Privacy in the first place

Responsible for the data processing on this website is the

KOMM MIT
gemeinnützige Gesellschaft für internationale Jugend-, Sport- und Kulturbegegnungen mbH

Pützchens Chaussee 202
53229 Bonn
Germany

Phone: +49 228 97724-0
Fax: +49 228 97724-24
Mail: [email protected]

You can contact our data protection officer as follows:

KOMM MIT
gemeinnützige Gesellschaft für internationale Jugend-, Sport- und Kulturbegegnungen mbH

Pützchens Chaussee 202
53229 Bonn

Phone: +49 228 97724-11
Mail: [email protected]

You are also welcome to send any questions or comments about this privacy policy to this person.

In order to use our website, it is generally not necessary for you to provide us with personal data, such as your name or e-mail address. However, we collect, process and store personal data in the following cases:

A) Data collected automatically when visiting the website

When you visit our website, your computer’s browser automatically sends data and technical information to our website server. The following information is temporarily stored in a so-called log file until automatic deletion: IP address of your computer, name and URL of the accessed file, access status/HTTP status code, the browser of your computer.
We collect and use this information to enable the user to connect smoothly to our website, to continuously improve our website and for (network) security and stability purposes.
The legal basis for the temporary storage is Art. 6 (1) lit. f GDPR. Our legitimate interest follows from the aforementioned purposes. Under no circumstances will this data be used to draw conclusions about your person. This data is not stored together with other personal data.
In addition, we use cookies when you visit our website. You can find more information on this under point 4.

B) Use of our contact form

You can contact us with questions of any kind using the form provided on the website. In addition to salutation, first name and surname, a valid e-mail address is required so that we know who the enquiry is from and can answer it. Further information can be provided voluntarily.
Data processing for the purpose of contacting us is carried out in accordance with Art. 6 (1) 1 lit. a GDPR on the basis of your voluntarily given consent.

C) Subscription to our newsletters

You have the possibility to register for our newsletter on our website. To receive newsletters, it is sufficient to provide a valid e-mail address. Further information can be provided voluntarily. For your security, registration takes place according to the double opt-in procedure. This means that we will first send you an e-mail to this address after receiving your e-mail address. Your newsletter subscription will only become active when you click on the confirmation link contained in this email. This procedure prevents you from being registered against your will.
The personal data you provide when registering will be stored in the Salesforce Salescloud. In addition, your personal data will also be transferred to the Salesforce Marketing Cloud in order to carry out personalised advertising via email, on our social media channels and via Google Ads on other websites you visit. The processing will take place until you withdraw your consent. The data will be used exclusively by us. Under no circumstances will your data be sold to third companies, persons or institutions.
Data processing for the purpose of sending the newsletter is carried out in accordance with Art. 6 (1) 1 lit. a GDPR und § 7 (3) UWG on the basis of your voluntarily given consent. Consent can be revoked at any time with effect for the future. In every e-mail you receive from us, there is a link provided for this purpose. Alternatively, you can also send your revocation at any time by e-mail to[email protected]. The revocation will result in your email address being deleted from the mailing list.

D) Contact via LiveChat

You have the possibility to contact us via LiveChat on the website. In addition to first and last names, a valid e-mail address is required so that we know who the enquiry is from and so that we can answer it. We use the service of LiveChat, Inc. (One International Place Suite 1400 Boston, MA 02110-2619 United States of America) for our LiveChat.
The following data is collected when using the service:

• Name
• E-mail address
• Static IP address
• Time and date of the chats
• Chat content data
• Uploaded files
• Country and geolocation

We process the information you provide during the chat to process your request.
Data processing for the purpose of contacting us is carried out in accordance with Art. 6 (1) 1 lit. a GDPR on the basis of your voluntarily given consent.

E) Links to other websites and social media

Some of our online services also have links to websites that are not operated by KOMM MIT. If you visit such websites, you should observe the applicable data protection provisions and other notices, as our data protection declaration does not apply to them, but these sites are subject to the data protection provisions of the respective third-party provider.
Our online services may also contain providers of other apps, programmes, widgets and plug-ins, such as Facebook’s “Like” button. These providers may also use automated processes to collect data about your usage. In this case, data collection and use is carried out according to the respective providers’ own guidelines.

F) Contact via WhatsApp

It is possible that you contact us via WhatsApp. WhatsApp Inc. is a company of Facebook Inc. and is suspected of sharing user data with it to an unauthorised extent. These can potentially contribute to profiling by Facebook. If you are afraid of these concerns, we do not recommend communicating with us via WhatsApp. There is of course the possibility to contact us in a data protection compliant manner by post, telephone or e-mail ([email protected]). If you nevertheless contact us via WhatsApp, this constitutes a voluntarily granted consent according to Art. 6 (1) 1 lit. a GDPR. You can find out more about WhatsApp’s data processing conditions here.

