General
Compliance with data protection laws is not only a legal obligation of Inicheativ UG, Publishers of the Moving Woman Magazine Website but also an important factor of trust. With the following data protection provisions, we would therefore like to inform you transparently about the type, scope and purpose of the personal data we collect from you, how it is processed within this website and about your rights.
Responsibility for data processing
Inicheativ UG, Munich, Germany (hereinafter: “We”), is the operator of the Moving Woman Magazine website https://www.moving-woman, responsible in accordance with Art. 4 No. 7 of the EU General Data Protection Regulation (GDPR). If you have any questions, please get in touch with [email protected].
Data protection officer
According to Art. 37 GDPR in conjunction with § 38 BDSG, we are not obliged to appoint a data protection officer. If you have any questions about data protection and the assertion of your rights mentioned below, you can of course contact us at any time using the contact details given above.
Rights of those affected
YOUR RIGHTS AS A DATA SUBJECT
As a data subject, you have the following rights towards us with regard to your personal data. They have:
Method
If you assert your rights against us under the GDPR and the BDSG, we will process the data you have provided to us in order to fulfill your claim.
We then save the data you have sent to us and the data we have sent to you in return for the purpose of documentation until the statute of limitations period (3 years) expires.
The legal basis for the processing and storage of the data is Art. 6 Para. 1 S. 1 Letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from our obligation to respond to your request and the need to be able to relieve us of any potential fine proceedings by proving that we have properly complied with your request.
You can object to the processing of your data based on our legitimate interest at any time under the conditions of Art. 21 GDPR. Please use the contact details given in the imprint. However, we would like to point out that the processing of your data to prove compliance with the rights of the data subject is mandatory within the meaning of Art. 21 Para. 1 GDPR, since other means of proof do not exist or are not equally suitable.
Data protection measures
We secure our website and other systems – and thus also your data – with technical and organizational measures against loss, destruction, access, modification or distribution by unauthorized persons. In particular, your personal data is encrypted and transmitted over the Internet. We use the coding system TLS (Transport Layer Security). However, the transmission of information via the Internet is never completely secure, which is why we cannot guarantee the security of the data transmitted from our website 100%.
Modalities of data processing
Sources and categories of personal data
We process your personal data insofar as they are necessary for the establishment, content or modification of a contractual relationship between us and you (inventory data). Inventory data can be in particular: name, title, contact details (postal address, telephone, email address), date of birth etc.
We also process your usage data. Usage data is data that arises from your behavior when using our website and our services, in particular your IP address, the start and end of your visit to our website and information about what content you have accessed on our website.
We collect the data mentioned either directly from you (e.g. by visiting the website) or, insofar as this is permissible under data protection laws, from third parties or from publicly accessible sources (e.g. commercial and association registers, press, media, internet).
Data transmission to third countries outside the EU
All information that we receive from or about you is generally processed on servers within the European Union. Your data will only be transmitted to or processed in third countries without your express consent, provided that this is provided for or permitted by law and that an adequate level of data protection is ensured in the third country.
Forwarding of data, order data processing
We never pass on your personal data to third parties without authorization. However, we can pass your data on to third parties in particular if you have given your consent to the transfer of data, if the transfer is necessary to fulfill our legal obligations or if we are entitled or obliged to transfer data due to legal regulations or official or judicial orders. In particular, this can be the provision of information for purposes of law enforcement, security or to enforce intellectual property rights.
We may also transfer your data to external service providers who process data on our behalf and according to our instructions (processor) in order to simplify or relieve our own data processing. Each processor is bound by a contract in accordance with Art. 28 GDPR. In particular, this means that the processor has sufficient guarantees to ensure that suitable technical and organizational measures are carried out in such a way that processing is carried out in accordance with the requirements of the GDPR and the protection of your rights as a data subject is guaranteed. Despite commissioning processors, we remain the responsible body for the processing of your personal data within the meaning of data protection laws.
Purpose of data processing
We only use the data for the purpose for which you collected the data. We can process the data for another purpose if this other purpose is not incompatible with the original purpose (Art. 5 Para. 1 lit. c) GDPR).
Storage period
Unless otherwise specified, we only store the data you have collected for as long as is necessary for the respective purpose, unless there are legal retention obligations to prevent deletion, e.g. from commercial law or tax law.
Individual processing activities
In the following we would like to show you as transparently as possible which data we process from you on which occasion, on which basis and for what purpose.
Server log files
Every time a website is called up and every time data is retrieved from a server, general information is automatically transmitted to the providing server. This data transfer is automatic and is a fundamental part of communication between devices on the Internet.
The data transmitted as standard include the following information: your IP address, product and version information about the browser used and the operating system (so-called user agent), the website from which your access took place (so-called referer), date and time of the Inquiry (so-called timestamp). In addition, the http status and the amount of data transferred are recorded as part of this request.
This information is logged by the server, stored in a table and stored there for a short time (so-called server log files). By analyzing these log files, we can identify and subsequently eliminate website errors, determine the load on the website at certain times and, based on this, make adjustments or improvements and ensure the security of the server by being able to track the IP address from which attacks running on our server.
Your IP address will only be saved for the duration of your use of the website and will then be deleted immediately or made partially unrecognizable by shortening it. The rest of the data is stored for a limited period of time (7 days).
The legal basis for the use of the server log files is Art. 6 para. 1 sentence 1 letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from the need for the operation and maintenance of our website, as we have explained above. You can object to the processing of your data based on our legitimate interest at any time under the conditions of Art. 21 GDPR. Please use the contact details given in the imprint. However, we point out in advance that the processing of your data in server log files is mandatory within the meaning of Art. 21 Para. 1 GDPR, otherwise the website cannot be operated at all.