzed and linked. This will protect your privacy, but will also prevent the owner from learning from your actions and improving usability for you and other users.

Your visit to this website is currently recorded by Matomo web analytics. Uncheck this box to opt-out.

. In this case, a so-called opt-out cookie is permanently stored in your browser, which causes Matomo not to collect any data for storage and analysis. However, if you delete this cookie intentionally or unintentionally, the objection to data storage and analysis will also be revoked and can be renewed via the above link.

 

Alternatively, most modern browsers have a so-called “Do Not Track” option, with which they tell websites not to track your user activities. Matomo respects this option.

IV. Website analysis

On our website we use 1&1-WebAnalytics, a web analysis service of 1&1 Internet SE, Elgendorfer Straße 57, 56410 Montabaur, Germany. (“1&1”).

1&1 uses its 1&1-WebAnalytics service to evaluate user behavior via our websites and logs the usage data mentioned under 2. According to 1&1, cookies are not used in this process. The information about your use of our websites is generally transmitted to a 1&1 server and stored there in anonymized form. 1&1 compiles anonymous reports on website activity using the usage data collected. According to 1&1, your IP address is also anonymized by 1&1-WebAnalytics and only processed further in abbreviated form in order to exclude any reference to your person. We have no influence on this processing.

You can find more information on how 1&1-WebAnalytics works at http://hilfe-center.1und1.de/hosting/online-marketing-c10085303/1und1-webanalytics-c10082682/vorteile-von-1und1-webanalytics-a10784875.html.

The legal basis for the use of 1&1 WebAnalytics is Art. 6 para. 1 sentence 1 lit. f GDPR.

V. Newsletter

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter.

We use the so-called double opt-in procedure to ensure that the newsletter is sent by mutual agreement. This involves the potential recipient being added to a mailing list. The user then receives a confirmation e-mail to confirm the registration in a legally secure manner. The address will only be actively included in the mailing list if confirmation is given.

We use this data exclusively for sending the requested information and offers.

Newsletter2Go is used as the newsletter software. Your data will be transmitted to Sendinblue GmbH. Sendinblue GmbH is prohibited from selling your data and using it for purposes other than sending newsletters. Sendinblue GmbH is a German, certified provider that has been selected in accordance with the requirements of the General Data Protection Regulation and the Federal Data Protection Act.

You can find more information here: en.sendinblue.com/information-newsletter-recipients

You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the “Unsubscribe” link in the newsletter.

The data protection measures are always subject to technical updates, which is why we ask you to inform yourself about our data protection measures at regular intervals by consulting our privacy policy.

The legal basis for the processing is Art. 6 para. 1 sentence 1 lit. f GDPR.

VI Ticket ordering and user account (registration)

You have the option of ordering tickets via our website. In this case, we use the contact details and transaction data you provide us with to process your order and for further contract processing. The legal bases are Art. 6 para. 1 sentence 1 b) and f) GDPR. Transaction data is the data on the products you have ordered (product information, prices) as well as payment data, billing and delivery address and information on the shipping method. Your data may also be passed on to third parties as part of order processing (e.g. for payment, shipping), e.g. external service providers for the ordering process, credit institutions, credit card companies and other payment service providers, parcel services and collection agencies, whose use is necessary for contract processing because we cannot provide these services ourselves.

As a rule, we only collect the necessary data, which we mark accordingly. If we collect further data, this is only done with your consent.

If you open a user account with us, this is also done on a voluntary basis. We will then process your data on the basis of your consent.

The legal basis in the case of consent is Art. 6 para. 1 sentence 1 lit. a GDPR. You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Your data will be deleted after the contract has been processed, unless we have the right to continue storing the data for another reason or this is necessary due to statutory retention obligations.

VII. Newsletter

If you wish to subscribe to our newsletter, we need your e-mail address and confirmation that you are the owner of the e-mail address provided and that you agree to receive the newsletter.

We use the so-called double opt-in procedure to subscribe to our newsletter. This means that after you have registered, we will send you an e-mail to the e-mail address you have provided in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within [24 hours], your information will be blocked and automatically deleted after one month. In addition, we store the IP addresses you use and the times of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data.

