Data protection

I. General Information

The website www.dash-embassy.org (“Website”) is a service of Dash Embassy D-A-CH UG (limited liability), hereinafter also referred to as “Dash Embassy” or “we”/”us”.

In the following we inform you about the handling of your personal data. If you use our website and the Dash Embassy service, personal data will be processed.

Because the protection of your privacy is important to us, we would like to inform you to what extend your personal data gets processed by us and in what way.

You can access this data protection declaration at any time under the section “Privacy Policy” at https://www.dash-embassy.org/datenschutz/?lang=en on our website.

N.B.: Of course we observe the legal provisions of the data protection regulation (“GDPR”), the Federal Data Protection Act (“BDSG”) as well as other data protection regulations.

II. Name and address of the controller

Dash Embassy, as operator of the website, is responsible regarding personal data that gets processed because you use our website.

Dash Embassy D-A-CH UG (limited liability)

Represented by CEO Mr. Jan Heinrich Meyer and Mr. Klaus Hipfinger

Maria-Goeppert-Straße 3

23562 Lübeck

Phone: 0176 24928098
E-Mail: meyer@dash-embassy.orghipfinger@dash-embassy.org

III. Processing of personal data

1. Provision of the website and creation of log files

  1. Description and scope of data processing

Every time you visit our website, the following data gets transmitted by your browser is automatically saved for technical reasons:

  • information about your browser type and version
  • the operating system you are using
  • the previous website from where you are accessing us (referrer URL)
  • your IP address
  • the date and time when accessing our website

Our system does not store your IP address or other personal data in log files. The data in the log files are not stored together with other personal data in relation to you.

  1. Legal basis for data processing

The temporary processing of your data is carried out in accordance with Art. 6 Sec. 1 phrase 1 lit. f GDPR.

  1. Data processing purpose

It is necessary for us to process your IP address temporarily to enable the website to be made available on your terminal device. Furthermore, we use your personal data to optimize our website and guarantee the security of our IT systems. Your data will not be processed for marketing purposes.

These reasons reflect also our legitimate interest in processing your personal data.

  1. Storage period

The aforementioned personal data will be deleted as soon as they are not necessary anymore to achieve the processing purpose. This is the case when you end the respective session.

  1. Possibility to object and removal according to Article 21 GDPR

It is not possible to object the processing of this data since it is necessary for the website´s functioning.

2. Cookies

  1. Description and scope of data processing

We use so-called cookies on our website, which serve to recognize you as a user and to facilitate the usage of our website for you. Cookies are small text files that your Internet browser installs on your terminal equipment. Often so-called “session cookies” are used, which are deleted after the end of your session.

Other cookies, so-called “persistent cookies”, remain installed on your terminal equipment until they get removed by you. These installed cookies allow us to identify your web browser when you visit our website the next time.

You can also set your web browser so that you are informed about the installation of cookies. Within the scope of the settings, you can choose whether cookies should be permitted in individual cases, installed in certain cases, should not be accepted in general or be deleted automatically after closing your web browser. If you choose to disable cookies, this may limit the possibility to use the website.

We use cookies on our website to make it more user-friendly for. Therefore, some elements of our website require that the calling browser can be identified even after a page change.

The following data is stored in cookies and gets transmitted:

– Log-in information for input masks

  1. Legal basis for data processing

The processing of your data is carried out in accordance with Art. 6 Sec. 1 phrase 1 lit. f GDPR.

  1. Data processing purpose

We are using technically necessary cookies to optimize the usage of our website. Otherwise we could not offer you certain functions on our website. For these functions it is necessary that your web browser gets recognized after a page change has occured. These purposes are also our legitimate interest in processing your personal data.

The use of cookies is required for the following application:

  • Acceptance of language settings

We do not use personal data which got collected by technically necessary cookies to create user profiles.

  1. Storage period, possibility to object and removal according to Article 21 GDPR

Cookies are stored on the user’s terminal equipment and transmitted to our website. Therefore, you as a user have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your browser. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website.

3. Use of Google-Analytics with anonymisation function

  1. Description and scope of data processing

On our website we use Google Analytics, a web analysis service of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter “Google”. When using Google Analytics, cookies are used. These Cookies enable Google to analyse your behaviour when using our website.

Such cookies generate information regarding your usage behavior, which gets transmitted to and stored by Google on servers located in the USA.

Since data protection is very important to us, we allow you to use our website anonymously. That is why we use Google Analytics exclusively with the extension “_gat._anonymizeIp”. This extension ensures that your IP address gets shortened within the territory of the EU member states or states that signed the Agreement on the European Economic Area. Through this, your IP address gets anonymized. Only in exceptional cases will the full IP address be transmitted to a Google server and shortened in the USA. According to Google, your IP address will not be merged with other data collected by Google.

