Privacy Policy

We assure you that all information will be handled in the strictest confidence and will not be made available to third parties without your consent.

Information on controller

For the content of the website www.karlsruhe-erleben.de, KME Karlsruhe Marketing und Event GmbH and KTG Karlsruhe Tourismus GmbH (for more information, see Legal) are joint controllers in accordance with Art. 26 GDPR.

We have defined in a transparent manner who is responsible for which obligation in accordance with the GDPR. You can request this breakdown at any time (see Contact).

In order to make it as easy as possible for you, the data subject, to make contact for the purposes of exercising your rights, the companies have established a joint contact for your concerns regarding data protection.

The contact for your rights is KME Karlsruhe Marketing und Event GmbH

Alter Schlachthof 11b
76131 Karlsruhe
Germany

info@karlsruhe-erleben.de

We take the protection of your personal data very seriously. We handle your personal data in strict confidence and in accordance with statutory data protection regulations, as well as this privacy policy. When you visit this website, various forms of personal data are collected. Personal data is data with which you can be personally identified. This privacy policy explains which data we collect and what we use it for. It also explains how and for what purpose this takes place.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

1. SSL / TLS encryption

This website uses SSL / TLS encryption for reasons related to security and to protect the transfer of confidential content, for example orders or enquiries, which you send to us as the website operator. You can recognise an encrypted connection in that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL / TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

2. Hosting and Content Delivery Networks (CDN) 

External hosting

This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster's servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website. The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR). Our hoster will only process your data to the extent necessary to fulfil its performance obligations and follow our instructions with regard to this data.

We use the following hoster:

land in sicht ag

Wiesentalstr. 5

79115 Freiburg

Conclusion of a contract for order processing

In order to guarantee data protection-compliant processing, we have concluded an order processing contract with our hoster.

3. Encrypted payment transactions on this website

Payment transactions via the popular payment methods (Visa/MasterCard, direct debiting) occur exclusively via an encrypted SSL / TLS connection. You can recognise an encrypted connection in that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

Where communication is encrypted, your payment data that you transmit to us cannot be read by third parties.

4. Data collection and processing when our site is accessed online

The provider of this website automatically collects and stores information in “server log files”, which your browser automatically transmits to us, including:

  • IP address of the requesting computer
  • Date and time of the access
  • Name and URL of the data accessed
  • Volume of data transferred
  • Identification data of the browser and operating system used
  • Referrer

The collected data is only used for statistical analysis and to make improvements to the website. It is not combined with other data sources. The IP addresses are deleted after seven days.

The basis for the data processing is Article 6(1) f) GDPR, which permits the processing of data for the purpose of performing a contract or for pre-contractual measures.

Registration on this website

You can register on this website in order to use additional functions on the site. We will only use the data you enter for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise we will reject the registration. In the event of important changes, for example to the scope of the offer or technically necessary changes, we will use the e-mail address provided during registration to inform you in this way. The data entered during registration is processed for the purpose of implementing the user relationship established by the registration and, if necessary, for the initiation of further contracts (Art. 6 para. 1 lit. b GDPR). The data collected during registration will be stored by us for as long as you are registered on this website and will then be deleted. Statutory retention periods remain unaffected.

5. Cookies

Our Internet pages use so-called "cookies". Cookies are small text files and do not cause any damage to your end device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or they are automatically deleted by your web browser.

In some cases, cookies from third-party companies may also be stored on your device when you visit our website (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function or the display of videos). Other cookies are used to evaluate user behaviour or display advertising. Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies, e.g. for the shopping basket function) or to optimise the website (e.g. cookies to measure the web audience) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified.

The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimised provision of its services. If consent to the storage of cookies has been requested, the cookies in question are stored exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR); consent can be revoked at any time. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

Insofar as cookies are used by third-party companies or for analysis purposes, we will inform you about this separately in the context of this privacy policy and, if necessary, request your consent.

Consent with Usercentrics

This website uses Usercentrics' consent technology to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document these in compliance with data protection regulations. The provider of this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, website: https://usercentrics.com/de/ (hereinafter referred to as "Usercentrics").

