Company contact details:
Giessen School of Theology (FTH)
Phone: +49 (0) 641 979700
E-mail: info@fthgiessen.de
Carried by:
Funding Association for Evangelical Theology and Education (FTA) e.V.
Rathenaustr. 5-7, 35394 Gießen, Germany
Board members (FTA e.V.)
- Irmgard Heitmann, Chairperson
- Matthias Hennemann, 1. Vice-Chairman
- Brigitte Bieber, 2. Vice-Chairman
Statutory Data Protection Officer:
Dipl.-Ing. Lars Ebertz
on behalf of L-E-C.COM GmbH
Ober den Wiesen 17, 35756 Mittenaar
E-mail: lars@ebertz-datenschutz.de
Privacy Policy
1. Data protection at a glance
General Notes
The following notes provide a simple overview of what happens to your personal information when you visit this website. Personal data is all data with which you can be personally identified. Detailed information on data protection can be found in our privacy policy below this text.
Data collection on this website
Who is responsible for the data collection on this website?
The data processing on this website is carried out by the website operator. Your contact details can be found in the imprint of this website.
How do we collect your data?
On the one hand, your data is collected by providing us with it. For example.B data that you enter in a contact form.
Other data is collected automatically or with your consent when visiting the website by our IT systems. These are mainly technical data (e.B. Internet browser, operating system or time of page view). This data is collected automatically as soon as you enter this website.
What do we use your data for?
Some of the data is collected to ensure that the website is provided without errors. Other data may be used to analyze your user behavior.
What rights do you have with respect to your data?
You have the right at any time to receive information free of charge about the origin, recipient and purpose of your stored personal data. You also have the right to request the rectification or deletion of this data. If you have given your consent to the processing of data, you can revoke this consent at any time for the future. You also have the right to request, in certain circumstances, the restriction of the processing of your personal data. You shall also have the right to lodge a complaint with the competent supervisory authority.
You can contact us at any time at the address given in the imprint for further questions on data protection.
2. Hosting und Content Delivery Networks (CDN)
Third Parties Hosting
This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. These may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated through a website. The hoster is used for the purpose of fulfilling the contract against our potential and existing customers (Art. 6 sec. 1 lit.b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 sec. 1 lit. f GDPR).
Our Hoster will only process your data to the extent necessary to fulfil its performance obligations and will follow our instructions with regard to this data.
Conclusion of a contract for order processing
In order to ensure data protection-compliant processing, we have concluded a contract for order processing with our hoster.
3. General notes and mandatory information
Privacy
The operators of these sites take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
When you use this website, various personal data are collected. Personal data is data that can be used to personally identify you. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
We would like to point out that data transmission over the Internet (e..B. when communicating via e-mail) may have security gaps. Complete protection of data against access by third parties is not possible.
Note on the responsible body
The data controller on this website is:
Giessen School of Theology (FTH)
Carried by:
Funding Association for Evangelical Theology and Education (FTA) e.V.
Rathenaustr. 5-7, 35394 Gießen
Phone: +49 (0) 641 979700
E-mail: info@fthgiessen.de
The controller is the natural or legal person who decides alone or jointly with others on the purposes and means of processing personal data (e.B. names, e-mail addresses, etc.).
Statutory Data Protection Officer
We have appointed a data protection officer for our company.
Dipl.-Ing. Lars Ebertz
on behalf of L-E-C.COM GmbH
Ober den Wiesen 17, 35756 Mittenaar
E-mail: lars@ebertz-datenschutz.de
Revocation of your consent to data processing
Many data processing operations are only possible with your explicit consent. You can revoke your consent at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to object to the collection of data in special cases as well as to direct marketing (Art. 21 GDPR)
IF THE DATA PROCESSING ON THE BASIS OF ART. 6 ABS. 1 LIT. E OR F GDPR, HAVE AT ALL TIMES THE RIGHT, FROM THE RIGHT, FROM THE RESULTS OF YOUR SPECIAL SITUATION, AGAINST THE PROCESSING OF YOUR PERSONAL DATA DISSING; THIS GILT ALSO FOR A PROFILING ON THIS DETERMINATIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS DATA PROTECTION DECLARATION. IF YOU ARE RESIDE, WE WILL NOT MORE PROCESS YOUR PERSONAL DATA, IT IS FOR, WE CAN BE RECOMMENDED FOR THE PROCESSING THAT YOUR INTERESTS, RIGHTS AND FREEDOMS ARE OR THE PROCESSING OF THE RIGHT OF RIGHT RIGHTS (DISCLAIMER TO ART. 21 ABS. 1 GDPR).
