Impressum I Privacy Policy

Impressum I Privacy Policy

Imprint:

Step Forward together e.V.
Postfach 400167
80701 München
Germany

Date of Foundation: 13.07.2023
Board: Faudhia Soeder, Mareike Thiedeitz, Eva Jägle
Tax ID: 143/222/40059, Finanzamt München

Contact: info (at) stepforward-together.org

Private Policy

This privacy policy clarifies the nature, scope and purpose of the processing of personal data (hereinafter referred to as ‘data’) within our webpage and the associated websites, functions and content as well as external online presences, such as our social media profile. With regard to the terms used, such as ‘processing’ or ‘controller’, we refer to the definitions in Art. 4 of the General Data Protection Regulation (“Datenschutzgrundverordnung, DSGVO”).

Copyright and Usage

Users are granted the right to make a personal copy of the website content. Modifying, redistributing, or publishing this content without permission is not allowed.

Liability Disclaimer

The content on this website has been carefully reviewed and created to the best of our knowledge. However, we make no guarantee as to the accuracy, completeness, quality, or currency of the information. We are not liable for any damages that may arise from using or trusting this information.

Types of processed data

• Inventory data (e.g., names, addresses).
• Contact data (e.g., e-mail, telephone numbers).
• Content data (e.g., text entries, photographs, videos).
• Usage data (e.g., websites visited, interest in content, access times).
• Meta/communication data (e.g., device information, IP addresses).

External links

We are not responsible for the content on external sites linked from our website.

Privacy Statement

Controller
The controller for data protection purposes under the DSGVO is:
Step Forward together e.V.
Mareike Thiedeitz
Postfach 400167
80701 München
Germany

Your Data Rights

You can exercise the following rights at any time using the contact information above:

• Access: Request information about your stored data and how it’s processed (Art. 15 DSGVO).
• Rectification: Request correction of inaccurate data (Art. 16 DSGVO).
• Erasure: Request deletion of your data (Art. 17 DSGVO).
• Restriction: Request a restriction on data processing where deletion is not possible (Art. 18 DSGVO).
• Objection: Object to data processing (Art. 21 DSGVO).
• Data Portability: Request a copy of your data in a structured, machine-readable format (Art. 20 DSGVO).

If you’ve given consent for data processing, you can withdraw it at any time. You may also lodge a complaint with the relevant supervisory authority.

Data Collection Upon Website Visit

Processing Type and Purpose
When visiting our website without registering or providing additional information, certain data is automatically collected. This data (server log files) includes details such as the browser type, operating system, IP address, and more. This data is processed to:

• Ensure website connectivity,
• Facilitate website usability,
• Analyze system stability, and
• Support administrative purposes.

We do not use this data to identify individual users and may analyze it to improve site functionality.

Legal Basis
Processing is based on our legitimate interest in improving website stability and functionality (Art. 6(1)(f) GDPR).

Recipients
Technical service providers may have access to this data as processors to support website maintenance.

Retention Period
Data is deleted when it is no longer necessary for the purposes of collection, typically at the end of each session.

Security measures

We take appropriate technical and organisational measures in accordance with Art. 32 DSGVO, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, in order to ensure a level of security appropriate to the risk.

The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, disclosure, safeguarding of availability and separation of the data. We have also set up procedures to ensure that data subjects’ rights are exercised, data is deleted and we respond to data threats. Furthermore, we take the protection of personal data into account as early as the development and selection of hardware, software and processes, in accordance with the principle of data protection through technology design and data protection-friendly default settings (Art. 25 DSGVO).

Cookies

Processing Type and Purpose
Our website uses cookies to enhance navigation and display. Cookies are text files saved on your device, helping us understand user preferences. These cookies do not run programs or transfer viruses to your device.

You can configure your browser to disable cookies, though some features on our website may be limited as a result.

Retention Period and Cookie Types
You can manage and delete cookies in your browser settings. Instructions are available here:

• Mozilla Firefox: Firefox Cookie Management
• Google Chrome: Chrome Cookie Management

Contact Form

Processing Type and Purpose
Data entered into our contact form is stored for individual communication purposes. A valid email address and name are required for response. Additional information is optional.

Legal Basis
Processing is based on legitimate interest (Art. 6(1)(f) DSGVO).

Retention Period
Data from contact forms is stored until the inquiry is resolved and deleted six months afterward.

Newsletter

Processing Type and Purpose
We may use your email to send a newsletter with updates and relevant information. Upon subscription, we use a double opt-in process to confirm your registration. You can unsubscribe anytime via the link in each newsletter or by contacting us.

Legal Basis
Based on consent (Art. 6(1)(a) DSGVO).

Google Analytics

Processing Type and Purpose
This website uses Google Analytics, a web analysis service from Google LLC. Data is anonymized and used to analyze website traffic. You can disable Google Analytics by installing the browser plugin linked below: Google Analytics Opt-Out.

Legal Basis
Consent (Art. 6(1)(a) GDPR).

SSL Encryption

We use SSL encryption for security and data protection on this website.

Policy Changes

We reserve the right to update this privacy policy as needed.

Transfers to third countries

If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of the use of third-party services or disclosure or transfer of data to third parties, this will only take place if it is done to fulfil our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests.

Subject to legal or contractual authorisations, we only process or have the data processed in a third country if the special requirements of Art. 44 et seq. GDPR are met.

This means, for example, that the processing takes place on the basis of special guarantees, such as the officially recognised determination of a level of data protection corresponding to the EU (e.g. for the USA through the ‘Privacy Shield’) or compliance with officially recognised special contractual obligations (so-called ‘standard contractual clauses’).