Privacy policy
The controller within the meaning of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is
Berlin Governance Platform - BGP gGmbH
Pariser Platz 6 (Allianz Forum)
10117 Berlin/Germany
If you have any questions about data protection, please send an e-mail to the person responsible for data protection in our organisation: Datenschutz[at]governance-platform.org
Your rights as a data subject
You can exercise the following rights at any time using the contact details provided for our data protection officer:
If you have given us your consent, you can revoke it at any time with effect for the future.
You can contact the supervisory authority responsible for you at any time with a complaint. Your competent supervisory authority depends on the federal state of your place of residence, your work or the suspected violation. A list of supervisory authorities (for the non-public sector) with addresses can be found at here.
Purposes of data processing by the controller and third parties
We only process your personal data for the purposes stated in this privacy policy. Your personal data will not be transferred to third parties for purposes other than those stated. We only pass on your personal data to third parties if:
Deletion or blocking of the data
We adhere to the principles of data avoidance and data minimisation. We therefore only store your personal data for as long as is necessary to fulfil the purposes stated here or for the various storage periods stipulated by law. Once the respective purpose no longer applies or these periods have expired, the corresponding data is routinely blocked or deleted in accordance with the statutory provisions.
Collection of general information when visiting our website
When you access our website, information of a general nature is automatically collected by means of a cookie. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your internet service provider and similar. This is exclusively information that does not allow any conclusions to be drawn about your person.
This information is technically necessary in order to correctly deliver the website content requested by you and is mandatory when using the Internet. It is processed in particular for the following purposes:
The processing of your personal data is based on our legitimate interest from the aforementioned purposes for data collection. We do not use your data to draw conclusions about your person. Recipients of the data are only the controller and, if applicable, processors.
Anonymous information of this kind may be statistically evaluated by us in order to optimise our website and the technology behind it.
Cookies
Like many other websites, we also use so-called "cookies". Cookies are small text files that are transferred from a website server to your hard drive. This automatically provides us with certain data such as IP address, browser used, operating system and your connection to the Internet.
Cookies cannot be used to start programmes or transfer viruses to a computer. We can use the information contained in cookies to make navigation easier for you and to enable our web pages to be displayed correctly.
Under no circumstances will the data collected by us be passed on to third parties or linked to personal data without your consent.
Of course, you can also view our website without cookies. Internet browsers are regularly set to accept cookies. In general, you can deactivate the use of cookies at any time via your browser settings. Please use the help functions of your Internet browser to find out how to change these settings. Please note that individual functions of our website may not work if you have deactivated the use of cookies.
Contact form
For questions of any kind, please contact us by e-mail contact us, you give us your voluntary consent for the purpose of establishing contact. This requires you to provide a valid e-mail address. This is used to allocate the enquiry and subsequently answer it. The provision of further data is optional. The information you provide will be stored for the purpose of processing the enquiry and for possible follow-up questions. After your enquiry has been dealt with, your personal data will be automatically deleted.
Use of script libraries
In order to display our content correctly and graphically appealing across all browsers, we use script libraries and font libraries on this website, such as Google Webfonts. Google web fonts are transferred to the cache of your browser to avoid multiple loading. If the browser does not support Google web fonts or prevents access, content is displayed in a standard font.
Calling up script libraries or font libraries automatically triggers a connection to the operator of the library. It is theoretically possible - although it is currently unclear whether and for what purposes - that operators of such libraries collect data.
The privacy policy of the library operator Google can be found here.
Use of Google Maps
Our website uses Google Maps API to visualise geographical information. When Google Maps is used, Google also collects, processes and utilises data about the use of the map functions by visitors. You can find more information about data processing by Google in the Google data protection information. You can also change your personal data protection settings there in the data protection centre.
You can find detailed instructions on how to manage your own data in connection with Google products here.
Embedded YouTube videos
We embed YouTube videos on some of our websites. The operator of the corresponding plugins is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit a page with the YouTube plugin, a connection to YouTube servers is established. YouTube is informed which pages you visit. If you are logged into your YouTube account, YouTube can assign your surfing behaviour to you personally. You can prevent this by logging out of your YouTube account beforehand.
When a YouTube video is started, the provider uses cookies that collect information about user behaviour.
If you have deactivated the storage of cookies for the Google Ad programme, you will not have to expect any such cookies when watching YouTube videos. However, YouTube also stores non-personalised usage information in other cookies. If you wish to prevent this, you must block the storage of cookies in your browser.
