Privacy Policy

We take the protection and security of your data very seriously and operate our websites in accordance with the applicable regulations on the protection of personal data and data security, in particular the provisions of the General Data Protection Regulation (2016/679/EU) (GDPR) and the German Telemedia Act (TMG).

At this point we would like to inform you of which data we process when you use our website, for what purpose and on what legal basis this is done, to whom we may make it available and what rights you have in this respect.

Usage notice

To use the website, consent to the use of cookies by external media (Google Maps) is essential. You can revoke settings made at any time. To do so, click on the button “Revoke cookie settings”.

  1. Scope, responsible party

This privacy policy applies to the Internet presence (“website“) accessible under the domain www.landsberg-kaufering-erinnern.de.

The Controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection legislation and other data protection provisions is the City of Landsberg am Lech

Katharinenstr. 1
86899 Landsberg am Lech, Germany
08191 – 128 197

presse@landsberg.de

2. Data Protection Officer

Contact details of the official Data Protection Officer for the city of Landsberg am Lech:

City of Landsberg am Lech
Katharinenstraße 1

86899 Landsberg am Lech, Germany

Data Protection Officer
08191/128-265

datenschutzbeauftragte@landsberg.de

3. General information on data processing

3.1 How do we collect your data?

On the one hand, your data is collected when you voluntarily provide it to us. This may be, for example, data that you enter in a contact form or that you send to us by email.

Other data is automatically collected by our IT systems when you visit the website (see section 4.2).

Use of the information provided on the website and the services offered there occurs on a voluntary basis. Automated decision making does not take place.

3.2 What do we use your data for?

Part of the data is collected in order to ensure error-free provision of the website. Other data may be used to analyse your user behaviour, but only in an anonymised form. The IP addresses are first anonymised and only then are they evaluated. After evaluation, the collected raw data is erased after 60 days. Further details are provided in Section 4.2 below (server log files).

We use the personal data that you actively provide to us (e.g. via an inquiry by email or a contact form) solely for the purpose of processing your inquiries. Data is processed for other purposes only if you have previously consented to the corresponding use or if we are entitled or obliged to process the data by virtue of a statutory provision.

3.3 Legal basis of the processing

Unless otherwise stated below, your personal data are processed within the scope of our public duties (Art. 4 (1) (2) Bavarian Data Protection Act (BayDSG) in conjunction with Art. 6(1) (e) in conjunction with Art. 6 (3) (1) GDPR). If you have consented to the data processing, the data processing is based on Art. 6 (1) (a) GDPR.

Data collection on our website, hosting

4.1 Hosting

This website is hosted on our behalf by an external service provider. This is currently OSN Online Service Nürnberg GmbH, Bucher Str. 78, 90408 Nuremberg, Germany. The personal data collected when you visit the website is stored anonymously on the servers operated by the hosting provider. The service provider contracted to host the Website will process your data in accordance with applicable data protection law and only to the extent necessary to fulfil the service provider’s performance obligations to us in connection with the hosting of the website and to comply with our instructions relative to such data, which is ensured by an unbroken chain of commission data processing agreements pursuant to Art. 28 (3) GDPR that have accordingly been concluded for this purpose with all companies participating in the data processing in connection with the website as (sub-)contract data processors.

4.2 Server log files

If you visit the website for purely informational purposes (i.e. without actively providing us with data, e.g. by sending us an email or using the contact form), we collect only the data that is technically required to enable you to visit the website and to ensure the stability and security of the IT systems we use. In addition, we use the data to optimise the website. The access logs of the web servers record which page requests have taken place and at what point in time. The access logs include the following data:

  •     (Anonymised) IP address
  •     Protected directory user
  •     Date and time of access
  •     Browser type/version and language
  •     Pages viewed
  •     Logs, access status/http status code, data volume
  •     The last website you visited (referrer)
  •     User agent,
  •     Host name accessed

Temporary storage of your IP address is necessary to enable delivery of the website to your terminal. The IP addresses are stored anonymously. To do this, the last three digits are removed, i.e. 127.0.0.1 becomes 127.0.0.*. IPv6 addresses are also anonymised. The anonymised IP addresses are kept for 60 days. Details of the protected directory user are anonymised after one day.  Error logs, which record faulty page accesses, are erased after seven days. In addition to the error messages, these include the accessing IP address and, depending on the error, the accessed website.

