The following Privacy Policy will give you an overview of what type of personal data is collected and stored for what purpose when you visit our website or when you use our website and contact options.
We will inform you below about your rights as a data subject and tell you, among other things, who is responsible for data processing and compliance with data protection regulations.
Personal Data
“Personal data” is not just obvious personal information, such as the name or address of a person, but also their IP address and information about which pages a person has visited on the Internet (user behavior).
1. Names and addresses of the Data Controllers
Sandra Bennua, Melanie Czarnik. Claudia Gliemann Elisabeth Jäcklein-Kreis, Ann Cathrin Raab, Anja Samstag and Sabrina Weber GbR
Business name: HopeLit GbR
Mittelstrasse 12
76227 Karlsruhe
Telephone +49 721/4848890
Email: hallo@hopelit.de
2. Information on data processing / definitions
2.1. Depending on the reason for the processing of the data, the provision of personal data may be required by law or by a contract, or may be necessary to conclude a contract. If this is the case, we will refer to it below and will also indicate possible consequences of declining to provide data. Automated decision-making or profiling in accordance with Article 22 paragraphs 1 and 4 also only takes place if we explicitly indicate that this is the case.
2.2. If you do not provide us with the data in the cases outlined below, you would not be able to use the service / function or you would be unable to contact us.
2.3. When you visit our website, your surfing behavior can be statistically evaluated.
This happens primarily through the use of cookies and analytics.
2.4. This Privacy Policy uses the following definitions for the terms below:
Cookies: Cookies are small text files that are stored on your device by your browser. Cookies serve to make our services more user-friendly, effective and secure.
The cookies are stored on the end device of the user and the cookie data is transmitted to us from there. As a user, you can control the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. You can delete cookies that have already been saved at any time – even automatically.
However, if you deactivate cookies, it may no longer be possible to fully use all functions of the websites you visit or of various tools on the Internet.
2.5. In some cases, we use external service providers to process your data (contract processors within the meaning of Art. 28 GDPR, e.g. hosting service providers), to whom we may disclose personal data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly checked. Otherwise, your data will only be disclosed to other recipients if we refer to this separately below.
3. Data processing via the website
3.1 Encryption
To ensure that the processing of your personal data takes place in such a way that the data is protected against unauthorized or unlawful processing as well as against accidental loss, destruction or damage, we use encryption (SSL) on our website and on all sub-pages.
3.2. Visiting our website
Every time you visit our website, our system automatically collects data and information from your computer system. This includes at least the following data:
- Name of the file requested
- Date and time of access
- The amount of data transmitted
- Indication of whether the download was successful
- IP address
- Browser type
- Browser version and its language
- Operating system and its user interface
- Referrer URL
- Access Status/HTTP status code
- Type of terminal
The data is stored in the log files of our host’s IT system.
Purpose of processing: The processing of the above data is necessary in order to display the website to you and to guarantee the security and stability of our information technology systems and the technology of our website. The processing is also carried out in order to provide law enforcement authorities with the information necessary for law enforcement in the event of a cyber attack.
Legal basis: We have a legitimate interest in data processing within the meaning of Art. 6 para. 1 lit. f GDPR, whereby the legitimate interest arises from the stated purpose.
Storage period: The data will be deleted as soon as data storage can no longer serve the purpose. The point in time shall be determined for the individual case, whereby the storage must be ended at the latest if any civil law claims have become time-barred according to Sec. 199 BGB (German Civil Code) or is criminal prosecution is also no longer possible due to statutes of limitation (Sec. 78, 79 StGB (German Penal Code)).
3.3. First contact – General
If you contact us (e.g. by e-mail), we will save the data you provide, such as your name, your email address, and any other contact details you may have provided.
Purpose of processing: The processing of the above-mentioned data is necessary in order to be able to process or answer the query you made when contacting us.
Legal basis: Depending on the request, the processing of the data may possibly be based on different legal bases. In any case, processing is necessary to safeguard our legitimate interests within the meaning of Art. 6 para. 6(1)(f) GDPR. The legitimate interest arises from the fact that we want to reply to your query and to fulfill the purpose for processing.
Storage period: At the latest, we will delete your personal data when storage is no longer necessary. The point in time is to be determined for each individual case, and storage must be ended at the latest, if any civil law claims become time-barred according to Sec. 199 BGB (German Civil Code) or criminal prosecution is also no longer possible due to the statute of limitation (Sec. 78, 79 StGB (German Penal Code)).
4. Google Fonts
We use Google Fonts to provide a uniform display of fonts on our website. These are displayed via the WordPress theme and saved locally.
5. Social media links
We have integrated social media plugins on our website and linked them to social media. To protect your data, we use plugins that do not directly transmit your data (if you click the “Share” button). The social media websites that we use are:
- Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
- Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA
If you follow a link to these websites, you will be redirected to the respective company’s website. Any processing of your personal data that occurs as a result is then outside our area of responsibility. Nevertheless, we would like to comply with our information obligation under Art. 13 GDPR as far as we can.
Purpose of processing: We create links to make our website appealing. In addition, the links are created to promote the communicative character of the Internet and thus freedom of expression.
Legal basis: The legal basis for placing links is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in increasing the attractiveness of our website.
Storage period: Since we have no influence on the further processing and use of the data by the companies mentioned above, we cannot make any statements about how long the companies will save the data if you follow one of the links.
