Data Protection Declaration
of Anna Göbel and Otto Kurtz Foundation
We would like to welcome you on your visit to our website and appreciate your interest in our foundation. We take the protection of your personal data very seriously. We use your data in line with the applicable legislative provisions on the protection of personal data, in particular the EU General Data Protection Regulation (EU GDPR) and the German legislation that applies to us. We are using this data protection declaration to inform in detail you about how the Anna Göbel and Otto Kurtz Foundation processes your personal data and your related rights.
In this context, personal data is that information that makes it possible to identify a natural person. In particular, this includes your name, date of birth, address, telephone number, email address and your IP address.
Anonymous data are deemed to exist if no kind of personal connection to the user can be established.
Anna Göbel and Otto Kurtz Foundation
Phone.: +49 (9342) 805 459
Your Rights as an Affected Person
At this point we would firstly like to inform you of your rights as an affected person. These rights are set out in Sections 15 – 22, EU GDPR. These cover:
• the right to information (Section 15, EU GDPR);
• the right to have your data deleted (Section 17, EU GDPR);
• the right to have your data corrected (Section 16, EU GDPR);
• the right to data transportability (Section 20, EU-GDPR);
• the right to restriction of data processing (Section 18, EU GDPR) ;
• the right to object to having your data processed (Section 21, EU GDPR).
To assert these rights, please contact: viktoria.rawinski(at)kurtzersa.de. The same applies if you have any questions to your data being processed by our company. You are also entitled to appeal to a data protection supervisory authority.
Rights of Objection
Please note the following in connection with the right to object:
If we use your personal data for the purpose of direct advertising, you will be entitled to object to our processing them for this purpose at any time without giving reasons. This will also apply to profiling if it is directly connected with direct advertising.
If you object to your data being processed purpose of direct advertising, we will no longer process your data for these purposes. You may object free of charge without following any particular form to: info(at)hammermuseum.de.
If we process your data for the purpose of safeguarding your legitimate interests, you can object at any time for reasons arising from this particular situation; this also applies to profiling based on these provisions.
We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for doing so that outweigh your interests, rights and freedoms or if processing data serves to assert, exercise or defend legal interests.
Purposes and Statutory Bases of Data Using
When processing your personal data, we will observe the provisions of the EU GDPR and all other applicable data protection provisions. The statutory bases for data processing arise in particular from Section 6 EU GDPR.
We use your data to initiate business transactions, fulfil contractual and statutory obligations, carry out contractual relationships, offer products and services and to reinforce customer relationships, which may also include analyses for marketing purposes and direct advertising. The statutory bases of data processing are formed by the contract (purchase contract, Section 6, I, 1 (b) GDPR), consent (Section 6 I, 1 [a] GDPR) and data processing (Section 6 I, 1 [f] GDPR) in cases of legitimate interest.
Your consent also constitutes a data protection law-related provision that requires permission to be given. In this case, we are informing you here of the purposes of data processing and your right to rescind your consent. Should your consent also concern processing special categories of personal data, we will point this out to you explicitly in the consent (Section 88, Subsection 1 EU GDPR).
Special categories of personal data as defined by Section 9, Subsection 1 EU GDPR, will only be processed if this is required by legislative provisions and if there is no reason to assume that your legitimate interests outweigh exclusion from processing (Section 88, Subsection 1 EU GDPR).
Passing on Personal Data to Third Parties
We will pass on your data only on the basis of legislative provisions or if the related consent has been given. Otherwise, personal data will not be passed to third parties unless we are obliged to do so further to compelling legislative provisions (forwarding to external quarters such as regulatory authorities or criminal prosecution authorities).
Recipients of Data / Categories of Recipients
Within our foundation we will ensure that only those persons who need your data to carry out contractual and statutory obligations actually receive them. The data will be transmitted to the Sales, Service and Communications Departments only.
In many cases, service providers assist our operational departments to carry out their tasks. The necessary agreements have already been concluded with all service providers. Where orders are processed, our Purchasing Department will ensure that the necessary data-processing agreements have been concluded.
Transfer of Data to Third-Party Countries / Intention to Transfer Data to Third-Party Countries
Data will not be transferred to third-party countries (outside the European Union and / or the European Economic Area.
Storage Periods of Your Data
We will store your data for as long as we need them for each purpose of processing. Please note that numerous retention periods require that data will (need to) be stored for the future. In particular, this will affect retention periods required by commercial or tax law, such as the German Commercial Code or the German Fiscal Code, etc.). If there are no further retention obligations in place, the data will be routinely deleted after the intended purpose has been achieved.
