Privacy Policy
Responsible party
The organsization responsible within the meaning of the General Data Protection Regulation Art. 4 No. 7 GDPR and other national data protection laws of the member states as well as other data protection regulations is:
BDSM Berlin e.V.
Tempelhofer Damm 141
12099 Berlin
Telefon: +49 30 555 72 150
E-Mail: info@bdsm-berlin.de
Authorized board members: Markus Kempken, Henryk Plötz
We are not obliged to appoint a data protection officer.
Type and scope of data processing
Provision of the website: processing of access data
In principle, we only process personal user data insofar as this is necessary to provide a functional website and the content and services. You can therefore visit the website without providing any information about yourself. Only the following access data is stored in so-called server log files:
- Referrer (previously visited website)
- Requested web page or file
- Browser type and browser version
- Operating system used
- Device type used
- Time of access
- IP address in anonymized form
These data are used exclusively for
- Ensuring trouble-free operation
- Ensuring a smooth connection to the website,
- Ensuring comfortable use of our website,
- Defense against attacks on our website and our IT system and
- Evaluation of system security and stability.
The legal basis for data processing is Art. 6 Para. 1 S. 1 lit. f GDPR. Our legitimate interest results from the data collection purposes listed above. In no case do we use the collected data for the purpose of drawing conclusions about you personally. The data stored in the server logs may be checked by technical service providers who act as processors for the operation and maintenance of the site. They will not be transmitted to third parties.
Opposition and removal option
The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no possibility of objection on the part of the user.
When contacting us: data processing to process your inquiries
a) Via contact form
There is a contact form on the website that can be used to contact us electronically. If a user uses this option, the data entered in the input mask will be transmitted to us and saved. These data are mandatory: name and email address.
At the time the message is sent, the following data is also saved: Date and time of sending. For the processing of the data, your consent is obtained during the sending process and reference is made to this data protection declaration.
These data are only processed for this correspondence with you and for the purpose for which you have given us the data in the context of this communication, e.g. to process your request or to contact you at your request. In this case, the processing of personal data takes place with your consent and on the basis of Art. 6 Para. 1 a GDPR. In this context, the data will not be passed on to third parties.
If the purpose of the contact form is to conclude a contract, then the additional legal basis for processing is Art. 6 Paragraph 1 lit.
b) Via email
We collect the personal data that you voluntarily provide to us when you contact us by email.
These data are only processed for the correspondence with you and for the purpose for which you have given us the data in the context of this communication, e.g. to process your request or to contact you at your request. In this case, the processing of personal data takes place with your consent and on the basis of Art. 6 Para. 1 a GDPR. In this context, the data will not be passed on to third parties.
If the aim of the email contact is to conclude a contract, the additional legal basis for processing is Art. 6 Para. 1 lit. b GDPR.
c) Via event entry
A form is available on the website in which users can submit an entry for the event calendar. If a user uses this option, the data entered in the input mask will be transmitted to us and saved. The user decides for himself which data will be published afterwards. There are separate details for name and email for internal contact. These are only used internally for communication with the user and are not passed on to third parties.
At the time the entry is sent, the following data is also stored: Date and time of sending. For the processing of the data, your consent is obtained as part of the sending process and reference is made to this data protection declaration. In this case, the processing of personal data takes place with your consent and on the basis of Art. 6 Para. 1 a GDPR.
d) Registration in the mailing list
A form is available on the website to subscribe to our mailing list. If a user uses this option, the data entered in the input mask will be transmitted to us and stored in the mailing list.
At the time the message is sent, the following data is also stored: Date and time of sending. For the processing of the data, your consent is obtained as part of the sending process and reference is made to this data protection declaration.
At the end of each mailing and membership reminders, users receive information and the direct option to unsubscribe from the list.
These data are only processed for this correspondence with you and for the purpose for which you have given us the data in the context of this communication. In this case, the processing of personal data takes place with your consent and on the basis of Art. 6 Para. 1 a GDPR. In this context, the data will not be passed on to third parties.
Data deletion and storage duration
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can be prolonged if this is required by the European or national law regulations, laws or other provisions to which the person responsible is subject. The data will be blocked or deleted if a storage period expires, unless there is a need for further storage of the data in order to conclude or fulfil a contract.
Opposition and removal option
The user has the option to revoke their consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data for further usage. In such a case, the conversation cannot be continued. To do this, send an informal e-mail to info@bdsm-berlin.de.
Plugins and embedded functions as well as content
We integrate functional and content elements into the online offer that are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). These are fonts (hereinafter uniformly referred to as "content").
The integration always presupposes that the third-party providers of this content process the IP address of the user, since without the IP address they would not be able to send the content to the user's browser. The IP address is therefore required for the display of this content or functions. We strive to only use content whose respective providers use the IP address solely to deliver the content. Additionally, the font is server-cached, so that not every access triggers a connection.
- Types of data processed: Usage data (e.g. websites visited, access times), meta / communication data (e.g. device information, IP addresses),
- Affected persons: Users (e.g. website visitors, users of online services).
- Purposes of processing: Provision of our online offer and user-friendliness, service.
- Legal basis: Legitimate interests (Art. 6 Para. 1 S. 1 lit. f. GDPR).
Cookies
We do not use cookies.
SSL encryption
This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the inquiries you send to us. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http: //" to "https: //" and by the lock symbol in your browser line.
