Data protection declaration

General information and obligatory information

Data protection

Protection and safety of your personal data are important to us. Your data is protected within the scope of the legal regulations. The following data protection declaration is to explain in detail which information we collect during your visit to our homepage and our applications, and which parts of and in which way such information is used.

Person responsible

stiftung elektro-altgeräte register
Represented by the Managing Director Vorstand Alexander Goldberg

Nordostpark 72
90411 Nuremberg

Tel: +49 91176665-0
Fax: +49 911 76665-99

  
www.stiftung-ear.de

Data protection officer of stiftung ear

We have appointed a data protection officer for our company

Mr Michael Pruß
 

The data protection officer is your contact to exercise your rights resulting from the data protection acts and is also available for further questions and information regarding the topic data protection at stiftung ear. 

Right to information

As a user of stiftung ear’s website you have the right, according to Article 15 DSGVO (data protection basic regulation), to receive information on the manner and scope of the data collected and processed during your visit to the website. This information is free of charge for you and is granted on application within the scope of your information interest. To do so, please contact our company’s data protection officer. 

Right to correction, block, or deletion

As far as the data concerning you is incorrect you have the right, according to Article 16 DSGVO, that this data be corrected, added to, according to your submitted information. If appropriate, you may be entitled to have it blocked or deleted, as long as this claim does not counteract any stiftung ear obligations. The demand to block or delete person-related data exists especially within the scope of the rights of revocation and objection.

Right of revocation 

As far  as processing of your data is based on your approval, you can revoke a given approval at any time according to Article 17 Section 1b) DSGVO. To do so, simply send an informal email to system@stiftung-ear.de. The legitimacy of the processing of your data until revocation remains unaffected.

Respective personal data is deleted immediately on revocation of the affected if storage is not necessary according to other legal regulations. 

Right of objection

As far as processing your data is necessary to perform a task that is in the public interest, or occurs while exercising public authority granted stiftung ear (Article 6 paragraph 1 e) DSGVO), or processing is necessary to retain the entitled interests of the responsible, or a third party, and thereby neither the interests, nor fundamental rights and fundamental freedoms of the affected person requiring protection of person-related data, prevail (Article 6 paragraph 1 e) DSGVO), the affected have the right, according to Article 21 section 1 DSGVO, to object to its processing.

The right to object towards a public authority does not exist according to § 36 BDSG (new), though, asfar  as there is a mandatory public interest for processing that prevails  the interests of the affected person, or there is a legal provision obligating to process the information. 

As far  as the public interest is not predominant, and there is no legal provision obligating stiftung ear to process, the respective data is immediately deleted after objection by the affected party according to Article 17 paragraph 1 c) DSGVO.

Right to limit processing

According to Article 18 paragraph 1 DSGVO, the affected person may have the right to limit processing under certain circumstances. This right exists especially in disagreement on the accurateness of the data, the lawfulness of processing, or respectively the ruling on objections of processing. 

Right of complaint

In cases of data protection right‘s violations, or irregularities regarding the observation of the affected’s rights, you are entitled to file a complaint with the respective supervisory authority. The responsible supervisory authority is the Bavarian State Authority for Data Protection Supervision (Bayerische Landesamt für Datenschutzaufsicht), or respectively, the Federal Commissioner for Data Protection and Freedom of Information (Bundesbeauftragte für den Datenschutz und die Informationsfreiheit).

Data collection on our web pages

Technical implementation

Our web server is operated by

stiftung elektro-altgeräte register
Nordostpark 72
90411 Nuremberg

Protocolling

When you call up this, or other web pages, from the domain stiftung-ear, you transmit data to our web server via your internet browser. Basis for data processing  is Article 6 paragraph  1 f) DSGVO. The data named below is recorded during a running connection for communication between your internet browser and our web server in a protocol file:

  • Date and time of the request
  • Name of the requested file
  • Page from which the file was requested (referrer)
  • Access state (file transferred, file not found, etc.)
  • Web browser and operation system used
  • Complete IP address of the requesting computer
  • Size of the requested file.

For technical protection reasons, especially to prevent attacks on our web server, we store this data and delete it after 24 hours at the latest. This data is exclusively used for this purpose and - in an anonymised form – for statistical purpose. A comparison/merger with other data pools, or disclosure to third parties, does not occur.

