We process personal data that we have received from you or, if necessary, from publicly accessible sources as part of our foundation activities.

Personal data within the meaning of Art. 4 No. 1 GDPR can be: names, telecommunications data and address data. In addition, we also process offer, inquiry and order data, data from the fulfillment of our contractual obligations, product data, documentation data and other data comparable to the categories mentioned.

The provision of your personal data is necessary for the initiation, implementation and processing of the contractual relationship. If you do not provide it, it is unfortunately not possible for us to contact you in order to clarify pre-contractual or contractual questions.

Purpose and legal basis of processing

The processing of your personal data takes place in accordance with the legal provisions of the GDPR and the Federal Data Protection Act for the fulfillment of contractual obligations or for measures in accordance with the purposes of the foundation (Art. 6 Para. 1 S. 1 lit. b GDPR).

There is no automated decision-making.

Use and Disclosure of Personal Data

We only use the personal data for our own purposes in the course of the business relationship. If third parties are involved in work processes that would make it necessary to pass on your data for processing exclusively for this purpose, we apply the same high standards and oblige the third party to comply with data protection regulations as part of an agreement on order data processing in accordance with Art. 28 DSGVO .

A transfer to other third parties does not take place regularly.

Your data will not be processed in a third countryd such processing is also not planned.

Duration of storage

We process and store your personal data for the duration of our business relationship and at least in accordance with the statutory retention periods.

This data protection information applies to data processing on the website https://gerhard-rosenberg-stiftung.de/.

Which data are processed?

When visiting our website

When you access and visit our website, the browser used on your device automatically sends information to our website server. This information is temporarily stored in a so-called log file. The following information is recorded without any action on your part and stored until it is automatically deleted, usually after one week:

IP address of the requesting computer,
date and time of access,
name and URL of the retrieved file,
Website from which access is made (referrer URL),
Browser used and, if applicable, the operating system of your computer and the name of your access provider.

In addition, we use cookies, analysis services, other tools and plugins when you visit our website (see special information on cookies and analysis tools).

Purpose and legal basis of processing

When visiting our website

The data mentioned are processed by us for the following purposes:

Ensuring a smooth connection establishment of the website,
Ensuring comfortable use of our website,
Evaluation of system security and stability
Clarification of any abusive page access (DoS/DDoS attacks or similar) and
for other administrative purposes.

The legal basis for data processing is Art. 6 Para. 1 S. 1 lit. f GDPR. Our legitimate interest in data processing follows from the purposes listed above. As a rule, we do not use the collected data for the purpose of drawing conclusions about your person. We reserve the right to do so in the event that this becomes necessary in order to clarify abusive page access.

In addition, we use cookies and analysis services when you visit our website (see below, special information on cookies and analysis tools).

Sharing of Data

Your personal data will not be transmitted to third parties for purposes other than those listed below. We only pass on your personal data to third parties if and to the extent that:

you have given your express consent to this in accordance with Article 6 (1) sentence 1 lit.
the transfer according to Article 6 Paragraph 1 Sentence 1 lit. f GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
there is a legal obligation for the transfer according to Art. 6 Para. 1 S. 1 lit. c DS-GVO,
this is necessary for the processing of contractual relationships with you in accordance with Article 6 (1) sentence 1 lit. b GDPR, or
we use a contractually obligated and carefully selected processor for data processing within the meaning of Article 28 GDPR.

data security

Within the website visit, we use the widespread SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed representation of the key or lock symbol in the lower status bar of your browser.

We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.