When you visit our website, the following personal data is transmitted to Usercentrics:

  • Your consent(s) or the revocation of your consent(s)
  • your IP address
  • Information about your browser
  • Information about your end device
  • Time of your visit to the website
  • Geolocation

Furthermore, Usercentrics stores a cookie in your browser in order to be able to allocate the consents given to you or their revocation. The data collected in this way is stored until you ask us to delete it, delete the Usercentrics cookie yourself or the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected. Usercentrics is used to obtain the legally required consent for the use of certain technologies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.

 

6. Eye Able Assist®

Eye-Able® is a software developed by Web Inclusion GmbH to ensure barrier-reduced access to information on the Internet for all people. The necessary files such as JavaScript, stylesheets and images are loaded from an external server. When functions are activated, Eye-Able uses the browser's local storage to save the settings. All settings are only saved locally and are not transmitted further. Eye-Able® uses the Content Delivery Network (CDN) of BunnyWay d.o.o. (Cesta komandanta Staneta 4A, 1215 Medvode, Slovenia) to ward off attacks and provide our service in near real time. It is used for the purpose of fulfilling the contract with our customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO). All transmitted data and servers remain in the EU at all times in order to enable data protection-compliant processing in accordance with the DSGVO. Web Inclusion GmbH does not record or analyse personal user behaviour or other personal data at any time. In order to ensure data protection-compliant processing, Web Inclusion GmbH has concluded order processing contracts with our hosters IONOS and BunnyWay.

Further information can be found in the privacy policy:

https://eye-able.com/datenschutz/

https://bunny.net/privacy

7. Simple Language

The automatic translation into simple language is an offer from Web Inclusion GmbH to ensure easy access to information on the Internet for everyone. The necessary files such as JavaScript, stylesheets, images and the translation are loaded from an external server. When functions are activated, the simple language uses the browser's local storage to save the settings. All settings are only saved locally and are not transmitted further. Eye-Able® uses the Content Delivery Network (CDN) of BunnyWay d.o.o. (Cesta komandanta Staneta 4A, 1215 Medvode, Slovenia) to ward off attacks and provide our service in near real time. It is used for the purpose of fulfilling the contract with our customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO). All transmitted data and servers remain in the EU at all times in order to enable data protection-compliant processing in accordance with the DSGVO. Web Inclusion GmbH does not record or analyse personal user behaviour or other personal data at any time. In order to ensure data protection-compliant processing, Web Inclusion GmbH has concluded order processing contracts with our hosters.

Further information can be found in the privacy policy:

https://eye-able.com/datenschutz/

8. Enquiry by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, your enquiry including all personal data (name, enquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested.

The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed).

Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

9. Contact form

If you send us requests using the contact form, your data from the request form, including the contact details that you specify in it, will be stored by us for the purpose of processing the request and for follow-up queries. We will not pass that data on without your consent.

The data entered in the contact form is therefore processed exclusively on the basis of your consent (Article 6(1) a) GDPR). You can withdraw that consent at any time. An informal notification sent to us by e-mail is sufficient for this. Such withdrawal does not affect the legality of the data processing processes that occurred before it.

The data entered by you in the contact form remains with us until you request its erasure or withdraw your consent to the storage or the purpose for the storage of data no longer applies (e.g. after the completion of the processing of your enquiry). Mandatory provisions of law, particularly statutory retention periods, remain unaffected.

10. Newsletter

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected, or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.

The data entered in the newsletter registration forms is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the cancellation.

The data you provide us with for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you unsubscribe from the newsletter or after the purpose no longer applies. We reserve the right to delete or block e-mail addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.

After you unsubscribe from the newsletter distribution list, your email address may be stored by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data.

This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.

11. Processing of data (customer and contract data)

We collect, process and use personal data only insofar as it is necessary for the establishment, content or amendment of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

We collect, process and use personal data about the use of our website (usage data) only insofar as this is necessary to enable the user to use the service or to bill the user.

The customer data collected will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.