Your data is only collected for the purpose of sending you the newsletter and to document our authorization to do so. The provision of further data is voluntary and is used to be able to address you personally. The data will not be passed on to third parties. You can revoke your subscription to the newsletter and your consent to the storage of your e-mail address at any time, e.g. by clicking on the link provided in every newsletter e-mail. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. The legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR.

We use Newsletter2Go, a service provided by Newsletter2Go GmbH, Marie-Elisabeth-Lüders-Str. 1, D-10625 Berlin, Germany, to send our newsletter. The provider is based in Germany and is therefore subject to the data protection regulations applicable in Germany.

Information from the third-party provider: This is a service provider with audited data protection management. The proof was provided by a data protection audit. The audit report no. 63006418-01 version 1.0 is part of this certificate. The effectiveness of the audited process is regularly monitored by TÜV Rheinland i-sec GmbH. You can find more information at https://www.newsletter2go.de/hilfe/sicherheit-und-datenschutz

VIII Social media

We have integrated YouTube videos into our online offering, which are stored on http://www.YouTube.com and can be played directly from our website. [These are all integrated in “extended data protection mode”, i.e. no data about you as a user is transferred to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in paragraph 2 be transmitted. We have no influence on this data transfer].

When you visit the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned in the “Social Media” section of this statement will be transmitted. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your YouTube profile, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

Further information on the purpose and scope of data collection and its processing by YouTube can be found in the privacy policy. There you will also find further information on your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

The legal basis for the use of YouTube is Art. 6 para. 1 sentence 1 lit. f GDPR.

IX. Rights of the data subjects

On request, we will provide you with information free of charge about the status of the personal data collected about you and about the further processing of this data in accordance with the legal requirements. For example, we will correct, block or delete some or all of your personal data in accordance with legal requirements:

1. Right to information (Art. 15 GDPR)

The right to information gives you access to the data concerning you or its categories and some other important criteria, such as the processing purposes or the duration of storage. Please note that your right to information may be restricted under certain circumstances in accordance with the statutory provisions (e.g. Section 34 BDSG).

2. Right to rectification (Art. 16 GDPR)

If the data concerning you is not – or no longer – accurate, you can request rectification under the conditions of Art. 16 GDPR. If your data is incomplete, you can request that it be completed.

3. Right to erasure (Art. 17 GDPR)

You can request the erasure of your personal data under the conditions of Art. 17 GDPR. Your right to erasure may be restricted, for example, by the fact that we still need the data to fulfill statutory retention obligations. If we have made your personal data public, you may also have a “right to be forgotten”. You can request that we take proportionate measures to inform other controllers of your request for erasure. Please note that your right to erasure may be restricted under certain circumstances in accordance with the statutory provisions (e.g. Section 35 BDSG).

4. Right to restriction of processing (Art. 18 GDPR)

Under the conditions of Art. 18 GDPR, you can request the restriction of processing. We mark your stored personal data with the aim of restricting its future processing. You can refer to this right, for example, in the review phase of other rights.

5. Right to information (Art. 19 GDPR)

In the event that rights are exercised, we will inform all recipients of the rectification, erasure or restriction of processing in accordance with the requirements of Art. 19 GDPR. We will inform you about these recipients on request.

6. Right to data portability (Art. 20 GDPR)

You have the right to receive the personal data concerning you from us in a commonly used, machine-readable format under the conditions of Art. 20 GDPR. In addition, you may request direct transfer to another controller, provided this is technically feasible.

7. Right to object – Art. 21 GDPR

In a special situation, you have the right to object to the further processing of your personal data in accordance with Art. 6 para. 1 lit. e or f GDPR. We will cease processing unless a legal exception applies. For example, we may continue processing if there are compelling legitimate grounds that outweigh your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

You can reach us in the following ways:

Federal Working Group for Safety and Health at Work (Basi) e.V.

Alte Heerstr. 111
53757 Sankt Augustin

Phone: +49 2241 231-6000
Fax: +49 2241 231-84 6000

E-Mail: Info@basi.de

You can also contact the supervisory authority with a complaint. The authority responsible for us is

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia

Kavalleriestr. 2-4
40213 Düsseldorf

Phone: 0211/38424-0
Fax: 0211/38424-10

E-mail: poststelle@ldi.nrw.de

Status: February 2021