Provider and responsible body in the sense of the data protection law is:
The legal framework is formed by General Data Protection Regulation (EU-GDPR), the new Federal Data Protection Act (BDSG-new) and the Telemedia Act (TMG).
Handling of personal data
We handle personal data only to the extent that this is possible to do so in accordance with data protection regulations. We also take all necessary technical and organisational security measures at all times to adequately protect your personal data from unauthorised access and misuse.
Personal data is only requested, processed and used in anonomised form and to the extent tjat is necessary to provide the services and contents that you browse.
Collection of General Information
Every time this site is visited, information is automatically recorded by us or the service provider in so-called server log files.
The following is recorded:
- Browser type and version used
- Operating system used
- Domain name of your Internet provider
- Referrer URL (previously visited website)
- IP address
- Date and time of the server inquiry
These data are handled by https://www.buerobackbord.de/which is responsible (order processing) for the maintenance of our website.
This information is technically required to provide and represent the contend you request correctly. The data is necessarily generated when using the internet. The data is solely technical information that does not allow personal conclusions.
The data is processed in accordance with Art. 6 Abs. 1 lit. f DSGVO, based on our legitimate interest in the flawless availability and the possibilities of improvement of our website.
Furthermore, we use the anonymous information for statistical purposes and for the opimization of our website and the technology which supports them. Under no circumstances will this anonymous data be passed on to third parties or linked to personal data without your express consent.
These automatically recorded data remain stored in the server log files for 14 days and are then automatically deleted. We and the service provider expressly reserve the right to subsequently check and evaluate the server log files in the event of suspicion of illegal use of our service.
Use of Google Maps
This website uses Google Maps API to display geographical information. When Google Maps is used, Google also collects, processes, and utilises data about the visitor’s use of map functions. For more information about how Google processes your information, please refer to the Google Privacy Policies. There, you can also go to the Data Protection Centre to change the protection settings for your personal data. Detailed instructions for managing your own data in connection with Google products can be found here.
Insofar as we save and process personal data, the saving and processing ist provided by the data center Rechenzentrum Mittenwald CM Service GmbH & Co.KG (Königsberger Strasse 4--6, 32339 Espelkamp). To protect your data's security in transfering them, we use encryption methods (such as SSL) via HTTPS. Our servers are protected by firewalls and virus protection. We naturally utilize back-up and recovery processes as well as roles and authorization concepts.
Our employees are obliged to observe the rules of the TMG, the BDSG-neu, and the EU-DSGVO in handeling any data.
Limitation of data processing (Art. 18 DSGVO)
You have the right to demand the limitation of processing of your personal data, if you dispute the correctness of your data, if the processing is unlawful, if we no longer need to process your data, or if you have submitted an obejction to the processing in accordance with Art. 21 DSGVO to us.
If you have requested a limitiation of data processing from us, you will be informed before the limitation should be lifted.
Your personal data may only be processed with your consent or based on requirements of the law.
Data portability (Art. 20 DSGVO)
At any time, you can request or pass on a copy of your personal data, or ask us to hand them to a third party.
Similarly, to many other websites, we also use so-called “cookies”. Cookies are small text files that are transferred to your hard drive from a website server. When this happens, we automatically receive certain data, such as your IP address, the browser used, the operating system on your computer and your Internet connection.
Cookies cannot be used to run programmes or transfer viruses to your computer. Based on the information contained in the cookies, we can simplify navigation for you and ensure that our website displays correctly.
This automatically collected data will not be passed on to third parties or linked to personal data by us or our service provider without your express consent.