Data transfer: If you follow a link, depending on the company, your data will be sent to servers in third countries such as the USA. It is not out of the question for companies to transmit the data to third parties.
Further information: You will find further information on their respective privacy policies on the websites of the companies mentioned above.
6. Use of YouTube
We use the YouTube.com platform to post our own videos and make them publicly available. YouTube is a website from a third party not affiliated with us, namely YouTube LLC.
Some pages on our website contain links or other connections to the YouTube website. In general, we are not responsible for the content of websites to which we provide links. In the event that you follow a link to YouTube, we would like to point out that YouTube stores the data of its users (e.g. personal information, IP address) according to its own data usage guidelines and uses it for business purposes.
We also directly integrate videos stored on YouTube on some of our websites. With this integration, content from the YouTube website is displayed in partial areas of a browser window. However, the YouTube videos are only accessed by clicking on them separately. This technique is also called “framing”. If you call up a (sub) page of our website that includes YouTube videos in this form, a connection is established to the YouTube servers and the content is displayed on the website by notifying your browser.
YouTube content is only integrated in “extended data protection mode”. YouTube provides this itself and thus ensures that YouTube does not initially store any cookies on your device. When you call up the relevant pages, however, the IP address and the other data mentioned in section 4 are transmitted, particularly which of our webpages you have visited. However, this information cannot be assigned to you unless you have logged in to YouTube or another Google service (e.g. Google+) before the page view or are logged in permanently.
As soon as you start the playback of an integrated video by clicking on it, YouTube only saves cookies on your device through the extended data protection mode, which does not contain any personally identifiable data unless you are currently logged in to a Google service. These cookies can be prevented by appropriate browser settings and extensions.
Address and link to the data protection information of the third party provider:
Google / YouTube: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland –
Privacy Policy: https://policies.google.com/privacy, Opt out: https://adssettings.google.com/authenticated, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
7. Web analysis using Matomo (formerly Piwik)
We use the “Matomo” software (www.matomo.org), a service of Provider InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand. The software sets a cookie (a text file) on your computer, with which your browser can be recognized. If subpages of our website are accessed, the following data is stored:
- the user’s IP address, shortened by the last two bytes (anonymized)
- the subpage visited and time of the visit
- the page from which the user came to our website (referrer)
- which browser with which plugins, which operating system and which screen resolution is used
- the time spent on the website
- the pages that are accessed from the selected subpage
The data collected with Matomo is stored on our own servers.
This data will not be transferred to third parties.
The legal basis on which we process personal data using Matomo is Art. 6 para. 1 (f) GDPR.
Purpose of processing: We need the data to analyze the surfing behavior of users and to receive information about the use of the individual components of the website. This enables us to continuously optimize the website and its user-friendliness. These purposes also encompass our legitimate interest in data processing in accordance with Art. 6 para. 1 (f) GDPR. By anonymizing the IP address, we take into account the interest of users in the protection of personal data. The data is never used to personally identify the user of the website and is not combined with other data.
Storage period: The data will be deleted when it is no longer needed for our purposes.
8. Notes on the rights of data subjects
Due to the processing of your personal data, you are a data subject within the meaning of the GDPR and you have the following rights with respect to us us, whereby we are referred to below as the “controller”:
- Right to information, Art. 15 GDPR
You have the right to request information from the controller whether they are processing personal data concerning you. If this is the case, you have a right to information about the information listed in Art. 15 GDPR.
- Right to correction of personal data, Art. 16 GDPR
According to Art. 16 GDPR, you have a right with respect to the controller to
Correction or completion of your personal data, insofar as
your personal data is incorrect or incomplete.
- Right to deletion (“right to be forgotten”), Art. 17 GDPR
In accordance with Art. 17 GDPR, you have the right to request that the controller delete your personal data.
Right to restriction of processing, Art. 18 GDPR
As a data subject, you have the right, under the conditions of Art. 18 GDPR, to request the controller to restrict processing.
- Right to information, Art. 19 GDPR:
In accordance with Art. 19 GDPR, you have the right to be informed by the controller of to whom the personal data concerning you has been disclosed and whom the controller has informed of your rights to correction, deletion or restriction of your data.
- Right to data portability, Art. 20 GDPR
Under the conditions of Art. 20 GDPR, you have the right to receive personal data concerning you in a structured, common and machine-readable format. Under the conditions of Art. 20 GDPR, you have the right to transfer this data to another controller without hindrance from the controller to whom the personal data was provided. You have the right to demand that we transfer the data to another controller, inasmuch as this is technically feasible.
- The right to objection to processing, Art. 21 GDPR
In accordance with Art. 21 GDPR, you have the right to object at any time to processing of your personal data that is based on Art. 6 para. 1 lit. e or f GDPR. This also applies to profiling based on these provisions. If the personal data concerning you is being processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data that concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is associated with such direct marketing.
- Right not to be subjected to an automated decision including profiling, Art. 22 GDPR
As a data subject, you have the right, in accordance with Art. 22 GDPR, not to be subjected to a decision that has a legal effect on you or similarly significantly affects you based solely on automated processing, including profiling.
- Right to withdraw the data protection declaration of consent, Art. 7 GDPR
According to Art. 7 GDPR, you have the right to revoke your consent to the processing of personal data concerning you at any time.
- Right to lodge a complaint with a data protection supervisory authority, Art. 77 GDPR
Without prejudice to other legal remedies, you have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR if you believe that the processing of your personal data by us violates the GDPR.