More detailed information on Google Analytics’ Terms of Use and Privacy Policy can be found at https://www.google.de/analytics/terms/de.html.

  1. Legal basis for data processing

The processing of your data is carried out in accordance with Art. 6 Sec. 1 phrase 1 lit. f GDPR.

  1. Data Processing purpose

Google uses the collected data to ascertain how you have used the website, to prepare and send us a summary of the activity on our website and to offer other services related to internet and website use. These purposes are also our legitimate interest in the processing your personal data.

When obliged by law or where Google commissions third parties to process data, it may transfer the collected information to third parties.

  1. Storage period

Cookies used by Google Analytics have a pre-determined storage period which is beyond or knowledge and control. You can independently uninstall the cookies that got installed by Google Analytics and, thus, delete the stored data. We will explain how this deletion can be carried out by using the browser settings, in the following section.

  1. Possibility to object and removal according to Article 21 GDPR

You are free to prevent the installation of cookies by adjusting your browser settings accordingly.
For this, Google offers for the most popular browsers a deactivation add-on, which gives you more control over the data which gets collected by Google from the websites you visit. The add-on informs Google Analytics’ JavaScript (ga.js) that no information about the visitors of the website should be transmitted to Google Analytics. However, the deactivation add-on does not prevent the transmission of information to us or to other web analytics services that we may use. For more information on installing the respective browser add-on, please visit https://tools.google.com/dlpage/gaoptout?hl=de.

4. Use of Social Media Buttons with „Shariff“

On our website we use the c’t project “Shariff” developed by Heise.de. In this way we want to avoid a comprehensive collection and analysis of your visit by providers of social media/ social sharing functions. Shariff replaces the usual share buttons on social networks and with it, protects your surfing behavior. Shariff only integrates the share buttons of the social networks listed below as graphics on our website. The graphic contains a link to the corresponding social network.

Without the use of Shariff, the usual social media buttons would transfer your data to the social networks each time you visit the site and give them information about your surfing behavior, regardless of whether you are logged in as a member of the social network. A Shariff button, on the other hand, does not establish direct contact between the social network and you until you actively click on the Share button. Without clicking the Shariff button, there will be no exchange between the social network and you. Through this, Shariff prevents you from leaving a digital fingerprint only by visiting the website.

Further information about the c’t project “Shariff” is available at http://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz2467514.html .

On our website we integrate the following social networks with Shariff:

  • facebook-components
  • Google+-recommendation-components
  • Twitter-recommendation-components
  • XING-recommendation-components
  • LinkedIn-recommendation-components

The purpose and scope of the data collection and the further processing and use of the data by the providers on their pages as well as your rights in this regard and configuration options for protecting your privacy can be found privacy policies of the social network providers, which can be found at:

  • facebook http://www.facebook.com/policy.php
  • Google+ http://www.google.com/intl/de/+/policy/+1button.html
  • Twitter https://twitter.com/privacy
  • XING http://www.xing.com/app/share?op=data_protection
  • LinkedIn http://www.linkedin.com/legal/privacy-policy

5. Use of YouTube-components with extended data protection mode

  1. Description and scope of data processing

Our website uses video components of YouTube LLC, 901 Cherry Ave, 94066 San Bruno, CA, USA, hereinafter “YouTube”, which is a company of the Google Inc, Amphitheatre Parkway, Mountain View, CA 94043, USA.

We use the configuration “- extended data protection mode -” provided by YouTube. According to YouTube, when applying this mode, no information will be stored about you as long as you simply visit a website where the YouTube video is embedded. Only when you play the embedded YouTube video, cookies get installed on your terminal equipment and personal data will be transmitted to YouTube. When you are logged into your YouTube account at the same time as play the YouTube video on the subpage, your Internet usage behaviour will be assigned to your personal YouTube profile.

We do not know the extent of the data collected by YouTube. According to its own information, YouTube collects location-related data, such as the IP address, and uses cookies to uniquely identify your browser or Google Account. The information collected may be shared within the services of the Google Network. For more information about the manner and scope YouTube and Google process your personal data, please visit https://policies.google.com/privacy?hl=de&gl=de .

  1. Legal basis for data processing

The processing of your data is carried out in accordance with Art. 6 Sec. 1 phrase 1 lit. f GDPR.

  1. Data processing purpose

Your personal data will be processed to make the respective YouTube video available to you. This is also our legitimate interest for processing your personal data.

  1. Storage period

We are not aware for how long the personal data that got collected will be stored by YouTube and we cannot influence it.