WILL BE PERSONAL DATA TO USE FOR DIRECT USE, YOU HAVE THE RIGHT, AT ALL TIMES AGAINST THE PROCESSING OF PERSONAL DATA FOR THE PURPOSE OF THE PERSONAL DATA; THIS GILT ALSO FOR THE PROFILING, SO FAR IT WITH THE DIRECT APPLICATION IN CONNECTION. IF YOU ARE CONTACTING, YOUR PERSONAL DATA WILL NOT BE USED MORE TO THE PURPOSE OF THE DIRECT PROTECTION (SUMMARY TO ART. 21 ABS. 2 GDPR).
Right to complain to the competent supervisory authority
In the event of breaches of the GDPR, the persons concerned shall have the right to complain to a supervisory authority, in particular in the Member State of their habitual residence, place of work or the place of the alleged infringement. The right to appeal is without prejudice to other administrative or judicial remedies.
Right to data portability
You have the right to have data that we process automatically processed on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done if it is technically feasible.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or requests you send to us as a site operator, this site uses SSL or TLS encryption.
You can recognize an encrypted connection by changing the address line of the browser from „http://“ to „https://“ and by the lock icon in your browser line. If SSL or TLS encryption is enabled, the data you submit to us cannot be read by third parties.
Information, deletion and rectification
Within the scope of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to rectification or deletion of this data. You can contact us at any time at the address given in the imprint for further questions on the subject of personal data.
Right to restrict processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time at the address given in the imprint. The right to restrict processing exists in the following cases:
- If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the examination, you have the right to request the restriction of the processing of your personal data.
- If the processing of your personal data has been/happens unlawfully, you can request the restriction of data processing instead of deletion.
- If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
- If you have filed an objection under Article 21(1) GDPR, a balance must be made between your interests and our interests. As long as it is not yet clear whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data may be processed, except for its storage, only with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.
Objection to promotional e-mails
The use of contact data published within the scope of the imprint obligation for sending unsolicited advertising and information materials is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, e.g. by spam e-mails.
4. Data collection on this website
Cookies
This website does not use automatically set cookies to recognize users. Cookies are small text files that web browsers store on an end device. They help to make the website more user-friendly, effective and secure.
After you have authorized the playing of a video from YouTube, YouTube or Google can store various cookies on your device. The cookies remain on your device until they expire or you delete them. The same applies to the other plugins and tools we use (see 5.).
With a modern web browser, you can monitor, restrict or prevent the setting of cookies. Many web browsers can be configured to delete cookies by themselves when the program is closed.
Server Log Files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Operating system used in browser type and version of browser
- Referrer URL
- Host name of the accessing machine
- Time of server request IP address
This data is not merged with other data sources.
The collection of this data is based on Art. 6 sec. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – for this purpose, the server log files must be recorded.
Contact
If you send us enquiries via the contact form, your details from the request form, including the contact details you provide there, will be stored with us for the purpose of processing the request and in case of follow-up questions. We do not share this data without your consent.
The processing of this data is carried out on the basis of Art. 6 (1) lit.b GDPR, provided that your request is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 sec. 1 lit. f GDPR) or on your consent (Art. 6 sec. 1 lit. a GDPR) if this has been queried.
The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage is omitted (e.B. after your request has been processed). Mandatory statutory provisions, in particular retention periods, remain unaffected.
Request by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your request, including any personal data (name, request) resulting from it, will be stored and processed by us for the purpose of processing your request. We do not share this data without your consent.
The processing of this data is carried out on the basis of Art. 6 (1) lit.b GDPR, provided that your request is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 sec. 1 lit. f GDPR) or on your consent (Art. 6 sec. 1 lit. a GDPR) if this has been queried.
The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage is omitted (e.B. after your request has been completed). Mandatory statutory provisions, in particular statutory retention periods, remain unaffected.
Communication via WhatsApp
For communication with our customers and other third parties, we use, among other things, the instant messaging service WhatsApp. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Communication is carried out via end-to-end (peer-to-peer) encryption, which prevents WhatsApp or other third parties from gaining access to the communication content. However, WhatsApp will have access to metadata generated during the communication process (e..B sender, recipient, and time). We would also like to point out that WhatsApp says it shares personal data of its users with its US-based parent company Facebook. For more details on data processing, see WhatsApp’s privacy policy at: https://www.whatsapp.com/legal/#privacy-policy
The use of WhatsApp is based on our legitimate interest in communicating as quickly and effectively as possible with customers, interested parties and other business and contractual partners (Art. 6 sec. 1 p. 1 lit. f GDPR). If a corresponding consent has been requested, the data processing is carried out exclusively on the basis of the consent; this can be revoked at any time with effect for the future.
The communication content exchanged between and on WhatsApp will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage is omitted (e.B. after your request has been processed). Mandatory statutory provisions, in particular retention periods, remain unaffected.