12. Data transmission upon the conclusion of a contract for the online shop

We only transmit personal data to third parties if this is necessary in connection with the performance of the contract, for example to the companies responsible for delivering the goods or the bank commissioned to handle the payment. Further transmission of the data does not occur / only occurs if you have explicitly agreed to the transmission. Any disclosure of your data to third parties, for example for advertising purposes, will not occur without your explicit consent.

The basis for the data processing is Article 6(1) b) GDPR, which permits the processing of data for the purpose of performing a contract or for pre-contractual measures.

13. eCommerce and payment providers

Processing of data (customer and contract data)

We collect, process and use personal data only insofar as it is necessary for the establishment, content or amendment of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. We collect, process and use personal data about the use of this website (usage data) only insofar as this is necessary to enable the user to use the service or to bill the user. The customer data collected will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.

Data transmission upon conclusion of a contract for online shops, retailers and dispatch of goods

We only transfer personal data to third parties if this is necessary in the context of contract processing, for example to the companies entrusted with the delivery of the goods or the credit institution commissioned with payment processing. Any further transmission of data will not take place or will only take place if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes. The basis for data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

QuinBook booking system

KTG uses the booking system QuinBook of Woizzer AG, Singapurstraße 5, 20457 Hamburg/Germany ("QuinBook"). When the client makes a booking on the website, he agrees to the storage and processing of personal data by QuinBook. The personal data will be forwarded to QuinBook and processed. This storage and processing of data is done for the purpose of supporting and processing orders, authentication, processing payment transactions and improving QuinBook's services. Further information on terms of use and data protection and the possible commissioning of third parties for data processing by QuinBook can be found at: www.quinbook.com

Payment services

We integrate payment services from third-party companies on our website. When you make a purchase from us, your payment details (e.g. name, payment amount, account details, credit card number) are processed by the payment service provider for the purpose of payment processing. The respective contractual and data protection provisions of the respective providers apply to these transactions. The payment service providers are used on the basis of Art. 6 para. 1 lit. b GDPR (contract processing) and in the interest of a smooth, convenient and secure payment process (Art. 6 para. 1 lit. f GDPR). Insofar as your consent is requested for certain actions, Art. 6 para. 1 lit. a GDPR is the legal basis for data processing; consent can be revoked at any time for the future.

We use the following payment services / payment service providers on this website:

PayPal

The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”). Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://www.paypal.com/de/webapps/mpp/ua/pocpsa-full

Details can be found in PayPal's privacy policy:

https://www.paypal.com/de/webapps/mpp/ua/privacy-full 

Stripe

Services for payment by credit cards, instant transfer and Giropay are provided by Stripe, Inc., 185 Berry Street, Suite 550, San Francisco, CA 94107, USA. When using these services, Stripe collects, stores and processes personal data in accordance with the Stripe Terms of Use and is responsible for the lawful handling of it. Further information can be found in Stripe's privacy policy at https://stripe.com/de/privacy

ConCardis

Payment processing on our website is carried out via the payment service provider ConCardis. If you decide to pay by credit card from the payment service provider ConCardis, the payment will be processed via the payment service provider ConCardis GmbH, Helfmann-Park 7, 65760 Eschborn, to whom we will send the information you provided during the ordering process along with the information about your order in accordance with Art. 6 Para. 1 lit. b GDPR. Your data will be passed on exclusively for the purpose of processing payments with the payment service provider ConCardis and only to the extent that it is necessary for this purpose. Further information about ConCardis data protection can be found in the ConCardis data protection declaration: www.concardis.com/datenschutzerklaerung.

14. Use and Disclosure of Personal Information

Any use of your personal data will only be for the stated purposes and to the extent necessary to achieve these purposes. It will not be passed on to third parties. Personal data is only transferred to government institutions and authorities within the framework of mandatory national legal regulations or if the transfer is necessary for legal or criminal prosecution in the event of attacks on our network infrastructure. It will not be passed on for other purposes.

15. Analysis tools and advertising

15.1 Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior of website visitors.

The website operator receives various usage data, such as: E.g. page views, length of stay, operating systems used and origin of the user. This data is summarized in a user ID and assigned to the website visitor's respective device.

Furthermore, we can use Google Analytics, among other things. Record your mouse and scroll movements and clicks.