Storage and deletion period of used cookies
Use of All-in-One WP Migration (Serv Mask)
This webite uses All-in-One WP Migration. This plugin ist used to export the WordPress-Website including the databank, media data, plugins and themes without technical know-how. More information about the Plug in under: https://wordpress.org/plugins/all-in-one-wp-migration/
Use of Antispam Bee (pluginkollectiv)
This website uses Antispam Bee. The plugin blocks spam-comments and trachbacks without sharing captchas or personal data with third parties. More information: https://wordpress.org/plugins/antispam-bee/
Use of Cookie Notice & Compliance for GDPR / CCPA (Hu-manity.co)
This website uses Cookie Notice & Compliance for GDPR / CCPA (Humanity.co). This plugin generates the cookie notice. More information: https://de.wordpress.org/plugins/cookie-notice/
Use of Head, Footer and Post Injections (Stefano Lissa)
This website uses Head, Footer and Post Injections. The plugin helps with the design of the header and footer section of the website. More information: https://wordpress.org/plugins/header-footer/
Use of MetaTag SEO for WordPress (Barbar Al-Amin)
This website uses MetaTag SEO for WordPress. The plugin enhances the website's visibility in search engines via meta tags. More information: https://wordpress.org/plugins/metatag/
Use of Remove IP (guido)
This website uses Remove IP. The plugin prevents the storage of IP adresses of users who comment on the website. More information: https://de.wordpress.org/plugins/remove-ip/
Use of MCE Table Buttons
This website uses MCE Table Buttons. The plugin adds tools for sheets to the design editor. More information: Use of TranslatePress and WP Mulitlang
Use of TranslatePress
This website uses TranslatePress. The plugin enables the provision of the website in multiple languages. More information: https://de.wordpress.org/plugins/translatepress-multilingual/
Use of Google Maps
This website uses Google Maps API, to present geographical information visually. When using Google Maps, Google collects data about the use of Google Maps by the user. Google processes and uses this data. More information about the use of data by Google is stated here In the data protection center, there, you can change your personal data protection setup.
An extensive guide to managing your data in connection with Google-products you can find here..
Use of Google Web Fonts
This site uses so-called web fonts provided by Google to uniformly display fonts. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
For this purpose your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR
Use of Facebook Pixel
This website uses the visitor action pixel by Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook") for conversion mesurment.
Thereby, visitors who were guided to the providing website via a Facebook ad, can be tracked. This surves the purpose of supervising the effectiveness of Facebook ads for statistical and market research purposes which help optimize future add campaigns.
The collected data is anonymous to us (that is the operator of this website), we can not draw any conclusions about the identity of the users. The data is, however, stored and processed by Facebook in such a way, that a connection to the respective account is possible, as is the processing of the data for Facebooks own marketing purposes as stated in the Facebook-Datenverwendungsrichtlinie Thus, Facebook can enable the placement of ads on Facebook and other websites. We have no influence over this data use.
The use of Facebook-Pixel is based on Art. 6 Abs. 1 lit. f DSGVO. The operator of this website (that is us) has a legitimate interest in effective promotional activities that include social media. Insofar as a corresponding consent was requested (e. g. the consent to the storage of cookies), the processing is solely based on Art 6. Abs. 1 lit. a DSGVO; the consent can be withdrawn at any time.
The data policy of Facebook provides more information about the protection of your privacy: https://de-de.facebook.com/about/privacy/.
You can also deactivate the remarketing function "Custom Audences" unter Settings for ads at: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen You need to be logged in to Facebook to do so.
If you do not have a Facebook account, you can deactivate userbased Facebook ads through the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.
On our website we use social plugins by the providers listed below. You can identify a plugin by its respective logo with which it is marked.
Through these plug in, information which may include personal data ma be sent to the social media provider which may use the data. We prevent the unwanted or unnoticed collection and transfer of data to the provider through a 2 click solution. To activate a social plugin, you have to first activate it by klicking a button. It is only through this activation of the plugin, that the collection of information and its transfer to the service provider is enabled. We ourselves do not collect personal data through the social plugins or their use.
We can not influence, which data an active plugin collects and how it is used by the service provider. Currently, we have to assume that a direct link to the services of the service provider is established and that at least the IP addresse and information related to your device are collected and used. It is also possible that the service providers try to install cookies on your computer. The data policy of the respective service provider informs about the kinds of data that is collected through this and used. Please note: if your are logged into Facebook while using the internet, Facebook can identify you as the visitor of a particular website.
On our website we included social media buttons of the following companies (forementioned service providers):
Facebook, Inc.: 1601 Willow Road, Menlo Park, CA 94025, United States
Vimeo, Inc.: 555 West 18th Street, New York, New York 10011
Instagram: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland – Facebook Ireland Limited is a company registered under the laws of the Republic of Ireland.
If you contact us via email, contact form or a handwritten registration form in the mSE Kunsthalle, the information you give will be saved for the purpose of processing your request and possible follow-up questions.