We use WhatsApp in the „WhatsApp Business“ variant.
Data transfer to the US is based on the standard contractual clauses of the EU Commission.
Details can be found here: https://www.whatsapp.com/legal/business-data-transfer-addendum
5. Plugins and tools
Use of Facebook services and Instagram
On our homepage we link to the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA as well as to the services and functions of the provider Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA. These U.S. providers are subject to the strict GDPR guidelines for all their offerings under the data protection regulations in force in the United States and when operating within the European Union.
Please read the data protection declarations of the providers:
Facebook: de-de.facebook.com/about/privacy
Instagram: www.instagram.com/about/legal/privacy
External media content
Within the scope of our Internet offer, we use some content that is loaded directly from servers of the anbiters named in detail below. The purpose of integrating this content is to make our Website more attractive. In order to make our Website more attractive, we also have a legitimate interest in the use of such third-party content. The legal basis for the use of the following social media plugins are our legitimate interests under Art. 6 sec. 1 lit. f GDPR.
YouTube
Our website uses media content from the YouTube platform. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter „Google“). After clicking on the play button of a correspondingly embedded video, thus consent to the data transfer, a data exchange takes place. Your IP address and any other data required by Google for YouTube will be collected. The information generated about your use of this website may be stored on a server in the United States. This information may also be transferred to third parties if required to do so by law or if third parties process this data on google’s behalf.
Furthermore, YouTube may store various cookies on your device after you have authorized the start of the video. With the help of these cookies, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve usability and prevent fraud.
If you are logged into your YouTube account, you allow YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account beforehand.
Information on how Google handles your personal information can be found in Google’s privacy policy: https://policies.google.com/privacy.
Google Maps
Our website uses the map service Google Maps via an API. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter „Google“). After clicking on the button of a correspondingly embedded card, thus consent to the data transfer, a data exchange takes place. Your IP address and any other data required by Google for Google Maps will be collected. The information generated about your use of this website may be stored on a server in the United States. This information may also be transferred to third parties if required to do so by law or if third parties process this data on google’s behalf.
The use of Google Maps is in the interest of an appealing presentation of our online offers and in an easy search of the places indicated by us on the website. This constitutes a legitimate interest within the meaning of Article 6 (1) lit. f GDPR. Since a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 sec. 1 lit. a GDPR; the consent is revocable at any time and is not stored.
Information on how Google handles your personal information can be found in Google’s privacy policy: https://policies.google.com/privacy.
Vimeo
This website uses plugins of the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
When you visit one of our vimeo video sites, you connect to Vimeo’s servers. The Vimeo server will be informed which of our pages you have visited. Vimeo also obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the United States.
If you are logged in to your Vimeo account, you allow Vimeo to assign your browsing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account.
Vimeo uses cookies or similar recognition technologies (e.g. device fingerprinting.B) to recognize website visitors.
The use of Vimeo is in the interest of an appealing presentation of our online offers.
This constitutes a legitimate interest within the meaning of Article 6 (1) lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 sec. 1 lit. a GDPR; consent can be revoked at any time.
For more information on how to handle user data, please refer to Vimeo’s privacy policy at: https://vimeo.com/privacy.
Podigee Podcast-Hosting
As part of our website, we provide a podcast. We use the podcast hosting service Podigee from the provider Podigee GmbH, Schlesische Straße 20, 10997 Berlin, Germany. The podcasts are loaded by Podigee or transmitted via Podigee. After clicking on the play button of an episode, a connection to Podigee is established and a data exchange takes place. No cookies are stored on your device in this context. According to Art. 28 GDPR, Podigee is a data processor and as such is also obliged by us.
The use is based on our legitimate interests, i.e. interest in a safe and efficient provision, analysis and optimization of our podcast offer in accordance with Art. 6 sec. 1 lit. f. GDPR.
Podigee processes IP addresses and device information to enable podcast downloads/playback and to obtain statistical data such as .B polling numbers. This data will be anonymized or pseudonymized by Podigee prior to storage in the database, unless required to provide the podcasts.
Further information and possible objections can be found in Podigee’s privacy policy: https://www.podigee.com/de/about/privacy/.
Note on data transfer to the USA
Our website includes tools from companies based in the United States. When these tools are active, your personal information may be shared with the U.S. servers of the respective companies. We would like to point out that the US is not a safe third country within the meaning of EU data protection law. U.S. companies are required to disclose personal information to security agencies without you, as a person concerned, being able to take legal action against it. It cannot therefore be ruled out that US authorities (e.B. intelligence agencies) process, evaluate and permanently store your data on US servers for surveillance purposes. We have no influence on these processing activities.
