Privacy Policy
1. Controller Responsible for data processing within the meaning of the General Data Protection Regulation (GDPR) is:
Diversity Europe e.V., represented by the Board of Directors in accordance with § 26 BGB
Address: Pankratiusstraße 51, 44369 Dortmund, Germany
E-Mail: [email protected]
Diversity Europe e.V., represented by the Board of Directors in accordance with § 26 BGB
Address: Pankratiusstraße 51, 44369 Dortmund, Germany
E-Mail: [email protected]
A Data Protection Officer has not been appointed, as the legal requirements of § 38 BDSG are not met and no extensive regular monitoring of personal data takes place.
2. Storage of Information on the End Device (§ 25 TDDG)
Our website uses technologies (e.g., cookies or local storage) to store information on your end device or to access it.
- a) Technically necessary functions: These are required to ensure the basic functions of the website. Legal basis: § 25 Para. 2 No. 2 TDDG.
- b) Non-necessary functions: Functions for analysis, marketing, or tracking purposes, as well as the integration of external media, only take place with your express consent. Legal basis: § 25 Para. 1 TDDG.
The hosting provider automatically collects data in server log files every time the website is accessed. These include in particular:
- IP address in anonymized form, so that no personal reference can be established
- Date and time of access
- Browser type and version
- Operating system
- Referrer URL
Processing takes place to ensure technical security and stability. A data processing agreement pursuant to Art. 28 GDPR has been concluded with the provider.
Legal basis: Art. 6 Para. 1 lit. f GDPR.
Deletion: at the latest after 7-14 days.
b) Contact
Legal basis: Art. 6 Para. 1 lit. f GDPR.
Deletion: at the latest after 7-14 days.
If you contact us via email or contact form, your details will be processed to handle the request.
- For contractual or pre-contractual inquiries: Art. 6 Para. 1 lit. b GDPR.
- For other inquiries: Art. 6 Para. 1 lit. f GDPR (legitimate interest in communication). The data will be deleted as soon as the request has been conclusively processed and no statutory retention obligations exist.
We use external service providers to process donations and payments. These providers process personal data (e.g., name, payment data, amount) under their own data protection responsibility, whereby we do not receive complete payment data (e.g., credit card numbers) ourselves:
- PayPal: PayPal (Europe) S.à r.l. et Cie, S.C.A.
- WERO: EPI Company SE
- Visa: Visa Europe Services Inc.
- Mastercard: Mastercard Europe SA
- Klarna: Klarna Bank AB (publ)
Legal basis: Art. 6 Para. 1 lit. b GDPR.
Donation receipts and payment-relevant data are stored for 10 years in accordance with § 147 AO.
5. Newsletter and Performance Measurement
Donation receipts and payment-relevant data are stored for 10 years in accordance with § 147 AO.
By subscribing to our newsletter, you consent to its regular delivery and the statistical analysis of your usage behavior (e.g., opening and click rates via individualized tracking links). Registration takes place via the double opt-in procedure.
Legal basis: Art. 6 Para. 1 lit. a GDPR.
You can revoke your consent at any time via the unsubscribe link in the newsletter.
6. Social Media & Third-Party Platforms
Legal basis: Art. 6 Para. 1 lit. a GDPR.
You can revoke your consent at any time via the unsubscribe link in the newsletter.
Data transfer to the providers only takes place when the links are actively clicked.
- a) Facebook & Instagram (Meta): Provider: Meta Platforms Ireland Ltd.
Joint responsibility pursuant to Art. 26 GDPR for Page Insights data.
Details: https://www.facebook.com/legal/terms/page_controller_addendum - b) YouTube: Provider: Google Ireland Ltd. Privacy Policy:
https://policies.google.com/privacy?hl=en - c) TikTok: Provider: TikTok Technology Ltd. Privacy Policy:
https://www.tiktok.com/legal/page/eea/privacy-policy/en
Legal basis: Art. 6 Para. 1 lit. f GDPR (public relations) or Art. 6 Para. 1 lit. a GDPR (consent for embedded content).
7. Data Transfer to Third Countries
When using certain services, data may be transferred to third countries (in particular the USA). This takes place on the basis of:
- the EU-US Data Privacy Framework, provided the provider is certified (viewable at: www.dataprivacyframework.gov), and/or
- the Standard Contractual Clauses (SCC) of the EU Commission.
It cannot be ruled out that government agencies in the third country may obtain access to data without adequate legal remedies being available.
8. Rights of Data Subjects
According to Art. 15–21 GDPR, you have the right to:
- Information, rectification, deletion, and restriction of processing.
- Data portability.
- Objection to processing based on legitimate interests.
- Revocation of consent granted with effect for the future.
Right of complaint: You have the right to lodge a complaint with the competent supervisory authority:
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia (LDI NRW)
Kavalleriestraße 2–4 40213 Düsseldorf, Germany
Phone: +49 211/38424-0
E-Mail: [email protected]
Internet: www.ldi.nrw.de
9. Storage Duration and Data Security
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia (LDI NRW)
Kavalleriestraße 2–4 40213 Düsseldorf, Germany
Phone: +49 211/38424-0
E-Mail: [email protected]
Internet: www.ldi.nrw.de
Personal data will be deleted as soon as the purpose of processing ceases to apply and there are no statutory retention obligations (e.g., 10 years according to § 147 AO) to the contrary.
Our website uses TLS encryption for the security of data transmission.
Our website uses TLS encryption for the security of data transmission.
