Data protection in the association according to the basic data protection regulation (DS-GVO)
The following privacy notices provide an overview of the collection and processing of your data. We at KLM take the protection of your personal data very seriously and process it in accordance with applicable legal data protection requirements. Personal data in the sense of this information is all information that may relate to your person. On the basis of the following information, we would like to inform you about the processing of your personal data by us. Further, we would like to give you an overview of your rights under data protection law. Which data is processed in detail and how it is used depends largely on the type of data or the performance of the service for the KLM Association.
1. RESPONSIBLE DATA PROTECTION SUPERVISOR
Responsible body is:
Verband für Kleine Münsterländer e.V
Dresdner Str. 19
You can reach our data protection officer at:
KLM Energie GmbH Datenschutzbeauftragter
2. SOURCE OF PERSONAL DATA
We process personally identifiable information that we receive from our members and prospects in the course of our relationship. Furthermore, we process – should this be necessary for the provision of our services – personal data that we legitimately gain from publicly available sources (eg JGHV) or that from other service providers Association for Small Münsterländer eV or from other third parties (eg. TG-Verlag).
3. CATEGORIES OF PERSONAL DATA PROCESSED
We process the following categories of personal data: Master data (eg name, address and date of birth), order data (eg examinations, certificates, reports, documentation, correspondence), data to fulfill our obligations (eg account data, Sales data and services), information about you, correspondence (eg correspondence with you), and other data comparable to the above categories.
4. PURPOSES FOR WHICH PERSONAL DATA SHOULD BE PROCESSED, AND LEGAL BASES OF PROCESSING
We process your personal data in compliance with the respectively applicable legal data protection requirements. Processing is lawful if at least one of the following conditions is met:
4.1 Consent (Article 6 (1) a GDPR)
The lawfulness of the processing of personal data is given with consent for processing for specified purposes (eg transfer of data to partners (eg institutes)) use of the data for statistical purposes). A given consent can be withdrawn at any time with effect for the future. This also applies to the revocation of declarations of consent, which were issued to us before the validity of the GDPR, ie before May 25, 2018.
4.2 For the fulfillment of contractual obligations or for the implementation of pre-contractual measures (Article 6 (1) (b) GDPR)
In order to fulfill our obligations to provide services to our members or to carry out actions that are requested, we process data. The purposes of data processing arise primarily from the concrete result and may include, but is not limited to, needs analysis and consulting. For further details on data processing purposes, please refer to the terms and conditions.
4.3 Due to legal requirements (Article 6 (1) c DSGVO) or in the public interest (Article 6 (1) e DSGVO)
The Association for Small Münsterländer e.V is subject to different legal obligations, which means legal requirements (eg Steuteuerrechtlichen storage regulations according to the Commercial Code and Tax Code.). Among the purposes of processing include the fulfillment of tax control and reporting obligations and also the risk assessment and control in the association.
4.4 In the context of the balancing of interests (Article 6 (1) f DSGVO)
If necessary, we process your data beyond the actual fulfillment of the tasks for the protection of legitimate interests of us or third parties. Examples:
- Advertising, market and opinion research, provided that you have not objected to the use of your data (eg videos, fan shop)
- Asserting legal claims and defense in legal disputes
- Prevention, education or prevention
- Ensuring IT security and IT operations
- Advice through and data exchange with credit bureaus to identify risks.
5. CATEGORIES OF RECIPIENTS OF PERSONAL DATA
Within the Association for Small Munsterlander e.V are the authorities authorized to perform the tasks as well as contractual and legal obligations. The Kleine Münsterländer e.V also has individual of the aforementioned processes and services performed by carefully selected and data protection compliant contracted service providers located in the EU. These are companies in the categories of IT services, payments, print service providers, billing, consulting and service providers, which we use in the context of order processing. With respect to the disclosure of data to other recipients, we may only disclose information about you if required by law, if you have consented or if we are authorized to disclose it. If these conditions are fulfilled, recipients of personal data and the like may be liable. a. be:
- Public bodies and institutions in the presence of a legal or regulatory obligation
- Other companies or similar entities to which we provide personal information (eg, publishers, institutes, credit bureaus) to conduct the business relationship with you.
- Other national groups within the main association.
In addition, other entities may be data recipients, provided that you have given us your consent to the data transmission.
6. INTENTION TO SUBMIT PERSONAL DATA TO A THIRD COUNTRY OR AN INTERNATIONAL ORGANIZATION
There is no active transfer of personal data to a third country or to an international organization.
7. CRITERIA FOR DETERMINING THE DURATION FOR WHICH PERSONAL DATA IS STORED
The criteria for determining the duration of the storage are determined after the end of the purpose and subsequent legal retention period. If the data is no longer required for the fulfillment of legal obligations, these are deleted on a regular basis, unless their – temporary and possibly restricted – further processing is necessary for the following purposes:
- Fulfillment of tax-related retention obligations: The Commercial Code (HGB) and the Tax Code (AO) must be mentioned.
- Thereafter, the retention or documentation periods are given up to 10 years.
- Preservation of evidence in the context of the statutory statute of limitations: According to §§ 195 ff. Of the Civil Code (BGB) the regular limitation period is 3 years, under special circumstances however up to 30 years.
- Compliance with telecommunications law storage requirements in accordance with the current Telecommunications Act (TKG) and other laws
- Historical data (eg Studbooks, certificates, publications)
8. DATA PROTECTION RIGHTS
Every interested party has the right to information under Article 15 GDPR, the right to a correction under Article 16 GDPR, the right to cancellation under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to object to Article 21 DSGVO and the right to data portability under Article 20 GDPR. With regard to the right to information and the right to erase, the restrictions under §§ 34 and 35 BDSG apply. In addition, there is a right of appeal to a competent data protection supervisory authority (Article 77 DSGVO in conjunction with Section 19 BDSG). You may revoke your consent to the processing of personal data at any time with effect for the future. This also applies to the revocation of declarations of consent that were issued to us prior to the validity of the General Data Protection Regulation, ie before 25 May 2018.
9. OBLIGATION TO PROVIDE AND POSSIBLE CONSEQUENCES OF NON-REPRODUCTION OF DATA
As part of our business relationship, you must provide the personally identifiable information necessary to be able to take up and perform a membership and perform the duties associated with it, or to collect it we are required by law. Without this information we will generally not be able to close or run a membership with you.
10. EXISTING OF AUTOMATED DECISION MAKING, INCLUDING PROFILING
In principle, we do not use automatic decision-making pursuant to Article 22 of the GDPR to justify and implement the business relationship.
RIGHT TO OBJECT
Information about your right of objection under Article 21 Data Protection Basic Regulation (DSGVO)
1. INDIVIDUAL RIGHT OF CONFLICT
You have the right at any time, for reasons arising out of your particular situation, to prevent the processing of personal data concerning you pursuant to Article 6 (1) (e) of the GDPR (Data Processing in the Public Interest) and Article 6 (1) (f) GDPR ( Data processing on the basis of a balance of interests) takes place, objecting; this also applies to one on this provision. within the meaning of Article 4 No. 4 GDPR. If you object, we will no longer process your personal information unless we can establish compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purposes of asserting, exercising or defending legal claims. The objection can be free of form and should be directed as far as possible to:
Verband für Kleine Münsterländer e.V Dresdner Str., 19 01774 Klingenberg