The mail logs for sending emails from the web environment are anonymised after one day and then retained for 60 days. Anonymisation removes all data concerning the sender/recipient etc. Only the data at the time of sending and the information concerning how the email was processed are retained (queue ID or not sent).

A personal evaluation and/or a consolidation of this data with other data sources are not carried out. The data will not be passed on to third parties.

4.3 Cookies

The website uses what are known as cookies. Cookies are small text files that are stored on your terminal with the aid of your browser. Cookies cannot execute programs or transfer viruses to your terminal. They are stored on your terminal either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically erased at the end of your visit. Permanent cookies remain stored on your terminal until you erase them yourself or until they are automatically erased by your web browser. In some cases, cookies from third-party companies may also be stored on your terminal when you enter our site (third-party cookies). These enable us or you to use certain services provided by the third-party company.

 

Cookies have various functions. Most of the cookies used on our website are technically necessary for the operation of our website or for the provision of the functionalities offered on our website, as certain website functions would not work without them. Other cookies are used to evaluate user behaviour or to display advertising.

 

You can set your browser so that you are informed of the setting of cookies and can allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general and activate automatic deletion of cookies when you close the browser. If cookies are deactivated, the functionality of the website may be limited.

For all cookies, by means of which personal data are processed and which are not technically necessary for provision of the website (e.g. cookies installed by third-party companies or cookies used for analysis purposes), we will inform you of this separately in this privacy policy and will use these cookies only with your prior consent (Art. 6(1) (a) GDPR). You can decide individually which types of cookies you want to accept or reject. In addition, you can withdraw your consent to use of cookies in whole or in part at any time and change your cookie settings. Withdrawal of your consent does not affect the lawfulness of the processing of your data carried out on the basis of your consent up to the withdrawal. More detailed information is provided in the cookie policy [please link to cookie settings here] .

4.4 Contact form

If you send us enquiries via the contact form, we will store the information you provide in the enquiry form, including the contact details you provide there, for the purpose of processing the enquiry. These data will not be passed on to third parties without your consent. The data you enter in the contact form will remain with us until you request that we erase it, withdraw your consent to storage, or until the purpose for storing the data no longer applies (e.g. after we have completed the processing of your inquiry). Mandatory statutory provisions – in particular retention periods – remain unaffected.

5. Data security

We take appropriate technical and organisational measures to ensure that the data collected in the course of using the website is protected against loss, incorrect changes or unauthorised access by third parties. Our security measures are continuously revised in line with technological developments and adapted accordingly.

For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, the website uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock icon in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

6. Plug-ins and tools

6.1 Matomo

The website uses the Matomo Open Source Web Analytics service. Matomo uses what are known as “cookies”. These are text files, which are stored on your computer and which allow an analysis of your use of the website. For this purpose, the information generated by the cookie about the use of this website is stored on our server. The IP address is anonymised before storage.

Matomo cookies remain on your terminal until you erase them.

The storage of Matomo cookies is based on Art. 6 (1) (a) GDPR (Consent).

The information generated by the cookie about the use of this website will not be passed on to third parties. You can prevent the use of cookies by using an appropriate setting in your browser software, although in this case it is possible that you will not be able to use all the functions of this website to their full extent.

If you do not agree with the storage and use of your data, you can deactivate storage and use here. In this case, an opt-out cookie will be stored in your browser, which prevents Matomo from storing usage data. If you erase your cookies, this will have the effect that the Matomo opt-out cookie will also be erased. The opt-out must be reactivated when you visit this website again.

Your visit to this website is currently recorded by Matomo Web Analytics. Deselect this checkbox for opt-out.

6.2 YouTube

We have embedded videos from the YouTube platform on our website, which are stored on https://www.YouTube.com and can be played directly from our website. These are all embedded in “enhanced privacy mode”, which means that no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos, will the necessary data (including the Internet address of the current page and the IP address of the user) be transmitted to YouTube. We have no influence on this data transmission.