Further information on data protection at YouTube can be found in the provider's privacy policy here.
Twitter
We have integrated functions and content of the Twitter service offered by Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. This may include, for example, content such as images, videos or texts and buttons with which users can express their favour regarding the content, subscribe to the authors of the content or our contributions. If the users are members of the Twitter platform, Twitter can assign the access to the above-mentioned content and functions to the user profiles there. Twitter is under the Privacy Shield Agreement certified and thus offers a guarantee of compliance with European data protection law:
Further information on data protection at Twitter can be found in the provider's privacy policy here.
Administration, financial accounting, office organisation, contact management
We process data as part of administrative tasks and the organisation of our business, financial accounting and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process as part of the provision of our contractual services. The processing bases are Art. 6 para. 1 lit. c. GDPR, Art. 6 para. 1 lit. f. GDPR. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in the processing lies in the administration, financial accounting, office organisation, archiving of data, i.e. tasks that serve to maintain our business activities, perform our tasks and provide our services. The deletion of data with regard to contractual services and contractual communication corresponds to the information specified in these processing activities.
We disclose or transmit data to the tax authorities, consultants, such as tax advisors or auditors, as well as other fee centres and payment service providers.
We also store information on suppliers, event organisers and other business partners on the basis of our business interests, e.g. for the purpose of contacting them at a later date. We generally store this data, most of which is company-related, permanently.
Provision of our statutory and business-related services
We process the data of our supporters, interested parties, event participants, customers or other persons in accordance with Art. 6 para. 1 lit. b. GDPR. GDPR if we offer them contractual services or as part of an existing business relationship. Otherwise, we process the data of data subjects in accordance with Art. 6 para. 1 lit. f. GDPR on the basis of our legitimate interests, e.g. in the case of administrative tasks or public relations work.
The data processed, the type, scope and purpose and the necessity of their processing are determined by the underlying contractual relationship. This generally includes inventory and master data of the persons (e.g., name, address, etc.), as well as contact data (e.g., e-mail address, telephone, etc.), contract data (e.g., services used, content and information provided, names of contact persons) and, if we offer services or products subject to payment, payment data (e.g., bank details, payment history, etc.).
We delete data that is no longer required for the fulfilment of our statutory and business purposes. This is determined according to the respective tasks and contractual relationships. In the case of business processing, we retain the data for as long as it may be relevant for business transactions and with regard to any warranty or liability obligations. The necessity of data retention is reviewed every three years; otherwise, the statutory retention obligations apply.
Data protection information in the application process
We process the applicant data only for the purpose and within the scope of the application procedure in accordance with the legal requirements. The processing of applicant data is carried out to fulfil our (pre-)contractual obligations in the context of the application procedure within the meaning of Art. 6 para. 1 lit. b. GDPR Art. 6 para. 1 lit. f. GDPR if the data processing becomes necessary for us, e.g. in the context of legal proceedings and additionally § 26 BDSG).
The application procedure requires applicants to send us their application data. The necessary application data is derived from the job descriptions and generally includes personal details, postal and contact addresses and the documents relating to the application, such as cover letter, CV and references. Applicants can also voluntarily provide us with additional information, such as writing samples.
By submitting their application to us, applicants consent to the processing of their data for the purposes of the application process in accordance with the type and scope set out in this privacy policy.
Insofar as special categories of personal data within the meaning of Art. 9 para. 1 GDPR are voluntarily communicated as part of the application process, their processing is also carried out in accordance with Art. 9 para. 2 lit. b GDPR (e.g. health data, such as severely disabled status or ethnic origin). Insofar as special categories of personal data within the meaning of Art. 9 para. 1 GDPR are requested from applicants as part of the application process, their processing is also carried out in accordance with Art. 9 para. 2 lit. a GDPR (e.g. health data if this is necessary for the exercise of the profession).
Applicants can send us their applications by e-mail. Please note, however, that e-mails are generally not sent in encrypted form and applicants must ensure that they are encrypted themselves. We can therefore accept no responsibility for the transmission path of the application between the sender and receipt on our server.
The data provided by applicants may be further processed by us for the purposes of the employment relationship in the event of a successful application. Otherwise, if the application for a job offer is unsuccessful, the applicant's data will be deleted. The same applies if an application is withdrawn.