G) Use of Salesforce

Data that you provide to us via our website (e.g. in forms for bookings, newsletter registration, as part of a competition) is currently stored in the Salesforce Sales Cloud (salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich) on servers in Germany and France (or generally in the EU).
We use the Salesforce Marketing Cloud to send our newsletters, for automated mailings (e.g. welcome mailings) as well as for advertising campaigns on social networks and online advertising on other websites For this purpose, the newsletter subscriber’s data is transferred from the Sales Cloud to the Marketing Cloud. Salesforce Marketing Cloud data is stored and processed on Salesforce servers in the USA. Salesforce commits itself with binding internal data protection regulations in accordance with Art. 46 (2) lit. b and Art. 47 GDPR (so-called binding corporate rules) to maintain an adequate level of data protection even when processing data outside the European Union. With the help of so-called web beacons and pixels, we receive information about the click behaviour of users via the Marketing Cloud. Interaction data is stored in the Marketing Cloud directly on the user so that we can send you targeted advertising via the AdStudio, e.g. also via social networks. If you do not want this, you have the option of turning off personalised advertising in your account settings on the social networks. In addition, you can use a different email address for the newsletter or registration with us than the one for your social media accounts.
The data in Salesforce Salescloud and Salesforce Marketing Cloud is used exclusively by us. Under no circumstances will your data be sold to third companies, persons or institutions.
The processing of your data in the Salesforce SalesCloud is based, where relevant, on our legitimate interest in using a CRM system in accordance with Art. 6 (1) 1 lit. f GDPR, otherwise based on your consent in accordance with Art. 6 (1) 1 lit. a GDPR.
The processing of your data in the Salesforce MarketingCloud is based on your consent in accordance with Art. 6 (1) 1 lit. a GDPR.

Anonymous session cookies are sometimes used on our website. Cookies are small text files that are stored locally in the cache of your browser during your visit to our website until the session is ended (closing the browser). These cookies are used to make the website more user-friendly and to display it properly in your browser.
The cookies enable the recognition of the internet browser. Through the use of these cookies, no personal data is stored or linked to your personal user data.
Most browsers are set to accept cookies automatically. However, you can deactivate the storage of cookies or set your browser so that it informs you as soon as cookies are sent.

Our websites use Google Analytics, a web analytics service provided by Google (for users within the EU: Google Ireland Limited, Gordon House Barrow St, Dublin 4, Ireland; otherwise: Google LLC 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter: Google). We have concluded an order processing agreement with Google for this purpose. Google and, if applicable, US authorities can access the data stored by Google. Google Analytics uses cookies. The information generated by the cookies about your use of this website is transmitted to a Google server in the USA and stored there.

We use the function ‘anonymizeIP’ (so-called IP masking). Due to the activation of IP anonymisation on this website, your IP address will be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. In exceptional cases, the full IP address is transferred to a Google server in the USA and shortened there.

On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, and compiling reports on website activity. The reports provided by Google Analytics are used to analyse the performance of our website and the success of our marketing campaigns. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

You can also revoke your consent at any time with effect for the future by calling up the cookie settings and changing your selection there.

The legal basis for the processing of your data is your consent in accordance with Art. 6 (1) 1 lit. a GDPR.
The data sent by us and linked to cookies are automatically deleted after 14 months. The deletion of data whose retention period has been reached takes place automatically once a month.

For more information on the terms of use of Google Analytics and Google’s data protection policy, please visit https://marketingplatform.google.com/about/analytics/terms/de/ and https://policies.google.com/?hl=de.

Your data will only be passed on to third parties if this is necessary and legally permissible, if you have previously expressly consented to a transfer or if we are legally obliged to do so.

If you provide us with personal data as part of an explicit consent, this data will only be used for the purpose on which the consent is based and to which you have agreed in advance. You can revoke your consent at any time with effect for the future.

Your personal data will be processed and stored for as long as and to the extent necessary for the purposes stated in this notice. After these purposes have been fulfilled, the data is regularly deleted. Deletion does not take place if further processing for a limited period is necessary to comply with statutory retention periods or for documentation and evidence purposes within the framework of statutes of limitation.

We attach great importance to the security of our data processing systems and website. That’s why we use modern data storage and security techniques to protect your data in the best possible way. Of course, our security measures are continuously improved in line with technological developments.

If you contact us by e-mail, we would like to point out that e-mails can be read or changed unauthorised and unnoticed during transmission. In addition, we use software to filter unsolicited e-mails (spam filter). This spam filter can reject e-mails if they are incorrectly identified as spam mail due to certain characteristics. If you wish to send us confidential information, we therefore recommend that you send it by post or fax.

Insofar as our website also contains links to external websites of third parties over whose content we have no influence, but which we nevertheless make available for use as “third-party content”, we cannot assume any liability for this third-party content due to our lack of influence. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Illegal contents were not recognisable at the time of linking. However, a permanent control of the contents of the linked pages is not possible without concrete indications of a violation of the law. If we become aware of any infringements of the law, we will remove such links immediately.

You are entitled to request information about your stored personal data at any time (Art. 15 GDPR). Furthermore, you have the right to request that incorrect data about you be corrected or incomplete data be completed (Art. 16 GDPR).

If the legal requirements are met, you also have the right to request the deletion or restriction of processing (blocking) of personal data (Art. 17 and 18 GDPR).

Furthermore, according to Art. 21 GDPR, you have the right to object to data processing at any time for reasons arising from your particular situation, provided that this is done to protect our legitimate interests.

To exercise your rights, you can contact us in writing, by fax or by e-mail. We would like to point out at this point that, in order to process an application and for identification purposes, we may use your personal data in accordance with Art. 6 (1) lit. f GDPR.

You also have the right to complain to a supervisory authority under Art. 77 GDPR if you believe that the processing of your personal data is not lawful. This can be done, for example, with the supervisory authority responsible for us:

State Commissioner for Data Protection and
Freedom of Information North Rhine-Westphalia
Kavalleriestr. 2-4 2-4
40213 Düsseldorf

Status of this data protection notice: May 2021