If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
Note for club members
Different processing and storage regulations may apply to association members. Members will be informed about this separately when processing the membership application. There is no transfer of personal data to third parties.
Rights of the data subject
If your personal data is processed, you are affected within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:
1. Right to information
You can request confirmation from the person responsible as to whether personal data relating to you is being processed by us.
If this is the case, you can request the following information from the person responsible:
(1) the purposes for which the personal data are processed.
(2) the categories of personal data that are processed;
(3) the recipients or the categories of recipients to whom the personal data relating to you have been disclosed or are still being disclosed;
(4) the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the storage duration;
(5) the existence of a right to correction or deletion of personal data concerning you, a right to restriction of processing by the party responsible or a right to object to this processing;
(6) the right to lodge a complaint with a supervisory authority;
(7) all available information on the origin of the data if the personal data are not collected from the data subject;
(8) The existence of automated decision-making including profiling in accordance with Art. 22 Paragraphs 1 and 4 GDPR and - at least in these cases - meaningful information about the logic involved and the scope and intended effects of such processing for the person concerned.
2. Right to rectification
You have a right to correction and / or completion versus the person responsible if the processed personal data concerning you is incorrect or incomplete. The person responsible must make the correction immediately.
3. Right to restriction of processing
You can request the restriction of the processing of your personal data under the following conditions:
(1) if you dispute the correctness of the personal data concerning you for a period of time that enables the person responsible to check the correctness of the personal data;
(2) the processing is unlawful and you refuse to delete the personal data and instead request the restriction of the use of the personal data;
(3) the person responsible no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
(4) if you have objected to the processing in accordance with Art. 21 Paragraph 1 GDPR and it has not yet been determined whether the legitimate reasons of the person responsible outweigh your reasons.
If the processing of your personal data has been restricted, this data - apart from its storage - may only be used with your consent or for the establishment, exercise or defense of legal claims or to protect the rights of another natural or legal person or for reasons of important public interest processed by the Union or a Member State.
4. Right to deletion
a ) Deletion obligation
You can demand that the person responsible delete the personal data concerning you immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:
(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You revoke your consent on which the processing was based in accordance with Article 6 (1) (a) or Article 9 (2) (a) GDPR, and there is no other legal basis for processing.
(3) You object to the processing in accordance with Art. 21 Paragraph 1 GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing in accordance with Art. 21 Paragraph 2 GDPR.
(4) The personal data concerning you have been processed unlawfully.
(5) The deletion of your personal data is necessary to fulfil a legal obligation under Union law or the law of the member states to which the person responsible is subject.
b ) Exceptions
The right to deletion does not exist if processing is necessary
(1) to exercise the right to freedom of expression and information;
(2) To fulfill a legal obligation that requires processing under the law of the Union or of the member states to which the person responsible is subject, or to perform a task that is in the public interest or in the exercise of official authority that is transferred to the person responsible has been;
(3) for reasons of public interest in the area of public health in accordance with Art. 9 Paragraph 2 lit. h and i and Art. 9 Paragraph 3 GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes in accordance with Art. 89 Para. 1 GDPR, insofar as the right mentioned under section a) is likely to make the realization of the objectives of this processing impossible or seriously impair it,
(5) for the establishment, exercise or defense of legal claims.
5. Right to information
If you have asserted the right to correction, deletion or restriction of processing against the person responsible, the person responsible is obliged to comply with and to notify the recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort.
You have the right to be informed about these recipients by the person responsible.
6. Right to data portability
You have the right to receive the personal data concerning you, which you have provided to the person responsible, in a structured, common and machine-readable format. You also have the right to transfer this data to another person responsible without hindrance from the person responsible to whom the personal data was provided, provided
(1) the processing is based on consent in accordance with Art. 6 Paragraph 1 lit. a GDPR or Art. 9 Paragraph 2 lit. a GDPR or on a contract in accordance with Art. 6 Paragraph 1 lit. b GDPR and
(2) the processing is carried out using automated procedures.
In exercising this right, you also have the right to have your personal data transmitted directly from one person in charge to another person in charge, insofar as this is technically feasible. This must not impair the freedoms and rights of other people.
The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task that is in the public interest or takes place in the exercise of official authority that has been transferred to the person responsible.
7. Right of objection
You have the right, for reasons that arise from your particular situation, to object at any time to the processing of your personal data, which is based on Article 6 (1) (e) or (f) GDPR; this also applies to profiling based on these provisions.
The person responsible will no longer process the personal data concerning you unless he can prove compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If the personal data concerning you are processed in order to operate direct mail, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is connected to such direct advertising.
If you object to processing for direct marketing purposes, the personal data relating to you will no longer be processed for these purposes.
8. Right to revoke the data protection declaration of consent
You have the right to withdraw your declaration of consent under data protection law at any time. Revoking your consent does not affect the legality of the processing carried out on the basis of your consent up to the point of revocation.
9. Automated decision in individual cases including profiling
We do not use automated decision-making, including profiling
10. Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged violation, if you are of the opinion that the processing of your personal data is against violates the GDPR. For a list of German authorities please see https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
The supervisory authority to which the complaint was submitted informs the complainant of the status and the results of the complaint, including the possibility of a judicial remedy according to Art. 78 GDPR.