The operator of YouTube is Google Ireland Limited Gordon House, Barrow Street, Dublin 4, Ireland.

When you visit one of our websites on which YouTube is integrated, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. Furthermore, YouTube may store various cookies on your terminal. These cookies allow YouTube to obtain information about visitors to this website. According to YouTube, this information is used to collect video statistics, improve the user experience and prevent fraud attempts, among other things. The cookies remain on your terminal until you erase them. If you are logged into your YouTube account, you allow YouTube to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account beforehand when you visit our website.

For more information on handling user data, please see YouTube’s privacy policy at: https://policies.google.com/privacy?hl=de.

Objection option: https://adssettings.google.com/authenticated

6.3 Google Maps

This website uses the Google Maps map service. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. This allows us to show you interactive maps directly on the website. When you first visit the website, Google Maps is disabled. A direct connection to Google’s servers is only established when you activate Google Maps for yourself. This prevents your data from being transferred to Google without your consent when you first visit the website. After activation, Google Maps will store your IP address. This is then usually transferred to a Google server in the USA and stored there. After the user has activated Google Maps, we have no influence on the transmission of data to Google. By activating Google Maps, you consent to the aforementioned data transmission to Google (legal basis is Art. 6 (1) (a) GDPR). If you do not consent to the transfer of data to Google, do not activate Google Maps; in this case you will not be able to use the map function provided by Google Maps.

More information on the handling of user data is provided in Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/.

Objection option: Opt out plug-in https://tools.google.com/dlpage/gaoptout?hl=de

6.4 Web fonts

The website uses so-called web fonts for uniform display of fonts, which are provided by Monotype GmbH, Werner-Reimers-Strasse 2-4, 61352 Bad Homburg, info[at]fonts[dot]com, Phone: +49 61 72 484-418, Fax: +49 61 72 484-499 (“fonts.com”). The web fonts we embed are hosted locally. However, your browser must establish a connection to a fonts.com server in order to determine access to the page and in order to assign this access to us as licensee. No personal data about you are processed. Only an anonymised project identification number for the web font and the URL of the page visited are collected in order to identify us as the licensee and in order to assign use of the web font to us as the licensee. For more information, please see the Monotype GmbH privacy policy at https://www.monotype.com/legal/privacy-policy/.

7. Our social media presence

7.1 Data processing by social networks

We maintain publicly accessible profiles on social networks. The individual social networks that we use are listed below.

As a rule, social networks, such as Facebook, Instagram etc., can analyse your user behaviour comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media presences triggers a number of processing operations that are relevant for data privacy.

Specifically:

If you are logged into your social media account and visit our social media presence on a social network, the operator of the social network in question can assign this visit to your account there. Your personal data may also be collected if you are not logged in or do not have an account with the respective social network. In this case, this data collection takes place, for example, via cookies that are stored on your terminal or by recording your IP address.

Assisted by the data collected in this manner, operators of the social networks can create user profiles, in which your preferences and interests are stored. In this way, you may be shown interest-based advertising within and outside of the respective social media presence. If you have an account with the relevant social network, interest-based advertising may be displayed on all devices, on which you are logged in or have been logged in. Please also note that we cannot track all processing on social networks. Consequently, depending on the provider, further processing operations may be carried out by the operators of the social networks. For further details, please refer to the Terms of Use and privacy policy of the respective social network.

7.2 Controller and assertion of rights

If you visit one of our social media sites, we are jointly responsible with the operator of the social network for the data processing operations triggered during this visit. You can, as matter of principle, assert your rights (access, rectification, erasure, restriction of processing, data portability and right to object) both against us and against the operator of the respective social network.

7.3 Storage period

The data that we directly collect via the social media presence will be erased from our systems as soon as the purpose for storing it no longer applies, you request us to delete it, withdraw your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on your terminal until you delete them. Mandatory statutory provisions – in particular retention periods – remain unaffected. We have no influence on the storage period of your data, which are stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. read their privacy policies, see below).

7.4 Social networks – details

  1. a) Facebook

We have a profile on Facebook. The provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. We have entered into an agreement with Facebook concerning joint processing (Joint Controllership) as defined in Art. 26 GDPR. This agreement sets out the data processing operations for which either we or Facebook are responsible when you visit our Facebook page. You can view this agreement at the following link:

https://www.facebook.com/legal/terms/page_controller_addendum.