Furthermore, Google Analytics uses various modeling approaches to complement the data sets collected and uses machine learning technologies in data analysis.

Google Analytics uses technologies that enable user recognition for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transmitted to a Google server in the USA and stored there.

The use of this service is based on your consent in accordance with Article 6 Paragraph 1 Letter a GDPR and Section 25 Paragraph 1 TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the EU Commission's standard contractual clauses.

Details can be found here:

https://privacy.google.com/businesses/controllerterms/mccs/

The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information can be obtained from the provider using the following link:

Data Privacy Framework

Browser plugin

You can prevent Google from collecting and processing your data by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de

You can find more information about how Google Analytics handles user data in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de

Google signals

We use Google signals. When you visit our website, Google Analytics collects, among other things: Your location, search history and YouTube history as well as demographic data (visitor data). This data can be used for personalized advertising with the help of Google Signal. If you have a Google account, Google Signal's visitor data will be linked to your Google account and used for personalized advertising messages. The data is also used to create anonymized statistics on the user behavior of our users.

Google Analytics eCommerce tracking

This website uses the “E-Commerce Tracking” function from Google Analytics. With the help of e-commerce measurement, the website operator can analyze the purchasing behavior of website visitors to improve their online marketing campaigns. Information such as orders placed, average order values, shipping costs and the time from viewing a product to purchasing it are recorded. This data can be summarized by Google under a transaction ID that is assigned to the respective user or their device.

Storage period

User and event-level data stored by Google that is linked to cookies, user identifiers (e.g. UserID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) is anonymized after 2 months . deleted. Details can be found at the following link:

https://support.google.com/analytics/answer/7667196?hl=de 

Demographic characteristics in Google Analytics

This website uses the “demographic characteristics” function of Google Analytics to show website visitors appropriate advertisements within the Google advertising network. This allows reports to be created that contain information about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the section “Objection to data collection”.

IP anonymization

We have activated the “IP anonymization” function on this website. This means that your IP address will be shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area before it is transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not combined with other Google data.

Order processing

We have concluded a data processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Objection against data collection

You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this website.

You can find more information about how Google Analytics handles user data in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de

15.2 Facebook Pixels

Our website uses the visitor behaviour Pixel provided by Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) for conversion measurement, which enables the behaviour of visitors to a site to be tracked after they have been directed to the provider’s website by clicking a Facebook advertisement. As a result, the effectiveness of the Facebook advertisements can be analysed for statistical and market research purposes and future advertising measures can be optimised.

The collected data is anonymous for us as the operator of this website. We cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection with the respective user profile is possible and Facebook may use the data for its own advertising purposes, in accordance with Facebook’s data policy. As a result, Facebook can enable the display of advertisements on Facebook pages and also outside Facebook. We, as the website operator, have no influence on this use of the data.

You can find further information on the protection of your privacy in Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

You can also deactivate the remarketing function “Custom Audiences” in the ad settings area at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do so, you must be logged in to Facebook.

If you do not have a Facebook account, you can deactivate usage-based advertising by Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/uk/your ad choices/

15.3 Google Adwords and Google conversion tracking

This website uses Google AdWords. AdWords is an online advertising program provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

We use “conversion tracking” within the framework of Google AdWords. If you click an advertisement displayed by Google, a cookie will be installed on your computer for conversion tracking. Cookies are small text files which are cached on the user’s computer by the Internet browser. These cookies expire after 30 days and their purpose is not to personally identify the user. If the user visits certain pages of this website and the cookie has not yet expired, we and Google will be able to detect the fact that the user clicked the advertisement and was redirected to that page.

Each Google AdWords client receives a different cookie. The cookies therefore cannot be tracked using the websites of AdWords clients. The information obtained with the aid of the conversion cookie serves to prepare conversion statistics for AdWords clients who have decided to employ conversion tracking. The clients learn the total number of users who clicked their advertisement and were redirected to a page equipped with a conversion tracking tag. However, they receive no information that can be used to identify the users personally. If you do not wish to participate in tracking, you can easily object to such use by deactivating the Google conversion tracking cookie using your Internet browser under user settings. You will then not be included in the conversion tracking statistics.

