Privacy Policy

Responsible party

The organsization responsible within the meaning of the General Data Protection Regulation Art. 4 No. 7 GDPR and other national data protection laws of the member states as well as other data protection regulations is:

BDSM Berlin e.V.
Postfach 2 13 61
10125 Berlin

Phone: +49 30 555 72 150
E-mail: info@bdsm-berlin.de

Authorized board members: Thorsten Just, Henryk Plötz

We are not obliged to appoint a data protection officer.

Type and scope of data processing

Website Provision: Processing of Access Data

We generally process users' personal data only to the extent necessary for providing a functional website and its content and services. You can therefore visit the website without providing any personal information. Only the following access data is stored in so-called server log files:

  • Referrer (previously visited website)
  • Requested website or file
  • Browser type and version
  • Operating system used
  • Device type used
  • Time of access
  • IP address in anonymized form

This data is used exclusively for:

  • Ensuring smooth operation
  • Providing a seamless connection to the website,
  • Ensuring convenient use of our website,
  • Defending against attacks on our website and our IT system, and
  • Evaluating system security and stability.

The legal basis for data processing is Article 6 Paragraph 1 Sentence 1 lit. f GDPR. Our legitimate interest arises from the data collection purposes listed above. Under no circumstances will we use the collected data to draw conclusions about your identity. The data stored in the server logs may be reviewed by technical service providers who act as data processors for the operation and maintenance of the website. Beyond this, it will not be transmitted to third parties.

Right to object and erasure

The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Consequently, users have no right to object.

 

When you contact us: Data processing to handle your inquiries

a) Via contact form

A contact form is available on the website, which can be used for electronic communication. If a user takes advantage of this option, the data entered in the input fields will be transmitted to us and stored. The following data is mandatory: (Nick) name and email address. Further information is optional.

At the time the message is sent, the following data is also stored: date and time of sending. Your consent for the processing of this data is obtained during the sending process, and you are referred to this privacy policy.

This data is processed only for this correspondence with you and for the purpose for which you provided us with the data in the context of this communication, such as processing your inquiry or responding to your request to contact you. In this case, the processing of personal data is carried out with your consent and on the basis of Art. 6 Para. 1 a GDPR. In this context, the data will not be disclosed to third parties.

If the contact via the form aims at concluding a contract, the additional legal basis for processing is Article 6(1)(b) GDPR.

b) Via Email

We collect the personal data that you voluntarily provide when contacting us by email.

This data is processed only for this correspondence with you and for the purpose for which you provided the data to us in the context of this communication, such as processing your inquiry or contacting you at your request. In this case, the processing of personal data is based on your consent and Article 6(1)(a) GDPR. The data will not be disclosed to third parties in this context.

If the email contact aims at concluding a contract, the additional legal basis for processing is Article 6(1)(b) GDPR.

c) Via Appointment Entry

A form is available on the website where users can submit an entry for the appointment calendar. If a user takes advantage of this option, the data entered in the input form will be transmitted to us and stored. The user decides which data is subsequently published. Separate information regarding name and email address is provided for internal contact purposes. This information is used internally only for follow-up questions and is not shared with third parties.

At the time the entry is submitted, the following data is also stored: date and time of submission. Your consent for the processing of this data is obtained during the submission process, and you are referred to this privacy policy. In this case, the processing of personal data is based on your consent and on Article 6 Paragraph 1 a GDPR.

d) Mailing List Subscription

A form is available on the website to subscribe to our mailing list. If a user chooses to subscribe, the data entered in the input form will be transmitted to us and stored in the mailing list.

The following data will also be stored at the time the message is sent: date and time of sending. Your consent for the processing of this data will be obtained during the sending process, and you will be referred to this privacy policy.

At the end of each mailing and membership reminder, users will receive information and a direct option to unsubscribe from the list.

This data will only be processed for this correspondence with you and for the purpose for which you provided the data to us in the context of this communication. In this case, the processing of personal data is based on your consent and on Article 6 Paragraph 1 a GDPR. The data will not be shared with third parties in this context.

Data Deletion and Storage Period

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this is provided for by European or national legislation in regulations, laws, or other provisions to which the controller is subject. Data will also be blocked or erased when a storage period prescribed by the aforementioned regulations expires, unless further storage of the data is necessary for the conclusion or performance of a contract.