You can adjust your advertising settings independently in your user account. To do so, click the following link and log in: https://www.facebook.com/settings?tab=ads. Details are provided in Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

  1. b) Twitter

We use the short message service Twitter. The provider is Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. You can adjust your Twitter privacy settings independently in your user account. To do so, click the following link and log in: https://twitter.com/personalization.

Details are provided in Twitter’s privacy policy https://twitter.com/de/privacy.

  1. c) Instagram

We have a profile on Instagram. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. Details on how Instagram handles your personal data are provided in Instagram’s privacy policy:

https://help.instagram.com/519522125107875.

8. Your rights

Insofar as we process personal data from you, you are entitled to the following rights as a data subject within the meaning of the GDPR:

8.1 Right of access

You can ask request confirmation as to whether we process personal data about you.

If this is the case, you can ask us for access to information about the following:

 

  • the purposes for which the personal data are processed;
  • the categories of personal data that are processed;
  • the recipients or categories of recipients to whom your personal data have been or are being disclosed; the planned duration of the storage of your personal data or, if specific information in this regard is not possible, criteria for determining the duration of storage;
  • the existence of a right to obtain rectification or erasure of personal data concerning you, a right to restrict processing on the part of the controller or a right to object to such processing;
  • the existence of a right to appeal to a supervisory authority;
  • all available information concerning the origin of the data, if personal data about you are not collected from yourself but from third parties.

You have the right to request information on whether personal data concerning you is transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

8.2 Right to object

If the processing of your personal data is based on Art. 6 (1) (f) or (e) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR provided that there are grounds for doing so that arise from your particular situation. Your personal data will then no longer be processed unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or unless the processing serves the purpose of asserting or defending legal claims.

8.3 Right to rectification

You have the right to rectification and/or completion if your personal data processed by us are inaccurate or incomplete. Should this be the case, we will make the rectification without delay.

8.4 Right to restrict processing

You may request the restriction of the processing of your personal data under the following conditions:

  • if you dispute the accuracy of your personal data for a period of time that allows us to verify the accuracy;
  • the processing is unlawful and you object to the erasure of your personal data and request instead the restriction of the use of the personal data;
  • we no longer need your personal data for the purposes of processing, but you need them for the establishment, exercise or defence of legal claims, or
  • if you have objected to the processing in accordance with Art. 21 (1) GDPR and it is not yet clear whether our legitimate grounds as Controller override your reasons as the data subject.

Where the processing of your personal data has been restricted, such data may be processed, with the exception of their storage, only with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of substantial public interest of the European Union or of a Member State.

If processing has been restricted in accordance with the above conditions, we will inform you of this before the restriction is lifted.

8.5 Right to erasure

Erasure obligation

You may request that we erase your personal data immediately if one of the following grounds applies:

  • your personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
  • if the processing was based on Art. 6 (1) (a) GDPR, you withdraw your consent and there is no other legal basis for the processing;
  • you object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to use of your personal data for advertising purposes pursuant to Art. 21(2) GDPR;
  • your personal data have been processed unlawfully;
  • the erasure of your personal data is necessary to comply with a legal obligation.

Exceptions

The right to erasure does not exist insofar as the processing is necessary

  • to exercise the right to freedom of expression and information;
  • to fulfil a legal obligation or to perform a task that is in the public interest;
  • for the establishment, exercise or defence of legal claims.

8.6 Right to appeal to the supervisory authority

In addition, there is a right to appeal to the Bavarian State Commissioner for Data Protection (Art. 77 GDPR). You can reach this person with the following contact information:

Postal address:

PO Box 22 12 19
80502 Munich, Germany

Address for visitors:

Wagmüllerstrasse 18
80538 Munich, Germany

089 212672-0
089 212672-50

poststelle@datenschutz-bayern.de

www.datenschutz-bayern.de

9. Amendment to our privacy policy

We reserve the right to adapt this privacy policy from time to time so that it always complies with current legal requirements or in order to implement changes in our offering in the privacy policy.