Data protection information for website visitors

We, the Jugend- und Freizeiteinrichtungen des Landkreises Kassel, will treat your personal data confidentially in compliance with data protection regulations. Regardless of how you come into contact with us, we would like to explain to you below how we process your data and ensure that it is protected.

  1. General information on data processing

Data controller

The entity responsible for data processing is:

Jugend- und Freizeiteinrichtungen des Landkreises Kassel

Wilhelmshöher Allee 19-21

34117 Kassel

 

Contact:

Tel.: 0561/1003-1150

info@jufkk.de

Data Protection Officer

If you have any questions regarding data protection, please contact our data protection officer at jufkk@dsb-moers.de. Further contact information can be found at www.dsb-moers.de.

Purposes and legal bases of the data processing

The purposes of data processing by the Jugend- und Freizeiteinrichtungen des Landkreises Kassel are providing services, fulfilling contractual as well as legal obligations and offering information about our services in addition to enabling users to contact us.

Moreover, personal data is processed according to one of the following legal bases:

  • Art. 6 (1) (a) GDPR for the processing of personal data with the consent of the data subject.
  • Art. 6 (1) (b) GDPR for the processing of personal data necessary for the performance of a contract with the data subject as well as for taking appropriate steps prior to entering a contract.
  • Art. 6 (1) (c) GDPR for the processing of personal data necessary for compliance with a legal obligation to which we are subject under the applicable EU law or under the applicable law of a country in which the GDPR applies in whole or in part.
  • Art. 6 (1) (f) GDPR for the processing of personal data necessary for the protection of the legitimate interests pursued by us or by third parties, unless such interests are overridden by the fundamental freedoms and rights as well as the interests of the data subject. Legitimate interests are especially our commercial interest to inform about our services, to ensure information security and to enforce our own legal claims.

Data recipients

For our data processing, we use service providers which are bound to confidentiality and to data protection. These include in particular companies for technical support, hosting of servers, maintenance of software as well as external consultants. Data is only transferred to authorities in the event of overriding legal requirements. A transfer of data to third countries only takes place if the requirements from the provisions in Art. 44 et seq. GDPR are fulfilled.

Duration of storage and deletion of personal data

We process personal data only as long as it is necessary to achieve its purpose. After the processing purpose has ceased to exist, we retain the data in accordance with the legal retention periods and then delete it. Retention beyond this period only occurs in the event of an exception pursuant to Art. 17 (3) GDPR.

Your right to access, correction, erasure, objection and data portability

You can exercise your right to access, correction and erasure of data at any time. Simply contact us using one of the methods described above. If you wish to have your data deleted but we are still legally obligated to retain it, access to your data will be restricted (blocked). The same applies in the event of an objection. You can exercise your right to data portability, provided that the technical possibilities are available at the recipient and at our company.

Right to lodge a complaint

You have the option of lodging a complaint with a data protection supervisory authority at any time. The supervisory authority responsible for us is the Hesse Data Protection Officer, Gustav-Stresemann-Ring 1, 65189 Wiesbaden, telephone +49-611-1408-0, e-mail: poststelle(at)datenschutz.hessen.de.

Obligation to provide correct information

The use of our services and the fulfilment of contractual obligations is not possible without your correct information. You therefore have the obligation to provide us with correct information within the scope of your knowledge.

Currentness and amendment of this data protection notice

We reserve the right to amend the content of this data protection notice at any time. This usually occurs due to further development or adjustment of the services used. You can view the current data protection information on our website. Date of this statement: 24.10.2023.

  1. Data protection notice for website visitors

The purpose of the data processing on this website is to provide information about our services in addition to enabling users to contact us.

In providing our website, we comply with the requirements of the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (FDPA), the Telemedia Act (TMA) and the Telecommunications-Telemedia Data Protection Act (TTDPA).

When you visit the website, a connection is established with your browser. The following information is collected and stored temporarily in system files: IP address of your device, date and time of access, name and URL of accessed files, website from which access was made or from which you were directed to our site (referrer URL), browser used and, if applicable, the operating system of your device as well as the name of your provider.

The aforementioned data is processed by us for the purpose of ensuring a trouble-free connection as well as system security. The generated connection data is automatically deleted and is generally not retained for longer than seven days. If the website is improperly used, log data whose further storage is necessary for evidentiary purposes will be retained until the incident has been clarified.

Use of cookies

This website uses storage technologies ("cookies" and/or your browser's memory) to enable storage of your use of the website. The information generated by cookies about your usage behaviour on this website is used to evaluate visitor behaviour on the website and to improve the information we offer.

If cookies that are not necessary for the operation of the website are used, we ask for your consent in advance; the legal basis for the data processing is Art. 6 (1) (a) GDPR pursuant to Section 25 (1) of the TTDPA. The cookies will be deleted after 2 years. You can withdraw your consent at any time via the cookie settings. Alternatively, you can clear your cache in your browser settings to remove the cookies.