Deleting and blocking data
We adhere to the principles of data avoidance and data economy. Therefore, we store your personal data only as long as is necessary to achieve the purposes mentioned here or as required according to the various storage periods determined by the competent legal authorities. Once the purpose in question no longer exists or the storage period expires, the corresponding data will be routinely blocked or deleted as required by law. Your Rights with regard to Information, Correction, Blocking, Deletion, and Objection You have the right to be provided with information about any personal data stored on our servers that is related to you, at any time. You also have the right to rectification, blocking or deletion of your personal data, other than the aforementioned data storage for business processes. Please contact our data protection officer. The contact details can be found below. In order to enable the blocking of data at any time, the data in question must be available on a black list for control purposes. You can also request the deletion of the data, unless this is excluded by a legal archiving obligation. Should such a requirement exist, we will, on request, block your data. You can make changes or revoke your consent by sending us written notification thereof.
Social plug-ins from the providers listed below are used on our websites. You can recognise the plug-ins by the fact that they are marked with the corresponding logo.
In certain circumstances these plug-ins may be used to send information that may also include personal data to the service provider and the latter may use this data. We use a two-click solution to prevent the unintentional and unwanted collection and transmission of your data to these service providers. To activate a social plug-in, users must first click on the corresponding button. Only by activating the plug-in will the collection of information and its transmission to the service provider also be triggered. We do not collect any personal data ourselves by means of social plug-ins or by their use.
We have no influence on which data an activated plug-in collects or how it is used by the provider. It must be assumed at this time that direct connections are established to the services of the respective provider and that at least your IP address and specific usage information will be recorded and used. Service providers may also try to save cookies on your computer. Please refer to the data protection information of the respective service providers to find out which specific data is collected and how it is used. Note: If you are logged in to Facebook when you visit our site, Facebook can track your visit to a specific site. We have included social media buttons from the following companies on our site: LinkedIn Corporation (2029 Stierlin Court – Mountain View – CA 94043 – USA) Vimeo, Inc., 555 West 18th Street, New York, New York 10011
Notes about newsletters and consents
With the following notes we inform you about the content of our newsletters and the processes of registration, mailing, and statistical analysation, as well as about your rights of objection. By subscribing to our newsletter, you consent to its reception and to the described processes.
Content of the newsletter
We send newsletters, emails and other electronic notifications with advertising information ("newsletter") only with the consent of the recipient or with legal permission. The content of the newsletter is relevant for the consent of the recipient, insofar as it is described in detail in the context of the subscription. Overall, our newsletters contain information about current events in the world of the mSE Kunsthalle and ZOTT Media, especially from the realm of contemporary art, and about our company (that inclueds references to Facebook and Instagramposts, events, projects, products and online content).
You can subscribe in two ways. You can subscribe with a handwritten subscription form that you can send us by mail or hand over on location in the mSE Kunsthalle. You can also subscribe on our website through a double-opt-in process. You will then receive an email asking for your confirmation. The confirmation is necessary to prevent the abuse of another persons email.
Subscriptions to the newsletter are filed in order to be able to proove the subscription in accordence with legal requirements. This includes the time of the sign-up and the confirmation, the IP adresse, and any change to your Data stored on MailChimp (see below).
You can submit your filled-in registration form on site in the mSE Kunsthalle or send it to:
The legal basis for sending our newsletters is Art. 6 Abs. 1 lit. a DSGVO (Consent).
Use of the mailing service MailChimp
For the mailing of our newsletters we use "MailChimp", a newetter-mailing platform by US company Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 20208, USA.
The email addresses of our newsletter-recipients (and the additional data as described in this policy) are being stored on the servers of MailChimp in the USA. MailChimp uses this information to send and analize newsletter at our request. Furthermore, MailChimp as stated can use this data for the optimization and improvement of their own services, e. g. for technical optimisation of the mailing or presentation of newsletters, or for economic purposes, to know which countries the recipients inhabit. Mailchimp does not use the data, however, to contact the newsletter recipients, and it does not hand them to third parties.
We trust in the reliability, the IT and data safety of MailChimp. MailChimp is certified by the US-EU-data-protection-agreement "Privacy Shield" and thereby required to obey the data security requirements of the EU. In addition, we signed a "data processing agreement" with MailChimp, that is a contract through which MailChimp is obliged to protect the data of our subscribers in accordance with the data policy as requested by us, and especially not to share data with third parties. You can check MailChimp's data policy here.