We can also retain data if you have given us your consent to do so or if there is a legal dispute, in which case, we will use it as evidence as part of statutory expiry periods which can last up to 30 years; the regular expiry period is three years.
Secure Transfer of Your Data
In order to protect data stored with us as far as possible against coincidental or deliberate manipulation, loss, destruction or access by unauthorised persons, we use appropriate technical and organisational security measures. The security levels are constantly checked in cooperation with security experts and adapted to new security standards.
Data is transferred from and to our website in encrypted form only. For our web presence, we offer the HTTPS transfer protocol using the latest encryption protocols. We also offer our content encryption for users of our contact forms and for job applications. Only we are able to decrypt these data. Other modes of communication are also available, such as the postal system.
Obligation to Provide Data
Various kinds of personal data are necessary for establishing, performing and ending a contractual obligation and fulfilling the related contractual and statutory obligations. The same applies to the use of our website and the various functions it provides.
We have summed up details on this in the abovementioned point. In certain cases, data must be obtained or provided due to statutory requirements. Please note that we cannot use your enquiry or execute the contractual obligation on which it is based without these data being provided.
Categories, Sources and Origin of Data
Which data we use is determined by each situation. This depends on whether you place an order online, enter an enquiry in our contact form, send us a job application or submit a complaint.
Please note that, where appropriate, we may also make information available separately for special processing situations such as uploading job application documentation or in a contact enquiry.
We Collect and Use the Following Data on Visits to Our Website:
• name of the internet service provider;
• details about the website from which you are visiting us;
• the web browser and operating system used;
• the IP address allocated by your internet service provider;
• requested files, the data volume transferred, downloads/file export;
• details about the webpages on our site that you call up, including date and time.
For reasons of technical security, (in particular to ward off attempted attacks on our web server), these data are stored in accordance with Section 6, Subsection 1, (F) EU GDPR. After seven days at the latest, these data will be anonymised by shortening the IP address so that no reference to the user can be made.
We Collect and Use the Following Data from Contact Enquiries:
• last name, first name
• contact data
• details on requests and interests.
Making Contact by Email (Section 6, Subsection 1 (a & b) EU GDPR)
If you contact us via email, we will use the personal data you give us in your email only in order to process your enquiry.
Automated Individual Decisions
We use no solely automated processing procedures to arrive at decisions.
Cookies (Section 6, Subsection 1 (f) EU GDPR / Section 6, Subsection 1 (a) EU GDPR in Cases of Consent)
Our internet sites use so-called "cookies" in several places. These are used to make our offer more user-friendly, more effective and more secure. Cookies are very small text files that are placed on your computer and which store your browser (locally on your hard disc).
We use these cookies to analyse how users use our websites. This enables us to design website content in accordance with users' needs. The cookies also enable us to measure the effectiveness of any given advertisement and to position it according to users' thematic interests.
The cookies most used by us are so-called "session cookies". These are deleted automatically after your visit. Permanent cookies are deleted from your computer automatically when their period of use (usually six months) has expired or when you delete them yourself before they reach their period of use.
Most web browsers accept cookies automatically. You can alter the settings on your browser if you prefer not to send information on them. However, you can still use the offers on our internet site without restriction. (Exception: configuration tools.)
Cookies are stored on users' computers and are transmitted from there to our website/s. As a user, you thus have full control over how cookies are used. By altering the settings on your internet browser, you can deactivate or restrict the transmission of cookies. Additionally, cookies that have already been placed can be deleted at any time via an internet browser or other software programmes. This is possible on all standard internet browsers.
Please note: if you deactivate the placing of cookies, it may not be possible to use all functions of our internet site entirely.
Online Offers for Children
Persons under 16 years of age may not send us any personal data or make any declarations of consent without the permission of their parents or guardians. We call on all parents und guardians to take active part in the online activities und interests of their children.
Links to Other Providers
Our website also contains links – which are clearly recognisable – to the internet presences of other companies. If links to websites of other providers are present, we have no influence over this. We cannot therefore accept any guarantee or liability for this content. Each individual provider or operator of internet sites is responsible for this content at all times.
The links to these sites were checked for any possible breaches of the law und ascertainable infringements of the law when they were established. When the links to these sites were established, no illegal content was ascertainable. However, without adequate indications of breaches or infringements of the law, permanent control or checking of the linked sites is not reasonable. Where breaches or infringements of the law become known, links of this nature will be removed promptly.