The storage of conversion cookies occurs on the basis of Article 6(1) f) GDPR. The website operator has a legitimate interest in the analysis of user behaviour, for the purpose of optimising both its online service and its advertising.

You can find more information on Google AdWords and Google conversion tracking in Google’s privacy policy: https://www.google.de/policies/privacy/.

You can adjust your browser settings so that you are informed of the installation of cookies and can decide whether to accept them on a case-by-case basis, block the acceptance of cookies either for particular cases or in general or activate automatic deletion of the cookies when you close the browser. If you do deactivate cookies, the functionality of this website may be restricted.

16. Social media

16.1 Facebook-Plugin

Plugins from the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, are integrated into our pages. You can recognize the Facebook plugins by the Facebook logo or the “Like” button on our site. You can find an overview of the Facebook plugins here: https://developers.facebook.com/docs/plugins/

When you visit our pages, the plugin establishes a direct connection between your browser and the Facebook server. Facebook thereby receives the information that you have visited our site with your IP address. If you click the Facebook "Like" button while you are logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to assign your visit to our pages to your user account. We would like to point out that as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook. Further information can be found in Facebook's data protection declaration at: https://de-de.facebook.com/policy.php

If you do not want Facebook to be able to assign your visit to our pages to your Facebook user account, please log out of your Facebook user account.

16.2 Facebook-Pixel

This website uses Facebook visitor action pixels to measure conversions. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

However, according to Facebook, the data collected will also be transferred to the USA and other third countries. This allows the behavior of site visitors to be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of Facebook advertisements to be evaluated for statistical and market research purposes and future advertising measures to be optimized. The data collected is anonymous for us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook data usage guidelines. This allows Facebook to enable the placement of advertisements on Facebook pages as well as outside of Facebook. As the site operator, we cannot influence this use of data. The use of Facebook pixels is based on Art. 6 Para. 1 lit. f GDPR.

The website operator has a legitimate interest in effective advertising measures, including social media. If appropriate consent has been requested (e.g. consent to the storage of cookies), processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a GDPR; consent can be revoked at any time.

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381

The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information can be obtained from the provider using the following link:

Data Privacy Framework

To the extent that personal data is collected on our website using the tool described here and forwarded to Facebook, we and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Article 26 GDPR ). The joint responsibility is limited exclusively to collecting the data and passing it on to Facebook. The processing carried out by Facebook after the forwarding is not part of the shared responsibility. Our joint obligations have been set out in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum.  According to this agreement, we are responsible for providing data protection information when using the Facebook tool and for the data protection-safe implementation of the tool on our website.

Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly on Facebook. If you assert your data subject rights with us, we are obliged to forward these to Facebook.

You can find further information on protecting your privacy in Facebook's data protection information: https://de-de.facebook.com/about/privacy/.  You can also deactivate the “Custom Audiences” remarketing function in the ad settings area at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.  To do this you must be logged in to Facebook. If you don't have a Facebook account, you can deactivate Facebook's usage-based advertising on the European Interactive Digital Advertising Alliance website

16.3 Instagram

Functions of the Instagram service are integrated into this website. These functions are offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

If the social media element is active, a direct connection is established between your device and the Instagram server. Instagram thereby receives information about your visit to this website.

If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking on the Instagram button. This allows Instagram to assign your visit to this website to your user account. We would like to point out that as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Instagram.

If consent has been obtained, the above will be used. Service based on Article 6 Paragraph 1 Letter a GDPR and Section 25 TTDSG. Consent can be revoked at any time. Unless consent has been obtained, the use of the service is based on our legitimate interest in achieving the greatest possible visibility on social media.