Online: The subscription to our newsletter via website requires only your email address and your name. This information only serves the purpose of personalising the newsletter. In addition we ask you to voluntarily state your form of address and your company. This information only serves the purpose of optimising the content of our newsletter for the interests of our customers.
On location: Please use the subscription form on location at the mSE Kunsthalle to scubscribe to our newsletter via subscription form. To sign up for the newsletter, only your full name and your email address with a signature confirming your consent to processing your personal data are required.
If you do not have an email address or if you wish to receive invitations to our events through the mail, we ask you to fill out the contact form on location in the mSE Kunsthalle and to include your postal address.
You can submit your filled-in registration form on site in the mSE Kunsthalle or send it to:
Storage of the physical registration form
If you have subscribed by filling out the (physical) subscription form on location, the form will be kept locked after entering your personal data in our database within our data center.
Should you request your personal data to be deleted, the information will be deleted from our database and the physical subscription form will be destroyed.
Statistical survey and analysis
The newsletters contain a so-called "web beacon", that is a pixel-sized file, which is retrieved by the MailChimp server when the newsletter is opened. The retrieval at first surveys technical information (e. g. information about your browser, your system, your IP address) and the time when opening the newsletter. This information is used to technically improve services by analising technical data or the target audience and its reading habit through the retrieval locations (identifyable through the IP addresses) and retrieval times.
The statistic survey inclued the determination, whether or not the newsletters have been opened, when they have been opened, and which links were clicked. For technical reasons, it is technically possible to assign this information to individual newsletter recipients, it is however neither our intention nor that of MailChimp to observe individual users. The analysis serves the purpose to understand general reading habits of our audience and to adapt our content or to send our contend accordingly to different sections of the audience.
Online-viewing and data management
At times, newsletter recipients will be guided to the MailChimp website. The newsletters, for example, contain a link with which newsletter recipients can open the newsletter online, that is, in their browser (which may be convenient, if, for example, the newsletter can not be properly viewed in a specific mailing programm). Forthermore, newsletter recipients may want (and can) correct or alter their data (e. g. their email address) at some time. MailChimp's data polici is only availabl on MailChimp's website, too.
You can cancel your subscription to our newsletter at any time and revoke your consent to the storage and processing of your subscription information. This deletes both your consent in to the mailing via MailChimp and the statistical analysis. A seperate revokation of the mailing via MailChimp or of the statistical analysis is not possible.
You can find a link to cancel your newsletter subscription at the end of every newsletter.
Legal grounds Datenschutzgrundverordnung (data protection basic order)
In accordance with the requirements of the Datenschutzgrundverordnung (DSGVO) that is in force since Mai 2018, we inform you, that the consent to the sending of the email addresses is based on Art. 6 Abs. 1 lit. a. 7 DSGVO and § 7 Abs. 2 Nr. 3 or Abs. 3 UWG. The use of the mailing service provider MailChimp, the statistic survey, analysis and the filing of the subscription process are based on our legitimate interest in accordance with Art. 4 Abs. 1 lit. f DSGVO. Our interest is the use of a user-friendly and safe newslettersystem, that serves our business interest and that meets our users' expectations.
The processing is in accordance with Art. 6 Abs. 1 lit. f DSGVO, based on our legitimate interest in the improvement, the stability and the functionality of the website. The provision of the formentioned personal data is neither legally nor contractually required. Without the IP address, however, the functionality and the services of our website can not be garanteed. In addition, specific services could be limited or unavailable. For this reason, an objection is impossible.
We also point out to you, that you can object to the future use of personal data in accordance with the legal requirements of Art. 21 DSGVO at any time. You can object to the personal data use for the purpose of direct mail and advertising in particular.
We reserve the right to occasionally adapt this privacy notice to ensure its compliance with the current legal requirements or to reflect changes in our services, e.g. upon the introduction of new services. Any renewed visit to our site will then be subject to the new privacy notice.
Questions to the data protection officer
If you have any questions about data protection, please write us an email or contact our data protection officer directly:
For any complaints you have the right to contact the competent authority:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)