data protection


1. Data protection at a glance
General information

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data are all data with which you can be personally identified. Detailed information on the subject of data protection can be found in our data protection declaration below this text.

Data collection on our website

Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. You can find their contact details in the legal notice of this website.

How do we collect your data?
On the one hand, your data is collected when you communicate it to us. This can be, for example, data that you enter in a contact form.

Other data are automatically recorded by our IT systems when you visit the website. This is mainly technical data (e.g. internet browser, operating system or time of the page view). This data is collected automatically as soon as you enter our website.

What do we use your data for?
Some of the data is collected in order to ensure that the website is error-free. Other data can be used to analyze your user behavior.

What rights do you have with regard to your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority.

2. General information and mandatory information
data protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

When you use this website, various personal data are collected. Personal data are data with which you can be personally identified. This data protection declaration explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of the data against access by third parties is not possible.

Note on the responsible body

The responsible body for data processing on this website is:

Donauschwäbisches Zentralmuseum Foundation
Schillerstrasse 1
89077 Ulm
Phone: +49(0)731 962540
Email: info@dzm-museum.de

The responsible body is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke your consent at any time. An informal e-mail to us is sufficient for this. The legality of the data processing carried out before the revocation remains unaffected by the revocation.

Right of appeal to the competent supervisory authority

In the event of violations of data protection law, the person concerned has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our foundation is based. A list of data protection officers and their contact details can be found at the following link:

www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

The state commissioner for data protection and
freedom of information in Baden-Württemberg
Dr. Stefan Brink
P.O. Box 10 29 32
70025 Stuttgart

or:

Koenigstrasse 10a
70173 Stuttgart
Phone: 07 11/61 55 41-0
Fax: 07 11/61 55 41-15
Email: poststelle@lfdi.bwl.de
Homepage: www.baden-wuerttemberg.datenschutz.de

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done if it is technically feasible.

Information, blocking, deletion

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, their origin and recipient and the purpose of the data processing and, if necessary, a right to correct, block or delete this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of personal data.

Objection to advertising mail

We hereby object to the use of the contact data published within the framework of the imprint obligation for sending unsolicited advertising and information materials. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam e-mails.

3. Data protection officer

The state commissioner for data protection and
freedom of information in Baden-Württemberg
Dr. Stefan Brink
P.O. Box 10 29 32
70025 Stuttgart

or:

Koenigstrasse 10a
70173 Stuttgart
Phone: 07 11/61 55 41-0
Fax: 07 11/61 55 41-15
Email: poststelle@lfdi.bwl.de
Homepage: www.baden-wuerttemberg.datenschutz.de

4. Data collection on our website
a) Transmission of the online content

purpose and data
For the purpose of transmitting the website you have accessed, your browser typically sends the following information (as the content of an HTTP request):

Your IP address, i.e. a sequence of numbers that identifies your current computer connection on the Internet, the website you are accessing, information about the browser and operating system you are using and cookies.

Our website also uses cookies, which serve to make our website more user-friendly, more effective and more secure. Cookies are small files that are stored on your data carrier and that save certain settings and data for the exchange between your browser and our system. Cookies also enable us to measure the frequency of page views and general navigation. We would like to point out that some of these cookies are transferred from our server to your computer system, mostly so-called “session cookies”. Session cookies are characterized by the fact that they are automatically deleted from your hard drive at the end of the browser session. Other cookies remain on your computer system and enable us to recognize your computer system on your next visit (so-called permanent or “persistent cookies”). You can of course refuse cookies at any time, provided your browser allows this. If you do not accept cookies, the functionality of our website may be restricted.

legal basis
The aforementioned data categories are required to transmit the content you have called up and to optimize the display. This processing takes place on the basis of our legitimate interest in transmitting the content to you upon your request.

Data transfer and access rights
The access rights are based on our respective internal authorization concept and the corresponding written order agreements with our service providers.

storage duration
The data will no longer be stored for this purpose after the transfer process has been completed (however, if necessary, for the following purposes, see below).

b) Securing our technical systems

Purpose and Categories of Data
In addition, the data categories already mentioned above are collected:

Your IP address, i.e. a string of numbers that identifies your current computer connection on the Internet, the website you are accessing, information about the browser and operating system you are using, such as their name and version of the same, and, if applicable, the page from which you came to us (so-called »referrer information«).

legal basis
The storage is based on our legitimate interest in being able to carry out an analysis in the event of errors in and attacks on our technical systems.
Data transfer and authorized access

The access rights are based on our respective internal authorization concept and the corresponding written order agreements with our service providers.

storage duration
The data described will be deleted within seven days if no security incident is detected, otherwise as soon as there is no further legitimate interest in further storage.

Your rights
In principle, there are rights to information and correction with regard to the aforementioned data categories. However, as a rule, the personal reference can primarily be established via the IP address. At the same time, we are required to ensure that the information is only given to actually authorized persons. In order to provide information, sufficient evidence must therefore be provided that the information relates to you.

c) Transmission to third party offers

Share function
Our websites contain plugins from the social network Facebook (Facebook Inc., 1601 Willow Road, Menlo Park, California, 94025, USA). These plugins show, for example, the Facebook logo or the “Like” button. The following link gives you an overview of all plugins of the social network Facebook: http://developers.facebook.com/docs/plugins/. (www.facebook.com/privacy/explanation),

We do not transfer data directly to the provider’s servers. You can visit the website of the Danube Swabian Central Museum Ulm on the platform, where you have the opportunity to find out more about activities and topics related to the DZM, to comment on and to exchange ideas with us and others. Your opinion is important to us – that’s why we look forward to constructive comments that contribute to an exciting dialogue.

As soon as you visit our Facebook page, the plug-in creates a direct connection between your browser and the Facebook server. That means: Facebook learns that our website has been accessed from your IP address. If you click on a Facebook button while you are logged into your Facebook account, you can, for example, link your Facebook profile to our pages. However, Facebook can also determine that you (a user known to Facebook) have visited our pages.

We expressly point out that we do not know which data is transmitted to Facebook in detail and how Facebook uses this data. If you do not want Facebook to be able to associate your user account with the use of our website, you should log out of your Facebook account while you are on our website.

Facebook’s privacy policy provides information on handling personal data on Facebook itself at: https://www.facebook.com/about/privacy

Embedded videos
Embedded videos from the YouTube portal are shown on our website. The operator of the website is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages equipped with a YouTube plug-in, a connection to the YouTube servers will be established. The YouTube server is informed which of our pages you have visited.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR.

You can find more information on handling user data in YouTube’s data protection declaration at: https://www.google.de/intl/de/policies/privacy

5. Other contacts

You can contact us by e-mail, fax, telephone and in person, for example to give us feedback, make inquiries or to register for events.

In this context, we store the content of your contact and your contact details in our data processing mostly on the basis of your consent or to prepare and carry out a legal transaction with you, in some cases also on the basis of our legitimate interest in the processing.

The data will be passed on if your request requires it and either results from the context or after consultation with you. If there are no other storage obligations and there is no further legitimate interest on our part in storage, we will delete the data after the respective process.