Data Privacy statement

In the event of discrepancies between different language versions of this data privacy statement, the German version shall apply and prevail.

1. Responsible body

The Congregation of the Sisters of St. Francis, Vierzehnheiligen 8, 96231 Bad Staffelstein, as the operator of this website (https://www.fs-vierzehnheiligen.de), is the responsible body (person in charge) within the meaning of the law on church data protection (KDG), which alone or together with others decides on the purposes and means of processing personal data (hereinafter referred to as "data").

2. Processing of personal data

According to the KDG, personal data are all information that relates to an identified or identifiable natural person (data subject). A natural person is identifiable if he or she can be identified directly or indirectly, in particular by means of assignment to an identifier (such as name, address, telephone number, e-mail address, IP address, location data or special features such as the genetic, economic and social identity of this natural person).

Processing means any operation or set of operations which is performed upon data, whether or not by automatic means. This includes in particular the collection, recording, organisation, arrangement, storage, adaptation or modification, reading, querying, use, disclosure by transmission, distribution or provision, matching, linking, restriction, deletion or destruction.

In principle, it is not necessary for you to provide data in order to use our website. In certain cases, however, we do need your name and address and other details so that we can provide the services you request.

The same applies, for example, to the sending of information material or to answer individual questions. Where this is necessary, we will point this out to you accordingly. Furthermore, we only process data that you provide us voluntarily and, if applicable, data that we collect automatically when you visit our website (e.g. IP address and the names of the pages you call up, the browser and operating system you use, date and time of access, search engines used).

If you make use of our services, as a rule only such data are collected that we need to provide the services. If we ask you for further data, this is voluntary information.

The processing of data is carried out exclusively for the purpose of fulfilling the requested service, fulfilling the contract and protecting our own legitimate business interests.

3. Protection of your personal data

We are pleased about your interest in the offers and in the sphere of activity of the Congregation and would like you to feel safe when visiting our website, this includes the protection of your data. We take the protection of your data very serious. It is a matter of course for us to observe the provisions of the KDG in its current valid version.

We have taken technical and organisational measures to ensure that the data protection regulations are observed both by us and by the external service providers we commission. Our employees as well as the service providers commissioned by us are obliged by us to maintain secrecy and to comply with the provisions of the KDG and the European Data Protection Basic Regulation (DS-GVO) and the Federal Data Protection Act (BDSG) in their respective valid versions.

As part of our duty to inform, we would like to make this data protection declaration as transparent as possible. For this purpose, we will explain below the purpose of processing your data, the use of cookies and the use of social media links.

4. Purpose limitation of personal data processing

We process the data provided by you, according to the principles of data minimization and purpose limitation. The purpose limitation principle means that data are collected for specified, explicit and legitimate purposes and may be further processed in a way incompatible with those purposes. Further processing for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes shall not be considered incompatible with the original purposes.

As a matter of principle, we process your data for the purpose of answering your enquiries, processing your orders, or providing you with access to certain information, offers or events. We will process the data you provide online only for the purposes you have been informed of. Your data will not be passed on to third parties without your explicit consent.

The collection of data and its transmission to information-entitled state institutions and authorities will only take place within the framework of the relevant laws or if we are obliged to do so by a court decision.

We will neither sell your data to third parties nor market it in any other way without your consent.

5. Data that are automatically collected when you visit our website

When using our website, the following data in particular may be processed for organisational and technical reasons: the names of the pages you visit, the browser you use and your operating system, date and time of access, search engines used, names of downloaded files and your IP address.

6. Cookies

When you visit one of our websites, we may store information on your computer in the form of a (session) cookie. Cookies are small text files that are sent to your browser from a web server and stored on your computer's hard drive.

Apart from the Internet Protocol address, no personal data of the user is stored. This information is used to automatically recognize you the next time you visit our website and to make navigation easier for you. Cookies allow us, for example, to adapt a website to your interests or to store your password so that you don’t have to enter it again each time.

Of course, you can also view our websites without cookies. If you don’t want us to recognize your computer, you can prevent cookies from being stored on your hard drive by selecting "don’t accept cookies" in your browser settings. Please refer to the instructions of your browser manufacturer for details of how this works. If you don’t accept cookies, however, this can lead to functional restrictions of our offers.

7. Link to Facebook (Facebook button)

On our website there is a link to the social network Facebook, 1601 Willow Rd, 94025 Menlo Park, USA, or if the service is provided in the European Union (EU), Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

You can recognize the Facebook button by its design with the Facebook logo or known colors (i.e. white "f" on blue tile).