NEWSLETTER
If you call up the registration form for the newsletter on our website via the corresponding button, you will download content from Brevo (formerly Sendinblue), the service provider for our newsletter dispatch (Brevo GmbH, Köpenicker Straße 126, 10179 Berlin). By clicking on the button, you agree to the data transfer. Therefore, please also note Brevo’s terms of use. You must confirm receipt of the newsletter in an opt-in email and can of course unsubscribe at any time. The data you enter for the purpose of subscribing to the newsletter will be stored on Brevo’s servers in Germany.
DATA ANALYSIS USING BREVO
With the help of Brevo it is possible for us to analyze our newsletter campaigns. For example, we can see whether a newsletter message has been opened and which links, if any, have been clicked on. In this way, we can determine, among other things, which links were clicked on particularly often. In addition, we can see whether certain predefined actions have been carried out after opening/clicking. If you do not want an analysis by Brevo, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message.
LEGAL BASIS
The data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.
STORAGE PERIOD
The data you provide us with for the purpose of subscribing to the newsletter will be stored by us or Brevo until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data that has been stored by us for other purposes remains unaffected.
After you have unsubscribed from the newsletter distribution list, your e-mail address may be stored by Brevo in a blacklist if this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest. For more information, please refer to Brevo’s privacy policy.
Data processing agreement
We have entered into a data processing agreement (DPA) with Brevo. This is a contract required by data protection law that ensures that Brevo processes the personal data of our newsletter recipients only in accordance with our instructions and in compliance with the GDPR.
Evaluation and analysis
We use the services of etracker GmbH (Erste Brunnenstraße 1, 20459 Hamburg, www.etracker.com) to analyze usage data as part of our website. The data is processed and stored by etracker on our behalf exclusively in Germany and is therefore subject to strict German and European data protection laws and standards. In this respect, etracker GmbH has been independently audited, certified and awarded the ePrivacyseal data protection seal of approval. Further information on data protection at etracker GmbH can be found here.
Cookies
Without your consent, no cookies for user recognition are stored in your browser and no information is read from the memory of your end device. The cookie-free use of the etracker analysis tool is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in analyzing user behavior in order to optimize both our website and our advertising. The rights and fundamental freedoms of the data subjects are safeguarded. The IP address is anonymized as early as possible during the analysis with etracker and visitor recognition is only possible for the duration of the current day.
Cookies are small text files that are stored by the Internet browser on the user’s end device. The etracker cookies do not contain any information that enables a user to be identified. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.
Objection
You can object to the data processing described above at any time by clicking on the slider. The objection has no negative consequences. If no slider is displayed, data collection has already been prevented by other blocking measures.
Order processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
6. Audio and video conferencing
Processing
We use online conference tools to communicate with our customers. The tools we use are listed below. If you communicate with us via video or audio conference via the Internet, your personal data will be collected and processed by us and the provider of the respective conference tool.
The conference tools collect all the data you provide/use to use the tools (email address and/or your phone number). The conference tools also process the duration of the conference, the beginning and end (time) of participation in the conference, the number of participants and other „contextual information“ related to the communication process (metadata).
Furthermore, the provider of the tool processes all technical data that is necessary for the processing of the online communication. This includes in particular IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.
If content is exchanged, uploaded or otherwise provided within the tool, it is also stored on the servers of the tool providers. Such content includes, in particular, cloud recordings, chat/instant messages, photos and videos uploaded to voicemails, files, whiteboards and other information shared while using the Service.
Please note that we do not have a full influence on the data processing processes of the tools used. Our possibilities depend significantly on the company policy of the respective provider. For more information about data processing through the conference tools, see the privacy statements of the tools we’ve listed under this text.
Purpose and legal bases
The conference tools are used to communicate with prospective or existing contractors or to offer certain services to our customers (Art. 6 sec. 1 p. 1 lit.b GDPR). Furthermore, the use of the tools serves to simplify and speed up communication with us or our company (legitimate interest within the meaning of Art. 6 sec. 1 lit. f GDPR). Where consent has been requested, the use of the relevant tools shall be based on that consent; consent can be revoked at any time with effect for the future.
Storage period
The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage is omitted. Stored cookies remain on your device until you delete them. Mandatory statutory retention periods remain unaffected. We have no influence on the storage time of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.
Conference tools used
We use the following conference tools:
Microsoft Teams
We use Microsoft Teams. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. For data processing details, see the Microsoft Teams Privacy Policy: https://privacy.microsoft.com/de-de/privacystatement.
Conclusion of a contract for order processing
We have signed an order processing contract with the Microsoft Teams provider and fully implement the strict requirements of the German data protection authorities when using Microsoft Teams.