To the extent that personal data is collected on our website using the tool described here and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing ( Art. 26 GDPR). The joint responsibility is limited exclusively to collecting the data and passing it on to Facebook or Instagram. The processing carried out by Facebook or Instagram after forwarding is not part of the shared responsibility. The obligations we share have been set out in a joint processing agreement. The text of the agreement can be found at: https://www.facebook.com/legal/controller_addendum

According to this agreement, we are responsible for providing data protection information when using the Facebook or Instagram tool and for the data protection-safe implementation of the tool on our website. Facebook is responsible for the data security of Facebook and Instagram products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook or Instagram directly on Facebook. If you assert your data subject rights with us, we are obliged to forward these to Facebook. Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here:

https://www.facebook.com/legal/EU_data_transfer_addendum 

https://privacycenter.instagram.com/policy/ 

and https://de-de.facebook.com/help/566994660333381 

Further information can be found in Instagram's privacy policy: https://privacycenter.instagram.com/policy/

The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information can be obtained from the provider using the following link:

Data Privacy Framework

16.4 X (formerly Twitter)

Functions of the service X (formerly Twitter) are integrated into this website. These functions are offered by the parent company X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland, is responsible for data processing of persons living outside the USA.

If the social media element is active, a direct connection is established between your device and the XServer. X (formerly Twitter) thereby receives information about your visit to this website. By using X (formerly Twitter) and the “Re-Tweet” or “Repost” function, the websites you visit are linked to your We would like to point out that, as providers of the pages, we have no knowledge of the content of the transmitted data or its use by X (formerly Twitter). Further information can be found in the privacy policy of X (formerly Twitter) at:

https://twitter.com/de/privacy

If consent has been obtained, the above will be used. Service based on Article 6 Paragraph 1 Letter a GDPR and Section 25 TTDSG. Consent can be revoked at any time. Unless consent has been obtained, the use of the service is based on our legitimate interest in achieving the greatest possible visibility on social media. Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here:

https://gdpr.twitter.com/en/controller-to-controller-transfers.html

You can change your data protection settings at X (formerly Twitter) in the account settings under

https://twitter.com/account/settings 

change.

16.5 Pinterest

On our site we use social plugins from the social network Pinterest, which is operated by Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103-490, USA ("Pinterest").

When you access a page that contains such a plugin, your browser establishes a direct connection to Pinterest's servers. The plugin transmits log data to Pinterest’s server in the USA. This log data may contain your IP address, the address of the websites visited that also contain Pinterest functions, the type and settings of the browser, the date and time of the request, how you use Pinterest and cookies.

Further information on the purpose, scope and further processing and use of data by Pinterest as well as your rights in this regard and options for protecting your privacy can be found in Pinterest's data protection information: https://about.pinterest.com/de/privacy-policy

17. Youtube with extended data protection

This website embeds videos from YouTube. The website is operated by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the extended data protection mode does not necessarily exclude the passing on of data to YouTube partners. This means that YouTube connects to the Google DoubleClick network regardless of whether you are watching a video. As soon as you start a YouTube video on this website, a connection to YouTube's servers is established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, after starting a video, YouTube can store various cookies on your device or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can receive information about visitors to this website. This information is, among other things, used to collect video statistics, improve user experience and prevent fraud attempts.

If necessary, further data processing operations may be triggered after starting a YouTube video, over which we have no influence. The use of YouTube is in the interest of an attractive presentation of our online offerings. This represents a legitimate interest within the meaning of Article 6 Paragraph 1 Letter f GDPR.

If appropriate consent has been requested, processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a GDPR; consent can be revoked at any time. Further information about data protection at YouTube can be found in their data protection declaration at: https://policies.google.com/privacy?hl=de

18. Adobe Fonds

This website uses web fonts from Adobe to display certain fonts uniformly. The provider is Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (Adobe).

When you access this website, your browser loads the required fonts directly from Adobe in order to display them correctly on your device. Your browser establishes a connection to Adobe’s servers in the USA. This gives Adobe knowledge that this website was accessed via your IP address. According to Adobe, no cookies are stored when the fonts are provided.

The storage and analysis of the data is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the uniform presentation of the typeface on its 17 / 20 website.