If you activate the Facebook button by clicking on it, your browser establishes a connection with the Facebook servers (link). The content of the link is transmitted from Facebook to your browser and integrated by it into the displayed website. Corresponding user profiles can also be created in the process. In this case, however, we have no influence on the scope of the data that is collected. For example, if you click on the "Like" button, this information is transmitted from your browser to Facebook and stored there. If you don‘t want Facebook to be able to assign your visit to our website to your Facebook user account, you must log out of your Facebook user account and delete your cookies before accessing our website.

Even if you are not a member of Facebook, Facebook still stores your IP address. For European users, however, only an anonymized IP address will be stored.

We use the Facebook link on the basis of our legitimate interests in accordance with § 6 para. 1 lit. g KDG. Here, these are the analysis, optimization and economic operation of our online offer.

If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of § 6 para. 1 lit. A KDG. The consent can be revoked at any time.

The information generated by Facebook is usually transferred to a Facebook server and stored there. This may also result in a transfer to the servers of Facebook Inc. in the USA. Facebook Inc. with headquarters in the USA is certified under the Privacy-Shield-Agreement, which guarantees the compliance with the data protection level applicable in the EU.

For further information, especially the exact purpose and scope of data collection, please visit https://de-de.facebook.com/policy.php.

8. Link to Instagram (Instagram button)

On our website we use a link to the social network "Instagram". Instagram is hosted by Facebook, 1601 Willow Rd, 94025 Menlo Park, USA, or if the Service is provided in the European Union (EU), Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
The Instagram Button is identified with an Instagram logo in the form of an "Instagram Camera".

When you click on the Instagram Button, your browser connects to Instagram's servers. The content of the link is transmitted directly from Instagram to your browser and incorporated into the page. This integration informs Instagram that your browser has accessed the appropriate page of our website, even if you don’t have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is transmitted by your browser directly to an Instagram server in the USA and stored there, over which we have no influence.

If you are logged in to Instagram, Instagram can directly attribute your visit to our website to your Instagram account. The information is also published to your Instagram account and displayed to your contacts.

We use the Instagram plugins on the basis of our legitimate interests according to § 6 para. 1 lit. G KDG. Here, these are the analysis, optimization and economic operation of our online offer.

If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of § 6 para. 1 lit. a KDG. The consent can be revoked at any time.

For the purpose and scope of data processing as well as your rights in this regard and setting options to protect your privacy, you will find further information in the Instagram Data Protection Policy, which you can access via http://instagram.com/about/legal/privacy.

If you wish to prevent Instagram from associating your visit to our web pages with your Instagram account, you must log out of your Instagram account before visiting our web pages.

9. Children and young people

Our website is aimed exclusively at potential applicants, interested parties and members of the press.

Persons under 16 years of age should not send any data to us without the consent of their parents or legal guardians. We don’t request data from children and young people who have not reached the age of sixteen. We don’t collect this data and don’t pass it on to third parties.

10. Security

We have taken technical and organisational security measures in accordance with the legal requirements to protect your data from loss, destruction, manipulation and unauthorised access. All our employees and all persons involved in data processing are obliged to comply with the law on church data protection and other laws relevant to data protection as well as the confidential handling of data.

In addition, we conclude the corresponding agreements on order processing with the external service providers acting on our behalf.

Our security measures are regularly reviewed and continuously revised in line with technological developments.

11. Amendment of our data protection regulations

We reserve the right to change our security and data protection measures if this becomes necessary due to technical developments. In these cases, we will also adapt our data protection information accordingly. Therefore, please note the current version of our data protection declaration.

12. Consents

If we need your consent to process your data, we will obtain this from you and use your data for the purposes stated in connection with the consent. Your consent will be recorded digitally.

You can revoke your consent at any time with effect for the future. To do so, please write to the Congregation of the Sisters of St. Francis, Vierzehnheiligen 8, 96231 Bad Staffelstein or send an e-mail to info@fs-vierzehnheiligen.de.