Subject to a justified revocation by the applicant, the deletion will take place after a period of six months so that we can answer any follow-up questions regarding the application and fulfil our obligations to provide evidence under the Equal Treatment Act. Invoices for any reimbursement of travel expenses are archived in accordance with tax law requirements.
Contact us
When contacting us (e.g. by contact form, e-mail, telephone or via social media), the user's details are processed to process the contact enquiry and its handling in accordance with Art. 6 para. 1 lit. b) GDPR. The user's details may be stored in a customer relationship management system ("CRM system") or comparable enquiry organisation.
We delete the enquiries if they are no longer required. We review the necessity every two years; the statutory archiving obligations also apply.
Newsletter
With the following information we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedure and your rights of objection. By subscribing to our newsletter, you agree to receive it and to the procedures described.
Content of the newsletter: We only send newsletters, emails and other electronic notifications with advertising information (hereinafter "newsletter") with the consent of the recipient or with legal authorisation. If the content of the newsletter is specifically described when registering for the newsletter, it is decisive for the user's consent. Otherwise, our newsletters contain information about our services and us.
Double opt-in and logging: Registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registering you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that no-one can register with other people's e-mail addresses. Subscriptions to the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes storing the time of registration and confirmation as well as the IP address. Changes to your data stored by the mailing service provider are also logged.
Registration data: To register for the newsletter, it is sufficient to enter your e-mail address. Optionally, we ask you to enter a name so that we can address you personally in the newsletter.
The newsletter and the performance measurement associated with it are sent on the basis of the consent of the recipients in accordance with Art. 6 para. 1 lit. a, Art. 7 GDPR in conjunction with § 7 para. 2 no. 3 UWG or, if consent is not required, on the basis of our legitimate interests in direct marketing in accordance with Art. 6 para. 1 lt. f. GDPR in conjunction with. § 7 para. 3 UWG.
The registration process is logged on the basis of our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR. We are interested in using a user-friendly and secure newsletter system that serves both our business interests and the expectations of users and also allows us to provide proof of consent.
Cancellation/revocation - You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. We may store the unsubscribed e-mail addresses for up to three years on the basis of our legitimate interests before deleting them in order to be able to prove that consent was previously given. The processing of this data is limited to the purpose of a possible defence against claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time.
Newsletter data
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected, or only on a voluntary basis. We use the newsletter service providers described below to process the newsletter.
Brevo (formerly Sendinblue)
We use Brevo to send newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.
Brevo is a service that can be used to organise and analyse the sending of newsletters, among other things. The data you enter for the purpose of subscribing to the newsletter is stored on the servers of Sendinblue GmbH in Germany.
Data analysis by Brevo
With the help of Brevo, we are able to analyse our newsletter campaigns. For example, we can see whether a newsletter message has been opened and which links have been clicked on. In this way, we can determine, among other things, which links were clicked on particularly often.
Brevo also allows us to subdivide ("cluster") newsletter recipients according to various categories. The newsletter recipients can be categorised by age, gender or place of residence, for example. In this way, the newsletters can be better customised to the respective target groups.
Legal basis
The data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
Storage duration
The data you provide us with for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you unsubscribe from the newsletter.
After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.
Order processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which guarantees that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
For further information on the processing of your data and your rights under the GDPR, please contact us. Detailed information on the functions of Brevo can be found at the following link: Brevo privacy policy and Brevo Privacy Policy.
E-mail dispatch
We, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offer on the basis of our legitimate interests in the efficient and secure provision of our online offer in accordance with Art. 6 para. 1 lit. f GDPR in conjunction with Art. 28 GDPR. Art. 28 GDPR.
Collection of access data and log files
We, or our hosting provider, collect data on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR. GDPR, we collect data about every access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Log file information is stored for security reasons (e.g. to investigate misuse or fraud) for a maximum of 7 days and then deleted. Data whose further storage is required for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified.
Changes to our privacy policy
We reserve the right to amend this privacy policy so that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. The new privacy policy will then apply to your next visit.
The data protection declaration was created with the data protection declaration generator of activeMind AG and partially amended and supplemented by us.
↑
Berlin Governance Platform - BGP gGmbH, Pariser Platz 6, D - 10117 Berlin Registered office Berlin - AG Berlin-Charlottenburg - HRB 162500 B - Management: Daphne Büllesbach