If the use of storage technologies on your end device is necessary for the functionality of the website, we use this technology based on our legitimate interests. The legal basis for data processing is then Art. 6 (1) (f) GDPR pursuant to Section 25 (2) No. 2 TTDPA. The cookies will be deleted after the end of the session. You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of this website. The data collection is anonymised; the collected data cannot be related to you personally.

Ihre Cookie-Einstellungen bearbeiten[A1] 

Contact form

If you write to us via our contact form, your data from the form will be processed to attend to your request. The legal basis for the data transfer to us is your consent in accordance with Art. 6 (1) (a) GDPR. You can withdraw your consent at any time with effect for the future. The data will then be deleted. If no further retention obligation arises from your request (e.g. in the case of an online order), the data will be deleted after three years. Your data will be forwarded internally to the responsible contact person for processing your request. Your data will not be transferred to third parties without your explicit consent.

Newsletter

The purpose of sending the newsletter is to inform you about our new products and services. Your consent is required to receive the newsletter, the legal basis for the data processing is Art. 6 (1) (a) GDPR. The data will not be transferred to third parties. When registering for the newsletter, the so-called double opt-in procedure is used; the request for the newsletter must be actively confirmed by you by clicking on the link in the e-mail sent to you. You can unsubscribe at any time by clicking on the "unsubscribe" link. You can also send us a request to unsubscribe via e-mail to the address above.

 

 

Google Maps

This website uses Google Maps, a service provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The legal basis for this processing is your consent according to Art. 6 (1) (a) GDPR pursuant to Art. 49 (1) sentence 1 (a) GDPR.

At least the IP address, URL (internet address) of our website and date/time of use are transmitted to Google. The possibility that this data might be transmitted to a Google server in the USA cannot be excluded. Data transfer to the USA only occurs if the requirements of Art. 44 et seq. GDPR are fulfilled. According to the European Commission, personal data transferred from the EU to US companies participating in the EU-U.S. Data Privacy Framework (DPF), including Google Inc., has been deemed reasonably secure.

As a visitor, you enter a direct user relationship with Google when using Google Maps. You can find more information on this in Google's detailed privacy policy at: https://www.google.com/policies/privacy.

Google Tag Manager

We use the Google Tag Manager from Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland ("Google") to manage the Google services on our site. No data processing is carried out by it.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The legal basis for this processing is your consent according to Art. 6 (1) (a) GDPR.

Google Analytics also uses "cookies", which are text files placed on your computer to help the website analyse how users use the site. The possibility that the data generated by the cookie about your use of this website might be transmitted to a Google server in the USA and stored there cannot be excluded. Data transfer to the USA only occurs if the requirements of Art. 44 et seq. GDPR are fulfilled. According to the European Commission, personal data transferred from the EU to US companies participating in the EU-U.S. Data Privacy Framework (DPF), including Google Inc., has been deemed reasonably secure. The IP address transmitted by your browser as part of Google Analytics will not be combined with other Google data. The user data will be deleted after 24 months at the latest.

You can revoke your consent at any time with effect for the future and prevent the use of data by Google if you download and activate the available browser plugin:

tools.google.com/dlpage/gaoptout.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of this website. Further information on data protection by Google can be found at: policies.google.com/privacy.

Integration of YouTube videos

We use YouTube, a service for embedding videos provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The legal basis for this processing is your consent according to Art. 6 (1) (a) GDPR. The YouTube content is only loaded after your approval. The YouTube videos are embedded with deactivated tracking functions in its code. Further information on this can be found in Google's detailed privacy policy at: www.google.com/policies/privacy/.

The possibility that this data might be transmitted to a Google server in the USA cannot be excluded. Data transfer to the USA only occurs if the requirements of Art. 44 et seq. GDPR are fulfilled.

When using this service, YouTube's terms of use apply. They can be found at: www.youtube.com/static.

Data security / encryption

This website uses "Hypertext Transfer Protocol Secure" (https). The connection between your browser and our server is encrypted.

  1. Data protection information for visitors of our Facebook Fan Page

Joint controllership

A Joint Controller Agreement (JCA) has been entered into with Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland which you can access here: https://www.facebook.com/legal/terms/dataprocessing

https://www.facebook.com/legal/terms/page_controller_addendum

Meta Platforms Ireland Ltd. assumes primary responsibility under the EU General Data Protection Regulation (GDPR).

To learn more about Facebook´s privacy policy, please visit: https://www.facebook.com/privacy/explanation

Purpose: Showcase the company and interact with our users

The purpose of data processing on our Facebook fan page is to provide information about our products and services in addition to enabling users to interact directly with us. The legal basis for the data processing is Art. 6 (1) (f) GDPR. Our legitimate interest is our commercial interest in sharing information with our users and being able to communicate with them.