User behaviour evaluation (Web tracking systems)

Our internet pages use no programmes to evaluate your user behaviour.

Cookies

When you access the ear-Portal, the lists of registered producers and authorised representatives (or agents ), the collection and take-back sites , as well as the operators or first treatment facilities, as well as when you access the SOAP interface, as well as the web service interface for suppliers of producer guarantee systems in a browser, so-called session cookies are set to guarantee that the page works properly. These session cookies contain an ID that is used to keep up the user-related state of the application. These cookies are stored based on Article 6 Section 1 lit. f DSGVO, as they are necessary for the technically faultless accessibility of the web content. The session cookie is deleted when the browser is shut down. 

You can set up your browser in such a way that you are informed when cookies are set. You also have the option to only allow cookies in individual cases, as well as deny acceptance in certain cases or in general. Furthermore, you can have cookies automatically deleted when you shut down your browser. As far  as you have deactivated cookies, it may be possible that the web pages‘ functionality will be limited. 

Web analysis using Matomo

Scope of processing of personal data

We use the open-source-software-tool Matomo on our website to analyse our users’ surfing behaviour. If the user has expressly consented to this via the Consent Tool, cookies are stored by the software on the user's computer. If individual pages from our website are requested, the following data is stored:

  • The user’s IP address, shortened by the last two bytes (anonymised)
  • the requested subpage and date and time  of request
  • website from which the user accessed our website (referrer)
  • web browser and operating system used
  • screen resolution used
  • dtime spent on the website
  • pages that are requested from the requested subpage

The data collected using Matomo is stored on our own servers. It is not passed on to third parties. 

Legal basis

Legal basis for processing the users’ personal data is Article 6 paragraph 1 f) DSGVO.

Purpose of data processing

We require the data to analyse the users’ surfing behaviour and to receive information about the use of the individual components of the website.. This enables us to constantly optimise the website and its user-friendliness Our legitimate interest in accordance with Article 6 Paragraph 1 f) DSGVO is based on these purposes. By anonymising the IP address, we take care of the users’ interest to protect personal data. The data is never used to personally identify any user of the website, and is not  merged with  other data. 

Storage duration

The data is deleted as soon as it is no longer required to achieve the purpose for which they were collected.

Data protection information on the INFObrief

The contact details submitted within the scope of subscribing to the ear-INFObrief (first name, name, Email address) are only used to send this INFObrief. Processing of the data submitted within the scope of registration for the INFObrief is based on your approval (Article 6 paragraph 1 a) DSGVO.) You can object to the consignment at any time by clicking on the link to cancel the INFObrief in the INFObrief, or send us an appropriate message to system(at)stiftung-ear.de. If you do not click the ‘Activiation link’ for the INFObrief subscription, and when you cancel the subscription to the INFObrief, the contact data is deleted.

Data protection information for webinars with BigBlueButton

To be able to proceed with webinars and conferences via the internet, stiftung ear uses the software solution BigBlueButton by BigBlueButton Inc. An encrypted connection is set up between you and stiftung ear to hold a webinar. Webinars can be recorded to allow later postproduction by stiftung ear. Recordings, as well as names of participants, are not published or passed on to third parties, and are immediately deleted as soon as the purpose for storage is no longer existent. With webinars that are not recorded, names of participants are immediately deleted after the respective webinar has ended. 

Data protection information for the ear-Portal

Within the scope of tasks as Joint body for producers stiftung ear processes personal data with the help of the ear-Portals’ functionalities. Data processing in this context occurs based on the legal obligations of ElektroG which stiftung ear is subject to (Article 6 paragraph 1 c) DSGVO.) There is information on the purpose for, scope and duration of processing personal data in detail within the scope of using the ear-Portal in the appropriate places respectively. 

Data protection information for job applications

Collecting job application data serves to acquire personnel for stiftung ear and occurs based on Article 88 paragraph 1 DSGVO in connection with § 26 paragraph 1 clause 1 BDSG.

The information submitted to stiftung ear is treated confidentially and only passed on to employees in the company concerned with the respective job application procedure. Data is not used for any other issue, and is not passed on to third parties. 

stiftung ear collects and processes the following applicant data within the scope of job offers:

  • Title
  • First name
  • Family name
  • Address
  • Telephone number
  • Email address
  • Job application documents (reports, CV (curriculum vitae), and professional qualifications; each insofar as the data is stated in your application documents).