13. Contact form

If you use our contact form to contact us, we ask you for personal information. In order for us to be able to answer the request, a valid e-mail address and your name are required. Further information about your person can be provided voluntarily.
Your information will be processed by e-mail. The contact form is sent using end-to-end encryption. Your data will be stored on protected servers in Germany in compliance with data protection regulations.
The data processing for the purpose of contacting us is based on your voluntarily given consent. By clicking the "Send" button, you consent to the processing of your contact information for the above-mentioned purposes. If you don’t agree with this, you must cancel the process. The contact form will not be sent, and your data will not be processed.
You can revoke your consent at any time with effect for the future.
We will only use your data to the extent necessary for processing your enquiries and for further correspondence with you. The data collected by us for the use of the contact form will be stored by us for the purpose of processing your enquiry and in the event of follow-up questions and will be deleted in accordance with data protection law after completion of the enquiry you have made, unless there is another legal obligation to retain data.

14. Rights of persons concerned

If we process your data, you have extensive rights as a data subject, which are listed in detail below:

a) Right to information
In accordance with § 17 KDG, you can obtain information about your data processed by us at any time.
In particular, you can request information about the purposes of the processing, the categories of the processed data, categories of the possible recipients and the planned storage period.

Please address your request for information to the Congregation of the Sisters of St. Francis, Vierzehnheiligen 8, 96231 Bad Staffelstein, Germany, or send an e-mail to info@fs-vierzehnheiligen.de.

b) Right to correction
You are entitled to demand correction or completion of your data stored with us in accordance with § 18 KDG if the data are incorrect.

You can assert your right under the contact details listed above.

c) Right of deletion
According to § 19 KDG you can demand the deletion of the data if the storage of the data is no longer necessary and there is no other legal basis for the processing. In addition, you can demand deletion if you have lodged an objection to the processing and there are no overriding, justified reasons for further processing of your data and if your data have been processed unlawfully or if there is a legal obligation to delete them under state or church law.

You can exercise your right by contacting the above-mentioned contact details.

d) Right to limitation
In addition, according to § 20 KDG, you have the right to restrict the processing if you dispute the accuracy of the data for a period of time which enables the data controller to verify the accuracy of the data; if the processing is unlawful but you refuse to delete the data; if the purpose of the processing has ceased but the data are necessary to assert your legal claims; or if you have objected under § 23 KDG and it is not yet clear whether the legitimate reasons of the data controller outweigh your interests.

You can assert your right under the contact details listed above.

e) Right to data transferability
According to § 22 KDG you have the right to receive the data concerning you in a common, structured and machine-readable format (data transferability). In addition, under certain circumstances you can request that your data be transferred directly to a responsible person, as far as this is technically possible.

You can assert your right by using the contact details given above.

15. Right of objection

You have the right to object to the use of your data for the above mentioned purposes at any time (§ 23 KDG). This is possible as long as the objection is directed against direct advertising or if there are reasons for this which arise from your particular situation. In the case of an objection to direct advertising, you have a general right of objection, which will be implemented by us without indicating a special situation.

To exercise your right of objection, please write to the Congregation of the Sisters of St. Francis, Vierzehnheiligen 8, 96231 Bad Staffelstein or send an e-mail to info@fs-vierzehnheiligen.de.

16. Questions, suggestions, complaints to the external data protection officer

If you have any questions about our information on data protection or the processing of your personal data, you can contact our external company data protection officer directly:

Costard Law Firm
Law firm for IT law and data protection
Lawyer Thomas P. Costard
EUROCOM Business Park
Lina Ammon Straße 9
90471 Nürnberg
Phone: 0911 / 790 30 34
Fax: 0911 / 790 30 35
e-mail: info@it-rechtsberater.de
Website: www.it-rechtsberater.de

He is also available as a contact person in case of requests for information, suggestions, or complaints.

17. Right of appeal to the data protection supervisory authority

Within the framework of Section 48 of the KDG, and without prejudice to any other legal remedy, every person concerned has the right to lodge a complaint with the church data protection supervisory authority if he or she believes that the processing of personal data relating to him or her is in breach of the provisions of this Act or other data protection regulations. Compliance with the official channels is not required.

Common data protection supervision of the Bavarian (arch)dioceses
Mr. Jupp Joachimski (Leader)
Kapellenstr. 4
D-80333 München
Phone: 0049 89 2137-1796
E-Mail: JJoachimski@eomuc.de

You can find further information on the data protection supervisory authority responsible for us at https://www.erzbistum-muenchen.de/ordinariat/datenschutzstelle.

In the event of discrepancies between different language versions of this data privacy statement, the German version shall apply and prevail.

"If it does you good, then come!"

 

(St. Francis of Assisi)