  1. Possibility to object and removal according to Article 21 GDPR

If you do not want YouTube to connect the data collected through our website directly to your YouTube member account, you should log out of your account before visting our website. You can also prevent the YouTube plugin from being used by applying add-ons to your browser, e.g. with the script blocker “NoScript” (http://noscript.net/).

6. Possibility for contact

  1. Description and scope of data processing

We offer on our website the opportunity to contact us by through a form we integrated on our website for you. When contacting us, the information you provide in the contact form will be transmitted to us and processed for the purpose of processing your inquiry.

The following data is collected at the time of your inquiry:

  • Name
  • E-Mail address

At the time of sending your request, the following data will also be processed:

  • IP address
  • date and time when the request has been sent
  1. Legal basis of data processing

The processing of your data, which got transmitted by contacting us through the form, is carried out in accordance with Art. 6 Sec. 1 phrase 1 lit. f GDPR.

  1. Data processing purpose

We process your personal data only for the purpose of processing your inquiry.

The processing of other personal data during the transmission is carried out for our protection in the event that the contact possibilities are abused or our IT systems are impaired by the establishment of the contact. We do not collect any further data.

These purposes also constitutes our legitimate interest in processing your personal data.

  1. Storage period

We delete your personal data if it is not necessary anymore to achieve the processing purpose.

Therefore, we delete personal data you sent through the contact form to us, when the conversation has ended. The conversation is finished when the circumstances indicate relevant matter has been resolved.

Further personal data which got processed during the sending process will be deleted after a period of 14 days.

  1. Possibility to object and removal according to Article 21 GDPR

You have the possibility to object to the processing of your personal data in accordance to Article 21 GDPR at any time. In such a case, the conversation cannot be continued. Please address your objection to muster(at)dash-embassy.de . In this case, the personal data processed during communication will be deleted.

7. Online-job application

  1. Description and scope of data processing

We offer you through our website the opportunity to apply online for a job offer. At the time of your application we collect and process the following personal data:

  • first and last name
  • place of residence
  • date of birth
  • E-Mail address
  • language skills
  • highest level of education
  • current job title
  • other information entered into the online form regarding your curriculum vitae

If we conclude an employment contract after the application procedure has taken place, your personal data will further be processed for the purpose of carrying out the employment relationship.

  1. Legal basis for data processing

The processing of your data is carried out in accordance with Article 6 Subsec. 1 phrase 1 lit. b, Article 88 GDPR in connection with Section GDPR.

  1. Data processing purpose

We process your personal data exclusively for the purpose of handling the application procedure.

  1. Storage period

We delete your personal data if it is not necessary anymore to achieve the processing purpose.

If no employment relationship is established, your data will be deleted within two months of receipt of the cancellation, provided that there are no legitimate interests to the contrary. A legitimate interest would be established in the event of a legal dispute.

  1. Consequences when not providing your personal data

You are not obliged to provide your data for the aforementioned purposes. If you do not disclose the requested personal data, we will end the application process with the result that no employment relationship has been established at this point.

IV. Data subject rights

If your personal data is processed by us, you are a data subject within the meaning of the GDPR, therefore, have the following rights towards us:

    1. Right to be informed
      You have the right to request information about your personal data processed by us at any time. This also includes information about the origin, recipients or categories of recipients to whom we transfer your data and the purposes for which we process your personal data.
    2. The right to rectification
      You have the right to request us to correct and/or complete your personal data immediately if your personal data is incorrect or incomplete.
    3. Right to erasure and right to restrict processing
      You can ask us to delete your personal data immediately. We are obliged to carry out the deletion immediately unless we are obliged to further process your personal data on the basis of contractual and/or legal regulations. This is the case, for example, if we are prohibited from deleting data under tax law. In such a case we restrict the processing and delete the personal data in question immediately after expiry of the retention period.
    4. Right to data portability
      You have the right to receive the personal data concerning you which you have provided to us in a structured, current and machine-readable format, if this is technically possible. Furthermore, you have the right to transfer this data to another responsible person without any hindrance by us, if you so wish.
    5. Rights in relation to automated decision making and profiling
      You have the right not to be subject to a decision based exclusively on automated processing – including profiling – that has a legal effect against you or significantly impairs you in a similar manner.
    6. Right to appeal to a supervisory authority
      You are entitled to complain to the competent supervisory authority if you believe that the processing of your personal data is contrary to the GDPR. The competent supervisory authority is:

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein

Marit Hansen

Holstenstraße 98

24171 Kiel

Phone: 0431 988-1200
Facsimile: 0431 988-1223
mail@datenschutzzentrum.de