By sending job application documents, you automatically agree to be contacted and informed within the context of the job application procedure in writing, via email, or by telephone. 

No automatic decision is made. 

Your job application data is automatically deleted after a duration of 6 months after conclusion of the job application procedure for the respective position. Your job application data will be stored beyond conclusion of the job application procedure if stiftung ear has a justified interest to evaluate complaints or other legal means against a negative decision in the job application procedure that are possible within the complaint period and other limited periods. The deletion deadline also applies if you revoke your job application, or demand an immediate deletion of your job application data. 

Our social media presence

Data processing by social networks

We maintain publicly accessible profiles in social networks. You can find the individual social networks we use further below. 

Social networks, such as Facebook, Google+, etc., can generally comprehensively analyse your user behaviour if you visit their websites or a website with integrated social media contents (e.g. Like buttons, or advertising banners.) By visiting our social media presence, countless data protection relevant processing procedures are triggered. These are:

If you are logged in to your social media account and visit our social media presence, the operator of the social media portal can allocate this visit to your user account. Your personal data can also possibly be collected, though, if you are not logged in, or do not have an account with the respective social media portal. This data collection can occur, in this case for example, via cookies that are stored on your end device, or by registering your IP address. 

With the help of the data thus collected, the operators of the social media portals can create user profiles, in which your preferences and interests are stored. Thus, advertising fitting your interests can be presented both within and outside the respective social network. If you have an account in one of the respective social networks advertising fitting your interests can be presented  on all devices you are or were logged in to. 

Please also note that we cannot trace all processing procedures on social media portals. Depending on the supplier it is therefore possible that further processing procedures are performed by the operators of the social media portals. You can find more details on this topic in the  terms of use and data protection terms of the respective social media portals. 

Legal basis

Our social media activities are to ensure a presence on the internet as comprehensively as possible. This is a justified interest according to Article 6 paragraph 1 lit. f DSGVO. The analysing processes initiated by social networks can be based on deviating legal basis that are to be stated by the social network operators (e.g. Approval according to Article 6 paragraph 1 lit. a DSGVO).

Person responsible and enforcement of rights

When you visit one of our social media presentations (e.g. facebook), we, together with the operator of the social media platform, are responsible for the data processing procedures triggered by this visit. You can categorically assert your rights (information, correction, deletion, limitation of processing, data transferability and complaint) both against us, and also the operator of the respective social media portal (e.g. towards facebook). 

Please note, that despite the joint responsibility with the social media portal operators, we do not have complete influence on the data processing procedures of the social media portals. Our options are aligned mainly with the company policy of the respective supplier. 

Storage duration 

The data collected directly by us via the social media presence is deleted by our systems, as soon as the purpose for which they were collected ceases to exist, you demand us to delete it, you revoke your approval to store it, or the purpose for the data storage ceases to exist. Stored cookies remain on your end device until you delete them. Mandatory legal conditions – especially retention periods – remain unaffected.

We have no impact on the storage duration of your data stored by social network operators for their own purpose. For more information, please get in touch directly with the operators of the social networks (e.g. check their data protection declaration, see below).

Social networks in detail

Facebook

We have an agreement with facebook on a joint responsibility when processing data (Conntroller Addendum). In this agreement it is determined, for which data processing procedures we, or respectively facebook, is responsible when you visit our facebook fanpage. You can have a look at this agreement at the following link:

https://www.facebook.com/legal/terms/page_controller_addendum

You can adapt your advertising settings independently in your user account. To do so, click on the following link and log in:

https://www.facebook.com/settings?tab=ads

Find details in facebook’s data protection declaration:

https://www.facebook.com/about/privacy/

Instagram

We have an Instagram profile. Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA is the provider. You can find details on their treatment of your personal data in Instagram’s data protection declaration:

https://help.instagram.com/519522125107875

Youtube

We regularly publish informational videos via a youtube channel. The provider is Google Ireland Limited, Godon House, Barrow Street, Dublin 4, Ireland. You can find details on their treatment of your personal data in youtube’s data protection declaration:

https://policies.google.com/privacy

Every registered youtube user has the possibility to apply for a copy of their recorded data:

https://takeout.google.com/