Right to Object and Erasure

Users have the right to withdraw their consent to the processing of their personal data at any time. If a user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued. To do so, please send an informal email to info@bdsm-berlin.de.

 

Cookies

We do not use cookies.

 

SSL Encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the inquiries you send to us. You can recognize an encrypted connection by the fact that the browser's address bar changes from "http://" to "https://" and by the lock symbol in your browser's address bar.
When SSL encryption is enabled, the data you send to us cannot be read by third parties.

Note for club members

Different processing and storage regulations may apply to club members. Members will be informed of these separately when their membership application is processed. Personal data will not be shared with third parties.

Rights of the data subject

If your personal data is being processed, you are a data subject within the meaning of the GDPR and have the following rights against the controller:

  1. Right of access

You can request confirmation from the controller as to whether personal data concerning you is being processed by us.

If such processing is taking place, you can request the following information from the controller:

(1) the purposes for which the personal data is being processed;
(2) the categories of personal data being processed;
(3) the recipients or categories of recipients to whom the personal data concerning you has been or will be disclosed;
(4) the planned duration for which the personal data concerning you will be stored, or, if specific information on this is not possible, the criteria used to determine that storage period;
(5) the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller, or a right to object to such processing;
(6) the right to lodge a complaint with a supervisory authority;
(7) all available information about the source of the data if the personal data are not collected from the data subject;
(8) the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and – at least in those cases – meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

  1. Right to rectification

You have the right to rectification and/or completion from the controller if the processed personal data concerning you are inaccurate or incomplete. The controller must carry out the rectification without undue delay.

  1. Right to restriction of processing

Under the following conditions, you may request the restriction of processing of your personal data:

(1) if you contest the accuracy of your personal data for a period enabling the controller to verify its accuracy;
(2) if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;
(3) if the controller no longer needs the personal data for the purposes of the processing, but you require it for the establishment, exercise, or defense of legal claims; or
(4) if you have objected to processing pursuant to Article 21(1) GDPR pending the verification of whether the legitimate grounds of the controller override your grounds.

If the processing of your personal data has been restricted, this data – apart from being stored – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

  1. Right to Erasure

a) Obligation to Erase

You have the right to request that the controller erase personal data concerning you without undue delay, and the controller is obligated to erase such data without undue delay where one of the following grounds applies:

(1) The personal data concerning you are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
(2) You withdraw your consent on which the processing is based according to point (a) of Article 6(1) or point (a) of Article 9(2) of the GDPR, and there is no other legal ground for the processing.
(3) You object to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) of the GDPR.
(4) Your personal data has been unlawfully processed.
(5) The erasure of your personal data is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.

b) Exceptions

The right to erasure does not apply to the extent that processing is necessary:

(1) for exercising the right of freedom of expression and information;
(2) for compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) for reasons of public interest in the area of ​​public health in accordance with Article 9(2)(h) and (i) as well as Article 9(3) GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes pursuant to Article 89(1) GDPR, insofar as the right referred to in point (a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
(5) for the establishment, exercise, or defense of legal claims.

  1. Right to be informed

If you have asserted your right to rectification, erasure, or restriction of processing against the controller, the controller is obliged to communicate any rectification, erasure, or restriction of processing to each recipient to whom the personal data concerning you have been disclosed, unless this proves impossible or involves disproportionate effort.

You have the right to be informed by the controller about those recipients.

  1. Right to Data Portability

You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, where:

(1) the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR; and
(2) the processing is carried out by automated means.

In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. The rights and freedoms of other persons must not be adversely affected by this.

The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

  1. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) of the GDPR, including profiling based on those provisions.

The controller will no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims.

Where personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.

  1. Right to withdraw your consent to data processing

You have the right to withdraw your consent to data processing at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

You have the right to withdraw your consent to data processing at any time.

  1. Automated decision-making in individual cases, including profiling

We do not use automated decision-making, including profiling.

  1. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority (https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html), in particular in the Member State of your habitual residence, your place of work, or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant of the progress and outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 GDPR.

Scroll to Top