If appropriate consent has been requested (e.g. consent to the storage of cookies), processing is carried out exclusively on the basis of Art. 6 Para. 1 lit. a GDPR; consent can be revoked at any time. Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://www.adobe.com/de/privacy/eudatatransfers.html

Further information about Adobe Fonts can be found at: https://www.adobe.com/de/privacy/policies/adobe-fonts.html.  Adobe's privacy policy can be found at: https://www.adobe.com/de/privacy/policy.html 

The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information can be obtained from the provider using the following link:

Data Privacy Framework

19. Google Maps

This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. In order to use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. If Google Maps is activated, Google can use Google Web Fonts for the purpose of uniform font display. When you access Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

The use of Google Maps is in the interest of an attractive presentation of our online offerings and to make it easy to find the places we indicate on the website. This represents a legitimate interest within the meaning of Article 6 Paragraph 1 Letter f of the GDPR. If appropriate consent has been requested, processing is carried out exclusively on the basis of Article 6 Paragraph 1 Letter a of the GDPR; consent can be revoked at any time.

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ 

and

https://privacy.google.com/businesses/gdprcontrollerterms/sccs/

You can find more information on how to handle user data in Google's privacy policy: https://policies.google.com/privacy?hl=de

The company is certified according to the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards when data is processed in the USA. Every DPF certified company undertakes to comply with these data protection standards. Further information can be obtained from the provider using the following link:

Data Privacy Framework

20. Links to websites of other providers

Our websites may contain links to websites of other providers. We would like to point out that this data protection declaration applies exclusively to the website karlsruhe-erleben.de. We have no influence and do not control whether other providers comply with applicable data protection regulations.

21. Rights of the user: information, correction and erasure

Within the framework of the applicable legal provisions, you have the right to free information at any time about your stored personal data, its origin and recipient and the purpose of data processing. Unless your request conflicts with a legal obligation to retain data (e.g. data retention), you have the right to have incorrect data corrected and to have your personal data blocked or deleted. You can contact us at any time at the address given in the legal notice for this purpose or for further questions on the subject of personal data.

Right to lodge a complaint with the responsible supervisory authority

In the event of violations of the GDPR, those affected have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work or the place of the alleged violation. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedies.

Right to data portability

You have the right to have data that we process automatically based on your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the data to be transferred directly to another person responsible, this will only be done if it is technically feasible.

Statutory data protection officer

We have appointed a data protection officer for our company.

Uwe Larisch

congroup GmbH

Vorholzstrasse 9

76137 Karlsruhe

Telephone: +4972175407240

If you would like information about your personal data or its correction or deletion or if you have further questions about the use of your personal data provided to us, please contact:

datenschutz(at)karlsruhe-event.de

22. Note on data transfer to the USA and other third countries

We use, among other things, tools from companies based in the USA or other third countries that are not secure in terms of data protection. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that a level of data protection comparable to the EU cannot be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as the data subject being able to take legal action against this. It cannot therefore be ruled out that US authorities (e.g. secret services) process, evaluate and permanently store your data on US servers for surveillance purposes. We have no influence on these processing activities. Revocation of your consent to data processing Many data processing operations are only possible with your express consent. You can revoke any consent you have already given at any time. The lawfulness of the data processing carried out until the revocation remains unaffected by the revocation.

23. Right to object to data collection in special cases and to direct advertising (Art. 21 DSGVO)

IF THE DATA PROCESSING IS BASED ON ART. 6 ABS. 1 LITER. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE TERMS. THE APPLICABLE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS DATA PROTECTION POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN PROOF COMPLEX REASONS FOR THE PROCESSING THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOM OR THE PROCESSING IS FOR THE PURPOSE OF EFFECTING, EXERCISE OR DEFENSE FORMATION OF LEGAL CLAIMS ( OBJECTION PURSUANT TO ARTICLE 21 (1) GDPR). IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT IT IS CONNECTED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR THE PURPOSE OF DIRECT ADVERTISING (OBJECTION PURSUANT TO ARTICLE 21 (2) GDPR)

Objection to advertising emails

The use of contact details published as part of the imprint obligation to send unsolicited advertising and information materials is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited advertising information being sent, such as spam emails.

24. Inclusion, validity and timeliness of the data protection declaration

By using our website, you consent to the use of data described above. The data protection declaration is currently valid. As our website continues to develop or new technologies are implemented, it may become necessary to change this privacy policy. We reserve the right to occasionally adapt the data protection declaration so that it always complies with current legal requirements or to implement changes to our services in the data protection declaration, e.g. B. when introducing new services. The new data protection declaration will then apply to your next visit.