If we publish images of individuals, this is done with consent (legal basis: Art. 6 (1) (a) GDPR), based on a contractual agreement (legal basis: Art. 6 (1) (b) GDPR) and in exceptional cases on the basis of legitimate interests (legal basis: Art. 6 (1) (f) GDPR) pursuant to Section 23 (1) No. 3 of the German law on copyright in works of art and photography.

Use of Facebook Insights

We place advertisements on Facebook and use Facebook Insights to evaluate the behaviour of our target group in the context of their interaction with our site. The precise targeting of advertising is a legitimate interest of our company (legal basis: Art. 6 (1) (f) GDPR). Facebook users are informed about this; the responsibility for such data collection lies primarily with Meta Platforms Ireland Ltd. Conflicting interests of users are not overriding (display of individual target group optimised advertising).

Third country transfer

The possibility that user data may be processed on systems outside the European Union/European Economic Area cannot be excluded. Data transfer to third countries only occurs if the requirements of Art. 44 et seq. GDPR are fulfilled. If you wish to exercise your rights against Meta Platforms Ireland Ltd., we will forward your request to them.

  1. Data protection information for visitors of our Instagram account

Joint controllership

Instagram is a service provided by Meta Platforms Ireland Ltd. A Joint Controller Agreement (JCA) has been entered into with Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland which you can access here:

https://www.facebook.com/legal/terms/dataprocessing

https://www.facebook.com/legal/terms/page_controller_addendum

Meta Platforms Ireland Ltd. assumes primary responsibility under the EU General Data Protection Regulation (GDPR).

You can find Instagram's privacy policy here: https://help.instagram.com/155833707900388/?helpref=hc_fnav&bc[0]=Instagram-Hilfe&bc[1]=Datenschutz%20und%20Sicherheitsbereich

Purpose: Showcase the company and interact with our users.

The purpose of data processing on our Instagram account is to provide information about our products and services in addition to enabling users to interact directly with us. The legal basis for the data processing is Art. 6 (1) (f) GDPR. Our legitimate interest is our commercial interest in sharing information with our users and being able to communicate with them.

Data will only be transferred to the authorities if overriding legal provisions apply.

If we publish images of individuals, this is done with consent (legal basis: Art. 6 (1) (a) GDPR), based on a contractual agreement (legal basis: Art. 6 (1) (b) GDPR) and in exceptional cases based on legitimate interest (legal basis: Art. 6 (1) (f) GDPR) pursuant to Section 23 (1) No. 3 of the German law on copyright in works of art and photography.

Use of Instagram Insights

We place advertisements on Instagram and use Instagram Insights to evaluate the behaviour of our target group in the context of their interaction with our site. The targeting of advertising is a legitimate interest of our company (legal basis: Art. 6 (1) (f) GDPR). Instagram users are informed about this; the responsibility for such data collection lies primarily with Meta Platforms Ireland Ltd. Conflicting interests of users are not overriding (display of individual target group optimised advertising).

Third country transfer

The possibility that user data may be processed on systems outside the European Union/European Economic Area cannot be excluded. Data transfer to third countries only occurs if the requirements of Art. 44 et seq. GDPR are fulfilled. If you wish to exercise your rights against Meta Platforms Ireland Ltd., we will forward your request to them.

  1. Data protection information for applicants

The purpose of the data processing is the initiation of employment relationships based on Art. 6 (1) (b), Art. 88 (1) GDPR pursuant to Section 26 of the Hessian Data Protection and Freedom of Information Act. Data will not be transferred to other companies.

Your data will be stored for the duration of the application process; if you take up employment with us, your application data will be stored by us for the duration of your employment. If your application is rejected, we keep your data for a period of 6 months and then delete it; for spontaneous applications or if you consent to us retaining the data for longer for potential future employment, we will retain your data until you withdraw your consent or for a maximum of two years.

  1. Data protection information for customers, interested parties and third parties

The purposes of the data processing are the preparation and execution of the contract for the purchase of our products and services on the basis of Art. 6 (1) (b) GDPR. When purchasing an annual pass, you will be asked for your consent to receive the newsletter. In our newsletters we inform you about events and activities at the zoo. You can unsubscribe at any time by clicking on the link at the end of the newsletter. A renewed subscription is possible via our website or by contacting our ticket office.

Your data will be stored for the duration of the contract. When the contractual relationship ends, we are obligated to keep the tax-relevant documents for 10 calendar years after the annual financial statement. The data will then be destroyed.

If you contact us and no contract is initiated, we process your data based on our legitimate interests pursuant to Art. 6 (1) (f) GDPR in order to organise our business operations. In doing so, we do not process any data without an overriding legitimate interest. Your data will be retained for the duration of the processing and deleted after the intended purpose has ceased to exist. If there are legal requirements, the data will be retained until the end of these requirements and then deleted.